{"id":34639,"date":"2023-01-26T11:00:32","date_gmt":"2023-01-26T16:00:32","guid":{"rendered":"https:\/\/www.itworldcanada.com?p=524011"},"modified":"2023-01-27T09:41:00","modified_gmt":"2023-01-27T14:41:00","slug":"many-boards-dont-see-privacy-as-a-priority-survey","status":"publish","type":"post","link":"https:\/\/technewsday.com\/staging\/many-boards-dont-see-privacy-as-a-priority-survey\/","title":{"rendered":"Many boards don\u2019t see privacy as a priority: Survey"},"content":{"rendered":"<p data-ar-index=\"0\">Many boards don\u2019t make put privacy as one of their organization\u2019s priorities, a survey of professionals suggests.<\/p>\n<p data-ar-index=\"1\">According to the annual state of privacy survey of members of <a href=\"https:\/\/www.isaca.org\/\">ISACA<\/a> (formerly known as the Information Systems Audit and Control Association) \u2014 released in conjunction with Data Privacy Week \u2014 22 per cent feel their boards don\u2019t put a priority on privacy, A further 20 per cent said they don\u2019t know if their boards adequately prioritize privacy. Fifty-five per cent believe privacy is a priority with their boards.<\/p>\n<p data-ar-index=\"2\">\u201cIt\u2019s not entirely surprising,\u201d Safia Kazi, ISACA principal for privacy practices, said in an interview. \u201cI think a lot of people view privacy as a cost centre. Its something that maybe slows down a project. You acquire a new program or resource and you go \u2018Is it GDPR compliant? Do we have to start over again [with a new privacy assessment]?\u2019 I think that\u2019s where some of that comes from. The other thing I found is that 20 per cent of our respondents said they don\u2019t know if their board prioritizes privacy. That could speak to a board that maybe isn\u2019t communicative about it (privacy).\u201d<\/p>\n<p data-ar-index=\"3\">The 55 per cent who believe their boards do prioritize privacy is slightly higher than the 2021 survey, she added. \u201cI think in general we\u2019re moving in the right direction, but there is some way to go.\u201d<\/p>\n<p data-ar-index=\"4\">The survey, conducted in the fourth quarter of 2022, saw responses from 1,890 ISACA members <span lang=\"en-AU\">who currently work in data privacy or have detailed knowledge of the data privacy function within their organization<\/span><span lang=\"en-AU\">. Questions were asked on<\/span> privacy staffing, budgets, program trends, awareness training and breaches, and the use of privacy by design.<\/p>\n<p data-ar-index=\"5\">Among the results, Kazi noted, is that organizations that practice privacy by design are more likely to have a board that adequately prioritizes privacy and have larger numbers of employees dedicated to setting and enforcing privacy policies.<\/p>\n<p data-ar-index=\"6\">\u201cThe tone really can start at the top,\u201d she said. \u201cWhen you don\u2019t have that support, it can be really hard to get the resources you need.\u201d<\/p>\n<p data-ar-index=\"7\">Another noteworthy finding is that 31 per cent of respondents said their organization doesn\u2019t separate privacy and security training for employees. \u201cThat was a little disappointing,\u201d Kazi said. \u201cI think the problem is a lot of people [in management] have security training and think, \u2018Privacy is close enough. What\u2019s the difference?\u2019 My concern is that, if you are just teaching people security and not privacy, you\u2019re not really building trust with customers. If the organization is collecting too much of someone\u2019s personal information, that\u2019s not necessarily a security issue but it would be a privacy issue.\u201d<\/p>\n<p data-ar-index=\"8\">\u201cBut I also want to point out that organizations have so much they have to do. You can\u2019t be taking up everybody\u2019s time with a thousand security training and privacy training meetings. My hope is that organizations that combine privacy and security training have a specific call-out to privacy and give it the attention and time it needs.\u201d<\/p>\n<p data-ar-index=\"9\">\u201cOne trend that makes me optimistic is it looks like privacy is faring a little bit better than it has in previous years,\u201d she said of other survey results. \u201cPrivacy teams are a little bit larger than they were last year and the year before. Also, we\u2019re seeing that members are less likely to say they were understaffed this year compared to last year. That said, understaffing is still a challenge, filling open privacy positions is a big challenge.\u201d<\/p>\n<p data-ar-index=\"10\">Overall survey results suggest that, \u201cfor the most part\u201d, enterprises realize privacy isn\u2019t going away, she said, with many organizations trying to ensure privacy teams have the resources they need.<\/p>\n<p data-ar-index=\"11\">Among other survey results,\u00a0<span lang=\"en-AU\">42 percent of respondents said their privacy budget is underfunded, and only 36 percent believe it is appropriately funded. Just over a third of respondents (34 percent) indicate their privacy budgets will increase in 2023.<\/span><\/p>\n<p data-ar-index=\"12\">ISACA offers certifications for information systems governance, control, risk, security, audit\/assurance and business and cybersecurity professionals.<\/p>\n<p data-ar-index=\"13\"><a href=\"https:\/\/www.isaca.org\/resources\/reports\/privacy-in-practice-2023-report\" rel=\"noopener\">To read the survey, click here.<\/a> Registration required.<\/p>\n<p data-ar-index=\"14\">The post <a href=\"https:\/\/www.itworldcanada.com\/article\/many-boards-dont-see-privacy-as-a-priority-survey\/524011\">Many boards don\u2019t see privacy as a priority: Survey<\/a> first appeared on <a href=\"https:\/\/www.itworldcanada.com\/\">IT World Canada<\/a>.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Survey of ISACA members shows only 55 per cent of respondents feel their boards priorit<\/p>\n","protected":false},"author":17,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[15,361,16],"tags":[807,656,275],"class_list":["post-34639","post","type-post","status-publish","format-standard","hentry","category-leadership","category-privacy","category-security","tag-data-privacy-week","tag-isaca","tag-top-story"],"acf":[],"_links":{"self":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/34639","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/users\/17"}],"replies":[{"embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/comments?post=34639"}],"version-history":[{"count":2,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/34639\/revisions"}],"predecessor-version":[{"id":34692,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/posts\/34639\/revisions\/34692"}],"wp:attachment":[{"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/media?parent=34639"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/categories?post=34639"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/technewsday.com\/staging\/wp-json\/wp\/v2\/tags?post=34639"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}