Photo credit: www.csoonline.com
The need for experts in the field of privacy is on the rise, yet the process of recruiting these professionals presents numerous hurdles. Findings from ISACA’s State of Privacy 2025 survey reveal that a substantial 73% of organizations perceive “expert-level” privacy roles as the most challenging to fill. This survey highlights the perspectives of over 1,600 privacy experts globally. Several factors contribute to this shortage, including unrealistic expectations from employers, limited budgets, and the continually evolving landscape of privacy regulations and practices.
What do privacy professionals do?
The roles and responsibilities of privacy professionals can vary significantly based on the industry and the specific structure of an organization, which complicates the hiring process. According to Safia Kazi, an ISACA principal focused on privacy practices, some experts concentrate on legal and compliance aspects, ensuring adherence to regulations such as GDPR, performing privacy impact assessments, creating privacy policies, and providing guidance on data collection, usage, and sharing practices. Other professionals adopt a more technical approach, often situated in data science, where they evaluate what constitutes personal information, develop privacy-enhancing technologies, or design systems aimed at reducing unnecessary data collection.
Additionally, many privacy experts are integrated into software development teams, as Kazi notes. Here, they play a crucial role in embedding privacy by design principles into products and services from the outset. The demand for privacy expertise has also expanded into user experience (UX) and user interface (UI) design, where these professionals ensure that privacy options are presented transparently and are devoid of misleading practices. “Generally, individuals may find themselves leaning towards either a technical focus or a legal and compliance orientation within the privacy field,” Kazi explains.
Source
www.csoonline.com