CCPA and privacy concerns are shaping the future of cybersecurity careers
Category: IT careers, Professional development
September 20, 2019
The way people view online privacy is rapidly evolving. Big technology companies, once widely celebrated as innovators, are facing increasing backlash over how data is being protected and shared — plus billion-dollar fines from government organizations. That shift has changed the way organizations of all sizes view privacy, and what they’re looking for when hiring cybersecurity professionals.
In response to the changing landscape, lawmakers in California put the California Consumer Privacy Act (CCPA) into motion, and its far reaching impact will influence cybersecurity careers, said Byron Johnson, Channel Sales Manager at the International Association of Privacy Professionals (IAPP), and Jeff Peters, Product Marketing Manager for Infosec, when they joined us for a recent webinar, “Privacy is shaping the future of cybersecurity careers: Are you ready?”
Here’s what we learned.
1. Privacy laws are changing cybersecurity
“CCPA is the start of an experimentation period in the U.S,” Johnson said. “I think what we’ll see is states choosing their version of CCPA and GDPR and doing it in their own way, and then possibly the federal government looking at the guinea pig states to see what they’re going to do federally.”
That experimentation means cybersecurity professionals should expect continuing changes in the coming years, and those who can keep their skills ahead of those changes will be better positioned for the new types of careers that emerge.
2. Privacy skills apply to many different cybersecurity roles
Johnson recommends the following certifications to help navigate privacy concerns faced by security professionals:
- CIPP/US and CIPP/E (Certified Information Privacy Professional): Understanding the law and regulation based in the U.S. and Europe; the “what” of data protection in the U.S. and abroad
- CIPM (Certified Information Privacy Manager): Implementing privacy in an organization; the “how” of privacy from a management perspective
- CIPT (Certified Information Privacy Technologist): Implementing privacy in applications and systems; the “how” of privacy from a technology perspective
3. The CCPA is expected to have wide-reaching impact
The CCPA is a new law designed to give California residents more control over the use of their data and regulators increased powers to fine organizations that do not comply with the new privacy rules. With California recently becoming the fifth largest economy in the world, the CCPA has been compared to the EU’s General Data Protection Regulation (GDPR) in regards to potential scope. The IAPP estimates that more than half a million companies will be affected just within the U.S. — and there’s the possibility that the CCPA could hasten the creation of a national law. As California goes, the nation tends to follow.
To learn more about how your organization will be affected by the CCPA, ceck out Infosec’s free CCPA ebook: “California Consumer Privacy Act of 2018: What you need to know.”
4. Privacy skills will help you stand out
An increased attention to privacy is shifting the foundations of the cybersecurity industry. Incoming infosec professionals trained with privacy in mind may have a leg up on job opportunities in the field.
“I think a lot of people have approached privacy backwards where they’re cybersecurity experts and now they’re trying to catch up on their privacy,” Peters said. “It’ll be interesting to see some of these new people in cybersecurity — if they come up with privacy and that’s the foundation they’re building their cybersecurity skills on. That is kind of a flip of what we’ve been doing, and could potentially be a big differentiator as you progress in your career.”
Watch the full webinar to learn more about how privacy certifications may help your cybersecurity career.