ALL >> Technology,-Gadget-and-Science >> View Article
Half Of Privacy Pros In India Say Privacy Budgets Currently Appropriately Funded, But A Third Expecting Those Budgets To Decrease This Year
From India’s Personal Data Protection Bill to Brazil’s General Data Protection Law, the past year saw new developments and updates to privacy regulations across the globe. According to ISACA’s Privacy in Practice 2024 survey report, half (51 percent) of the India-based respondents say their organizations find it easy to understand their privacy obligations and a majority (62 percent) are very or completely confident in their organization’s privacy team’s ability to ensure data privacy and achieve compliance with new privacy laws and regulations.
More than 1,300 professionals globally, including 71 from India, who work in data privacy roles responded to the survey, weighing in on privacy topics such as staffing, organization structure, policies, budgets and training.
Privacy Challenges
In addition to finding it easy to understand the privacy regulatory landscape, organizations in India also feel that the budget is currently mostly appropriate. More than half of respondents (51 percent) say their privacy budget is appropriately funded and only 23 percent say their budget is somewhat or significantly ...
... underfunded. When looking at the year ahead, 42 percent say that they expect their budget will increase (down 20 points from last year), and only 1 percent say it will remain the same (down 8 points from last year). However, a third of respondents (32 percent) expect a decrease in budget, which is higher than last year, when only 6 percent expected a decrease in budget.
The path to forming a privacy program is not always a smooth one, either, with Indian respondents indicating that the top obstacles include:
• Lack of competent resources (44 percent)
• Complex international legal and regulatory landscape (35 percent)
• Management of risks associated with new technologies (35 percent)
• Lack of clarity on the mandate, roles, and responsibilities (34 percent)
In seeking those competent resources, technical privacy positions are in highest demand, with 75 percent of Indian respondents indicating there will be increased demand for technical privacy roles in the next year. Legal/compliance roles come a close second with 73 percent feeling that there will be increased demand. However, respondents indicate there are skills gaps among these privacy professionals; they cite experience with different types of technologies and/or applications (58 percent) as the biggest one.
When looking at common privacy failures, respondents in India pinpointed the non-compliance with applicable laws and regulations (44 percent), data breach/leakage (42 percent) and not practicing privacy by design (41 percent) as the main concerns.
“When privacy teams face limited budgets and skills gaps among their workforce, it can be even more difficult to stay on top of ever evolving and expanding data privacy regulations and even increase the risk of data breaches,” says Safia Kazi, ISACA principal, privacy professional practices. “By understanding where these challenges lie, organizations can take the necessary measures to remedy them and change course to strengthen their privacy teams and programs.”
Taking Action
One of the ways that organizations are mitigating both workforce gaps and privacy failures is through training. A majority of India-based respondents (61 percent) note they are training to allow non-privacy staff to move into privacy roles, while 45 percent have increased reliance on credentials to attest to actual subject matter expertise.
To assess the effectiveness of privacy programs, survey respondents in India note their organizations are most often taking the approach of: -
• Performing a privacy risk assessment (68 percent)
• Performing a privacy impact assessment (PIA) (61 percent)
• Undergoing a privacy audit/assessment (46 percent)
• Performing a privacy self-assessment (41 percent)
Global Insights
With employee training, 86 percent globally indicate their organization provides privacy awareness training for employees, with 66 percent are providing training to all employees annually, and 52 percent of global respondents are providing privacy awareness training to new hires. Sixty percent of organizations review and revise privacy awareness training at least annually. Seventy-one percent believe that privacy training has had a strong or some positive impact on privacy awareness in the organization. Interestingly, respondents note that their organizations are most often looking at the number of employees completing training (65 percent) as the main metric used to track effectiveness of privacy training and not a decrease in privacy incidents (56 percent).
Organizations are also taking action to strengthen data privacy by using a variety of privacy controls beyond what may be legally required, with the top three globally being identity and access management (74 percent), encryption (73 percent), and data security (72 percent).
Despite the challenges faced, 63 percent of global organizations say they did not have a material privacy breach in the past 12 months, and 18 percent are not seeing a change in the number of breaches they are experiencing. Respondents are also optimistic about the coming year: less than 1 in 5 (16 percent) say they expect a material privacy breach in the next 12 months.
Value of Privacy by Design
One of the clearest takeaways from the survey results is that globally, organizations that practice privacy by design experience some key advantages:
• They have more employees in privacy roles (median staff size 15 vs. nine among all respondents) and are more likely to say their technical privacy department is appropriately staffed (42 percent vs. 34 percent among all respondents).
• They strongly believe their board of directors prioritizes organization privacy (77 percent vs. 57 percent total).
• They are much less likely to see organizational privacy programs as purely compliance driven (35 percent vs. 44 percent total), and more likely as a combination of compliance, ethics and competitive advantage (39 percent vs. 29 percent total).
• They are much more likely to see their organization’s privacy strategy aligned with organizational objectives (90 percent vs. 74 percent total).
• They use many more privacy controls in total, overall, than are legally required:
o Data minimization and retention controls (54 percent vs. 39 percent among all respondents)
o Data quality and integrity (50 percent vs. 38 percent)
o Cryptographic protection (59 percent vs. 46 percent)
• Feel their privacy budget is appropriately funded (50% vs. 36% total)
Ultimately, organizations globally that always practice privacy by design are also much more likely to be very or completely confident in their organization’s privacy team’s ability to ensure data privacy and achieve compliance with new privacy laws and regulations (71 percent versus 43 percent).
“As privacy regulations world over continue to evolve, it's promising to see the growing confidence among Indians in overcoming issues. ISACA's survey clearly shows that organizations today are more adept at understanding their privacy obligations and are also confident in the ability of their teams to ensure compliance and data privacy,” says R.V. Raghu, ISACA India Ambassador, and Director, Versatilist Consulting India Pvt Ltd. “However, the anticipated shifts when it comes to budgetary expectations show that it is important for companies to strategically enhance their resource allocation, especially with impending financial constraints.”
Add Comment
Technology, Gadget and Science Articles
1. The Benefits Of Outsourcing To Architectural Rendering CompaniesAuthor: Vizent
2. Custom Gpt Development: A Reverse Engineering Approach To Success
Author: Sonu Kumar
3. Best Drone Camera Price In Dubai
Author: Rohit
4. Upgrade Your Charging Game: Shield's 200w & 165w Gan Chargers Now Available On Flipkart & Amazon
Author: Tiitan
5. Call Planning In Pharma: Strategies For Boosting Sales Success
Author: Jesvira
6. Why Ios App Development Services Are Essential For Your Business
Author: Perfectiongeeks
7. Enterprise Web Applications Drive Innovation In Mobile Application Development
Author: Khurath
8. Reducerea Cheltuielilor și Creșterea Performanței Prin Închirierea Unui Copiator Color
Author: CopyService Total
9. Secure Your Business With Microsoft 365 Services By Entrust Network
Author: Entrust Network Services
10. The Role Of Architectural 3d Modeling In Virtual Reality Applications
Author: Vizent
11. The Role Of Erp Software In Modernizing Colleges, Institutes, And Universities Operations
Author: Libsys Ltd
12. Unlock New Opportunities At The Triple Play Realtor Convention & Trade Expo 2024
Author: Andy Kowalski
13. Why 3d Product Rendering Services Are Essential For High-end Furniture Brands
Author: Vizent
14. Unlock The Full Potential Of Your Tractor With The New Holland Tn55, Tn65, Tn70, Tn75 Tractor Shop Service Repair Manual Pdf
Author: Heavy Equipment Manual
15. Call Answering Services For Small Businesses: A Cost-effective Solution
Author: Eliza Garran