Candy Alexander, International Association President of ISSA, shared the findings during a session at SecureWorld Boston on March 27, 2019.
TechTarget SearchSecurity reports:
Cybersecurity professionals are increasingly being asked to take on data privacy responsibilities as part of their job function, research from the Information Systems Security Association and analyst firm Enterprise Strategy Group revealed.
The study surveyed 267 cybersecurity professionals, mostly from North America, and 40% of respondents claimed data privacy is a "significantly" new responsibility being added to their job role, while 45% said they believe it is "somewhat" their responsibility.
But 44% of respondents asserted that they haven't been given the right level of training or clear direction on data privacy.
ISSA president Candy Alexander believes this new development is "scary" because cybersecurity professionals are taking on new data privacy responsibilities without often understanding what it means.
"The majority of us are recognizing that we now have privacy as part of our responsibility, without fully understanding the impact that it has on us," Alexander told SecureWorld Boston conference attendees this week. "Because businesses don't understand our roles, they think that privacy and security go hand in hand, so [they are saying,] 'here take this on.'"