To attract and retain talent during the “great resignation,” information security leaders must excel at talent management. Investing in your team’s skills and professional development via privacy education and certifications can help your company create a sustainable competitive differentiator while also retaining key individuals.
Investing in education can help employees accelerate their career progression by promoting a culture of curiosity, which includes the ability to take on new responsibilities in previously unfamiliar domains of expertise. Education empowers employees and makes them feel that their job is not just to execute. It also helps them understand the context for their actions and how it meshes with your organization’s strategy. This article outlines the benefits of investing in privacy certifications and includes a brief overview of six top privacy-related certifications.
Why Invest in Privacy Education for Your InfoSec Team?
While investing in education ensures employees stay up to date, that’s just one of many benefits a highly educated workforce provides. By maintaining and expanding their skill sets, an employee’s credibility grows. Furthermore, having a significant impact on the organization bolsters their morale.
As the privacy landscape shifts, employees who commit to privacy training can network with other professionals and learn from their experiences. This ensures your company isn’t caught off guard as new privacy rules and regulations emerge. An employee’s education may allow your organization to anticipate and comply with new legislation more effectively than your competitors.
Notwithstanding the benefits for your organization, privacy training and certifications can improve an employee’s income potential by making them more marketable. Education can also open new career paths and allow employees to establish themselves as subject matter experts.
Six Top Privacy Certifications
The following list includes some of the most popular privacy education options, in no particular order. It is not an exhaustive list and does not constitute a ranking, endorsement, or advertisement for any certifications or certifying or sponsoring organizations.
- Certified Information Privacy Professional (CIPP). Offered by the International Association of Privacy Professionals (IAPP), the CIPP is Designed to help privacy professionals understand data privacy laws and regulations and how to apply them. The CIPP has four concentrations, covering Asia, Canada, Europe, and the U.S. private sector.
- Certified Information Privacy Manager (CIPM). The IAPP offers this certification to those charged with embedding data privacy regulations within an organization. This includes guidance on establishing a vision, building a privacy program and team, adopting a privacy program framework, and measuring the performance.
- Certified Information Privacy Technologist (CIPT). This qualification promotes dual literacy in both privacy and technology. The holder of the CIPT qualification can help embed data protection in an organization’s products, services, and processes, design technology to ensure privacy, audit technology infrastructure, and communicate privacy issues, among other capabilities.
- HealthCare Information Security and Privacy Practitioner (HCISPP) Offered by (ISC)2, the HCISPP is designed for those responsible for protecting patient health information. The (ISC)2 markets the qualification as the “only certification that combines cybersecurity skills with privacy best practices and techniques.”
- Certified Data Privacy Solutions Engineer (CDPSE). The CDPSE focuses on the technical skills and knowledge related to building and implementing privacy solutions to fill the technical privacy skills gap some organizations experience.
- Certified in Data Protection (CDP). Offered by the Identity Management Institute, the CPD is marketed as a comprehensive global training and certification program covering international security standards and privacy laws. The qualification aims to teach professionals about best data protection practices when data is at rest, in transit, or being processed.
Education Protects the Organization and Fosters Employee Growth
Allowing employees to pursue certifications, especially in new and fast-changing areas such as data privacy, not only protects your organization it can energize employees and help them thrive professionally. If employees view your organization as a place to accelerate their careers by venturing into new areas of expertise and leveraging best-in-class security compliance technology and concepts, retaining talent may be less challenging.
While other companies may struggle to retain employees, your organization will benefit from highly motivated employees with the expertise and training to protect your business and ensure it complies with the growing list of data privacy rules and regulations.
Tony Luciani is a Senior Manager of Product Solutions at AuditBoard. Prior to AuditBoard, Tony served as IT Risk and Compliance Manager at Sony Pictures. As a former InfoSec consultant, PCI QSA, and CCSFP Assessor, his experience ranges from performing gap/attestation assessments (i.e. NIST, ISO, CIS, SOC2, PCI, HITRUST, etc.) to facilitating IT risk management programs for customers across multiple industries. Connect with Tony on LinkedIn.