Good morning,
As tech transformations—for example a business unit built around A.I. or a new app geared toward personalized customer experience—have picked up steam in recent years, so have cyber risks and data privacy concerns.
But when organizations look internally for risk mitigation and compliance with data privacy laws, there’s a lack of qualified people to do so, according to a new report by ISACA, a professional IT governance association. Both technical privacy and legal/compliance teams are understaffed, enterprise privacy budgets are underfunded, and there are skills gaps. The findings are based on a global survey of 1,890 data privacy professionals who hold positions in IT, audit, compliance, and risk management, for example.
Non-compliance with privacy laws and regulations, like Europe’s General Data Protection Regulation or even state laws including the California Consumer Privacy Act (CCPA), is costly, Safia Kazi, principal of ISACA’s privacy professional practices, tells me. CCPA had compliance updates go into effect on Jan. 1, regarding providing employees and job applicants notice of the company’s privacy practices.
So this is an issue that may fall under a finance chief’s purview. “CFOs’ risk expertise is invaluable,” Kazi says. "This is especially true with regard to procurement.” Not only can third parties be the source of a significant privacy breach, but selecting unqualified third parties can result in a “devastating privacy violation and fine,” Kazi says. About a quarter of the survey respondents said they always or frequently work with their organization’s finance department. But that percentage may need to increase.
'Security incidents and privacy incidents are not the same'
But lots of risk means lots of reward—at least for the VCs investing in this new generation of cybersecurity products. The global cybersecurity market is expected to reach $403 billion by 2027 as my colleague Lucy Brewster details in her new report, “Cybersecurity is red hot. Here are the top 13 VCs to know.” The VCs she features include Chenxi Wang, who invested in the software-as-a-service (SaaS) cybersecurity platform Claroty, and Ariel Tseitlin, who invested in the SaaS security platform AppOmni—products that may one day be standard in a secure organization.
Regarding having a designated data privacy program, ISACA’s survey found that 42% of respondents said their privacy budget is underfunded, and just 34% indicated their privacy budgets will increase in 2023. Meanwhile, 40% said there wasn’t clarity on the mandate, roles, and responsibilities, and 39% cited a lack of executive or business support.
“Ransomware was a big concern last year, and many organizations took steps to be prepared for a ransomware attack,” Kazi explains. “But it’s possible that they view security incidents and privacy incidents as one and the same, which they are not. Heavily investing in security without also thinking about privacy is a serious misstep—something as seemingly small as an improper privacy notification to customers (which would not be addressed through any security investments) may cost an enterprise millions of dollars and reputational harm.”
She continues, “Some organizations’ board members may not fully understand the difference between security and privacy and consequently not prioritize privacy appropriately.”
Both cybersecurity and privacy are essential, Kazi says. But points out one caveat: “It is impossible to have privacy without security, but it is possible to have security without privacy.”
She added, “Digital trust is increasingly becoming a board and C-suite priority, and privacy is a key component of digital trust.”
*Quick note: Thanks to the finance chiefs who took the time to answer the question: What is the most important thing you did before landing your first CFO position? (For example, was it networking, P&L management, or something else?) What made you ready to take on a CFO position? There's still time to share your experience and insights with the next generation of CFOs for an upcoming column. Send me an email!
See you tomorrow.
Sheryl Estrada
sheryl.estrada@fortune.com
Sign up here to receive CFO Daily weekday mornings in your inbox.
This story was originally featured on Fortune.com
More from Fortune:
Olympic legend Usain Bolt lost $12 million in savings to a scam. Only $12,000 remains in his account
Meghan Markle’s real sin that the British public can’t forgive–and Americans can’t understand
‘It just doesn’t work.’ The world’s best restaurant is shutting down as its owner calls the modern fine dining model ‘unsustainable’
Bob Iger just put his foot down and told Disney employees to come back into the office
Microsoft's billion-dollar investment in OpenAI may pose challenges for white-collar workers in multiple industries
Charter Communications Inc. topped expectations with its broadband subscriber numbers Friday while posting a sizable haul of wireless subscribers.
Watch Katie Couric, Bryant Gumbel and Elizabeth Vargas question what the internet is in hilarious 1994 clip from the TODAY Show.
Founded in 2012, Snowflake is a data lake, warehousing, and sharing company that came public in 2020. To date, the company has over 3,000 customers including nearly 30% of the Fortune 500 as its customers. Snowflake’s data lake stores unstructured and semistructured data that can then be used in analytics to create insights stored in its data warehouse. Snowflake’s data sharing capability allows enterprises to easily buy and ingest data almost instantaneously compared with a traditionally months-long process. Overall, the company is known for the fact that all of its data solutions that can be hosted on various public clouds.
Shares of Lucid leaped after speculation arose that a Saudi Arabia fund might be planning to buy the shares of the EV maker it doesn't already own.
(Bloomberg) — Most Read from BloombergFed Set to Shrink Rate Hikes Again as Inflation SlowsRussia Can’t Replace the Energy Market Putin BrokeAdani’s Detailed Hindenburg Reply Now Said to Be Post-Share SalePension Funds in Historic Surplus Eye $1 Trillion of Bond-BuyingA Billionaire’s Luxury Development Fuels Fight Over Texas Hill CountryAdani Group will release a detailed response to allegations made by US short seller Hindenburg Research only after the completion of a new share sale that’s set
Depreciation is a concept and a method that recognizes that some business assets become less valuable over time and provides a way to calculate and record the effects of this. Depreciation impacts a business's income statements and balance sheets, smoothing … Continue reading → The post What Is Depreciation and How Is It Calculated? appeared first on SmartAsset Blog.
Fed's efforts to slow inflation taking hold but conditions at middle-market businesses remained strong.
There's no way around it. You just have to get through it.
EPR Properties (EPR) closed at $42.68 in the latest trading session, marking a +1.55% move from the prior day.
Saving for retirement is a top financial priority for many. If you're one of those who has prioritized retirement by opening a Roth 401(k), it's crucial to use the account optimally to build tax-free retirement income. The IRS has raised … Continue reading → The post Roth 401(k) Contribution Limits for 2023 appeared first on SmartAsset Blog.
The S&P 500 is on the verge of achieving its first "golden cross" in two-and-a-half years. But that doesn't mean stocks are destined for more gains over the coming year.
Jonathan Kanter, assistant attorney general for antitrust, is a longtime legal adversary to the internet company.
Much is uncertain at Salesforce these days, save for this: The days of the company chasing major M&A deals are over for a long while. The cloud software pioneer is experiencing the most significant slowdown in its history and has thus drawn the attention of activist investors. The latest is Elliott Management, which confirmed a major stake in the company earlier this week.
Amazon Prime members who used to get free delivery on their grocery orders will be paying a fee for orders under $150.
Digital Realty Trust (DLR) closed at $111.31 in the latest trading session, marking a +1.83% move from the prior day.
Investors may be worried after the brutal stock market action of 2022. But stocks should go higher, with Tesla stock and Cisco among potential big winners.
Thinking about an investment property? You might want to think again.
The market’s expectations clash with projections from the central bank. The wording of the policy statement after Fed Open Market Committee gathering could indicate how many hikes really are ahead this year.
MARKET PULSE Gold futures finished Friday with a modest loss, but held onto a slight gain for the week — their sixth weekly gain in a row. “Gold has had a good run in the last few weeks benefitting from the downturn in the U.
Despite cybersecurity being top of mind for the C-suite, data privacy is lagging, a new report finds – Yahoo Finance
