Throughout 2019, this mini-series will interview leaders from around the globe to discuss areas of cybersecurity. The purpose is to help students and those new to the industry gain perspective and guidance from professionals in the field. These interview insights aim to kick-start or re-energise your career journey in cybersecurity.
Privacy encompasses cybersecurity, is an in-demand skill set by the market and considered as an excellent career starter. If done well, privacy can serve as a competitive differentiator and business enabler for any organisation. In this month’s feature, Natasha Mazey, the youngest woman to graduate from the University of Canterbury with a Doctorate, and now Privacy Officer at Fisher & Paykel Healthcare, shares her story about:
I would say my privacy career was unintentional. I was earning my PhD in trust and perceived privacy risks, and was unsure what I would do career-wise. I thought I might find a job related to ‘digital trust’ given its ‘topicalness’ and recent main stream attention. I had always been intrigued by all things data - information management, data governance, understanding data flows. I wanted to understand how organisations make use of their data in a structured and proficient manner. How they gained business efficiencies with “less is more.” However, I was mostly interested in the people component.
These are her insights. How do organisations view privacy? “How organisations’ view privacy varies widely based on the organisation. Some organisations aim to ‘tick the box’ to facilitate compliance with the most current regulation(s). These organisations want to ‘play by the rules’ to protect and maintain their ongoing business activities. Other organisations have leveraged the momentum of the new privacy and personal data regulatory changes to uplift processes to promote more ethical behaviours and reputational trust. Privacy facilitates transparency for how an organisation uses our personal information to build a more positive relationship with their customer. This can foster customer trust. It also encourages organisations to be more respectful and accountable for their stewardship and use of an individual’s information. This enables more choice and control. Privacy can be difficult for some organisations and business units because this discipline asks for more all-around due diligence with questions that start with How and Why. This can challenge decisions about innovation and growth. For some, privacy can be perceived as stifler or blocker that slows an organisation down. This can create further challenges for those organisations who already have messy data, old legacy systems or processes that have been part of the status quo for many years. Practicality can get in the way of designing and implementing enhanced privacy practices. For these organisations, there can be a lot more work to do upfront. From a personal perspective, I have yet to meet an individual that misunderstood the importance of privacy or that of a privacy professional’s objective. Often times the difficulty is to reconcile this to business objectives and norms. Fortunately, awareness and advocacy for better business privacy practices has gained momentum in recent years as organisations attempt, and succeed, to gain competitive advantages through transparency, trusted behaviours, and the adoption of more effective control of their data.” What privacy challenges should we expect to face tomorrow? “I am genuinely excited about the future of privacy. I believe this discipline will continue to evolve outside of the area of personal information as organisations attempt to better manage data in an ethical manner. The lines of the privacy profession have traditionally been reasonably clear; however, they are beginning to blur with other disciplines. This could lead to a new area of study and or industry as our information ecosystems grow and become more digital. I am keen to watch how privacy supports, or potentially merges with, emerging issues around digital content moderation, the right to free speech, politics and democracy, and corporate ethics. I would be disappointed if privacy stays the course as a legal requirement – compliance as a checkbox. This facilitates bare minimum behaviours and will likely be more difficult to correct in the future as regulatory requirements continue to evolve. It would be disheartening for privacy to veer towards the direction of carefully telling customers only what is required. While withholding details to elude accountability or using clever shortcuts to avoid the intentions of the law. We could miss a tremendous opportunity if we went down this path, commercially and socially. This discipline allows organisations to understand and utilise their data to identify reasons for why they have it. This itself is a value added exercise as organisations become leaner in their management of data to avoid information and data analytic waste.” What criteria have you leveraged to evaluate career-related opportunities? “I wanted to a career where I would be continuously challenged and constantly learning to obtain new experiences and skills. With the ever-changing technology landscape, public expectations, and evolution of legislation, the privacy profession has been a great enabler to nurture my continuous growth and develop my professional skills. This discipline has continued to present challenges that engaged and motivated me throughout my career. Working in privacy is rewarding as I help to make a positive difference in the way we treat and think about people’s personal information.” What information you would have liked to know starting out in your career? “Firstly, do not hesitate or second guess yourself. Early in my career, I questioned whether I was on the right track, or if I had locked myself into a role for the duration of my career journey. I have, however, been fortunate to take on several exciting positions with excellent mentors that have enabled my growth and skill development in areas that I was interested in pursuing. Secondly, be courageous. Evaluate each opportunity that presents itself. If it seems right and you aren’t sure you can do it, roll with it and accept the challenge. If it does not work out, other opportunities will arise. Hopefully you would have learned something along the way regardless. I have found tremendous satisfaction working for organisations that are eager to embrace privacy and embed responsibilities into their day-to-day business operations. My job gives me the privilege to work with talented people across many specialties. I enjoy the opportunity to collaborate with them to understand and overcome business challenges together. People and culture make all the difference.” Cybersecurity and privacy are intriguing, in-demand by the market and considered an excellent career starter. Please be on the lookout for next month’s issue of Decoding Cybersecurity: Interview Insights with Leaders as the journey continues.
0 Comments
Leave a Reply. |
AuthorElliot is a Senior Manager in the EY Cybersecurity practice. Elliot enables organizations to build in risk thinking from the onset, enhancing global innovation with confidence. He leads global teams to reduce response times and minimize the impact of security incidents by building and operating mature security, logging, monitoring, alerting, and incident response practices. He successfully led response to and recovery from complex security incidents, such as data exposures, third party compromises, and vulnerability exposures, by coordinating across large enterprises through effective incident response procedures to minimize business impact. Archives
April 2020
Categories |