A privacy certification may boost your security career, says Ralph O’Brien
It’s been three years since the European Union’s General Data Protection Regulation (GDPR) went into effect, and data privacy continues to grow in importance for both organizations and cybersecurity professionals.
California, the fifth-largest economy globally, has since passed both the California Consumer Privacy Act (CCPA) and the California Online Privacy Protection Act (CalOPPA). President Biden recently issued an executive order on protecting Americans’ sensitive data from foreign adversaries. In addition, the coronavirus pandemic accelerated the demand for data protection as more activities became virtual.
“There are new pieces of guidance coming out. There’s new legislation popping up all over the globe. There are new court cases happening. It doesn’t stop,” says Ralph O’Brien, an advisor on global privacy and Infosec Skills course author with more than 20 years of privacy experience.
That’s why he created two new Infosec Skills certification paths: Certified Information Privacy Professional/Europe (CIPP/E) and Certified Information Privacy Manager (CIPM).
Why get an IAPP privacy certification?
In the era of globalized information sharing, data is too easy to find, says O’Brien. “Have we forgotten the individual’s needs in the race to share, profit from or move around data? What about the right to human dignity?”
But holding that data comes with risk for organizations, which is why earning an IAPP privacy certification can give you a competitive edge in the job market.
“The IAPP is a fairly prestigious and respected organization when it comes to someone’s curriculum vitae when they’re on the job market,” says O’Brien.
He says his IAPP certification training courses can benefit professionals with a variety of levels of privacy experience. “You could come in and work your way through the courses from having a pretty low skills base to understanding, at least, the basics of knowing which way you need to turn for your next steps.”
What’s the best privacy certification for me?
Like information security, there’s a variety of roles — and overlaps — in data protection. The are three main IAPP Privacy certifications:
- Certified Information Privacy Professional (CIPP)
- Certified Information Privacy Manager (CIPM)
- Certified Information Privacy Technologist (CIPT)
Each certification focuses on a different aspect of privacy. The CIPM certification is designed for privacy managers who manage daily operations, while the CIPT Certification focuses on information security and information technology. The CIPP certification focuses on privacy law and compliance. There are four CIPP concentrations based on the following regions: U.S. (CIPP/US), Europe (CIPP/E), Asia (CIPP/A) and Canada (CIPP/C).
Privacy law varies greatly depending on what region you’re in.
“Over here in the EU, we have the GDPR as a backbone,” O’Brien explains. “But depending on what member state you live in, that will be filtered through a level of national law. Then there might be industry sector law on top of that.” In the U.S., on the other hand, “the privacy laws aren’t quite so well developed. Then, depending on what state you’re in, your local state privacy law will be different.”
Preparing for your IAPP certification
Earning a privacy certification is about more than just memorizing facts and passing a test, which is why O’Brien’s courses prepare you for real-world privacy scenarios.
“You’re preparing people for an exam, but you’re also preparing people to be a privacy professional and to go out into the world,” O’Brien says.
While exam preparation can be overwhelming, the Infosec CIPP/E learning path is broken into 12 courses, allowing students to focus on the topics where they need the most improvement.
“An individual can go in and replay exactly the chunks that are missing from their knowledge gaps,” O’Brien says.
Creating the courses challenged O’Brien to package his “war stories” and other hands-on experiences in the field “into neatly modular experiences where someone can say, ‘I’ve just got 10 minutes. Let’s just blast out a few minutes on this subject.'”
He adds that when it comes to privacy, it’s important to “let people reflect on how they’d want their own data to be treated” because that’s how you can “turn people who come to my courses into true believers, into disciples, who can go out there and make a difference in the world. When I’ve passed my passion for privacy to others, that’s the best part of teaching for me.”
Learn more about Ralph O’Brien’s Infosec Skills courses:
Executive Order on Protecting Americans’ Sensitive Data from Foreign Adversaries, White House