Data privacy careers: 6 key insights about this life-changing path
Poetry and data privacy aren't usual pairings. Yet ask Infosec Skills author Chris Stevens about his lucrative privacy career, and he'll paraphrase "The Road Not Taken" by poet Robert Frost. "You've got two roads. One is well-traveled. I'm going to walk around to the other path."
Chris headed towards privacy, launching a career taking him from course development to corporate boardroom. His clients include the U.S. House of Representatives and an internationally respected law firm.
But the privacy road didn't have an early on-ramp; Chris worked over 35 years before entering the privacy field. He was retired from the military on disability and working at the National Security Agency when he "got the privacy bug." He quit his stable federal job for unknown possibilities. Now, with seven IAPP certifications under his belt and his best job ever, Stevens states, "Privacy changed my stars."
FREE role-guided training plans
We spoke with Stevens about his new Information Privacy Essentials learning path that introduces cybersecurity professionals to fundamental privacy concepts, frameworks and laws. He reveals his journey into privacy, opportunities in the field, and inspiring advice for pivoting into privacy.
How did you begin your transformational journey?
Chris: While working at the federal government intelligence branch, I learned that data had value to the companies entrusted to process it, the individuals to whom it pertained and cyber adversaries. I was intrigued with helping organizations show due diligence and care when collecting, using and disposing of an individual's personal information. I got my International Association of Privacy Professionals (IAPP) certifications and taught for the IAPP. My life began to change.
I didn't want to do only policy, though, so I looked across industries like healthcare. I earned more certifications and saw how cybersecurity, information security and privacy walk hand in hand. I wanted to sit at the big table with my cybersecurity and information security counterparts, technologists and procurement officers and speak a common lexicon. So I got the CRISC and the CISM.
Now, I work with experts to discuss personally identifiable information (PII) and translate that, implement security and create competitive advantages. None of what I do would be possible If I hadn't stepped outside of myself and gotten that first privacy certification.
Who should take date privacy training?
Chris: From a skills and managerial perspective, everyone needs an understanding of privacy, especially as it applies to information assurance. These courses are for information professionals, risk managers, compliance officers, procurement and contract teams.
They are also for security leaders working on information systems such as security officers, ISOs, CSOs and CIO's who need to understand privacy at a high level. These foundational courses are widely beneficial because privacy touches many roles.
What should you learn next?
What will information privacy students learn?
Chris: We'll give you an overview of privacy from a global perspective. I'll introduce you to international laws. Those of you in the U.S. will better understand privacy in the United States and where it's heading. The Information Privacy Essentials for Cybersecurity Professionals learning path provides students with insights into the role of information privacy within private sector and public sector organizations. If you take this learning path, you're going to better understand how you can transform your organization from a privacy perspective.
It's going to help cybersecurity professionals better protect data, it's going to help software developers develop more secure code, and it's going to help compliance individuals comply with external requirements.
What are the career benefits of Information Privacy Essentials?
Chris: This learning path for cybersecurity professionals will put you on the lucrative path to becoming a privacy technologist, a privacy engineer or a privacy professional with a technical perspective. We have a shortage of privacy technologists and engineers. In a study last year, 50% of respondents said that they couldn't find a privacy technologist. And we're not going to find them — we need to make them. It's easier to take an information security expert and sprinkle them with privacy than take a privacy expert and sprinkle them with information security. That's what my learning path is going to do.
Privacy is transformational. That's why when NIST came out with the cybersecurity framework, it followed it up with the privacy framework. We've seen, especially over the last ten years, the power of going beyond discussing policy and compliance and doing the work.
What are your continuing education recommendations?
Chris: This learning path is not a preparatory course for certifications. It's foundational for preparing for and pursuing one of IAPP's certifications. If you don't want to just be an information insurance person or a cybersecurity person and want to cross over and be a privacy technologist, this learning path will help put you on that path.
Every information security officer should have one of the privacy certs.
What should you learn next?
Any advice for pivoting into privacy?
Chris: Separate yourself from the masses, go around that path, and your life is better for it. Become more eclectic, expand your understanding and it'll create new opportunities for you. Becoming a privacy professional and obtaining certs in my own and complementary disciplines changed my life.
An adage says you can have security without privacy, but you can't have privacy without security. We can define PII and talk about compliance all day, but at some point, you've got to apply those security and privacy controls. That's where cybersecurity and information security experts come in. If you understand privacy through the cybersecurity lens, doors open.
You've got to broaden into other disciplines. That's what this learning path does. It provides you information to pivot in multiple directions, but it's up to you. You have to take that step and put one foot in front of the other to get there. That's how you change your stars.
Create your free Infosec Skills account to learn more about Chris Stevens Information Privacy Essentials for Cybersecurity Professionals learning path.
In this Series
- Data privacy careers: 6 key insights about this life-changing path
- Top-paying cybersecurity jobs and salary trends for 2024
- The importance of IT certifications in boosting your career
- Understanding the role of a network engineer in IT
- The role of the chief information officer (CIO) in cybersecurity
- What is a network engineer and how to become one?
- What does a system administrator do and how to become one?
- Cyber security hiring: Tips and best practices
- Cybersecurity soft skills: Career benefits of public speaking
- CompTIA Data+ certification: Opening doors to new careers
- Surviving cybersecurity burnout: Tips from industry experts
- How to make a mid-career change to cybersecurity
- 7 top security certifications you should have in 2024
- The Changing Role of the Modern SOC
- Discover the top 5 information security management certifications
- CySA+ versus CASP+: Is the CySA+ good enough for a career in cybersecurity?
- The best cybersecurity jobs in 2023: Trends, roles and salaries
- Top 10 penetration testing certifications for security professionals (2023)
- How to land an entry-level cybersecurity job: Essential skills and certifications
- 133 cyber security training courses you can take now — for free
- Breaking down barriers: How to make cybersecurity more inclusive and diverse
- Computer forensics interview questions
- The digital security forensic analyst salary guide
- Applying linguistics to cybersecurity: The journey of Jade Brown, a 2022 Infosec Scholarship winner
- The Path to “Career 4.0”: Amy Bonus leverages humanities, FinTech experience to bring Cybersecurity to the layperson
- Security engineer: Degree vs. certification
- Cybersecurity engineer: CyberSeek
- Infosec Accelerate Scholarship winner highlights essential qualities of a successful cybersecurity professional
- Career skills, imposter syndrome and intelligence-led pentesting | From the Cyber Work desk
- Cloud security engineer interview questions and answers
- Prior preparation results in a big payoff for Jason Mondragon, an Army veteran transitioning into cybersecurity
- Infosec scholarship winner Kandice Kucharczyk salutes her mentors as she sets her sights high
- Which CompTIA cert is right for you: Security+, PenTest+, CySA+ or CASP+? [updated 2023]
- How VetsInTech and Infosec Laid the Path to Gaurav Panta’s New IT Career
- Infosec 2022 scholarship winner Anthony Torres: Bringing the Marine Corps ethos to the cyber domain
- Infosec Scholarship winner Chris Chisholm knows the power of service and diversity in cybersecurity
- Betta Lyon Delsordo, Infosec scholarship 2022 winner, is a true life-long learner
- A veteran transitions from military medical logistics to multi-national security analyst
- An Army National Guard member fast tracks his cybersecurity career transition with VetsinTech
- How a career harnessing Navy nuclear energy can power a transition to a Security+ certification
- What is a cloud administrator? Essential roles and skills
- Security control mapping: Connecting MITRE ATT&CK to NIST 800-53
- Should you take the CCSP/SSCP before the CISSP? [updated 2022]
- (ISC)² certifications: The ultimate guide [updated 2022]
- CCSP vs. Cloud+ [updated 2022]
- Data architect: The ultimate career guide
- The ultimate guide to ISACA certifications: Overview & career paths [updated 2022]
- I failed IAPP’s CIPP/C certification. Here’s how I recovered
- How learning to be "Always Flexible" helped a Marine in earning the Security+ certification
- How to learn and pass your next certification exam
- Mission accomplished: How one army veteran turned neurobiologist moved into cybersecurity
Get certified and advance your career
- Exam Pass Guarantee
- Live instruction
- CompTIA, ISACA, (ISC)², Cisco, Microsoft and more!
Professional development
Professional development
Professional development
Professional development
The role of the chief information officer (CIO) in cybersecurity