• About
  • Subscribe
  • Contact
Thursday, May 8, 2025
    Login
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
No Result
View All Result
No Result
View All Result
Home Management Leadership Finance Governance, Risk and Compliance

Why your company should get a DPO now

Kevin Shepherdson by Kevin Shepherdson
July 18, 2022
Photo by Tima Miroshnichenko from Pexels: https://www.pexels.com/photo/close-up-view-of-system-hacking-5380642/

Photo by Tima Miroshnichenko from Pexels: https://www.pexels.com/photo/close-up-view-of-system-hacking-5380642/

In Singapore, the demand for roles requiring data protection expertise increased by 26% in 2021, after doubling the previous year. As more countries around the world, including in Southeast Asia, adopt and evolve their own data protection laws, this trend is expected to continue.

The changes of recent years are allowing companies to see that simply complying with data protection requirements falls short of their overall plans in relation to data - they are already transitioning from data protection to data governance. This means moving from risk management to using data for value creation. Data protection addresses the dangers of handling personal data, while data governance seeks to decrease the risk and increase the value obtained from data, including personal data.

Data protection professionals are thus also seeking continuous learning to keep their skills and competencies in line with the new demands of their evolving roles or to equip themselves for more highly paid roles that embrace data governance.

Why DPOs are essential

The Covid-19 pandemic has accelerated digital transformation, such that businesses that do not digitalise their operations put themselves at a disadvantage. But while digitalisation has brought convenience, speed and innovation, organisations are beginning to recognise the new risks that come with it.

One of these is the risk of failing to build good personal data processes into the way they do business. Ensuring data protection requires a specific set of skills to manage personal data at all stages – collection, use, disclosure and storage – which is why organisations are scrambling to find data protection officers (DPOs).

With data protection being a specialised skill, individuals holding privacy certifications such as ISO 27001, ISO 27701, and IAPP certifications are becoming highly valued. DPOs are not responsible personally for an organisation’s data protection competency and compliance – that responsibility falls to senior management, up to and including the board of directors – and they certainly do not do all the necessary work on their own.

But DPOs do play a vital role in helping to guide the policies of an organisation and develop standard operating procedures to operationalise those policies. Supported by the “tone at the top” of an organisation, and working with department and business unit heads, they are also skilled at promoting best practices and ensuring compliance with prevailing laws and requirements.

DPOs can deliver legal and financial benefits

In the European Union and Singapore, enforcement cases have been on the rise in recent years. Singapore has also raised the ceiling on its fines for compliance failures, including data breaches – and more countries are expected to follow suit.

Fines may be costly. In mid-2021 Amazon was fined €746 million for non-compliance with general data processing principles in the EU. In July 2022, the Greek supervisory authority imposed a fine of €20 million on Clearview AI in relation to its data collection and use practices.

Sizeable as they can be, fines are usually the least of an organisation’s problems while under investigation. The financial impact of a data breach, for example, extends to the costs of investigating the source of the breach, which may require hiring cybersecurity experts, losses due to downtime, the loss of assets and data, and the loss of trust in its customers.

In addition, regulators may impose penalties in addition to fines. Clearview AI was banned from collecting and processing the personal data of people living in Greece and ordered to delete any data on Greek citizens that it has already collected.

As for Amazon, although payment of its fine has been suspended pending an appeal last December, it continues to loom and will likely be incurring ongoing costs, including legal fees and costs arising from management distraction.

A survey by Adobe showed that among APAC consumers, 66% would not purchase again from a brand that breaks their trust. Maintaining consumer confidence helps to ensure brand loyalty, which is generally necessary for continuing growth in revenues.

Survey reveals that APAC consumers are more concerned about how companies are using their data compared to the global average.
Source: Adobe 2022 APAC Trust Report

How you can assist the DPO

A DPO cannot do it all and is not meant to do it all. While the DPO may oversee overseeing the organisation’s Data Protection Management Program, data protection is the responsibility of everyone in the organisation.

Management buy-in and the cooperation of staff and managers at all levels are essential for the business to rise above the threats to personal data. It is important for everyone in the organisation to have the right mindset when it comes to data protection.

Thus, business unit staff must be given sufficient training on data protection processes relevant to their day-to-day tasks. Line managers are also expected to ensure that best practices relating to data protection are consistently implemented in their teams.

Lastly, data protection is not a one-off exercise. The management of many organisations seems to think that data protection is something you learn once, set up, and then leave alone.

In fact, it is a continual process – it must be part of the company’s daily operations, and policies and standard operating procedures must be reviewed and updated periodically to ensure that they support operations and reflect any changes in the data protection law and emerging views of supervisory authorities.

The challenges of finding a DPO

Demand for DPOs is growing rapidly, as evidenced by a rising number of data privacy, data protection and data governance roles being advertised, and salaries are on the rise for data protection professionals globally.

However, the difficulty lies in finding certified and experienced data protection professionals to fill the roles, particularly as more organisations pivot from data protection to data governance.

Some of the competencies expected from a DPO include Data Protection Management, Business Risk Management, Cyber and Data Breach Incident Management, Stakeholder Management, and Data Governance.

Several of these are covered in the various privacy certifications mentioned earlier, such as the ISO 27701 standard and certifications awarded by the International Association of Privacy Professionals (IAPP). In some industries, skills in Audit and Compliance, Data Ethics, Data Sharing, and Design Thinking are also highly valued for DPOs.

The DPO role is also highly collaborative and involves change management – which is why soft skills such as project management, negotiation, and leadership are also required.

Adaptability is also a must for DPOs, particularly given today’s highly volatile environment. As new technologies sprout, data protection practices must simultaneously adapt. Communities for data privacy professionals like the DPEX Network help DPOs pursue continuous learning, stay updated, and connect and learn from fellow DPOs in various industries.

It is no surprise that DPOs are gaining traction – and wise business leaders would know why and what steps to take next.

Related:  Empowering Singapore’s AI leadership with secure cloud infrastructure
Tags: AdobeAmazonClearview AIdata protection
Kevin Shepherdson

Kevin Shepherdson

Kevin Shepherdson is CEO and Founder of Straits Interactive Pte Ltd, a specialist in data privacy platform solutions and professional services in the ASEAN region. He left university with degrees in English Language, Politics and Information studies. His work-life began with Creative Technologies Ltd where he rose through the ranks to become head audio evangelist and senior manager. He then moved to Sun Microsystems in 2001 and by 2006 was made Director of marketing operations and intelligence. Later moving to Oracle, Shepherdson worked as both senior director for demand generation and customer intelligence and senior director of market development. In 2012 Shepherdson became transformation strategist at Straits Consultancy and Publishing, a position he still holds and then in 2013 founded Straits Interactive. In addition to his extensive career, Shepherdson is also the author of “99 Privacy Breaches to Beware of” and a Fellow in Information Privacy (FIP). He has consulted for more than 50 listed and multinational companies in data privacy and is the authorised regional trainer of privacy certification and corporate governance-related courses for IAPP, Singapore Management University (SMU) and Open Compliance Ethics Group (OCEG).

No Result
View All Result

Recent Posts

  • Agentic AI-powered AppSec platform launched for the AI era
  • IDC forecasts GenAI alone will grow at a 59.2% CAGR
  • Dataiku brings new AI capabilities to create and control AI agents
  • Microsoft reveals the rise of a new kind of organisation in the AI era
  • St Luke’s ElderCare enhances data security and user experience with Juniper

Live Poll

Categories

  • Big Data, Analytics & Intelligence
  • Business Applications & Databases
  • Business-IT Alignment
  • Careers
  • Case Studies
  • CISO
  • CISO strategies
  • Cloud, Virtualization, Operating Environments and Middleware
  • Computer, Storage, Networks, Connectivity
  • Corporate Social Responsibility
  • Customer Experience / Engagement
  • Cyber risk management
  • Cyberattacks and data breaches
  • Cybersecurity careers
  • Cybersecurity operations
  • Education
  • Education
  • Finance
  • Finance & Insurance
  • FutureCISO
  • General
  • Governance, Risk and Compliance
  • Government and Public Services
  • Growth Strategies
  • Hospitality & Tourism
  • HR, education and Training
  • Industry Verticals
  • Infrastructure & Platforms
  • Insider threats
  • Latest Stories
  • Logistics & Transportation
  • Management Leadership
  • Manufacturing
  • Media and Telecommunications
  • News Stories
  • Operations
  • Opinion
  • Opinions
  • People
  • Process
  • Remote work
  • Retail & Wholesale
  • Sales & Marketing
  • Security
  • Tactics and Strategies
  • Technology
  • Utilities
  • Videos
  • Vulnerabilities and threats
  • White Papers

Strategic Insights for Chief Information Officers

FutureCIO is about enabling the CIO, his team, the leadership and the enterprise through shared expertise, know-how and experience - through a community of shared interests and goals. It is also about discovering unknown best practices that will help realize new business models.

Quick Links

  • Videos
  • Resources
  • Subscribe
  • Contact

Cxociety Media Brands

  • FutureIoT
  • FutureCFO
  • FutureCIO

Categories

  • Privacy Policy
  • Terms of Use
  • Cookie Policy

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Login to your account below

or

Not a member yet? Register here

Forgotten Password?

Fill the forms bellow to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In
No Result
View All Result
  • Management Leadership
    • Growth Strategies
    • Finance
    • Operations
    • Sales and Marketing
    • Careers
  • Technology
    • Infrastructure and Platforms
    • Business Applications and Databases
    • Big Data, Analytics and Intelligence
    • Security
  • Industry Verticals
    • Finance and Insurance
    • Manufacturing
    • Logistics and Transportation
    • Retail and Wholesale
    • Hospitality and Tourism
    • Government and Public Services
    • Utilities
    • Media and Telecommunications
  • Resources
    • Whitepapers
    • PodChats
    • Videos
  • Events
Login

Copyright © 2022 Cxociety Pte Ltd | Designed by Pixl

Subscribe