GDPR Creates More Career Opportunities in Cyber Security

Cyber security has often been treated as an obscure specialty of IT professionals, something most people didn’t talk about or pay attention to. But in 2018, cyber security is at the center of a world-wide discussion about information, privacy, protections, and standards. This global shift in increased awareness of security practices has been driven by breaches and scandals that have affected millions of people, including:

• Massive data breaches in 2017: The Equifax data breach affected an estimated 148 million Americans, with larger numbers being reported even in May of 2018. The breach of the Republican National Party exposed the private and political information of 200 million Americans. Uber was hacked and exposed the data of 57 million people. It’s not only the size and scale of these breaches that are drawing legislative attention, but late, ineffective, inadequate responses from the companies involved, who seem more interested in covering up breaches than in disclosing and addressing them.
• Data scandals: The Cambridge Analytica scandal revealed that data was collected from millions of Facebook users without their consent, and used to influence American elections. The scandal led to Mark Zuckerberg being called before the United States Congress to testify regarding Facebook’s data practices, and the closure of Cambridge Analytica. Zuckerberg may also be called to testify before lawmakers in the UK.
• GDPR: The EU’s General Data Protection Regulation was passed in 2016, but takes effect in May of 2018, and has the attention of privacy and data regulators world-wide.

GDPR requires a broad set of data policies and practices, affecting not just online businesses that are based in the EU, but sites that have even just one user living in the EU. It requires affected business to have or designate:

A Data Protection Officer: DPOs are required to oversee a company’s data protection strategy and ensure that it is compliant with GDPR requirements. 2017 estimates were that approximately 28,000 DPO positions needed to be filled in order to meet the standard. DPOs are required to:

1. Educate and train staff on data privacy requirements and processes
2. Conduct data security audits and monitoring
3. Maintain comprehensive records of data processing activities and make them public upon request
4. Act as the point of contact for members of the public who have questions about their data protection and rights, and as the point of contact for GDPR Supervisory Authorities

Local representatives: If a site or business does not have an EU presence, they are required to appoint a representative within an EU member state. The local representative will:

1. Act as the point of contact for members of the public who have questions about their data protection and rights, and as the point of contact for GDPR Supervisory Authorities
2. Maintain comprehensive records of data processing activities and make them public upon request

In addition to the specific named positions of the DPO and the local representative, GDPR increases demand for cyber security professionals at all levels in Ireland, as data protection and data management practices are expanded. This new attention to the importance of cybersecurity, along with new regulations and the expectation of even more government oversight, has increased demand in an already competitive labor market for cybersecurity professionals. Successful GDPR candidates are also getting above-the-market salaries because their roles are so specialist. It is predicted professional salaries would grow by 5-10 percent as firms focused on retaining key personnel.

For those who are thinking about starting a new career in cybersecurity, or for IT professionals looking for a change, there has never been a better time to specialize in data protection and security. These new jobs are being created globally and within the EU. The biggest companies in the world are seeking the top talent and willing to pay for it. The work is interesting, job security and benefits are excellent, and there are a variety of roles and opportunities at all levels.

The world is watching cybersecurity, and holding companies accountable for how they manage data. It’s a new frontier of change, growth, and opportunity.