When it comes to managing privacy risks, workforce is a key consideration. According to a recent IAPP/FairWarning report, on average, even mature privacy programs have only three employees dedicated to privacy. This is why we included workforce as a priority area in the NIST Privacy Framework Roadmap. The benefits of using the Privacy Framework are enhanced when organizations have a sufficient pool of knowledgeable and skilled privacy professionals to draw from.
In response to stakeholder challenges with privacy workforce recruitment and development, we are planning to create a privacy workforce taxonomy aligned with the Privacy Framework and the National Initiative for Cybersecurity Education Workforce Framework for Cybersecurity (NICE Framework). The NICE Framework provides a structure for Task, Knowledge, and Skill (TKS) Statements that may be used to support an organization’s workforce goals for cybersecurity. Our objective is to develop a set of TKS Statements aligned with the Privacy Framework to assist organizations in developing and recruiting a workforce better capable of managing privacy risks arising from their systems, products, and services.
Last September, we initiated this effort with a virtual workshop, Help Wanted: Growing a Workforce Capable of Managing Privacy Risk, hosted by the International Association of Privacy Professionals. During the workshop’s interactive working sessions, participants offered insightful feedback on how best to frame the creation of Task Statements and described the general processes their organizations had in place to meet outcomes in the NIST Privacy Framework Core. To learn more, be sure to check out our Summary Report of the virtual workshop.
We’re pleased to announce the next step in our workforce advancement effort: the launch of our NIST Privacy Workforce Public Working Group. Our goal with this Public Working Group is to bring together practitioners to craft TKS Statements aligned with the Privacy Framework Core outcomes and activities. We’re looking for privacy experts like you to “join the team” and help us create this community resource.
Getting involved is quick and easy. Check out our PWWG web page for more information. Please contact us at PrivacyFramework [at] nist.gov if you have any questions.
We anticipate the first virtual meeting will be held on May 12, 2021. We look forward to collaborating with you!
Hello, I am a privacy analyst and I am interested in joining the NIST Privacy Workforce Public Working Group. I look forward to sharing what I know and learn from others.