2022 Cyber Predictions: Data Protection Needs to Be Intrinsic to Systems and Consistently Applied

This is part of our 2022 cyber predictions series. We heard from top leaders in the industry about what cyber could bring in the new year.








2022 Data Analytics, Privacy and Provisioning Trends

Data protection shifts beyond what is legal to what is ethical


“Execution focus for 2022 will remain on how to efficiently deliver self-service access to data, navigating the increasingly complex web of regulatory and legal requirements including data sovereignty, data protection and industry specific regulations. Through use of modern data provisioning tools, more data will be available for decision making and innovation in a way that ensures consumer trust. At the same time, board rooms will give more thought to the ethical considerations around data use - how do we ensure the sins of the past are not propagated by AI at massive scale, how do we ensure data is not inappropriately weaponized to drive unbalanced outcomes and how do we safeguard civil liberties under threat through mass surveillance? Ethical considerations are inextricably tied to culture, and so while there will be no single solution to these challenges, work must be done to ensure we have a common framework of understanding and the right checks and balances are embedded.

We have seen hype over big data, the promise of AI, and the need for privacy. The pandemic has accelerated our paths here and forced some key realizations:

If we want to realize the value of data we need discipline and control. We need to think carefully about the data we need, the cost to appropriate, store and protect it and balance this with the potential upside. A policy driven approach to the controls we put on data use will become the norm.


Value creation happens at the point of consumption. For data to realize a return, we need to get it efficiently into the hands of analysts and data scientists and time to data is a key metric here. More business intelligence and data science teams will carry targets aligned to commercial success.


Organizations that value data, will value privacy. The idea that data protection needs to be intrinsic to systems and consistently applied at all points of consumption will go mainstream.”


- Jason du Preez, CEO and co-founder, Privitar

Streamlined provisioning processes broaden access to safe data


“With more and more organizations looking to gain access to meaningful data for analytics and ML, streamlining provisioning processes will play a key role in making this possible. Organizations can only create value from their data if they can quickly and reliably get the right data to the right people at the right time. They also need to make sure that data is safe to use...you can’t have one without the other. In 2022, we’ll see organizations streamlining their data provisioning processes so that they can accelerate and broaden access to data, while integrating privacy and accountability, enabling them to safely and efficiently leverage data for insights and innovation.”


- Pat Walsh, Chief Marketing Officer, Privitar

Trusted data becomes the foundation of a successful data mesh


“Organizations are increasingly embracing data mesh and data fabric methodologies as the basis of their modern data stacks. As they continue to do so into 2022, they will realize the critical importance of having trusted data as the foundation of these platforms. Data access and privacy tools that facilitate access to safe and trusted data will be essential for organizations to ensure that their data stays safe when working across their organization and beyond.”


- Steve Totman, Chief Strategy Officer, Privitar

Focus shifts from removing technical barriers to provisioning and compliance barriers


“In the last 10 years, the time it takes for an organization to deploy a data warehouse or data lake has dramatically been reduced, going from 2/ 2 / 50 - 2 years, $2M and 50% failure to mere days and thousands of dollars on cloud-based infrastructures. At the same time, the time for approval processes to use the data now available has increased to 2-3 months. Now that the technical barriers to self-service data access have been removed, we’ll see organizations refocus their efforts to remove the provisioning and compliance barriers in 2022 and beyond, so that they are finally able to maximize the usage and sharing of their data.”


- Steve Totman, Chief Strategy Officer, Privitar


Organizations will unite data across ecosystems and across jurisdictions

“Organizations have long appreciated the value of data and analytics to drive business insights. Many are investing in building best of breed systems to store, protect, and analyze that data, but for most, it is still a patchwork of systems. To maximize value from that data, organizations will focus on connecting the dots to unite all of their diverse ecosystems at every stage of the data journey- from data ingestion to consumption.

This will be of particular focus for international companies, who want to stitch together data across jurisdictions, have both regional and global views into their data, and still be in compliance with data protection and privacy regulations.”


- Nick Curcuru, Vice President of Advisory Services, Privitar


Predictive analytics will be embraced to combat the “Great Resignation”


Analytics in HR has traditionally been about reporting. As organizations grapple with employee turnover amidst the “Great Resignation,” they will increasingly look to predictive analytics to help save the day. By embracing predictive analytics, organizations can identify key trends in employee engagement and key moments in time to intervene, enabling them to take action and possibly save relationships that might be on the brink. It can cost as much as four times an employee salary to replace someone as it does to keep them, so being able to prevent churn can provide a huge value to an organization.

As part of predictive HR analytics efforts, organizations need to make sure that they are taking proper precautions to protect the people underneath the data and have full transparency on the policies used to protect the data. HR data can be amongst some of the most sensitive and incredibly useful data to derive insights. If companies use it both safely and ethically, they can reap the benefits of being able to leverage that powerful data, support happier employees, and increase engagement and longevity.”


- Nick Curcuru, Vice President of Advisory Services, Privitar

2022 Privacy Policy and Regulatory Compliance Trends

Consolidation of data protection best practices


“In 2021 we saw significant efforts to close the implementation gap - this is the gap between legal requirements (often expressed as high level principles) and operational decisions. Regulators and industry bodies, among others, sought to clarify how organizations should operationalize the high level principles in data protection principles and laws. For example, the UK’s Information Commissioner’s Office (ICO) launched a consultation on updated guidance on anonymization and the Enterprise Data Management Council, an industry body with 250+ members, developed their Cloud Data Management Capabilities Framework, an industry standard framework. We’re also seeing increasing recognition of the need for specific advice for sectors or technologies to complement the broader data protection regime. For instance, the ICO’s data protection in AI framework or the CDEI’s guide to adopting Privacy Enhancing Technologies (PETs). We expect that this trend will accelerate in 2022. We’ll see greater use of sector-specific case studies and industry-led initiatives to define and document best practice. These will help to increase an organization’s confidence that it is fully compliant.”


- Marcus Grazette, Europe Policy Lead, Privitar

Conversations about trust dominate


“Conversations about ‘trust’ dominated in 2021. Organizations continued to invest heavily in compliance programs, and we started to see market leaders looking beyond compliance to embed responsible or ethical data use as a top priority. Organizations increasingly recognise that data use can cause harm to individuals, for example if an unfair or biased model is used to support decision making. Initiatives to ensure responsible data use are starting to emerge as an essential element of an organization’s corporate and social responsibility agenda. We expect this trend to continue into 2022 and beyond, as organizations develop internal processes and workflows to embed responsible data use. We believe that processes and workflows are critical to ensure a consistent approach, at scale, across all of an organization’s data assets.”


-Marcus Grazette, Europe Policy Lead, Privitar

2022: The year of enforcement


“Debate around enforcement continued in 2021. Challenges around the ‘lead supervisory authority’ and the consistency mechanisms in GDPR (mainly Articles 60 and 65) mean that national regulators have struggled to hold global companies to account. For example, the Irish DPC’s ruling on Whatsapp revealed significant differences of opinion. Resource constraints are also a significant challenge for regulators. We see signs that this may be starting to change, including: (1) in the US, the launch of California’s privacy regulator to enforce CPRA and the potential for significant new funding for the FTC, (2) pressure on European regulators to up their game and action in related domains e.g. the Italian competition regulator’s fine against Amazon and (3) the UK courts closing down class action claims for damages arising from the ‘loss of control’ of personal data (e.g. in Lloyd v Google). Closing this legal avenue could put more pressure on the ICO to act in defence of individual rights. Action on ‘loss of control’ of data could be significant in the context of the ICO ramping up work on ad tech: the profiling and data collection fueling targeted advertising may use data in unexpected and unwelcome ways. Will 2022 be the year that regulators take enforcement up a notch?”


- Marcus Grazette, Europe Policy Lead, Privitar

2022 Leadership and Team Building Trends

Organizations embrace agile leadership to build high-performing teams


“Team leaders will increasingly challenge the status quo to typical performance management approaches, and look to agile leadership methods to more effectively build, engage with and support high performing teams. They’ll focus on creating team cultures where creativity, experimentation, and innovation are rewarded, having trust and psychological safety are the norm, and management perspectives are grounded in team enablement rather than traditional performance management.”


- Victoria Normark, Chief Technology Officer, Privitar


Organizations focus on change agility and building leadership to thrive


“In 2021, organizations across industries and sectors faced unprecedented challenges on the people front. From adapting to rapidly evolving COVID-driven realities and new ways of work, organizations had to test and adapt again and again. We’ve had to completely reimagine the employee experience, what culture is and how it shows up, and how to foster strong culture digitally. We’ve also faced an unprecedented talent market where all of the traditional rules of recruiting and building teams have flown out the window.

Embracing change agility will be essential for organizations to thrive in 2022 and beyond, as will focusing on building leadership at all levels. Employer brand and having a unique value proposition will matter more than ever to attract and retain top talent, and that starts from within the organization. Everyone will need to play a role in building and maintaining a strong culture and brand. The organizations that thrive in the talent wars will have both a unique value proposition and be laser focused on establishing meaningful and authentic relationships within and across teams.”


- Nicky Brocklehurst, Head of People, Privitar


###