Security Expert Interview Series: Cat Coode
In this interview, we spoke with Cat Coode who is a Data Privacy Expert and Speaker. Backed by two decades of experience in mobile development and software architecture, as well as certification in Data Privacy Law, Cat takes companies from Privacy by Design (foundation level), through Data Protection Impact Assessments, up to the full implementation of processes including handling user consent and an Incident Response Plan. Continue reading and discover her interesting insights.
1. Firstly, thank you for taking part in this campaign. Can you give us an introduction about yourself, Cat? How did you venture into data privacy world?
I started my career as an engineer, where a large part of my career was as a software architect and developer at BlackBerry. I spent over a decade embedded in privacy and security-first culture. When iPhone was released, people went crazy over its fancy features but no one seemed to care about the lack of security for their data. That’s when I realized that the bulk of the population had little to no understanding of how these applications and devices worked. They didn’t know where their data was going and what was being done with it.
I launched my own consulting company in 2013 called Binary Tattoo – Binary for the language of all things digital and Tattoo for the permanence of what is put online. My goal is to help individuals and corporations better understand cybersecurity and data privacy. As more regulations were launched, I became immersed in the nuances of the laws, running compliance gap assessment, and assisting companies in Privacy by Design implementation.
2. What are 2 must-have skills a Data Privacy Consultant should have?
A willingness to learn. The privacy landscape is evolving quickly in both scope and depth. New geographies are adding regulations and those regulations rules are getting more detailed.
A knack for problem-solving. IMHO, Privacy, and cybersecurity, are about problem-solving – looking for where things *could* go wrong and finding effective ways of mitigating that risk.
3. Considering the massive increase in cyberattacks, what do you believe will be the key trends likely to emerge in data privacy over the next 5 years?
What I am hoping to see.
– Privacy being integrated into the design of services and products, not as an afterthought
– Privacy getting the funding it needs from the board and the time allocated to get it right. Too many companies, especially start-ups, are focused on getting the product out and not on privacy by design
– Consumers caring more about their data and privacy, making trust a factor in product and service selection
4. What can we integrate into our daily tech habits in order to better protect our privacy?
Set privacy settings. Be selective about what apps you download. Remove apps and accounts you no longer use.
5. What foreseeable changes should Chief Executive Officers (CEOs) make to ensure they adhere to different customer data privacy regulations that are presently in place?
CEOs need to allocate the people, the time, and the funds to properly support your privacy program. The sooner the implementation, the less the cost. If you wait on privacy then you will be in a scramble to meet regulations.
Privacy is a journey, not a destination. You want to set up the foundation to support the continued work in the most effective way.
6. How do you stay up to date with industry news and updates regarding data privacy? Feel free to share the sources/websites with us.
For Privacy, the IAPP (International Association of Privacy Professionals) is a great resource. They cover the global scale of regulations and provide a lot of amazing resources that people can share. They also provide training in privacy.
I also recommend everyone follow the commissioners or information authorities in your geographic regions.
7. Last question: what is the most important piece of career advice you would like to give to people who are just getting out of university and are interested in a career in data privacy?
There are more jobs than people to fill them. If you are really interested in privacy then throw yourself in and start reading/learning. Don’t wait for a job that asks you to do it. Once you have some of that knowledge then you will be better positioned to help these companies.
Click here to learn more about the Swiss Cyber Institute’s approach towards improving the digital safety and security of society and economy through education and weekly blog posts. Do you think you are a good fit to participate in our Security Expert Interview Series? Reach out to us for more information.