Privacy Software: Who Are the Early Leaders?

Anybody responsible for data privacy soon discovers a hard truth -- privacy compliance is a highly manual undertaking. Whether it's tracking where all of the company's data is or keeping up with changes in obscure privacy laws, the privacy professional is often sentenced to a life behind spreadsheets. If privacy didn't deal with cutting-edge social issues, it might contend for the most tedious job in the corporate center.

By Jay Cline
Thu, August 12, 2010
. What's this?

Computerworld — Anybody responsible for data privacy soon discovers a hard truth -- privacy compliance is a highly manual undertaking. Whether it's tracking where all of the company's data is or keeping up with changes in obscure privacy laws, the privacy professional is often sentenced to a life behind spreadsheets. If privacy didn't deal with cutting-edge social issues, it might contend for the most tedious job in the corporate center.

Lawmakers Unveil Online Privacy Legislation

But the tedium may be lifting.

The privacy profession, which just 10 years ago fit into a single conference room in Washington, has grown large enough to form a reliable market for software products. When in 2006 I first estimated the North America-dominated privacy-advice market at $400 million, membership in the International Association of Privacy Professionals (IAPP) stood at 2,000. The IAPP now has over 6,000 members, according to its recent paper on the future of the privacy profession. Other benchmarks such as the number of privacy consultants and lawyers suggest the world privacy-advice market is now around $1 billion.

A handful of software entrepreneurs has noticed. Together they form what I'd call the "privacy GRC" market, where GRC stands for "governance, risk and compliance." GRC makes up most of what privacy people do.

It's not a big market. To put things into perspective, Gartner is only in its third year of analyzing the nascent IT GRC market. The privacy GRC market is at the moment no more than just a subset of that.

Nonetheless, the number of privacy GRC products is growing. Over the past year I noticed more of these booths at the privacy conferences I attended. So I commissioned research analyst Michael Lotti to help me investigate.

What did we find?

1. Foundational regulatory mapping and policy features

One of the biggest pain points of the privacy officer is the continued churn of new privacy regulations. Global corporations are now subject to an overlapping web of data privacy and security laws and standards. To cope, their privacy staff are busy tracking legislation and mapping the common requirements in each law to a set of unified control statements. An example of a control statement is "encrypt sensitive data transmitted outside Company networks." The privacy people -- months later, usually -- then group these controls into enterprise policies.

Most of the tools that Michael and I looked at -- including those from Archer, brinQa, Agiliance, ControlCase, Avior Computing and Consult2Comply -- automate this chore, albeit to varying degrees. Among these, Consult2Comply stands out from the crowd for the number of regulations mapped and the flexibility of how to reorient the mapping to your own needs.

Continue Reading

Originally published on www.computerworld.com. Click here to read the original story.
What is Tech Briefcase?
TechBriefcase is a new, free service where IT Professionals can Search, Store and Share IT white papers and content like this. Learn more
Bookmark content
Speed up your research efforts with content across the web.
Search and Store
Find the white papers you need. Create folders for any topic.
View Anywhere
Open your briefcase on your iPhone, tablet or desktop. Share with colleagues.
Don't have an account yet?
White Papers »
Mobile Middleware Strategies
Learn why a mobile development platform is critical to be able to support today's complex enterprise mobility strategies. Learn what to look for in a mobile development platform and how apply these tools whether you're developing a dedicated app for one device or multiple apps running across multiple devices.
Native & HTML5 Mobile Apps: Not an either or, but a where and when
Learn how developers are using HTML5 and native development methods to build mobile apps. Get practical insights on how these tools are being used, what's driving their usage, and how to choose the best development approach for your business.
The Evolution of Enterprise Mobile App Development
Driven by explosive growth in smartphone and tablet sales, enterprise mobility has become an essential part of business. Organizations across industries are developing internal- and external-facing mobile applications that drive revenue, build brand loyalty, strengthen communication with partners, and enhance employee productivity. Learn how keeping pace in this market requires an agile, flexible, and iterative approach to application development.
AlertBoot Case Study
When AlertBoot switched to the cloud it needed a load balancing solution that would support its migration and prevent as much downtime as possible. The company chose Riverbed® Stingray™ Traffic Manager to use while transitioning its infrastructure to an entirely virtualized environment. The move was a complete success, at one-third the cost of comparable hardware solutions.
Gilt Groupe Case Study
With over 5,000 requests per second during peak periods, online retailer Gilt Groupe could lose a large percentage of its daily profits in just 10 minutes of downtime. After choosing the Riverbed® Stingray™ Traffic Manager as its load balancing solution, visits to the site have increased thanks to improved customer satisfaction. Real-time traffic views and tracking also make it easy to strategize and plan for the future.
See Tickets Case Study
With 85 percent of its ticket sales made online, See Tickets needed a robust, secure, highly accessible website. The company chose the Riverbed® Stingray™ Traffic Manager to ensure that its site was always online and fast, even during extreme peaks in traffic. Now the company's valued customers receive optimal online service.
Webcasts »
Leverage automation today to reduce IT complexity
Date: Tuesday, June 5, 2012, 2:00 PM EDT

Whether your B2B complexity is caused by multiple technologies due to M&A, business or application specific needs or traditional under investment, the net effect is usually the same: high cost and lower productivity. Enabling business-to-business (B2B) integration using point-to-point EDI translators is usually time intensive and cost prohibitive.

Join IDC's Maureen Fleming and SAP for an insightful Webcast on the different approaches companies are taking to B2B integration and how you can ask the right questions to reassess you B2B approach.
Delivery Management -- Extending Lifecycle Management
Date: Wednesday, June 20, 2012, 1:00 PM EDT

Siloed organizations continue doing the wrong things and doing things wrong, leading to increased costs, project delays, lower quality, and time-to-market delays. Providing a collaborative platform where the whole organization can prioritize, share and manage deliveries with more transparency can help the organizations make more informed decisions at all levels, and greatly improve communications and traceability between teams. Hear from application lifecycle management experts how to increase delivery efficiency and effectiveness with a new approach to Delivery Management.
Operational Analytics - Changing the Competitive Dynamics of the Business
Date/Time: June 5, 2012, 11:00 a.m., EDT, 4:00 p.m. BST / 3:00 p.m. UTC

Please join us for this webcast, as Dr. Barry Devlin, Founder and Principal, 9sight Consulting, describes what operational analytics can do for your business and reviews an architectural approach that will enable you to make it a reality.
BMC Control-M - Single Point of Control Demo
With BMC Control-M, you schedule and manage everything - down to the very last platform and application - from one simple interface. It's the foundation of workload automation, really - the ability to run application and business processes as one. Siloed job schedulers can't do it. BMC Control-M can.
Sun Chemical Customer Success Story
Sun Chemical, the world's largest producer of printing inks and pigments, quadrupled its complex batch environment with zero extra headcount using BMC Control-M's Automated File Transfer features.
Spear Phishing and the Modern Cyber Attack
Learn how IT teams can protect against spear phishing tactics. Harry Sverdlove, chief technology officer of Bit9 offers a frank discussion about spear phishing - the most common technique used in today's advanced attacks. Learn how spear phishing works and three recommendations for IT to protect against modern threats.
Newsletter Sign-Up »

Receive the latest news test, reviews and trends on your favorite technology topics

Choose a newsletter
  11. View all Newsletters | Privacy Policy
White Papers » All White Papers

Mobile Middleware Strategies

Native & HTML5 Mobile Apps: Not an either or, but a where and when

The Evolution of Enterprise Mobile App Development

AlertBoot Case Study

Gilt Groupe Case Study

See Tickets Case Study

STA Travel Case Study

Socialbomb Case Study

Triboo Case Study

PCI DSS Compliance with Stingray Application Firewall Module

PCI DSS Compliance with Stingray Application Firewall Module

Traffic Valuation and Prioritization with Riverbed Stingray Traffic Manager

Virtualization: Benefits, Challenges, and Solutions

Dynamic Video Collaboration in SharePoint

HP Reference Configuration for Premium OLTP

Accelerate Online Transaction Processing (OLTP) database workloads

The CFO Guide to Budgeting Software

Transition from Spreadsheet Budgets to Packaged Application

Better Cash Flow Management: Recession-Proof Your Business

Deliver Cost-Effective Business Continuity with Extreme Capacity
Sponsored Links

High performance. Delivered. Click to see Accenture's client successes

Master the cloud with the power of convergence from HP

Connect with IT leaders redefining mobility at the Enterprise Mobile Hub

Choose New and manage one device instead of 170

Choose New for 8x the firewall and NAT performance

Check out a smart way of mobilizing your business with enterprise-ready Samsung Mobile.

Redefine your data center with HP servers.

Enhance your business with Windstream IT Solutions. Speak to someone local.

BlackBerry® Mobile Fusion. Different mobile devices. One platform.

CYBERMARYLAND | Learn Why Maryland is the Epicenter for Cybersecurity

Get Ethernet speeds from 1 Mbps to 10 Gbps - Comcast Business Class

Cognizant. Leading in Business, Application & Technology Services

Collaboration: driving better business outcomes

Gain cutting-edge insights at MIT in 2-5 day executive programs.

Click to see how Accenture has delivered high performance to clients

Complimentary Gartner Report on BYOD: Media Tablets & Beyond. View Now

Elevate storage agility and efficiency with HP 3PAR storage.

Choose New and slash the number of devices you manage

Customized information views & Twitter events at New Fulcrum Point

Splunk translates machine data into "aha" moments for IT and the business.

ManageEngine Desktop Central - Automate and Audit Your Desktop Management! Learn More...

Cloud Readiness Starts with Intel® Technology

Visit the Virtually There Learning Page to learn how to use virtualization to your competitive advantage.

Free: Hunter Muller's "The Transformational CIO."

Join us for an upcoming Microsoft 365 live online demo event.

Discover your easiest path to unified communications

Virtualizing Your Infrastructure Just Got Easier

Connect with global CIOs now at Enterprise CIO Forum

Resource Center
buy a link »
Ads by TechWords