Privacy and security get a lot of attention, so when I saw a press release headlined "Job Opportunities Created as a Result of Identity Theft Protection Laws" and spoke a lot about the new role of "information protection manager," I got curious. I called Tom Considine, founder of Considine & Associates, the firm that distributed the release. My question: Is this a good job for IT folks?
His answer: If they’re looking to make a career change. Information protection managers are more concerned with oversight than technology, he says.
Federal and state laws require companies to provide better protection of personal consumer data, often with a Written Information Security Program (WIS) and Identity Theft Prevention Policies (ITPP). That means they have to have someone to ensure compliance – the information protection manager. "This is the type of job that is open to anyone," says Considine. "It can be someone in marketing or human resources. They don’t necessarily have to have technology training but having an IT background would be great. This is something IT people can transition into."
Considine days IT folks making the leap "should have some experience in general operations, and you need training of the law and what the law means and how to implement it."
There are no standard degrees or certifications but companies like Considine’s offer training courses for those who want to become information protection managers. Organizations either can hire someone in-house or outsource the job, which creates an opportunity for people looking to open their own consulting business.
Every organization or company should have one information protection manager on staff, says Considine. Smaller companies can appoint someone who wears multiple hats to be responsible for compliance, while larger organizations should have a full-time IPM in each department.