Book Review: The Privacy Leader Compass

Reviewed by Ben Rothke, CISSP, CISM, CISA

26 April 2024

The Privacy Leader Compass: A Comprehensive Business-Oriented Roadmap for Building and Leading Practical Privacy Programs. By Valerie Lyons and Todd Fitzgerald. CRC Press; https://www.routledge.com/go/crc-press 476 pages; $59.95

In The Privacy Leader Compass: A Comprehensive Business-Oriented Roadmap for Building and Leading Practical Privacy Programs, authors Dr. Valerie Lyons and Todd Fitzgerald gathered the wisdom of more than 60 experts in the field and produced a helpful guide. These experts in this valuable book include noted industry leaders Rebecca Herold, Larry Deitz, Mark Rasch, and many others. 

There has never been a more critical time to be a privacy leader—the stakes have never been higher. With hard drive capacitates continuously increasing and getting correspondingly cheaper, it is easy to underappreciate how much data is indeed available. Laptops now come standard with terabyte hard drives. To put that into perspective, the entire Library of Congress contains but 15 terabytes of data. And with the availability of 1TB thumb drives that cost less than $10, you can get the entire Library of Congress in your pocket for $150. 

With that, there is a lot of data to protect. Compounded with the relatively low cost of hardware (especially when using the cloud), the importance of data risk management has never been more essential. It has also never been costlier. European Union regulators recently hit TikTok with a $368 million fine for failing to protect children’s privacy, and Meta was fined a record-breaking $1.3 billion by the same regulators for violating EU privacy laws by transferring the personal data of Facebook users to servers in the United States.

Anyone who has used Waze or other navigation tools will see they are offered a preferred route and two to three alternate routes. This is similar to privacy; this book shows there is no single way to protect data effectively and details the many ways that firms can do that. 

The Privacy Leader Compass provides the reader with a broad and deep understanding of topics. From privacy law, strategies, technical implementations, people, and much more, the reader comes out with an in-depth knowledge of the many aspects of this monstrosity called privacy. The 60-plus chapters in the book quickly get to the point and give the reader actionable information they can use.

Many of the experts include penetrating questions that a data protection officer (DPO) or chief privacy officer (CPO) will have to ask themselves. Their boards will be looking for answers that reassure them that corporate data is indeed being protected adequately. 

For those looking for a solid introduction to data privacy and want to hear the wisdom of the very smart privacy crowds, The Privacy Leader Compass is an important book to have in their library. With privacy regulators out in force, it might also be one of your best investments. 

Reviewer: Ben Rothke, CISSP, CISM, CISA, is a New York City-based senior information security manager with Tapad. He has more than 20 years of industry experience in information systems security and privacy. His areas of expertise are in risk management and mitigation, security and privacy regulatory issues, design and implementation of systems security, encryption, cryptography, and security policy development. He wrote Computer Security—20 Things Every Employee Should Know.