“We need to create more holistic professionals that have a vertical expertise in privacy but also horizontal knowledge in adjacent digital trust professions, as well as strengthen the collaboration of several actors of a digital ecosystem under a common framework.” — Dr. Chris Dimitriadis
Chris Dimitriadis raises a crucial point about the evolution of privacy professionals. The expectation now extends beyond just data protection. We are asked to be security-conscious, compliance-savvy, risk-aware, and even fluent in AI ethics. The idea of a holistic privacy professional is inspiring, but the reality is far more complicated. It’s an almost impossible ask; one that stretches professionals in ways that may not always be sustainable.
It’s easy to call for privacy experts to develop a broad understanding of digital trust, but mastering these fields isn’t just about picking up extra reading material. Cybersecurity alone is a deep discipline that takes years to master. Compliance is another world entirely, driven by regulation that changes across jurisdictions. AI ethics is still in its infancy, requiring philosophical, legal, and technical fluency. And risk management? That’s an art in itself, a balancing act of business needs and regulatory obligations. Privacy professionals are already burdened with keeping up with data laws, conducting impact assessments, managing stakeholder expectations, and ensuring businesses don’t turn compliance into a box-ticking exercise. Asking them to stretch across multiple fields while maintaining deep expertise in privacy is not just ambitious — it’s overwhelming.
That’s not to say it shouldn’t be done. The best privacy professionals are those who understand the intersections between privacy, security, ethics, and governance. But that understanding doesn’t come overnight. It’s built through experience, through navigating real-world challenges, through collaborating with specialists in each of these domains. The strongest privacy leaders are not those who try to be everything at once, but those who know when to lean on others. There’s a reason companies have CISOs, risk officers, legal teams, and compliance leads — privacy professionals don’t need to wear all those hats alone.
Having worked with global insurance firms and CRM providers, I’ve seen firsthand how privacy needs shift based on industry. An insurance firm is hyper-focused on data security, fraud prevention, and regulatory compliance with financial laws. A CRM company, on the other hand, is more concerned with consent management, data portability, and marketing analytics compliance. The privacy principles are the same, but their application is vastly different. This means that beyond privacy law, professionals must also develop an industry-specific understanding of risk, consumer behaviour, and operational impact. That’s the real challenge — not just becoming broad in digital trust but also going deep in the industry you serve.
Another reality to acknowledge is that privacy is still a young profession. Unlike cybersecurity or compliance, which have matured over decades, privacy only began receiving widespread corporate attention in the past five to seven years. The industry itself is still defining standards, best practices, and career pathways. Expecting professionals in such a young field to already be experts in multiple disciplines is premature. Growth will come, but it must be sustainable.
So how do privacy professionals expand their knowledge without drowning in it? First, by focusing on their learning. Not every adjacent field needs to be mastered at once. Prioritizing one domain — whether security, AI, or compliance — allows for structured growth. Second, by leveraging collaboration. A privacy professional with strong relationships across security, IT, and legal will always be more effective than one trying to master everything alone. Third, by setting boundaries. It’s okay to say, “This is outside my scope. Let’s bring in the right expert.” Knowing your limits is not a weakness; it’s a strength.
The call for holistic privacy professionals is the right one, but it must be tempered with realism. We can and should expand our expertise, but we cannot become everything all at once. What’s needed is not just individual effort but a shift in how digital trust functions are structured — where privacy, security, ethics, and compliance work together under a shared framework, rather than expecting one person to shoulder it all. The best privacy professionals won’t be the ones who know everything, but the ones who know enough to ask the right questions and collaborate effectively. That’s the balance we should aim for.
business a.m. commits to publishing a diversity of views, opinions and comments. It, therefore, welcomes your reaction to this and any of our articles via email: comment@businessamlive.com
