Sourav is a Consultant at EY and deals in the areas of Cybersecurity and Data Privacy (GDPR, SG-PDPA, CCPA). He is a Fellow in Information Privacy and an IAPP-certified professional which includes CIPM and CIPP/E certifications. He is also an MBA in Finance and has previously worked with KPMG and TCS.
- How did you get into the field of Data Privacy?
I did my Engineering initially and post that, I worked with TCS as a UI/UX and Front End Developer. Later, I pursued MBA and joined E&Y, India and that is where I got introduced to the world of cybersecurity and privacy. Further, I worked with KPMG India and my engagements and projects in KPMG were focused on Privacy.
- How was the transition from UI/UX to Data Privacy?
I was pretty happy as a UI/UX developer and I had good technical knowledge of that but I was not satisfied with the fact that I didn’t have sufficient business knowledge, and the first by-product of that was my desire to pursue an MBA. I wanted my day-to-day tasks to help me understand overall business activities. I wanted to get an insight into the full picture.
The relevance of Data Privacy in today’s world is only going to grow with modernisation and technological advancement. With the oncoming of GDPR in 2018, people are becoming more aware of what are their rights and the fact that organisations can’t collect any and every information as justification would have to be given for that. GDPR brought about dramatic changes in compliance. The organisations changed their entire model to become GDPR compliant, and all other countries were also moving towards stronger data protection regimes. I realised the value of this particular domain and how it is changing the landscape and the viewpoint of the Data Subjects. I realised how I was helping the clients to become more mature and helping the society at large to be more aware of Privacy. We talk about India having its own Data Protection Law which is still in progress, I feel we are at the right time in Data Privacy when there is so much happening around and it is something which is emerging.
- What is the importance of certifications for anyone in the field of privacy?
We are in the business of dealing with customers day in and day out and to be successful as a consultant, it is important to have a trust with the client and for the Data Privacy, currently, there is no other degree or certification to build the credibility, and due to the lack of exam, the certification becomes a cornerstone to showcase credibility. I was able to view the difference in interaction with the client when he or she knows that I am a CIPP/E certified consultant, rather than just a consultant and they started taking my suggestions more seriously. However, just doing the CIPP/E is certainly not enough, you need to upskill and build your profile as the field is very dynamic in nature. Once I was done with the certifications, I decided to apply for the fellowship which only adds value to your profile.
- How did you come to know about Tsaaro Academy?
While working for clients on privacy-related projects, I realised that it was important for me to develop an understanding of this field. Due to that, I started looking for professional training and venues where I can obtain certifications to showcase my credibility to the clients. From a mutual connection, I got to know about Tsaaro and how it can help me gain knowledge on privacy standards. I chose to study GDPR first since it was the main legislation and the certification for the same was CIPP/E. I talked to Akarsh and Krishna about it and got myself enrolled in the course of CIPP/E and took the training.
- How did Tsaaro Academy help you in your Journey?
It is a very great initiative, and I kept saying this from day 1, it provides a great platform to learn, to get your doubts clarified, you know how to go about your certification and here you get a pool of high net privacy professionals to network with and learn what is happening in the field of privacy and not just confine your learnings with a limited set of colleagues. The resources shared by Tsaaro Academy are also very useful. I myself learned from all the materials from Tsaaro and all the resources were extremely helpful for the purpose of the exam.
During our training, I got to know the nuances of how to study the text, how to study for GDPR, and what are the type of questions that CIPP/E tests you on, I took around two months to prepare and then scheduled my exam.
- Will you recommend Tsaaro Academy?
I always recommend people for Tsaaro Academy if they want to get themselves IAPP certified, I am more than happy to do that and the advice for the professionals would be to this is a very dynamic field, people should not just stop themselves at one certification and the goal is to keep developing and target to become an expert, currently there is no other better mechanism than the certifications which I always recommend to the privacy professionals.