Meet the expert: Dean Hogarth to speak at PrivSec London

Live at Park Plaza, Riverbank in London on February 28 and March 1, PrivSec London gives global audiences the chance to learn more about Trust, Digital Transformation, Ethics, Data Protection, Privacy, Security and much more.

The event will also provide a unique opportunity for industry professionals to network with peers and develop business relationships. 

Dean Hogarth is Head of Privacy, Data Protection and DPO at Sunbelt Rentals Limited. He has worked in Technology and Security for over 15 years, providing services both in-house and to external customers. 

Dean will appear exclusively at PrivSec London to discuss issues that businesses must address when building a robust Data Protection and Security culture.

We caught up with Dean for more on his career so far, and for an introduction to the themes on the table at his PrivSec London session.

Could you outline your professional journey?

The latter half of my career has been spent working in Information Security and Data Protection. I’ve had the pleasure of providing data protection consultancy and working as in-house Data Protection Officer roles within MSP, Retail and now the Rental industry. 

I thoroughly enjoy both, supporting our organisation to gain the most benefit from the information we collect and use. It’s an overused word, but I am passionate about ensuring that we do so in a way that is fair, doesn’t imbalance the rights of individuals, and therefore, is accountable to applicable law.

What does it mean to have a good culture of Data Protection and Security in an organisation?

I firmly believe that data protection and security can and should coexist with each other. 

There was a point a few years ago when organisations were making decisions between implementing security and complying with data protection law. Rather than being estranged siblings, data protection and security both need to be part of the family. 

Executive buy-in is a must, this brings the financial support for security tooling, but when culture is concerned, it is often the language we use that defines the culture we create. 

When we use language that explains data protection in a way that is understandable for all levels of our organisation, we get the most engagement. It’s no use talking in technical terms or quoting article numbers; the true change in how our people appreciate data protection is when they can see how it affects people’s lives.

How does having a good DP&S culture impact on the bottom line?

The implementation of appropriate data protection measures and robust security practises provide an overlapping Venn diagram, working together to provide full coverage. 

The benefits present through the more obvious notion that strong security reduces the potential of incidents, and good data protection controls can provide accountability to regulators and individuals, staving off data protection complaints. 

But when we create a culture that understands and implements data protection and security, we help move people away from either an ‘ask for forgiveness’ approach which can be cavalier, or ‘processing anxiety’, an over-cautious attitude people can adopt. 

We help people understand the boundaries of using data properly, delivering operational benefits. The other benefit I see is in the trust that we earn with our employees or customers. Frameworks for data protection and security enable governance, governance demonstrates value, and our values reflect in our relationships with customers, creating trust in our organisation.

Could you highlight three key steps should organisations take to improve their DP&S culture?

Three key steps that I would encourage for an environment in which data protection and security can thrive:

1. Take a look at the language of data protection and security, is it too technical or full of legal jargon, or can people relate to it.
2. Produce policies and guidance that are full of real life or business specific examples that make sense to your people.
3. Craft a culture that removes the anxiety and ambiguity around what it is acceptable or appropriate when using data.