Welcome to our new video interview series, Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security leaders pressed for time.
Our latest episode features Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. Jordan talks about how his path from law school to data privacy helps him in his current role and why agriculture and cybersecurity might have more in common than you’d think.
“If you were to ask me when I was in law school, ‘Would you end up in the cybersecurity space?’ I probably would have laughed,” Jordan said. But that’s exactly where he landed, having worked in data privacy for several years. Since 2021, Jordan has led the Advisory Services group at Optiv, and before that, he worked as the Advisory Senior Manager at PwC and as the Privacy Manager at Western Union.
But his legal background and expertise wasn’t all for naught. His time spent in the law helps him articulate legal regulations and advise clients, individuals, and even his internal team on how to operationalize them
“Often clients will have a legal team, and they can interpret regulations and say, ‘This is what the regulation says we need to do,’’ Jordan said. “But then you also have the operational team. The operational team is great at operations but doesn’t always know how to take those legal requirements and turn them into operational controls.”
This one-two punch of legal expertise and operations acumen comes together nicely in Jordan’s day-to-day role helping organizations align compliance obligations with business objectives. Being the Director of Data Privacy often requires Jordan to explain why protecting seemingly innocuous information is so vital.
Why is data privacy important?
“I often hear from clients, ‘A lot of our data is already out there’ and ‘Why does it matter?’ and while that is relevant and true, that’s more reactive,” Jordan said. “What we really like to work with clients on is three big themes: transparency, choice, and control.”
“Transparency — putting the task on organizations to be very transparent with individuals on, ‘What are we collecting from them? How are we using that?’ because that’s often a purview that as a consumer, I don’t always know,” Jordan said. “From that, it stems into control and choice — what you share with me, how you’re using my data, I’d like to have some choice around it.
“In the digital era, providing our data provides a lot of ease and simplicity in our life,” he said. Whether that be volunteering information like our go-to latte order in the Starbucks app or Facebook reminding us that it's our father-in-law’s birthday, sharing personal data can be beneficial. Jordan said, “I might not object to it; I just want to know and be informed in how my data is being used.”
It’s a marathon, not a sprint.
Jordan acknowledges that in the data security space, sometimes the small steps toward increased privacy measures and controls will win out over perfection. “My biggest thing I recommend to keep in mind is to make progress,” he said, “and that progress will lead to more progress, and while perfection is the end state that we want to get to, there’s a journey to get there.”
A lover of all things outdoors, Jordan applies the progress-over-perfection analogy to all areas of life, including farming. “The thing I like about farming is you put a lot of effort in,” he said. “You don’t see the tangible benefit immediately — tilling the soil, getting the seeds planted, doing the care and feeding — and then months later, you have some fruits and vegetables to reap from your harvest and your hard work. And I think that mindset applies to cybersecurity as well.
“We don’t often see immediate success. It’s more making sure the field is fertile, making sure that we get the right seeds in the ground, that we have the right water to grow an output that — at a later date — is beneficial.”
Varonis can help you grow your cyber resiliency by automatically finding and classifying sensitive data, ensuring only the right people can access critical information, and proactively stopping threats.
What you should do now
Below are three ways we can help you begin your journey to reducing data risk at your company:
- Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
- Download our free report and learn the risks associated with SaaS data exposure.
- Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.
Megan is the content editor for Varonis and an avid fan of all things AP style. When Megan's not debating whether "cybersecurity" should be one word or two, she loves to travel with her husband and dote unhealthily on their pitbull, Bear.