A small preview note can go here.
Welcome to our new video interview series, Speed Data: Quick Conversations With Cybersecurity Leaders. Like speed dating, our goal is to capture the hearts of CISOs with intriguing, unique insight in a rapid format for security leaders pressed for time.
Our latest episode features Jordan McClintick, Director of Data Governance and Privacy for Optiv, Inc. Jordan talks about how his path from law school to data privacy helps him in his current role and why agriculture and cybersecurity might have more in common than you’d think.
“If you were to ask me when I was in law school, ‘Would you end up in the cybersecurity space?’ I probably would have laughed,” Jordan said. But that’s exactly where he landed, having worked in data privacy for several years. Since 2021, Jordan has led the Advisory Services group at Optiv, and before that, he worked as the Advisory Senior Manager at PwC and as the Privacy Manager at Western Union.
But his legal background and expertise wasn’t all for naught. His time spent in the law helps him articulate legal regulations and advise clients, individuals, and even his internal team on how to operationalize them
“Often clients will have a legal team, and they can interpret regulations and say, ‘This is what the regulation says we need to do,’’ Jordan said. “But then you also have the operational team. The operational team is great at operations but doesn’t always know how to take those legal requirements and turn them into operational controls.”
This one-two punch of legal expertise and operations acumen comes together nicely in Jordan’s day-to-day role helping organizations align compliance obligations with business objectives. Being the Director of Data Privacy often requires Jordan to explain why protecting seemingly innocuous information is so vital.
Why is data privacy important?
“I often hear from clients, ‘A lot of our data is already out there’ and ‘Why does it matter?’ and while that is relevant and true, that’s more reactive,” Jordan said. “What we really like to work with clients on is three big themes: transparency, choice, and control.”
“Transparency — putting the task on organizations to be very transparent with individuals on, ‘What are we collecting from them? How are we using that?’ because that’s often a purview that as a consumer, I don’t always know,” Jordan said. “From that, it stems into control and choice — what you share with me, how you’re using my data, I’d like to have some choice around it.
“In the digital era, providing our data provides a lot of ease and simplicity in our life,” he said. Whether that be volunteering information like our go-to latte order in the Starbucks app or Facebook reminding us that it's our father-in-law’s birthday, sharing personal data can be beneficial. Jordan said, “I might not object to it; I just want to know and be informed in how my data is being used.”
It’s a marathon, not a sprint.
Jordan acknowledges that in the data security space, sometimes the small steps toward increased privacy measures and controls will win out over perfection. “My biggest thing I recommend to keep in mind is to make progress,” he said, “and that progress will lead to more progress, and while perfection is the end state that we want to get to, there’s a journey to get there.”
Cultivating success
A lover of all things outdoors, Jordan applies the progress-over-perfection analogy to all areas of life, including farming. “The thing I like about farming is you put a lot of effort in,” he said. “You don’t see the tangible benefit immediately — tilling the soil, getting the seeds planted, doing the care and feeding — and then months later, you have some fruits and vegetables to reap from your harvest and your hard work. And I think that mindset applies to cybersecurity as well.
“We don’t often see immediate success. It’s more making sure the field is fertile, making sure that we get the right seeds in the ground, that we have the right water to grow an output that — at a later date — is beneficial.”
Watch our full interview with Jordan above or on our YouTube channel.
Varonis can help you grow your cyber resiliency by automatically finding and classifying sensitive data, ensuring only the right people can access critical information, and proactively stopping threats.
What should I do now?
Below are three ways you can continue your journey to reduce data risk at your company:
Schedule a demo with us to see Varonis in action. We'll personalize the session to your org's data security needs and answer any questions.
See a sample of our Data Risk Assessment and learn the risks that could be lingering in your environment. Varonis' DRA is completely free and offers a clear path to automated remediation.
Follow us on LinkedIn, YouTube, and X (Twitter) for bite-sized insights on all things data security, including DSPM, threat detection, AI security, and more.
