TOTAL: {[ getCartTotalCost() | currencyFilter ]} Update cart for total shopping_basket Checkout



At a company like Northrop Grumman, with 68,000 employees and a $27 billion market cap, the first few weeks on the job can be something of a blur in getting up-to-speed.

“I’m doing that groundwork right now,” said John Kropf, CIPP/US, CIPP/G, the newly appointed corporate privacy executive, about a month in. “I’m meeting the key players in the company and leadership and going out to the different company sectors, and that takes months and months.”

Kropf: "The legal team and the security teams are big champions of privacy and made the integration very easy."

However, he’s well-positioned to have a relatively quick impact, both thanks to his background as deputy chief counsel for privacy and information governance at Reed Elsevier and deputy chief privacy officer and senior adviser on international privacy policy for the U.S. Department of Homeland Security and because of where he’s positioned in his new gig. “I was really pleased when I learned about the structure,” he said in examining the role. As a direct report to the president of the enterprise shared services sector of Northrop Grumman, his peers are the CISO and CIO, and it’s an executive-level position.

“That was very important to me,” Kropf said. “One of the most exciting things for me is that I have the opportunity to really build a strategy. The good compliance is already in place, and now the vision for maturing the privacy program is to build a strategic outlook on privacy.”

He even has resources for doing that, so as not to get bogged down solely in the day-to-day privacy needs, “and we’re looking at adding some additional personnel for the privacy function,” he said.

“Northrop Grumman really thought long and hard about this. They are fully committed to privacy from the very top leadership on down,” Kropf said. “That was a very important factor in looking at organizations, making sure I’d have that leadership commitment, and that was the strong message that I got here … Certainly, you can go across the board: The legal team and the security teams are big champions of privacy and made the integration very easy.”

Thus, Kropf’s role is really twofold going forward, he said. Yes, there are all the in-house privacy tasks, but “I’ll also collaborate with the business teams on their initiatives for any new products and services that involve collection or use of personal information. My goal in addition to the internal role is to be a resource for all of those employees and those business sections.”

As he builds those strategies, Kropf said he’ll be keeping a particular eye on Europe. “I love the policy side of watching what’s developing out there, and I think certainly the European privacy regulation is the thing that people are most focused on at this point … There has been a lot of activity there, with the EU saying that they really want to get that moving again. In particular, they’re also very focused on Safe Harbor, which can impact what we do.”

And, of course, he’ll be keeping tabs on how regulators view big data, the Internet of Things and all the other top issues any good privacy executive needs to be watching.

“From a personal standpoint, I’m excited to be coming on board to this newly created position,” he said, “excited to be able to raise the profile of privacy internally within the company, and I think it shows a lot of wisdom and foresight to build this position.”


If you want to comment on this post, you need to login.