Onur Korucu is a managing partner for GovernID; she leads the company’s strategic direction and ensures compliance with data protection regulations, including the global adoption of the EU General Data Protection Regulation. Presently, she also acts as a Microsoft Subject Matter Expert (SME) and leads companies’ future strategies, specializing in data protection, cyber security, and AI automation.
Onur’s professional journey began in multinational professional services firms such as KPMG, PwC, and Grant Thornton, where she gained extensive experience as a consultant and senior management member across various global regions. In addition to her technical engineering and M.Sc degrees, she holds an LL.M. degree in Information and Technology Law and completed a Business Analytics executive master’s program at the University of Cambridge.
Focused on emerging technologies, Onur is a cyber security, compliance, and privacy professional. She also serves as a lecturer for Cyber Security Masters programs at universities in Istanbul and London, sharing her expertise as a guest lecturer. Onur authored a book on risk-based global approaches to enhancing data protection and contributed articles to prestigious publications such as Harvard Business Review covering trending technology, cyber security, data protection, and privacy trends.
Additionally, she is a Women in Tech world ambassador, board member, and International Association of Privacy Professionals (IAPP) Ireland Chapter Ireland Chair. Recognized for her contributions, she was selected as the recipient of the IAPP Privacy Vanguard Award 2024, EMEA, and has won several other awards, including GRC Role Model of the Year, Technology Consulting Leader, Cyber Women of the Year, The Risk Leader, and The Technology Businesswoman.
Recently, in an exclusive interview with Digital First Magazine, Onur shared her professional trajectory, the inspiration behind establishing GovernID, the best piece of advice she has ever received, future plans, pearls of wisdom, and much more. The following excerpts are taken from the interview.
Hi Onur. Could you explain how you came to be interested in the field of privacy?
My journey in the field of privacy began with my early career in Cyber Security and technology consulting within multinational companies. These experiences provided me with invaluable insights into the intricacies of technology and its intersection with legal frameworks. With both an MSc and an LLM degree, I’ve had the privilege of diving deep into both the technical and legal aspects of privacy and data protection.
For me, law serves as a cornerstone of order within societies, providing the necessary structure for systems to function effectively. Systems that lack well-designed legal frameworks often struggle to navigate the complexities of modern life and may falter in their ability to provide meaningful order. It’s evident that any development or innovation must strike a balance between legal principles and the diverse tapestry of civilization and cultures to truly serve humanity’s best interests.
As technology continues its rapid ascent, reshaping our lives and accruing increasing value, it’s crucial to recognize that legal frameworks in the realm of technology must be informed by technical knowledge. This synergy between law and technology is where my passion lies. I find immense fulfillment in bridging my technical background with legal expertise, thereby playing a role in shaping innovative solutions for the future. In today’s landscape, where the trajectory of tomorrow is being charted, being at the forefront of this convergence fills me with a sense of purpose and excitement.
What was the inspiration behind establishing GovernID? What is its mission and vision?
The journey to develop GovernID was fueled by a profound understanding of the ongoing struggles faced by organizations in complying with modern privacy regulations like GDPR. Conventional tools were not designed with these sophisticated regulations in mind, and organizations continued to face compliance difficulties.
Our team, with years of technical expertise, had been closely collaborating with legal and compliance professionals, gaining deep insights into their specific needs and the complexities of privacy regulation compliance. We recognized that each aspect of GDPR compliance—from data mapping and impact assessments to consent management and breach notifications—required a tailored approach that existing solutions did not offer.
Driven by this gap in the market and our firsthand experiences in the field, we set out to create GovernID. Our vision was to develop a purpose-built solution that not only meets the stringent requirements of GDPR but also anticipates the needs of future privacy regulations. GovernID combines our extensive field experience with advanced technological capabilities to offer a comprehensive tool that addresses the multifaceted functionalities needed for effective privacy compliance. Through GovernID, we aim to empower organizations to achieve and maintain compliance with confidence, transforming the landscape of privacy management.
Our vision is to revolutionize the global privacy landscape by setting groundbreaking standards that restore control over personal data to individuals. Originating from a foundation in security, we aim to become the driving force in privacy technology, influencing laws and corporate practices worldwide to honor and protect individual rights without compromising the dynamic capabilities of businesses. GovernID, our pioneering solution, embodies this vision by integrating robust security with privacy compliance, shaping a future where governance and security are seamlessly aligned with data protection.
Through strategic leadership and cutting-edge technology, GovernID aims to transform privacy norms to benefit both individuals and businesses.
What are some of the aspects of international privacy law that many people would find surprising?
International privacy law harbors several intriguing facets, especially against the backdrop of our tech-driven future, which spans emerging technologies such as artificial intelligence, data analytics, the Internet of Things, blockchain, and beyond. As we witness a digital transformation revolution across Europe and globally, it is mirrored in how legal frameworks evolve to meet the fast-changing technological landscape.
One unexpected aspect is the crucial role that law plays in leveraging innovation to benefit society and ensure order. As these emerging technologies continue to reshape industries and societal norms, legal frameworks provide essential guardrails, ensuring that technological advancements are utilized responsibly and ethically.
Furthermore, the law is fundamental in creating transparent and accountable systems within the digital domain. In a world awash with data and interconnected systems, legal regulations are vital in protecting individual privacy rights, building trust in digital ecosystems, and holding entities accountable for their actions.
Additionally, international privacy law is key in addressing discrimination and biases embedded within the vast data produced by new technologies. Through stringent privacy safeguards and anti-discrimination measures, legal structures are designed to curb algorithmic biases, ensuring fair and equitable treatment for every individual, irrespective of their background or identity.
Ultimately, as technology continues to advance, international privacy law evolves concurrently, playing an indispensable role in shaping the future of innovation. It promotes transparency and accountability, while staunchly protecting fundamental human rights in our increasingly digital world.
Do you think it’s important, for those just starting out in the privacy sector, to earn privacy certifications or qualifications alongside professional experience?
In the dynamic world of privacy, certifications can be a stepping stone for newcomers, providing a structured immersion into the sector’s principles and practices. These certifications act as a primer, covering the breadth of privacy laws and compliance imperatives globally, as seen with programs like the Certified Information Privacy Professional (CIPP) or the Certified Information Privacy Manager (CIPM) offered by the International Association of Privacy Professionals (IAPP).
These qualifications showcase an individual’s dedication to understanding the intricacies of privacy and data protection, often becoming a prerequisite in the hiring processes of companies that prioritize a demonstrated command of privacy regulations.
Beyond certifications in privacy, credentials in digital risk, cybersecurity, and IT audit also carry weight, marking one’s competence and helping build credibility within the field. They act as markers of proficiency, underscoring a commitment to the highest standards of practice.
Nonetheless, these certifications are not the finish line; they are part of the journey. They should run parallel to hands-on experience, which is the crucible where theoretical knowledge is honed into expertise. It is through practical application that individuals learn to navigate the subtleties of privacy challenges, enhancing their ability to contribute meaningfully to their roles.
Expertise in privacy also comes from the nuanced application of concepts such as “privacy by design” in the wild. While certifications attest to an individual’s foundational knowledge, it is their adeptness at weaving this knowledge into the fabric of real-world scenarios that truly marks a skilled professional.
In conclusion, while certifications in privacy are important, they should be viewed as part of a broader professional canvas. They complement but do not replace the rich, textured learning that comes from experience. For those embarking on a privacy career, the interplay of knowledge gained from certifications and insights garnered from practical experience is what will craft a well-rounded, adept privacy expert.
Women aren’t the only underrepresented group in tech – what can be done to make tech more diverse across race, class, and gender?
Women have slowly become more involved in the technology field, especially in recent years, and it’s great to see more female leaders succeeding. However, we are still striving to give speeches at Women in Tech events, organize mentorship programs, and provide awareness training. International Women’s Day exists to emphasize the value of women’s efforts in life. Every system longs for balance, and as long as there is a hero, there will also be a villain. For this reason, we cannot create a great mind unless we accept the different races, classes, and genders that ensure the balance of the ecosystem as a part of a whole. The universe, the world, nature, and life can maintain their integrity with their differences and variability. The presence of women is critical in business life and in the field of technology, which is the inevitable biggest game changer of the future.
Achieving diversity and inclusion in the tech industry is essential, and initiatives to promote diversity across race, class, and gender play a vital role in this effort. Women in Tech events, mentorship programs, and awareness training are important steps toward creating a more inclusive environment. International Women’s Day serves as a reminder of the value of women’s contributions in all aspects of life.
However, achieving true diversity and inclusion requires recognizing and addressing barriers beyond gender. It’s essential to embrace individuals from diverse backgrounds, including different races, classes, and genders, as integral parts of the ecosystem. Just as every system seeks balance, embracing diversity ensures the richness and integrity of our communities and industries.
In business and technology, diversity is not only desirable but also necessary for innovation and progress. By embracing and celebrating differences, we can harness the full potential of diverse perspectives to drive positive change and shape the future. Therefore, promoting diversity and inclusion across all dimensions is critical for creating a more equitable and vibrant tech industry and society as a whole.
To foster greater diversity in the tech industry, organizations can implement various strategies:
Combat unconscious bias and discrimination in recruitment, hiring, and promotion processes through blind recruitment practices, diverse interview panels, and bias training.
Expand recruitment efforts to reach a broader pool of candidates from underrepresented backgrounds by partnering with diversity-focused organizations, attending career fairs targeting minority groups, and offering internships and mentorship programs.
Foster inclusive workplace cultures where all employees feel valued and supported, promote open dialogue about diversity, establish affinity groups, and provide training on cultural competency.
Ensure leadership positions reflect the diversity of the workforce, mentor and sponsor individuals from underrepresented groups for leadership roles, and hold leaders accountable for advancing diversity and inclusion initiatives.
By implementing these strategies and fostering a culture of diversity and inclusion, the tech industry can become more representative of society as a whole and harness the unique perspectives and talents of individuals from all backgrounds.
In your academic or work career, were there any mentors who have helped you grow along the way? What’s the best piece of advice you have ever received?
Throughout my career journey, mentors have woven a rich tapestry of guidance and support, each contributing unique colors and perspectives to my professional landscape. From the bustling halls of multinational consulting firms to the academic realms where I’ve pursued knowledge, these mentors have been invaluable sources of wisdom and inspiration.
Among the myriad of advice I’ve received, one particular guiding principle has shone brightest: “Let your work speak your worth in the pursuit of excellence.” This simple yet profound mantra has become the cornerstone of my professional ethos, urging me to lead by example and uphold the highest standards of integrity and dedication.
This guiding light reminds me that true leadership is not defined by titles or accolades, but by the authenticity and impact of one’s actions. Whether in the boardroom or the classroom, it’s the sincerity and commitment behind our work that resonate most deeply, leaving a lasting impression on those around us.
As a privacy professional, mentor, and advocate for women in technology, I’ve strived to embody this principle in every endeavor. It’s a universal truth that I share with aspiring professionals: let your actions articulate your expertise, your passion, and your unwavering commitment to making a difference in the world.
I owe a debt of gratitude to the remarkable mentors who have shaped my journey, including the esteemed professors I encountered during my master’s studies at the University of Cambridge. Their insights, gleaned from years of experience and leadership in the technology sector, have been instrumental in my growth as a company partner and leader. Their impact is truly immeasurable, and I am grateful for their existence on my path to success.
The meaning of leadership can change from one era to the other, how would you define the meaning of leadership today?
Leadership today transcends the traditional model of simply guiding teams and making decisions; it’s about fostering innovation, enabling transformation, and driving change. As a leader in the privacy and cybersecurity domains, I define leadership as the ability to anticipate the future and navigate through it with a clear vision and unwavering ethics. It’s about empowering those around you to reach their full potential while collectively striving towards common goals that push the boundaries of what’s possible.
In our era, a leader must be an orchestrator of collaboration, inclusivity, and resilience, capable of uniting diverse talents and perspectives to harness the synergistic power of a collective. It’s no longer about commanding from the top; it’s about engaging with every level of an organization, learning, adapting, and innovating together.
The best leaders are those who recognize that their role is not just to lead but to serve — to act as catalysts for growth, enablers of innovation, and guardians of their team’s well-being and professional development. In the rapidly evolving landscape of technology, where the only constant is change, leaders are the architects of a resilient and adaptive culture that thrives on challenges and views disruption as an opportunity for advancement and learning.
What is it that motivates and inspires you in your everyday life?
As an engineer, I admire the unique design of nature and the universe. From a legal perspective as a privacy professional, I appreciate its balance and constantly renewed rules for the continuation of life. Technology, business dynamics, leadership qualities, and economic factors evolve rapidly, akin to the changing seasons. Those who can adapt to this dynamism and even contribute to shaping the future are the true heroes of the business world.
What motivates and inspires me daily is the dynamic and ever-evolving nature of the cybersecurity and data protection landscapes. Each day brings new challenges and opportunities to safeguard sensitive information and defend against emerging threats. Knowing that the work I do directly impacts protecting the privacy of individuals and the integrity of organizations is incredibly motivating.
Furthermore, serving as an advocate for women in technology serves as a source of inspiration. Witnessing and contributing to positive changes in diversity within the tech sector, advocating for more inclusive practices, and supporting the next generation of women in tech fuels my passion and commitment to this field.
In essence, my drive stems from both the intellectual stimulation of tackling complex problems in my field and the social impact of working towards a more diverse and equitable tech industry. These elements are what propel me forward each day, ready to tackle the day’s challenges with energy and purpose.
Fun fact about you?
From the earliest days of my childhood, I was captivated by the stars, dreaming of adventures among the cosmos as an astronaut. Those youthful aspirations led me to immerse myself in the wonders of space exploration, from volunteering at space camps to gazing at the celestial marvels in star observatories. Even today, there’s nothing quite like the joy of sharing mythological star stories under the twinkling night sky.
But my childhood dreams didn’t stop there. Basketball became my passion, fueling my days from the early age with the thrill of the game. I poured my heart and soul into the sport, relishing every moment on the court. However, as I reached a crossroads between pursuing a career as a professional athlete or focusing on my technical education, I chose the latter path, setting the stage for the journey that led me here.
Amidst the whirlwind of childhood dreams and athletic pursuits, literature emerged as a constant source of joy and inspiration. With many national accolades in literature before my professional endeavors, the rich tapestry of words and storytelling became an intrinsic part of who I am. Little did I know then that this love for literature would become a cornerstone of my managerial roles in multinational technology firms.
In the bustling world of business, I’ve found solace in the power of storytelling. Drawing from the depths of human nature observation and behavioral analysis, I’ve discovered that being a skilled storyteller is more than just a talent—it’s a superpower. It’s the ability to connect, inspire, and lead others towards a shared vision of success.
So, while my childhood dreams may have taken me to the stars and the basketball court, it’s the magic of literature and storytelling that continues to light up my world today. And as I embark on each new chapter of my journey, I do so with a heart full of gratitude and a smile on my face, knowing that the best is yet to come.
Where do you see yourself in the next 5 years?
I am a firm believer in the power of change and renewal. Progress stems from our collective enthusiasm for improvement and our willingness to embrace change. In today’s rapidly evolving technological landscape, predicting where we’ll be five years from now is a daunting task. However, I am committed to being an active participant in shaping a future characterized by innovation, exemplary female leadership, the integration of diverse principles, and a relentless pursuit of excellence.
As someone who continues to teach at various universities, particularly in the fields of cybersecurity and privacy, I am deeply invested in nurturing the next generation of leaders. My goal is to inspire and empower them to become catalysts for positive change in these critical areas.
Advocacy is another passion of mine, and I am dedicated to fostering diversity and inclusivity in the tech industry, particularly among women. By amplifying diverse voices and driving initiatives that promote inclusion, I believe we can unlock innovative solutions and build robust defenses against global cyber challenges.
Ultimately, my aim is to leverage my expertise to contribute to a safer, more secure digital environment and a tech community that values privacy and security as foundational principles. Through my efforts, I hope to cultivate a culture where these values are not only upheld but deeply ingrained in every facet of technological advancement.
What advice would you give to women who want to enter the tech industry?
As an advocate for gender diversity in the tech sector and the global ambassador for women in tech, I’ve dedicated myself to empowering and mentoring women in technology for several years. This commitment is especially significant given my leadership role as the chair of IAPP Ireland. Through organizing events centered on Women in Tech and Women in Privacy, my aim is to amplify the voices of women and foster inclusivity within our industries.
For aspiring women looking to enter the tech field, I offer the following recommendations:
Firstly, pursue your passion within technology. Direct your focus towards areas that genuinely ignite your enthusiasm, as passion serves as the bedrock for determination and resilience.
Secondly, commit to lifelong learning. Given the rapid pace of technological evolution, staying abreast of emerging developments, trends, and skills is imperative for maintaining competitiveness.
Thirdly, cultivate supportive networks within the tech community. Forge connections with fellow women in tech to access mentorship, collaborative opportunities, and a network of support.
Next, foster self-belief in your capabilities and embrace your potential. Refrain from allowing self-doubt to hinder your pursuit of aspirations and goals within the tech realm.
Furthermore, embrace challenges as opportunities for growth and personal development. Stepping beyond comfort zones often leads to profound professional advancement.
Assertively advocate for equitable treatment and recognition of your contributions within the tech sphere. Asserting your worth is essential in securing fair compensation, acknowledgment, and avenues for career progression.
Develop resilience to navigate the dynamic and competitive landscape of the tech industry. Resilience equips individuals to rebound from setbacks and persist in the face of adversity.
Lastly, take an active role in championing initiatives aimed at fostering diversity and inclusion within the tech sector. Creating an environment that celebrates diversity benefits all stakeholders and promotes collective success.
By adhering to these guiding principles, women can navigate the complexities of the tech industry with poise, resilience, and determination, positioning themselves for success while contributing to the cultivation of a more inclusive and diverse tech ecosystem.