While the term “security” is often used interchangeably with “privacy,” these two disciplines require different skillsets and process. Privacy focusses on access control and data usage. The toolset for the nascent privacy engineering field requires awareness of the development in the technology sector, awareness of risks and threats to protected data, privacy law in relevant jurisdictions, and different privacy standards, as these standards help set the bar as to what constitutes appropriate privacy protections. Security is focused on data access, integrity, and confidentiality. Organizations holding data need to be aware of the business and regulatory risks associated with this data and shape their internal privacy engineering and privacy policy compliance teams to mitigate these risks. This paper addresses the data security and privacy landscape for 2022 to provide some assistance in assessing your organizations’ security and privacy posture.