The data security and privacy regulatory landscape is evolving dynamically, along with the introduction of new technologies. In just the last five years, major privacy laws have been adopted in the E.U., Brazil, China and South Africa. Along with those laws, there has been a wave of new and amended legislations in the U.S. at the state level, several of which have entered or are entering into force this year. As organizations struggle to keep up with these laws’ requirements while new technology is rapidly emerging, the role of the CPO has grown and shifted. We spoke to VMware vice president and CPO Stuart Lee about modern CPOs’ focus, what is keeping them up at night, and overcoming challenges in this new and developing landscape, including best practices for scaling the privacy program. See our four-part series on a roadmap for building an efficient global privacy program: “Organizational Structure” (May 4, 2022), “Scope and Prioritization” (May 11, 2022), “Buy-In, Scalability and Outside Resources” (May 18, 2022), and “Maintenance” (Jun. 1, 2022).