Maggie Lassack still remembers her first law firm job in New York City. Shared office spaces were routine, and overhearing your colleagues’ phone calls was inescapable. Then, one evening, Lassack overheard her officemate on the phone; she was crying to her mom that she wasn’t smart enough for her job.
“I started laughing to myself because I remember having the same conversation with my mom a year earlier,” Lassack says. As it turns out, imposter syndrome, the internal belief that you’re not as competent as others perceive you to be, disproportionately affects high-achieving women.
“I find the timing of it interesting. There doesn’t seem to be any rhyme or reason for when those thoughts come up,” Lassack says. “It’s like alternating between having the confidence and then not.” But when the opportunity came for her to join the legal team at Polaris, she did what she encourages other people to do: focus on the facts.
“Even if I had doubts, I stepped back from those feelings to think objectively. After looking at the data and focusing on the facts, I wasn’t going to bet against myself.” That’s how she decided to leave her job at 3M and join Polaris, where she’d be one of about six lawyers working with the new general counsel to build a team of subject-matter experts.
After the European General Data Protection Regulation (GDPR) went into effect, Lassack saw opportunities for the team to simplify and streamline the operational work. “My goal has always been to make processes as easy as possible, striking the balance of getting the right results but minimizing the time spent getting there.”
The idea that someone else should suffer through tedious work because the person in their position before them did goes against everything Lassack believes. “I want to make things easier for other people, but I also make them easier for myself because, in the long run, it leads to a better client experience and greater productivity, as well.”
She had the foresight to consolidate privacy notices, streamline processing records, and simplify contracting—the seemingly minor types of things that turn out to be tedious and time-consuming. That initiative laid the foundation for Lassack to build the privacy program and her role as the leader of it.
“Starting with a team of one, I focused on building a network across the entire enterprise,” she explains. She works with that network to coordinate and simplify privacy processes into one consistent method used across different businesses, functions, and geographies.
In the instance of vendor assessment, for example, Lassack explains that “rather than having every pocket do their own thing to figure out several different processes, we’re working toward a system where the end-user can follow one process that covers the relevant risk areas, and we can easily adapt that process as the risks change.”
She and her IT colleagues have also worked with the vendor, TrustArc, to implement their cookie consent tool throughout the enterprise, creating consistency across different web platforms that helps them prepare for new laws. “We’re working to put in place that foundational piece we can use to manage cookie preferences consistently, so we can quickly make changes as legal requirements evolve.”
In the cybersecurity portion of her role, Lassack works cross-functionally to collaborate with and provide legal advice to the information and product security teams. Together, with the support of senior leadership, they’ve developed an executive cybersecurity governance council that they use to improve communication, transparency, and governance at both the executive and board levels.
“In my career, I’ve sometimes seen that women are harder on each other,” she says. But when working in a predominately male environment, “it’s important that, as women, we help and be there for each other, to have that sounding board.”
That’s why Lassack joined Women in Law, Privacy, and Security, a networking group in the Twin Cities that is committed to helping women in the privacy and information security fields grow in their careers. “Most of us are struggling with the same things,” she explains, “and it helps to have that outlet, that opportunity to share and figure out strategies to be successful.”
When it comes to coping with imposter syndrome, Lassack stresses the importance of sharing your experience with others, as she did while reassuring her office mate in New York that evening. “It’s really about getting to the facts and remembering that you’re not alone,” she says. “Nobody knows everything, nobody has it all together. Be as kind and fair to yourself as you would be to your friend. I’m not saying there’s a switch you can flip, but even just being mindful of it and taking a step back when you have those thoughts is helpful.”
Lassack continues to use her expertise and lead with the philosophy of consistency and efficiency for all. By developing cross-functional strategies, she builds a foundation to gradually implement automated technologies to make the work easier for everyone over time.
Thoughts from Guest Editor Christine Vanderpool
“Maggie Lassack’s story is a strong reminder that imposter syndrome can be especially strong for accomplished women. But when you remember to focus on your strengths, you can achieve anything. It is an important reminder that women need to support other women so we can raise each other up every chance we get.”
“Maggie Lassack is a true thought leader in the privacy space. She has a natural talent for identifying opportunities to create unique value for her business while making connections to uplift other women at the same time.” —Jason Wesbecher, Chief Revenue Officer, TrustArc