In today’s edition of Daily Compliance News:
Author: admin
The EU published a recast of its 2009 Dual Use Regulation. We look at some of the new or revised points that will now apply to EU exporters and providers of technical assistance when it comes to dual use items.
Affiliated Monitors, Inc.’s Founder and President Vin DiCianni puts Tom Fox the Compliance Evangelist on the hot seat to discuss how to use stories and pop culture to keep ethics and compliance interesting. Together they trace how Tom became an international authority in the compliance world, and why he finds the field so interesting. Additionally, Vin and Tom note the way the field has changed in the previous decades, and the trends that may be upcoming.
Lastly, they preview Tom’s new book, The Compliance Handbook: Volume II which is now available for preorder through LexisNexis. Use the discount code FOX25for 25% off your purchase.
Bryan Judice is Senior Director of the Office of Ethics and Compliance at Panasonic Avionics Corporation. With over 22 years of experience specializing in conducting forensic investigations and large, complex litigation matters, he has provided financial and business advisory services to clients in a variety of industries, including aerospace, aviation, and financial services. He joins Vince Walden to talk about data-driven compliance, and why it’s more effective.
Compliance processes best suited for analytics are available, self-contained, and have few different touchpoints in order to ensure the data isn’t dispersed across too many different systems. Singular compliance initiatives are painless to digest, pull apart and examine, which makes it easier to create analytics to identify where the risks are in your programs.
Bryan shares what business processes he has seen work effectively for monitorships in today’s landscape. He also discusses the five things everyone should know before they secure buy-in and budgets for data-driven compliance.
Resources
Bryan Judice on LinkedIn
Tom Fox’s guest on this episode of the Innovation in Compliance podcast is Erica Toelle. Erica is the Senior Product Marketing Manager for Records Management and InfoGov at Microsoft. As a long-time member of the Microsoft community, she has been dedicated to growing the information governance and records management business and listening to customers and partners to make solutions better. Erica joins Tom to talk about her role at Microsoft, and how the info governance and record management space will evolve in the near future.
Improving Operations
Erica loves to help companies improve their operations using technology. It’s interesting to work with an organization’s compliance experts and help to translate their requirements into Microsoft technology, she tells Tom. “The pace of change in technology has been fast the last 20 years and there are often better ways of doing things, but you have to balance doing things the best way with disrupting productivity and business through change,” she remarks. She argues that it’s better to use a solution that everyone finds easy to use but only has 80% of the desired features, than one that has 100% of the desired functionality but which no one wants to use. “As the compliance person, if you make a solution that’s too hard to use because it’s your ultimate compliance dream, people are going to use their company credit card to buy a different cloud subscription….or figure out how to share files with people outside the company,” she says.
Translating Microsoft Offerings To Solve Compliance Needs
The main issue Erica sees with respect to translating Microsoft offerings to solve compliance needs is that there aren’t clearly defined roles and responsibilities in the organization. “In order to really create a good offering around any of the compliance tools, you have to get the business decision-makers and the business experts together with IT, and then figure out how you want to work together and divide those roles and responsibilities,” she comments.
What’s Next
The records management industry needs to shift its thinking to a more electronic approach. In the coming years, we’re going to see artificial intelligence be leveraged more to deal with the volume of electronic records.
Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.
Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.
Listen here to Microsoft Week episode 3, featuring Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences.
Tune in tomorrow for episode 5 featuring Jesus Fernandez.
Resources
Erica Toelle | LinkedIn | Twitter
Microsoft 365 Compliance
12 O’Clock High, a podcast on business leadership brings together stories from history, the arts and movies, research and current events to consider leadership lessons. In this episode, Richard Lummis and Tom Fox begin a 10-part summer series on leadership lessons from biographies found in Plutarch’s Lives. Each week we will pair an ancient Greek and Roman to learn about their lives, the comparison and contrast between the two men and what leadership lessons with might draw from their lives. In today’s episode we look at the Greek Pericles and the Roman Fabius Maximus. Highlights include:
- Introduction of Plutarch’s Lives as historical work.
- Lives of Pericles and Fabius Maximus.
- Comparison in the lives of Pericles and Fabius Maximus.
- What leadership lessons can be drawn from the lives of Pericles and Fabius Maximus.
Resources
Plutarch’s Lives by Bill Thayer
In today’s edition of Daily Compliance News:
- The MLB circus has begun. (HoustonChronicle)
- Ex-Goldman banker settles FCPA case. (WSJ)
- Now the hard part at Exxon. (NYT)
- Don’t fly American this summer. (FT)
The EU and US reach an agreement on the ongoing WTO Boeing-Airbus dispute; FEMA eases up on some export restrictions of PPE.
Welcome to the Great Women in Compliance Podcast, co-hosted by Lisa Fine and Mary Shirley. In this episode, Lisa speaks with Lloydette Bai Marrow, who is the Founder and Principal Consultant of ParaMetric Global Consulting. Lloydette is based in London, and prior to starting ParaMetric, she was a Principal Investigative Lawyer within the UK Government’s Serious Fraud Office, and a prosecutor in various UK governmental agencies.
Lloydette comes from a very entrepreneurial family and took that mindset and her own experience to build her consultancy. She talks about how she identified what she wanted to do when she left the SFO, and how she and ParaMetric have grown. In particular, she talks about how her experience as a prosecutor has been a great asset, but also how she has adapted to collaborating with organizations in her current role. On the other side, she has used her experience to train investigators and prosecutors in Sierra Leone and globally to help build stronger anti-corruption prosecutions.
The Great Women in Compliance Podcast is proudly featured on the Compliance Podcast Network and sponsored by Corporate Compliance Insights. If you enjoyed this episode please subscribe to the podcast and rate it on your podcast player to help other compliance professionals find it.
For those of you in the northern hemisphere, it is the season for beach reads and you may be traveling after a long break. For your time off, you can pick up a copy (or download) “Sending the Elevator Back Down: What We’ve Learned from Great Women in Compliance” (CCI Press, 2020).
If you’ve already read the booked and liked it, will you help out other women to make the decision to leverage off the tips and advice given by rating the book and giving it a glowing review on Amazon?
As always, we are so grateful for all of your support and if you have any feedback or suggestions for our 2021 line up or would just like to reach out and say hello, we always welcome hearing from our listeners.
You can subscribe to the Great Women in Compliance podcast on any podcast player by searching for it and we welcome new subscribers to our podcast.
Join the Great Women in Compliance community on LinkedIn here.
Joseph Davis, Microsoft’s Chief Security Advisor for Health and Life Sciences, is a trained medical practitioner, but his professional background is “almost 100% IT and cybersecurity.” He has always been interested in technology: in medical school he helped develop a program to assist clinicians in diagnosing their patients more accurately. He joins Tom Fox on Day 3 of Microsoft Week to talk about the role of cybersecurity in life sciences and the traits cybersecurity professionals need to do their jobs effectively.
The Role of Cybersecurity
Tom asks, “What is the role of cybersecurity in the healthcare life science industry today?” Joseph responds that it’s a must-have since this industry is considered critical infrastructure. People’s lives depend on keeping systems and processes safe from cyber attacks, he points out. Most medical devices now have communication components such as WiFi or Bluetooth – these are called connected medical devices – so they are vulnerable to cybersecurity breaches which can cause them to malfunction. Joseph tells Tom that it’s more imperative now for providers in the healthcare industry to vet their supply chain, but smaller companies may not have the resources to do so, leaving them more vulnerable to bad actors.
Serve with Humility
Cybersecurity affects every department, so leaders need to get everyone on board. This requires humility, diplomacy and flexibility, Joseph says. Tom asks him to talk about his blog post, Ego and the Role of Cybersecurity Leaders, and why you have to take ego out of the equation. “I like to serve humbly,” he responds. “The focus really needs to be on protecting the organization and safety… I think when we’re so focused on where we are in our career… our focus gets distorted.” Tom comments that most cybersecurity professionals he knows have a calm disposition. He asks why this is necessary and helpful in the role. You have to keep a cool head, Joseph answers. Bad things are going to happen, and many things will be out of your control, so you have to be flexible. “Control lightly” those things that you can control, and always remember that you’re working with a team. Tom quotes Joseph’s blog, “Every trust decision is a risk management exercise.” They agree that every decision – in life and in cybersecurity – carries some form of risk and is founded on trust of the outside world.
Keeping Clients Up-to-Date
Joseph says that his role at Microsoft is “to work exclusively with senior leaders at each of one of my customers to bring them up to speed on the modern workplace and how we’re approaching cybersecurity in the more hybrid environment that we’re living in now.” He finds that while some customers are eager to embrace innovation, others are entrenched in their traditional methods. “The problem with many of the customers that we have currently is that their approach is fighting the last attack or the last type of compromise that they had; whereas their threat actors are constantly evolving and finding new ways in,” he tells Tom. He and Tom discuss whether the defense and depth approach still has value. Joseph comments that identity has to be considered as well: “Attackers these days they’re not really breaking in as much as logging on,” he remarks. He advocates for computer-aided interventions and data encryption as the last facet of security. “You can’t rely on the user to be your last line of defense,” he emphasizes.
Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation at Microsoft.
Listen here to Microsoft Week episode 2, featuring Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group.
Tune in tomorrow for episode 4 featuring Erica Toelle.
Resources
Joseph Davis at LinkedIn
Microsoft Security Blog
Blog post: Ego and the Role of Cybersecurity Leaders