Today’s guest on the Innovation in Compliance Podcast is Eduardo Campos – an expert in cybersecurity. He spent 25 years advising clients as large and illustrious as Microsoft and Bell Canada – and his focus was always on the human factor of cybersecurity, which is more critical than technology, policy or any other element.
Why is it So Hard for People To Understand?
He shares how it’s important to make the end-users of technology understand what your goals are – you have to avoid jargon and acronyms or no one is really going to understand what the goals of a cybersecurity program are. Tom mentions that often, tech professionals are speaking way over the heads of people listening to them, and asks Eduardo why that’s so often the case. Eduardo talks about the technical nature of the profession, and a lack of emphasis on communication, and practice talking to people who aren’t deeply involved in the different tools, terms and concepts being used. He always focuses on the importance of clear communication and makes it a part of every project he takes on.
The Importance of Communication Skills.
Communication around cybersecurity needs to go two ways. The person implementing the program and the people who will be using it are both sharing valuable information. Tom believes that the training in communication skills in compliance starts when new people are being hired, rather than training them after the fact, and Eduardo talks about the similarities in the cybersecurity industry. Communication is a critical part of the job that needs to be done, and that has to factor into hiring. When communication in a big cybersecurity project goes awry, it isn’t always the fault of the professionals implementing it. Communication is a skill companies need to hire and train for. Eduardo talks about the specific communication skills people need to have.
Is it Always Human Error?
Tom talks about how often security breaches are attributed to human error and wonders why hackers are so successful at breaching professional defenses. Eduardo reminds us that criminals have plenty of time to make plans and find new ways to get what they want. Cybersecurity professionals and program managers don’t. People in organizations, individuals who are likely to be targeted, are up against a very sophisticated threat – coming from email, social media, websites… and those high-risk individuals aren’t always being prepared adequately to recognize and avoid threats. Eduardo shares how this happens, and why.
Embedded-Knowledge
Eduardo’s business is called Embedded-Knowledge Inc, and it starts with the concept that all of the knowledge needed to solve a problem lives within the system. The key idea is that Eduardo and his team have developed a strategy for his clients to step back and look for a root cause of cybersecurity issues, rather than just reacting. He uses strategies like design thinking, and business model generation to create innovative solutions. A focus on people, how they think and how they behave is what makes Embedded-Knowledge unique in the industry.
Resources:
Go to E E Campos to download a free chapter of Eduardo’s book, get a free assessment, and join the newsletter!
Author: admin
In this episode of Trekking Through Compliance, we consider the episode The Gamesters of Triskelion which aired on January 5, 1968, Star Date 3211.7.
Compliance Takeaways:
- What tools are available to you?
- What is inform risk?
- What is your risk management strategy?
In today’s edition of Daily Compliance News:
- Think podcasts aren’t powerful? (NYT)
- No COI in Pentagon bid (Washington Post)
- Antitrust Division releases compliance program policy. (DOJ Press Release)
- More bad news for Boeing. (WSJ)
In this episode of the FCPA Compliance Report, I visit Kelly Leonard, Executive Director, Insights and Applied Improvisation at The Second City Works. We discuss the compliance training which The Second City Works has developed and how they have incorporated storytelling into compliance training and communications.
Some of the highlights include:
- Most folks are familiar with Second City but what is Second City Works?
- What are the service offerings of Second City Works?
- What is the Second Science Project and how does it inform your service offerings?
- Why is storytelling so important in training and ongoing communications?
- The book “Yes, And: How Improvisation Reverses “No, But” Thinking and Improves Creativity and Collaboration–Lessons from The Second City”.
- How do you mentor Millennials but sidestep the drama?
- As a company scales up or grows how can it keep its lines of communications open?
- Where can listeners go for more information?
You can find more information on The Second City Works by checking out their website, here.
In this episode of Trekking Through Compliance, we consider the episode The Trouble with Tribbles which aired on December 29, 1967, Star Date 4523.3.
Compliance Takeaways:
- What is the financial health of your suppliers?
- What happens when management controls are too siloed?
- Are you engaging in social media monitoring?
In today’s edition of Daily Compliance News:
- Models from the Past in Roman Culture by Matthew Roller
- Exemplary Ethics in Ancient Rome by Rebecca Langlands
- Roman Literature under Nerva, Hadrian and Trajan KÖnig and Whitten, editors
- Writing and Power in the Roman World by Hella Eckardt
In today’s edition of Daily Compliance News:
In this episode of Trekking Through Compliance, we consider the episode Wolf in the Fold which aired on December 22, 1967, Star Date 3614.9.
Compliance Takeaways:
- Does your Board engage in active oversight of your compliance function?
- Do you perform due diligence on potential senior management hires?
- What should be the length of a suspension?
The All-Star Game has come and gone and the Astros are halfway back to returning the World Series trophy to Houston. As Tom and Jay look forward to the second half of the baseball season, they are back to discuss some of this week’s top compliance and ethics stories which caught their collective eyes.
1. GDPR week.
2. Why do FCPA resolutions take so long? Matthew Stephenson considers through the lens of the Walmart FCPA enforcement action.
3. What is suspension and debarment? Jay Rosen explains in Part 1 of a five-part series.
4. The FBI is actively investigating in Latin America. Matt Ellis reports.
5. What finance can learn about compliance from recent corporate scandals.
6. Deutsche Bank now under scrutiny for its role in 1 MDB scandal. Dylan Toklar continues to nail.
7. What is data maintenance and why is it so critical to compliance?
8. CCOs and D&O coverage. Julie DeMauro and Janaya Moscony.
9. Caremark is alive and well, at least when it comes to ice cream.
10. Have you checked in on Trekkng Through Compliance? If not sample of this week’s exploration of Star Trek-the Original Series and compliance. Check out the following: Monday-Metamorphosis; Tuesday-Journey to Babel; Wednesday-Friday’s Child; Thursday-The Deadly Years; and Friday-Obsession. The podcast is available on multiple sites: the FCPA Compliance Report, iTunes, JDSupra, Megaphone,YouTube, Spotifyand Corporate Compliance Insights, Compliance Podcast Networkand now on the C-Suite Radio Network.
11. Tom and Jonathan Marks are joining Sean Freidlin (back from his honeymoon) on a Hanzo webinar on Wednesday, July 17 at 2 PM EDT. We discuss compliance research, trend and key enforcement actions from Q2. The event is free. For more information and registration details, click here.
Tom Fox is the Compliance Evangelist and can be reached at tfox@tfoxlaw.com. Jay Rosen is Mr. Monitor and can be reached at jrosen@affiliatedmonitors.com.
For more information on how an independent monitor can help improve your company’s ethics and compliance program, visit our sponsor Affiliated Monitors at www.affiliatedmonitors.com.
Categories
Toy Story 4
In this podcast series, recovering screenwriter (and Mr. Monitor) Jay Rosen and Tom (the Compliance Evangelist) indulge in passion for the movies by looking at them through the lens of compliance. Jay is a contemporary movie fan and I am more of a classic movie maven so we present a well-rounded view of the movie fandom. If you want to indulge in your love for the movies with two guys who are passionate about Hollywood and get some ideas for your compliance program, this is the podcast series for you.For this offering, we consider the recently released Toy Story 4.
Some of the highlights include:
- Why did this movie seem to come from a place of revenue generation over emotion?
- Where was the heart of the movie?
- Why did the entire movie seem so contrived?
- Lack of minor characters playing much of any role.
- The introduction of ‘Forky’ and does this character work?
- Jay gives the Inside Hollywood story of the production.
- Jay gives the movie not only a half-full bucket of popcorn but a stale half-bucket as well. Tom joins with a half-bucket of popcorn as well but goes with fresh popcorn. Both were very disappointed in the film.
Some of the Compliance takeaways:
- How do you onboard new employees around compliance and ethics?
- What is your investigative protocol?
- Get out of the office and into the field.
