
Alan Gibson is the current Director of Legal and Compliance Innovation at Microsoft and is Tom Fox’s first guest on Microsoft Week at the Innovation in Compliance podcast. Alan has worked in various fields – from legal to compliance to business. He’s a thought leader and currently involved in helping companies manage compliance risks and measure program effectiveness. He and Tom discuss his role at Microsoft and what companies need to be thinking about in the future with respect to legal compliance.
Data Analytics in Microsoft
Tom asks Alan to explain how Microsoft implements its data analytics program for compliance. Alan responds that the focus was on first identifying which sales agreements and channel partners posed the most corruption risk to Microsoft. “Our compliance team partnered closely with our finance internal audit and our business team to figure out how we could use the data that we were collecting in our sales contracts and from our third parties to create this early warning and monitoring system to identify which contracts needed to be routed for additional compliance oversight,” Alan tells Tom. The business unit and frontline salespeople were then able to use this data to prove to the business leaders at Microsoft that they were identifying risky sales contracts, and this program was built into the business process to manage risky sales.
Challenges in Legal Compliance Innovation
One of the big challenges surrounding legal compliance innovation is helping individuals understand its ecosystem, Alan remarks. Another challenge is that delivering compliance solutions requires stakeholders. “It goes to working with law firms, working with compliance consultants, alternative legal service providers, legal tech vendors, and really helping people understand how all of this ecosystem works together to address these challenges,” he tells Tom. There is also the cultural challenge in that legal services have lagged behind finance and HR and their digital transformations.
What’s Next
Companies have to think about the direction they want their legal departments to go and what steps they have to take to get them there. “They need the greatest contract lifecycle management system,” Alan tells Tom. Companies have to consider whether the decisions they make will allow them to have the capabilities they want in the coming years. “…It’s people, process, and technology; you have to think about your solutions or where you want to go on your digital transformation across all three of those dimensions,” Alan says.
Tomorrow’s guest on Microsoft Week is Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group. Abbas and Tom will be talking about innovating cybersecurity.
Resources
Alan Gibson | LinkedIn
Episode 067 — Nicolai Ellehuus

In this episode of The Ethics Experts, Nick welcomes Nicolai Ellehuus, Bang & Olufsen Global Compliance Officer, to the show.

Jenna Water’s time in the US Navy equipped her with sophisticated skills she now finds invaluable in her work as Cybersecurity Consultant at True Digital Security. She joins Tom Fox and Valerie Charles on this episode of ComTech to talk about how the cybersecurity industry is evolving, her vision to end security breaches, and what she thinks about President Biden’s executive order on cybersecurity.
Putting Corporate America on Notice
“I think businesses – particularly those that work in industries regarded as critical infrastructure, obviously because of the Colonial Pipeline hack – …a lot of them know now that they’re on notice,” Jenna tells Tom and Valerie. Recent cybersecurity attacks as well as the rise in ransomware, have driven home the need for good cybersecurity. These attacks not only impact businesses but are now tangibly affecting the lives of everyday citizens. Jenna believes this is sparking change in the industry, as the government, companies, and even the general public are taking cybersecurity more seriously.
End Security Breaches
Tom comments that his clients are now asking about their information security program, something they weren’t concerned about before. He asks Jenna how she would advise a company to start thinking about this issue. She outlines the steps her company takes to help their clients create a customized cybersecurity program. “…By prioritizing your risk, that’s how you can develop a more tailored cybersecurity program,” she points out. She and Tom discuss her vision of ending security breaches overall. She remarks, “For me, ending security breaches is a vision of the future in which a security breach can be detected, identified, and contained effectively… It’s not allowing a security incident to go to the point of a security breach… and it doesn’t affect or impact the organization or public in any significant way other than maybe the time it takes to contain it.”
Improving Cybersecurity with Data
“When you’re trying to combat this kind of breach, how do you use data?” Valerie asks Jenna. “Cybersecurity is actually one of the best areas in technology where it can be very data-driven,” Jenna responds. Data can help you build a threat profile and come up with an action plan to combat threats. Analyzing recent and past data can help you establish an operational baseline, and in turn recognize deviations from the norm. It can also help you identify gaps and vulnerabilities in your organization. There’s also the global perspective: gathering and analyzing data on threat groups helps you recognize their patterns before they attack. However, don’t focus only on data and ignore basic psychology. Hackers are still just human beings and are “subservient to human behaviors and motivation,” Jenna reminds listeners.
Cyber Risk Assessment is for Everyone
“I think everybody could benefit from a risk assessment in terms of cybersecurity,” Jenna tells Valerie; businesses in critical industries should prioritize it. Generally, she recommends an annual assessment. However, it should also be done when there is a significant change in operations or in the direction of the business. She argues that leadership buy-in is imperative: “Leadership buy-in for an organization is paramount to the success of the cybersecurity team.”
Thoughts on Biden’s Executive Order
“Do you have any urgent or immediate thoughts on President Biden’s executive order on cybersecurity?” Valerie asks. Jenna responds that she is excited and on board with the order. “As cybersecurity professionals, we like to take advantage of every emergency,” she quips. It’s a positive step signaling that cybersecurity is seen as important at the highest levels of government. On the other hand, however, the executive order may not last after Biden’s term of office as it can be revoked by the next President. Additionally, only certain federal bodies are bound by the order.
Resources
Jenna Waters on LinkedIn
True Digital Security
In this Episode of the FCPA Compliance Report, I am joined by Mary Ann Faremouth, founder of Faremouth and Company and inventor of the Faremouth Method. She joins me to discuss her latest book Revolutionary Reinventionand what you can do for your career in this post-pandemic workplace. Highlights include:
- Her book “Revolutionary Reinvention” just won the First Place Non-Fiction Award by Authors Marketing International? Why she wrote this book and its intended market.
- Why is alignment with the new normal so critical now?
- The Faremouth Method and how it can the Faremouth Method help the graduates of 2021.
- As we move into the next phase of Covid-19, why are the topics you wrote about even more important?
Resources
Mary Ann Faremouth on LinkedIn
Faremouth and Company
Books by MaryAnn Faremouth:
Revolutionary Reinvention
Revolutionary Recruiting
In today’s edition of Sunday Book Review:
- Lights Out: Pride, Delusion, and the Fall of General Electric— Thomas Gryta and Ted Mann
- Under a White Sky: The Nature of the Future— Elizabeth Kolbert
- A Promised Land— Barack Obama
- The Overstory— Richard Powers
- An Elegant Defense: The Extraordinary New Science of the Immune System: A Tale in Four Lives— Matt Richtel
In today’s edition of Daily Compliance News:
- Visualizing data goes mainstream? (New Yorker)
- When the world’s supply is one manufacturer. (WSJ)
- When is a tuna sandwich a tuna sandwich? (NYT)
- EU Prosecutor is already busy. (WSJ)
America’s Supply Chains
The Biden Administration’s 100 day review first set of reports under the “America’s Supply Chains” Executive Order are out and we take a look at what the findings and where is the White House planning to take them.
Have a difficult employee driving a wedge between you, other employees, and even customers? Let me help you.
In today’s episode, we’re discussing practical leadership actions to help you lead your people to become a more productive part of the team.
———-
If you’re looking for tangible action steps and refreshing insights to help ignite the power of your own leadership journey, sign up for my weekly leadership blog HERE.
If your business would benefit from higher-performing leaders, check out more information about the comprehensive leadership development training I do HERE.
If you want to reach out to me directly, email alyson@vanhooser.com.
If you enjoyed this episode, will you please subscribe and leave a review? Your reviews help this show get discovered by more incredible leaders just like you. I’m obsessed with helping leaders ignite their performance results and I’d love to have you help me make an impact! Thank you so much!
P.S. Share and tag me on social — @AlysonVanHooser — and I’ll share your comments and big takeaways on my feed!
Welcome to a new season of Compliance Man. This season is called True or False? In this series, I am joined by Tim Khasanov-Batirov, a compliance practitioner who focuses on compliance at international markets for over 20 years. Based on his work experience at six countries as in house compliance officer Tim now consults senior managers and compliance officers globally on complex ethics and compliance matters as partner and Head of Compliance practice for ETERNA LAW. Tim is a co-founder of Compliance Club, an international community of practitioners. You can learn more about Tim, his Compliance Man illustrated series, a YouTube channel and request advice from him by clicking at Timur Khasanov-Batirov at Linked in.
In each podcast, we will take on a different issue with Tim; a hot, very often a very provocative topic from the corporate’s real life agenda and find out if is it true or false. It will be a tough and very straightforward talks. We invite you to participate in these discussions by commenting each podcast and proposing topics for True or False series. The most active listeners will be invited to join us. Let’s have a sincere conversation!
Today we will try to find out if only a legally trained professional can be a corporate compliance officer. Highlights include:
- What skills does a compliance officer need?
- Does a legal background provide these skills?
- How does a compliance professional support business in emerging markets?
Join us for the next episode of Compliance Man: True or False? episode. If you disagree or wish to share your views on whistleblower topic please comment below. We will be glad to hear from you. Let’s have a sincere global conversation together.
Resources
Tim on LinkedIn
Tim on Eternal Law
Eterna Law