Categories
Everything Compliance

Everything Compliance – Episode 123, The Spanish Kiss Edition

Welcome to the only roundtable podcast in compliance as we celebrate our second century of shows. In this episode, we have the quartet of Jay Rosen, Jonathan Armstrong, Matt Kelly and Karen Woody, with Tom Fox hosting. We conclude with our always popular and fan fav Shout Outs and Rants.

1. Matt Kelly looks at the new SEC requirement for companies to improve their risk assessments and attendant processes. He rants about the US Federal Courts not allowing television cameras and says we need the Trump trials televised in federal courts.

2. Karen Woody reviews Opinion Release 23-01. She shouts out to the Barbie movie.

3. Tom Fox shouts out to Megan Rapinoe for great professional career and her social activism while a member of the USWNT.

4. Jay Rosen looks at the imbroglio surrounding the Spanish National football team after its Women’s World Cup win. Rosen shouts out SOCAR, the South Orange County Compliance and Ethics Roundtable.

5. Jonathan Armstrong considers the NATS air traffic debacle and operational resilience. He shouts out Sgt. Graham Saville who lost his life helping a person in distress.

The members of the Everything Compliance are:

•       Jay Rosen– Jay is Vice President, Business Development Corporate Monitoring at Affiliated Monitors. Rosen can be reached at JRosen@affiliatedmonitors.com

•       Karen Woody – One of the top academic experts on the SEC. Woody can be reached at kwoody@wlu.edu

•       Matt Kelly – Founder and CEO of Radical Compliance. Kelly can be reached at mkelly@radicalcompliance.com

•       Jonathan Armstrong –is our UK colleague, who is an experienced data privacy/data protection lawyer with Cordery in London. Armstrong can be reached at jonathan.armstrong@corderycompliance.com

•       Jonathan Marks can be reached at jtmarks@gmail.com.

The host and producer, ranter (and sometime panelist) of Everything Compliance is Tom Fox the Voice of Compliance. He can be reached at tfox@tfoxlaw.com. Everything Compliance is a part of the Compliance Podcast Network.

Categories
FCPA Compliance Report

FCPA Compliance Report – Brad Hibbert on Prevalent’s 2023 3rd Party Risk Management Report

Welcome to the award-winning FCPA Compliance Report, the longest-running podcast in compliance. Today, Tom visits Brad Hibbert, COO/CSO at Prevalent, as they discuss the surprising findings of Prevalent’s annual third-party risk management study. Discover why so many organizations still rely on spreadsheets and manual processes for managing third-party risks. Brad recommends an integrated approach to third-party risk management that considers the entire lifecycle of the relationship with third parties.

The podcast highlights the top five key findings of the report, including data breaches as the top concern, security driving the program, and the increased involvement of IT in the process. Learn how to minimize cyber exposure and risks associated with third-party management by breaking down silos, automating processes, and focusing on reducing risks associated with third parties. Listen to Brad’s practical advice on how to prioritize risks and plan your risk management program and visit prevalent.net for more compliance mandates and best practices. With exciting insights and actionable advice, this podcast is a must-listen for anyone interested in managing third-party risks.

Key Highlights:

·      Prevalent’s annual third-party risk management study

·      Integrated Third Party Risk Management

·      Top Challenges for Organizations in Data Security

·      Third Party Risk Management Survey and Findings

·      Minimizing Cyber Breaches

·      Effective Response to Breaches and Third-Party Programs

·      Managing Business Risks for Compliance

Notable Quotes:

“The top concern driving third-party risk management programs is security, with 71 percent indicating it as their main priority.”

“Data breaches continue to be a top concern, with 41 percent of the respondents indicating that they were impacted by a third-party data breach in the last 12 months and had to perform some remedial activity.”

“About 70 percent reported increased involvement from the IT group, while 71 percent indicated that infosec owns the program.”

“Identifying and mitigating risks before the company is impacted.”

“Customs put together this enforcement dashboard that contains all of these statistics on how they’ve been enforcing the UFLPA.”

Resources

Brad Hibbert on LinkedIn

Prevalent

3Rd Party Risk Management Report

Tom Fox

Instagram

Facebook

YouTube

Twitter

LinkedIn

 

Categories
Compliance Into the Weeds

HanesBrands Cyber Security Breach Disclosure

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we explore the recent disclosure by HanesBrands of a cyber security breach which cost the company over $100MM in sales in Q2 2022.  Highlights include:

  • Why the public disclosure.
  • What might the SEC rules around disclosure be when adopted.
  • Why CISOs and IT (and a whole host of other corp functions) needs to talk to compliance.
  • What if this were a physical breach?
  • How and where to get started.

Resources

Matt in Radical Compliance