Tag: data protection

Categories
The ESG Report

Data Privacy and ESG with Dan Frechtling

Tom’s guest in this episode of the ESG Report is Dan Frechtling of Boltive, a company that helps keep the Internet safe from invasive media and enforces data privacy. Data privacy and cybersecurity are ESG issues because they are significant drivers of business risk and a growing concern among investors and CEOs. The public costs of poor corporate cybersecurity management are increasingly viewed as market failures.

Dan is the CEO of Boltive. His career began as a marketer, and he has spent years learning the power of marketing. Having experienced a significant event that changed his perspective about hyper-targeting and information sharing, he transitioned to cybersecurity where he learned about data privacy issues. 

 

Here are some key points Dan and Tom talk about:

  • Dan talks about his professional journey and background and his role at Boltive.
  • Dan defines invasive media and describes the protection his company provides against it. 
  • Dale explains how Boltive’s solution for invasive media protects the audience from malware, redirects, and other malicious behaviors, by replacing them with revenue-generating ads.
  • Compliance with terms of service and user experience is key in order for these solutions to work, Dan tells Tom.
  • In cybersecurity, the intermediaries and third parties are often creating noncompliant and bad user experiences. Boltive solves this by creating a synthetic user experience so each step is recorded and traceable to see what went wrong.
  • Knowing and identifying if your inventory is sensitive and understanding the flow of data makes complying with ever-changing privacy regulations easier. 
  • Dan explains why the digital ad ecosystem is so convoluted and the potentially harmful effects on customers.
  • Dane highlights some of the compliance issues with online marketing. 
  • GDPR is the gold standard when it comes to privacy and data protection, but state laws should also be followed when they are more stringent than GDPR.

 

KEY QUOTE:

“Invasive advertising can really be many different forms and we see our role to protect brands and publishers and technology platforms so those ads don’t get inadvertently served, because the world of programmatic advertising is very lawless and algorithm-driven.” – Dan Frechtling

 

Resources 

Dan Frechtling LinkedIn | Twitter 

Boltive

Categories
Uncovering Hidden Risks

Ep 4 – How Compliance, Data Protection, and Privacy Come Together

Alym Rayani, general manager for compliance and privacy marketing at Microsoft, joins host Erica Toelle and guest host Hammad Rajjoub on this week’s episode of Uncovering Hidden Risks. Alym works closely with engineering leadership to drive product strategy and roadmap while overseeing the product value proposition, marketing efforts, and customer experience. Due to these changes in regulations and increased cybersecurity risk, these areas are converging. Erica, Hammad, and Alym are taking a closer look at a top industry trend: convergence of compliance, data protection, and privacy requirements, and discussing what this means for Chief Information Security Officers.

In This Episode You Will Learn:

  • What areas create quick wins for organizations that create momentum for larger initiatives
  • What the answer is for CISOs to stay in compliance with regulations
  • Risks CISOs will face focusing on data protection without considering compliance and privacy

Some Questions We Ask:

  • What challenges are CISOs, privacy officers, and CCOs seeing from this convergence?
  • How are data protection and privacy changing the way CISOs approach new problems?
  • What should CISOs look for in a data protection technology solution?

Resources:

View Alym Rayani on LinkedIn

View Hammad Rajjoub on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:         

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Learn More

Categories
Blog

The Uncovering Hidden Risks Podcast Returns to the Compliance Podcast Network

The risk landscape for organizations has changed significantly in the past few years. Traditional ways of identifying and mitigating risks simply do not work. They focus primarily on external threats when risks from within the organization are just as prevalent and harmful. Additionally, regulations change frequently, and it is difficult for security and compliance leaders to keep up on these changes.

The Compliance Podcast Network is therefore thrilled to have back for a limited series, the Microsoft podcast, The Uncovering Hidden Risks, which will explore the need for enterprises to quickly move to a more holistic approach to data protection and reduce their overall risk. The show will cover an array of topics, across data governance, risk management, and compliance. It will address industry trends and customer pain points.

In each episode Erica Toelle, Sr. Product Marketing Manager for Microsoft Purview, partners with a Microsoft guest host to interview a guest leader in the data governance and compliance industry. These experts have a unique and deep understanding of the challenges organizations face, and the people, processes, and technology used to address them.

We are excited to have this podcast made available to the listeners of the Compliance Podcast Network so that they may listen in to these conversations as Erica and her Microsoft colleagues discuss a range of interesting topics, ranging from trends, best practices, and real-life strategies for developing a holistic data governance and risk management program.

The Uncovering Hidden Risks podcast will launch on Wednesday, September 28th with the first episode in the series.  

Listen to The Uncovering Hidden Risks podcast trailer below and subscribe on https://www.uncoveringhiddenrisks.com

Or you can listen and subscribe on the following platforms:

Here is a preview of the first episode, posting on Wednesday, September 28th:

Transitioning to a holistic approach to data protection

Guest Bret Arsenault, CVP, CISO at Microsoft joins us on this week’s episode of Uncovering Hidden Risks to discuss how a holistic approach to data protection can deliver better results across your organization and the three steps that can get you there. Erica Toelle and Talhah Mir host this week’s episode to chat with Bret about current trends in the data protection space, what data protection issues are top of mind, and how teams should start on their data protection strategy.

Categories
Compliance Into the Weeds

CFPB on Data Protection Minimums

Compliance into the Weeds is the only weekly podcast which takes a deep dive into a compliance related topic, literally going into the weeds to more fully explore a subject. In this episode, we explore the recent CFPB circular which noted a company’s failure to implement adequate data protection measures can qualify as an unfair practice prohibited under the Consumer Financial Protection Act.  Highlights include:

·      The CFPB is going to start bringing charges against more companies for sloppy data protection programs.

·      Three Key data protection security controls.

·      Why CISOs and IT needs to talk to compliance.

·      The role of auditing and monitoring.

·      How and where to get started.

Resources

Matt in Radical Compliance

Categories
Life with GDPR

GDPR-10 Years After Original Proposal


Jonathan Armstrong and Tom Fox return for another episode of Life with GDPR. In this episode, they celebrate the 10th anniversary of the initial proposal of the law, which became GDPR. Some of the issues they consider include:

  1. What was in the original proposal that did not become enacted in the final law?
  2. Reduction in costs-what happened?
  3. Right to be Forgotten morphed into something very different than intended.
  4. Fines, Fines, Fines.
  5. Evolution of regulatory sophistication.
  6. Criticism of regulators.

Resources
Check out the Cordery Compliance client alert on this topic; click here. For more information on Cordery Compliance, go to their website here. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clicking here.

Categories
Daily Compliance News

May 20, 2021 the Data Protection edition


In today’s edition of Daily Compliance News:

  • Data protection stupidity is no business strategy. (WSJ)
  • Panasonic Avionics whistleblower awarded $28MM. (WSJ)
  • Trump Organization under criminal investigation in NY. (WaPo)
  • Lithuanian central bank responds to Wirecard allegations. (FT)
Categories
Life with GDPR

Data Protection After Brexit


In this episode Jonathan Armstrong and Tom Fox are back to discuss issues relating to data privacy, data protection and GDPR. Today, we begin a 3-part series on issues relating to GDPR after Brexit. They include data protection, data transfer and issues related to trade sanctions, AML and export control. In this episode we consider data protection. Highlights include:

  • Does GDPR still exist in the UK?
  • Does pre-Brexit case law still matter in the UK?
  • What is the temporary data protection deal between the EU & UK all about?
  • How will extra-territorial reach work for the EU & the UK?
  • Will I need a Data Protection Representative?
  • Will I need a new Data Protection Officer

Resources
Check out the Cordery Compliance Client alert on the data transfer after Brexit here.
Check out the Cordery Compliance, client alert on this topic, click here. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance and Coronavirus

Gabe Gumbs on Data Privacy and Data Protection Going Forward


Welcome to the newest addition to the Compliance Podcast Network, Compliance and Coronavirus. In this episode, I am joined by Gabe Gumbs. Gabe is the Chief Innovation Officer at Spirion. He leads the Spirion product team through strategic product development to create technologies that push data security forward in an increasingly complex digital world. Prior to his new position at Spirion, Gumbs held a range of positions in security technology, including VP of Product Management at Spirion. Other prior positions include VP of Product Strategy at STEALTHbits Technologies, and Director of Research and Products at WhiteHat Security. Gumbs also served on the Board of Advisors at eGRC.com.
In this episode, we consider some of the challenges around data in the age of Coronavirus. Gabe discusses some of the top questions he and his team are hearing from customers during this time of Coronavirus and economic dislocation around data privacy and data protection during the economic dislocation. Gabe observes that trends which were in play have been largely amplified as a result of Covid-19 and the attendant economic dislocation increased trends in cybersecurity compliance. We conclude with a discussion of Spirion’s Data Discovery Agent and it can assist companies at this point in time and into Q3 and Q4.
For more information on Spirion, check out their website here.
Check out Spirion’s Data Discovery Agent, here.

Categories
Life with GDPR

Life With GDPR: Episode 24- Phishing

In this episode, I visit with Jonathan Armstrong consider the increasing business risk around phishing. There have recently been some multi-million-dollar losses around phishing so you need to be prepared. Some of the issues and highlights are:

  1. What is phishing?
  2. The largest number of data breach have come through phishing. Why has it become such a business risk?
  3. What are the requirements a company take against phishing under GDPR?
  4. What are the three key concepts in data protection?
  5. Modern phishing attacks are very sophisticated.
  6. What are some of the most intricate frauds seen in this area?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.