Tag: data security

Categories
Uncovering Hidden Risks

Ep 7 – Cloud Native Data Loss Prevention: The Future of Data Security

Maithili Dandige, Partner Group Product Manager at Microsoft, joins Erica Toelle and guest host Shilpa Bothra on this week’s episode of Uncovering Hidden Risks. Maithili’s team is behind Microsoft Purview products such as Information Protection, Data Loss Prevention, Data Lifecycle Management, Records Management, eDiscovery, and Audit. Maithili discusses Data Loss Prevention, some recent DLP research, and what’s upcoming in this space.

In This Episode You Will Learn:

  • The journey of DLP solutions and where the market is today
  • What customers should be expecting from DLP solution providers
  • The benefits of adopting a cloud-native solution

Some Questions We Ask:

  • What do you see as the future of DLP space?
  • How can you empower your users to make the right data-handling decisions?
  • What trends do you currently see evolving?

Resources:

View Maithili Dandige on LinkedIn

View Shilpa Bothra on LinkedIn

View Erica Toelle on LinkedIn

Connect with the Compliance Podcast Network at:

LinkedIn: https://www.linkedin.com/company/compliance-podcast-network/
Facebook: https://www.facebook.com/compliancepodcastnetwork/
YouTube: https://www.youtube.com/@CompliancePodcastNetwork
Twitter: https://twitter.com/tfoxlaw
Instagram: https://www.instagram.com/voiceofcompliance/
Website: https://compliancepodcastnetwork.net/

Categories
Uncovering Hidden Risks

Ep 13 – Unveil Data Security Paradoxes

Herain Oberoi, General Manager of Data Security, Privacy, and Compliance for Microsoft, joins Erica Toelle and guest host Tina Ying, Senior Product Marketing Manager at Microsoft, on this week’s episode of Uncovering Hidden Risks. Microsoft has recently released a new report called the Data Security Index. Erica, Tina, and Herain explain what drove the team to complete this research, release the report, and share valuable insights that can empower organizations to optimize their data security programs.

In This Episode You Will Learn:

  • Why do more tools bring less security, but organizations still adopt them?
  • When organizations should allocate resources to optimize data security
  • How security leaders can lead their teams with the goal of enhancing all-up security posture

Some Questions We Ask:

  • How can organizations enhance their data security posture?
  • Should organizations purchase best-of-suite or best-of-breed solutions?
  • What advice do you give organizations facing the challenge of using isolated solutions?

Resources:

View Herain Oberoi on LinkedIn

View Tina Ying on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Connect with the Compliance Podcast Network at:

LinkedIn: https://www.linkedin.com/company/compliance-podcast-network/
Facebook: https://www.facebook.com/compliancepodcastnetwork/
YouTube: https://www.youtube.com/@CompliancePodcastNetwork
Twitter: https://twitter.com/tfoxlaw
Instagram: https://www.instagram.com/voiceofcompliance/
Website: https://compliancepodcastnetwork.net/

Categories
Data Driven Compliance

Data Driven Compliance: eCom Surveillance and Cybersecurity Data Management

Are you struggling to keep up with the ever-changing compliance programs in your business? Look no further than the award-winning Data Driven Compliance podcast, hosted by Tom Fox, which is a podcast featuring an in-depth conversation around the uses of data and data analytics in compliance programs. Data Driven Compliance is back with another exciting episode The intersection of law, compliance, and data is becoming increasingly important in the world of cross-border transactions and mergers and acquisitions.

Data has become much more ubiquitous and needs to be incorporated into business processes. AI data cleansing helps to reduce false positives and provides context to alerts generated by the system. AI capabilities are divided into three categories: removing duplicative content, detecting risk, and providing context. AI-powered data cleansing strips out non-human generated content and focuses on what was sent by an individual. This helps to lower false positives in alerts generated by the system.

The need for eCom surveillance is increasing as communication sources become more varied. Slack, Zoom, Teams, Bloomberg chat, and Ice chat are all becoming commonplace, and companies need to be able to capture data from these sources. Artificial intelligence and machine learning models are being deployed to empower a compliance officer to focus on what’s important and be risk-based. Companies that have been hesitant about the cloud are now moving their data to the cloud.

The amount of voice business that is happening over Zoom and teams and other voice channels has skyrocketed. Regulators have been very clear that you need to capture and record that voice data. Customers have asked for more and more data sources to capture, including audio. Compliance teams need systems to manage collaboration, case management tools, and review tools. Technology allows compliance teams to no longer use Excel or SharePoint to manage their own internal processes.

The combination of technology and compliance is transforming the industry. Artificial intelligence capabilities have come a long way in the past few years and are already good enough to provide a lot of value to customers. The innovation over the next few years will be on the defensibility front, proving defensibly why something was alerted on and why something else was not. Technology is available to capture every data source that’s out there, and it is essential for compliance teams to leverage this technology to remain compliant and competitive.

 Key Highlights

·      Ecom Surveillance

·      Cybersecurity Data Management

·      AI and Compliance

Resources:

 Tom Fox 

Connect with me on the following sites:

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Uncovering Hidden Risks

Ep 7 – Cloud Native Data Loss Prevention: The Future of Data Security

Maithili Dandige, Partner Group Product Manager at Microsoft, joins Erica Toelle and guest host Shilpa Bothra on this week’s episode of Uncovering Hidden Risks. Maithili’s team is behind Microsoft Purview products such as Information Protection, Data Loss Prevention, Data Lifecycle Management, Records Management, eDiscovery, and Audit. Maithili discusses Data Loss Prevention, some recent DLP research, and what’s upcoming in this space.

In This Episode You Will Learn:
  • The journey of DLP solutions and where the market is today
  • What customers should be expecting from DLP solution providers
  • The benefits of adopting a cloud-native solution
Some Questions We Ask:
  • What do you see as the future of DLP space?
  • How can you empower your users to make the right data-handling decisions?
  • What trends do you currently see evolving?
Resources:

View Maithili Dandige on LinkedIn

View Shilpa Bothra on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:          

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Categories
Coffee and Regs

Data Privacy & Building Compliance into the Product Development Lifecycle


 

Data Privacy & Building Compliance into the Product Development Lifecycle

 
In this episode, CSS’s Director of Cyber IT Services, E.J. Yerzak sits down with Co-Founder and COO of TerraTrue, Chris Handman to discuss data privacy and how compliance can keep up with the ambitions of product teams by building data privacy controls into the product development lifecycle.
 

 

About Our Guest Speakers:

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 
 


Before co-founding TerraTrue, Chris Handman was the first General Counsel at Snap, where he built the company’s legal, compliance, public policy, and law-enforcement teams. During his time there, Chris developed a transformative privacy program that coupled rigorous review with tools and systems that were nimble enough not to restrain the relentless pace of execution. Chris is a Homeland Security Project fellow at Harvard’s Belfer Center for Science and International Affairs. And he’s constructed two crossword puzzles that have been published in the New York Times (one of which was featured on the Colbert Report). He graduated from Yale Law School.

 
 

Categories
Life with GDPR

Episode 31-Lessons Learned in Year 1 of GDPR, Part 1

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we begin a three-part series of some of the key lessons learned from the first year of GDPR. Some of the highlights in this episode include:
Do you have a plan? You need to have a plan for a data breach because it is not if but when you will be hacked. Armstrong advises you can be two plans; one for all employees which is straight-forward so that all employees will be able to understand it. You should have a second plan, which you rehearse which is for all compliance/IT/data security. It should be process driven so it allows flexibility for those responding.
Know your data and know your third parties. Many companies have disaggregated data because they have so many vendors and platforms where data is stored. You must know who has your data. Do you have visibility into 3rd, 4thand 5thparties from the data perspective? You should also capture where data is going in an organization, particularly customer and employee data. Finally, and sadly overlooked by many US companies is the question of data protection of a US parent when a UK/EU sub is audited?
Assemble your data response team now and practice, practice, practice.You need to look at your data security response. What does the A Team teach you about data response? You should strive for strength in diverse skills and practice your response. Look at PR rapid response, your compliance, your legal response all in addition to your IT/data security response. Regulators looking at share price drop off, this shows the need for a rapid, practiced response.
For more information on Cordery Compliance, go their website here.

For more information on data breaches, see here.
Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Life with GDPR

Life With GDPR: Episode 26- The Importance of Passwords

In this episode, I visit with Jonathan Armstrong a topic which does not seem to garner the attention that it deserves in data protection; that being passwords. Some of the issues and highlights are:

  1. What is two-factor authentication?
  2. How, when and where should your use it?
  3. What are the most common passwords still in use?
  4. Why are passwords one of the most basic forms of data security protection?
  5. What are the lessons to be learned?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance Into the Weeds

Compliance into the Weeds-Episode 28

Microsoft Cybersecurity Tool May Prompt Compliance” as a starting point to consider the Big Brother implications, two-step security features, AI issues and all of this ties directly into the corporate compliance function.
[tweet_box design=”default” url=”http://wp.me/p6DnMo-33j” float=”none”]Microsoft’s Secure Score paves the way for better and more efficient compliance.[/tweet_box]]]>