Tag: data security

Categories
Uncovering Hidden Risks

Ep 7 – Cloud Native Data Loss Prevention: The Future of Data Security

Maithili Dandige, Partner Group Product Manager at Microsoft, joins Erica Toelle and guest host Shilpa Bothra on this week’s episode of Uncovering Hidden Risks. Maithili’s team is behind Microsoft Purview products such as Information Protection, Data Loss Prevention, Data Lifecycle Management, Records Management, eDiscovery, and Audit. Maithili discusses Data Loss Prevention, some recent DLP research, and what’s upcoming in this space.

In This Episode You Will Learn:
  • The journey of DLP solutions and where the market is today
  • What customers should be expecting from DLP solution providers
  • The benefits of adopting a cloud-native solution
Some Questions We Ask:
  • What do you see as the future of DLP space?
  • How can you empower your users to make the right data-handling decisions?
  • What trends do you currently see evolving?
Resources:

View Maithili Dandige on LinkedIn

View Shilpa Bothra on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:          

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Categories
Coffee and Regs

Data Privacy & Building Compliance into the Product Development Lifecycle


 

Data Privacy & Building Compliance into the Product Development Lifecycle

 
In this episode, CSS’s Director of Cyber IT Services, E.J. Yerzak sits down with Co-Founder and COO of TerraTrue, Chris Handman to discuss data privacy and how compliance can keep up with the ambitions of product teams by building data privacy controls into the product development lifecycle.
 

 

About Our Guest Speakers:

E.J. Yerzak CISA®, CISM®, CRISC™ assists firms in assessing and managing their cybersecurity risk – from network vulnerability scanning and penetration testing to onsite cybersecurity assessments and assistance in implementing the NIST cybersecurity framework. E.J. has authored articles and alerts on emerging regulatory and technology issues, and is regularly requested to speak as a cybersecurity expert at industry conferences.

 
 
 


Before co-founding TerraTrue, Chris Handman was the first General Counsel at Snap, where he built the company’s legal, compliance, public policy, and law-enforcement teams. During his time there, Chris developed a transformative privacy program that coupled rigorous review with tools and systems that were nimble enough not to restrain the relentless pace of execution. Chris is a Homeland Security Project fellow at Harvard’s Belfer Center for Science and International Affairs. And he’s constructed two crossword puzzles that have been published in the New York Times (one of which was featured on the Colbert Report). He graduated from Yale Law School.

 
 

Categories
Life with GDPR

Episode 31-Lessons Learned in Year 1 of GDPR, Part 1

In this podcast, data privacy/data security expert Jonathan Armstrong and Compliance Evangelist Tom Fox use the framework of GDPR to discuss a wide range of issues relating to these topics. They consider what the US compliance and InfoSec security expert needs to know about what is happening in the UK, Europe and beyond. In this episode, we begin a three-part series of some of the key lessons learned from the first year of GDPR. Some of the highlights in this episode include:
Do you have a plan? You need to have a plan for a data breach because it is not if but when you will be hacked. Armstrong advises you can be two plans; one for all employees which is straight-forward so that all employees will be able to understand it. You should have a second plan, which you rehearse which is for all compliance/IT/data security. It should be process driven so it allows flexibility for those responding.
Know your data and know your third parties. Many companies have disaggregated data because they have so many vendors and platforms where data is stored. You must know who has your data. Do you have visibility into 3rd, 4thand 5thparties from the data perspective? You should also capture where data is going in an organization, particularly customer and employee data. Finally, and sadly overlooked by many US companies is the question of data protection of a US parent when a UK/EU sub is audited?
Assemble your data response team now and practice, practice, practice.You need to look at your data security response. What does the A Team teach you about data response? You should strive for strength in diverse skills and practice your response. Look at PR rapid response, your compliance, your legal response all in addition to your IT/data security response. Regulators looking at share price drop off, this shows the need for a rapid, practiced response.
For more information on Cordery Compliance, go their website here.

For more information on data breaches, see here.
Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.
Categories
Life with GDPR

Life With GDPR: Episode 26- The Importance of Passwords

In this episode, I visit with Jonathan Armstrong a topic which does not seem to garner the attention that it deserves in data protection; that being passwords. Some of the issues and highlights are:

  1. What is two-factor authentication?
  2. How, when and where should your use it?
  3. What are the most common passwords still in use?
  4. Why are passwords one of the most basic forms of data security protection?
  5. What are the lessons to be learned?

For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.

Categories
Compliance Into the Weeds

Compliance into the Weeds-Episode 28

Microsoft Cybersecurity Tool May Prompt Compliance” as a starting point to consider the Big Brother implications, two-step security features, AI issues and all of this ties directly into the corporate compliance function.
[tweet_box design=”default” url=”http://wp.me/p6DnMo-33j” float=”none”]Microsoft’s Secure Score paves the way for better and more efficient compliance.[/tweet_box]]]>