Tag: Microsoft

Categories
2 Gurus Talk Compliance

2 Gurus Talk Compliance – Episode 4

What happens when two top compliance commentators get together? They talk compliance, of course. Join Tom Fox and Kristy Grant-Hart in their podcast, 2 Gurus Talk Compliance, as they tackle topics on behavior economics, OFAC settlement lessons, the importance of the user experience in compliance policy creation, and more. They also discuss incorporating behavioral sciences into compliance strategies and the exciting changes in compliance consulting services. With their expertise, they share insights on how data, behavioral science, and innovative approaches can improve compliance programs, business processes, and profitability.

 

Listen as they provide valuable insights on understanding culture by starting a dialogue and the importance of finding someone to give a narrative to. Lastly, they discuss the challenge of bribery and corruption and the need for compliance professionals to be innovative, accept failures, and be comfortable with experimentation. Take advantage of this exciting and informative podcast episode from two renowned compliance experts, Tom Fox and Kristy Grant-Hart.

Highlights Include:

·      Evolution of Corporate Ethics and Compliance Programs

·      Microsoft OFAC Settlement

·      Irritating Emails

·      Behavioral Science in Compliance

·      Messaging Apps and Dept. of Business Denial

·      FTX and its (lack of) Internal Controls

 Notable Quotes

1.      “I don’t want to say the traditional tools are limited, but we’ve really evolved past them.”

2.     When they were specifically talking about the section on learning and training and talking about that frequently shorter in more bursts, more frequently where the learner gets to decide when and how they learn is really a lot not just with behavioral science, but also with adult learning theory.”

3.     “But again, 1 of the things that are so powerful about the enforcement act is that they tell us what we should be doing.”

4.     “Compliance professionals need to look at their sales models and see if they’re using distributors.”

Resources 

1.     Microsoft’s OFAC Settlement Underscores Important Remedial Measures

2.     FTX, Multimillion-Dollar Expenses Were Approved by Emoji

3.     Your Email Does Not Constitute My Emergency

4.     New DOJ policies about messaging apps and clawbacks threaten compliance departments’ standing

Connect with Kristy Grant-Hart on LinkedIn

Spark ComplianceConsulting

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Compliance Into the Weeds

Microsoft OFAC Enforcement Action

The award-winning, Compliance into the Weeds is the only weekly podcast that takes a deep dive into a compliance-related topic, literally going into the weeds to explore a subject more fully. In this episode, join Tom and Matt as they delve into Microsoft’s recent sanctions enforcement action with OFAC. They explore what went wrong and how to avoid costly compliance failures, from potential red flags to reseller relationships. But it’s not all doom and gloom as they discuss how Microsoft implemented three lines of defense model for sanctions compliance, setting a benchmark for the industry. With Tom and Matt going into the weeds on the importance of centralization and persistent screening technology, this podcast is a must-listen for any compliance officer looking to stay ahead of the curve. Tune in now to find out more!” 

Key Highlights 

·      Sanctions compliance case involving Microsoft

·      Microsoft’s Sanctions Compliance Model

·      Microsoft’s Sanctions Compliance Program Remediation

·      Sanctions Compliance and OFAC Guidance

·      Impact of Russia invasion on Microsoft operations

 Notable Quote:

“It’s well worth giving the case a good look. So it was, I thought, a great lesson on resellers and the way the hardware and software industry did business.”?

 Resources

Matt  on LinkedIn

Matt on Radical Compliance

Tom

Instagram

Facebook

YouTube

Twitter

LinkedIn

Categories
Daily Compliance News

April 8, 2023 – The UAE Refuses Extradition Request Edition

Welcome to the Daily Compliance News. Each day, Tom Fox, the Voice of Compliance, brings you compliance-related stories to start your day. Sit back, enjoy a cup of morning coffee, and listen to the Daily Compliance News. All from the Compliance Podcast Network. Each day we consider four stories from the business world, compliance, ethics, risk management, leadership, or general interest for the compliance professional.

Stories we are following in today’s edition of Daily Compliance News:

  • Microsoft was fined for trade sanction violations with Russia. (WSJ)
  • Does UAE refuse to extradite the Gupta brothers to South Africa? (WSJ)
  • Michigan GOP House Speaker to be charged with corruption. (WILX10)
  • Goldman Sachs fined by FINRA. (Reuters)
Categories
Uncovering Hidden Risks

Ep 5 – Tips for Internal Investigations While Maintaining Privacy

Randyll Newman, Supervisor of Student Data and Information Security for Prince William County Public Schools in Virginia, joins host Erica Toelle and guest host Christophe Fiessinger on this week’s episode of Uncovering Hidden Risks. Randyll oversees the planning, operation, and management of security for the school division’s network infrastructure, data, and student information systems. He also served 10 years as a police officer and detective in Fairfax County, Va., retiring from the United States Naval Reserves after serving 26 years. Randyll discusses how organizations approach internal investigations, how important it is to maintain privacy for students and faculty during these investigations, and examples from previous case studies.

In This Episode You Will Learn:
  • Prince William County Public Schools’ reputation for innovative education
  • How important it is to maintain privacy for students and faculty
  • Business requirements for internal investigations
  • Considerations and adherence to regulatory compliance: Family Educational Rights and Privacy Act (FERPA); and Children’s Internet Protection Act (CIPA)
  • Tips and advice for other organizations
Some Questions We Ask:
  • What principles guided the initiative to ensure user privacy?
  • Can you outline the privacy principles you follow during investigations?
  • How did you design the technical solution to meet these business requirements?
Resources:

For more background, read the PWCS Case Study

View Randyll Newman on LinkedIn

View Christophe Fiessinger on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:          

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Discover and follow other Microsoft podcasts at microsoft.com/podcasts

Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network. 

Categories
Daily Compliance News

November 17, 2022 the All WSJ Edition

In today’s edition of Daily Compliance News:

  • Microsoft to revamp harassment policies. (WSJ)
  • SEC had a record year for enforcement. (WSJ)
  • Small businesses try to stop corporate registries. (WSJ)
  • Crypto and red flags in the financial industry. (NYT)
Categories
Uncovering Hidden Risks

Ep 4 – How Compliance, Data Protection, and Privacy Come Together

Alym Rayani, general manager for compliance and privacy marketing at Microsoft, joins host Erica Toelle and guest host Hammad Rajjoub on this week’s episode of Uncovering Hidden Risks. Alym works closely with engineering leadership to drive product strategy and roadmap while overseeing the product value proposition, marketing efforts, and customer experience. Due to these changes in regulations and increased cybersecurity risk, these areas are converging. Erica, Hammad, and Alym are taking a closer look at a top industry trend: convergence of compliance, data protection, and privacy requirements, and discussing what this means for Chief Information Security Officers.

In This Episode You Will Learn:

  • What areas create quick wins for organizations that create momentum for larger initiatives
  • What the answer is for CISOs to stay in compliance with regulations
  • Risks CISOs will face focusing on data protection without considering compliance and privacy

Some Questions We Ask:

  • What challenges are CISOs, privacy officers, and CCOs seeing from this convergence?
  • How are data protection and privacy changing the way CISOs approach new problems?
  • What should CISOs look for in a data protection technology solution?

Resources:

View Alym Rayani on LinkedIn

View Hammad Rajjoub on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:         

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Learn More

Categories
Uncovering Hidden Risks

Ep 3 – Go Beyond Compliance with Microsoft Purview


Igor Tsyganskiy, President and CTO of Bridgewater Associates, joins Erica Toelle and Rudra Mitra on this week’s episode of Uncovering Hidden Risks. Igor joined Bridgewater in 2016 and is currently President and Chief Technology Officer with executive company-wide responsibility for the overall architecture, technology, infrastructure, and data centers. He also ran an advanced technology group at SAP, holds more than 20 patents in enterprise software, process automation, and security, and is a Computerworld Smithsonian Award Laureate. Igor chats with Erica and Rudy about understanding the data across your estate, protecting and overseeing data, and managing risk posture.

In This Episode You Will Learn:

  • Core security and compliance principles
  • Why to take a comprehensive approach to security and data management
  • The pillars of data protection

Some Questions We Ask:

  • What are your biggest concerns or challenges as President & CTO around data governance?
  • What advice can you provide to companies about managing governance and securing data?
  • How do you navigate data security requirements and regulations?

Resources:

View Igor Tsyganskiy on LinkedIn

View Rudra Mitra on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:

Listen to: Afternoon Cyber Tea with Ann Johnson 

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Learn More

Categories
Uncovering Hidden Risks

Ep 2 – 3 Ways to Prepare for the Future of Data Governance and Collaboration

Jeff Teper, Corporate Vice President of Microsoft 365 Collaboration, including Teams, SharePoint, and OneDrive, join’s Erica Toelle and Chris McNulty on this week’s episode of Uncovering Hidden Risks. Jeff leads product, design, and engineering teams for Microsoft 365, including Teams, SharePoint, OneDrive, Viva, and more which empower people and organizations worldwide to collaborate at work, home, and school. Erica and Chris speak with Jeff about empowering users to do more through collaboration technology, a zero-trust model for collaboration, and how we can make powerful things simple.

 

In This Episode You Will Learn:

  • The connection between collaboration and data governance
  • Top three ways we can prepare for the future of data governance
  • Balancing a great employee experience with data governance

Some Questions We Ask:

  • How do you define data governance?
  • What are the top three ways we can prepare for the future of data governance and collaboration?
  • What excites you the most about the future of collaboration and data governance?

Resources:

View Jeff Teper on LinkedIn

View Chris McNulty on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

Categories
Uncovering Hidden Risks

Ep 1 – Transitioning to a Holistic Approach to Data Protection

Bret Arsenault, CVP, CISO at Microsoft, joins us on this week’s episode of Uncovering Hidden Risks to discuss how a holistic approach to data protection can deliver better results across your organization and the three steps that can get you there. Erica Toelle and Talhah Mir host this week’s episode to chat with Bret about current trends in the data protection space, what data protection issues are top of mind, and how teams should get started on their data protection strategy.

In This Episode You Will Learn:

  • How to take a holistic approach to data protection
  • What data protection issues are top of mind
  • How teams can get started on their data protection strategy

Some Questions We Ask:

  • How do you view the data protection landscape?
  • What trends do you see in the data protection space?
  • What challenges have you faced in understanding your data estate?

Resources:

View Bret Arsenault on LinkedIn

View Talhah Mir on LinkedIn

View Erica Toelle on LinkedIn

Related Microsoft Podcasts:

Listen to: Afternoon Cyber Tea with Ann Johnson

Listen to: Security Unlocked

Listen to: Security Unlocked: CISO Series with Bret Arsenault

 

 

Categories
Blog

The Uncovering Hidden Risks Podcast Returns to the Compliance Podcast Network

The risk landscape for organizations has changed significantly in the past few years. Traditional ways of identifying and mitigating risks simply do not work. They focus primarily on external threats when risks from within the organization are just as prevalent and harmful. Additionally, regulations change frequently, and it is difficult for security and compliance leaders to keep up on these changes.

The Compliance Podcast Network is therefore thrilled to have back for a limited series, the Microsoft podcast, The Uncovering Hidden Risks, which will explore the need for enterprises to quickly move to a more holistic approach to data protection and reduce their overall risk. The show will cover an array of topics, across data governance, risk management, and compliance. It will address industry trends and customer pain points.

In each episode Erica Toelle, Sr. Product Marketing Manager for Microsoft Purview, partners with a Microsoft guest host to interview a guest leader in the data governance and compliance industry. These experts have a unique and deep understanding of the challenges organizations face, and the people, processes, and technology used to address them.

We are excited to have this podcast made available to the listeners of the Compliance Podcast Network so that they may listen in to these conversations as Erica and her Microsoft colleagues discuss a range of interesting topics, ranging from trends, best practices, and real-life strategies for developing a holistic data governance and risk management program.

The Uncovering Hidden Risks podcast will launch on Wednesday, September 28th with the first episode in the series.  

Listen to The Uncovering Hidden Risks podcast trailer below and subscribe on https://www.uncoveringhiddenrisks.com

Or you can listen and subscribe on the following platforms:

Here is a preview of the first episode, posting on Wednesday, September 28th:

Transitioning to a holistic approach to data protection

Guest Bret Arsenault, CVP, CISO at Microsoft joins us on this week’s episode of Uncovering Hidden Risks to discuss how a holistic approach to data protection can deliver better results across your organization and the three steps that can get you there. Erica Toelle and Talhah Mir host this week’s episode to chat with Bret about current trends in the data protection space, what data protection issues are top of mind, and how teams should start on their data protection strategy.