Privacy Please

In today's episode, we speak with Gene around what he calls the three components of cyber - People, process, and Technology. He speaks about the importance of a balanced approach that is critical to delivering information securely. We get to hear his story, the changes COVID has brought to their world and the weirdest request he got in his 35 years of security. Tune in wherever you listen to your podcasts and enjoy!
(Please forgive us with the background noise in audio between 14 and 18 minutes)

In today's episode, we speak with Kevin Thomas, New York State Senator, District 6. In our brief conversation, we learned so much about the good that he is bringing to the state of NY around data privacy. He talks about his background before office, the difference between the NY privacy and Shield acts, and a positive outcome at home during these difficult times. Below are some of the questions from the episode. Such a pleasure and Joy to have Kevin on and thankful for his efforts in our ever-changing and rising world of data privacy. Please enjoy!
1. The SHIELD Act is now in force – what was the impetus for it and when do you expect we’ll see some enforcement actions based on it? How does it differ from the NY Privacy Act?
2. What impact has the CCPA had on privacy in the U.S.?
3. Would you share with us with goes on behind the scenes during the legislative process? What would voters be surprised to learn?
-The Senator is also currently in the process of writing legislation to create a code of ethics for tracking health data amid the COVID-19 health crisis -- which brings on an interesting/timely point of conversation, how data privacy is becoming an important topic during the pandemic.

In today's episode we take a trip inside Brian's world, learning his career path that started out in retail and ended up in a highly complex role as Senior Vice President of Information Technology for a large Energy company. Since the pandemic hit, they have shifted to about 85% work from home and we learn just how much more important data privacy and security is for their own internal sensitive data. We also talk about integrity and the weirdest thing Brian and his family have done during these changing times. Please enjoy wherever you listen to your podcasts

An awesome episode with Ed Hudson, CISO of CSU and trusted partner. Gabe and I enjoyed having Ed come onto the show for the first time to share his story and can't wait for everyone to listen. Below are some of the questions I ended up asking Ed and many more. Hope you enjoy!
· How are Universities exactly like a large company, and how are they different when it comes to Security and Privacy?
· If you only had $100 to spend on Security and Privacy, where would you spend it?
· What do you feel the difference is between security and privacy?
· What does CCPA mean in your mind and your business?
· How is Privacy a part of your role as CISO? Why is it important to CSU?
· What initial challenge was Cal State facing that sparked a need for a product like Spirion?
· Can you tell me a bit about the implementation and rollout process?
· How has Spirion helped the university since you started using it?
· What kind of success have you experienced since rolling out Spirion? Has it helped with compliance audits? Any quantitative results?
· Have you experienced any surprising results? Anything you didn't expect?

In today’s episode we interview CEO and Founder of Tonic. “This unique relationship with Tonic enables security and privacy leaders to meet the growing demand for personally identifiable information (PII) data removal without affecting business continuity or company performance,” stated Gabriel Gumbs, Chief Innovation Officer for Spirion. “Rather than deleting valuable PII, our combined solution maintains the integrity and business value of our customers’ data while adhering to regulatory requirements governing how such data is collected and processed.”

In today's episode, Cam and Gabe have a really good conversation with CIO and proud family man Kin Lee-Yow of CAA. It's always fascinating hearing where our industry peers started out. Hearing their passion around data privacy and how they ended up in the position they're in today. More notes to follow but please sit back and enjoy our conversation and how we touch on the following topics:
-Best practices around data privacy from a CIO's eyes
-Work from home changes and the effects on their staff and customers
-Kin gives us his take on the difference between Data Privacy and Data security
and much more!
Please enjoy!
-Cam

Gabe and I have an awesome conversation with Chris in this episode. We already declared him a recurring guest and I hope you enjoy our chat. Here are some of the questions asked during the episode:
Do you see that disconnect between CISO's and CIO if so, what are some of the causes of it? As well as what can you do to bring harmony to it? “Cybersecurity and privacy are defining issues of our time,” said Dr. Hugh Thompson, Program Committee Chair at RSA Conference.

Alright, it’s August 21st, 1996 and Bill Clinton just signed the law for HIPAA to be in full effect! What were you doing at this time and Were you even in cybersecurity?

With all of your years of being a CISO and working in security, do you think most companies incorporate “privacy by design” which helps with global data privacy regulations into their IT systems today?

I know this is a long term approach but I think it’s something most organizations have just used as a checkbox exercise. Do you think organizations are able to measure and demonstrate compliance With global data privacy regulations? If so, How important is it to utilize a comprehensive governance framework?

I see a lot of organizations that don’t have a Data Protection or Privacy officer, they throw those data privacy and data access duties onto the CISO when does a company become to assign or hire a DPO And why do we see this shift happening across the states? Is it mainly because of GDPR?

What are you most looking forward to for 2020 in data privacy?

In today's episode, Gabe, Cam, and Michael talk deep into Data Privacy, HIPAA and how he fell into being the security catalyst of today.

Michael’s unique path from DJ’ing/bartending to the Data Security and Privacy World
The un-designed security and privacy consequences of HIPAA
How opting out of tracking via GDPR may increase scrutiny of those still being tracked
Why organizations should focus on trust rather than fear when it comes to communicating about data privacy and security
Why leading to data privacy will matter for companies in 2020 and beyond

Questions from the episode:
When you first graduated from high school, we’re you already interested in data privacy and security before going to Cornell? If not, when and what intrigued you about infosec?

Alright it’s August 21st, 1996 and Bill Clinton just signed the law for HIPAA to be in full effect! What were you doing at this time and Were you even in cybersecurity?

What are you doing now with your company, Security Catalyst?

What are you most looking forward to for 2020 in data privacy?

Research shows that consumers care about data privacy, but many are unwilling to take the necessary precautions to do anything about it. We know that people aren’t going out of their way to protect their data. Gabe and I talk with Nina on these topics and dive further into them.
“Why do you feel that the convenience technology offers is regarded over an individual’s concern for data privacy today?”
Can you provide an example that consumers are not truly understanding how the technology works on the backend and how their choices on social media or other widely used platforms could cause an issue in the future
“Do we feel that this trend will change as the regulatory landscape around data privacy in the US is strengthened, and customers become more aware of data privacy principles?”
“What is the Feasibility of how companies respond to the heightened demand of consumer expectations?”
“What type of evidence do you think suggests that companies don’t have a handle on asset management?”

In today's episode, Cam interviews the very informative Scott Giordano (Dr. Scott!) Vice President, Senior Counsel and Compliance at Spirion. We dive into the CCPA deadline that went live on January 1st, 2020.
Did you prepare for this and how much will you have to pay if you're not? Stay with us on this special episode of Privacy Please as we take you through the mind of Scott Giordano.
Questions:
When it comes to privacy, the CCPA is the main topic right now in the public and industry media. What kind of impact is it having?
The GDPR is a little over 18 months old. What’s your view on how it’s being enforced?
In your view, what are the most important legal developments in the world of data protection?
Do you see a Federal data privacy law anytime in the near future?
Anything else that you’d like to share with our audience?

Fun questions to close it out:
Scott, how did you end up being a data protection attorney?
What advice would you give other aspiring attornies?
What are you doing outside of the law that you enjoy