Join Cameron Ivey, Gabe Gumbs and interview guests from around the cybersecurity world as they keep you informed around the topics of cybersecurity, data privacy, compliance, breaches, interesting infosec stories, and much more! Learn why it’s more important than ever that we protect what matters most.
Where to listen
Ep. 22 - Gene Fredriksen - Executive Director and CEO at National Credit Union ISAO
In today's episode, we speak with Gene around what he calls the three components of cyber - People, process, and Technology. He speaks about the importance of a balanced approach that is critical to delivering information securely. We get to hear his story, the changes COVID has brought to their world and the weirdest request he got in his 35 years of security. Tune in wherever you listen to your podcasts and enjoy!
(Please forgive us with the background noise in audio between 14 and 18 minutes)
In today's episode, we get the chance to interview Fabiana Clemente, CDO, and Co-Founder of an up and coming tech company called YData. We talk about synthetic data compared to real data, data privacy, Machine learning, her story, how proud she is to be a woman in tech, and why Chocolate is everything to her! Please enjoy!
Here are some of the questions asked during the show:
1. What is the difference between synthetic and real-data?
2. How can a user have confidence in synthetic data?
3. Are there reasons for concern at all when using synthetic data?
4. What are your thoughts on how companies approach the process of getting started with AI/ML and how compliant are they with privacy regulations?
In today's episode, we speak with Kevin Thomas, New York State Senator, District 6. In our brief conversation, we learned so much about the good that he is bringing to the state of NY around data privacy. He talks about his background before office, the difference between the NY privacy and Shield acts, and a positive outcome at home during these difficult times. Below are some of the questions from the episode. Such a pleasure and Joy to have Kevin on and thankful for his efforts in our ever-changing and rising world of data privacy. Please enjoy!
1. The SHIELD Act is now in force – what was the impetus for it and when do you expect we’ll see some enforcement actions based on it? How does it differ from the NY Privacy Act?
2. What impact has the CCPA had on privacy in the U.S.?
3. Would you share with us with goes on behind the scenes during the legislative process? What would voters be surprised to learn?
-The Senator is also currently in the process of writing legislation to create a code of ethics for tracking health data amid the COVID-19 health crisis -- which brings on an interesting/timely point of conversation, how data privacy is becoming an important topic during the pandemic.
In today's episode we take a trip inside Brian's world, learning his career path that started out in retail and ended up in a highly complex role as Senior Vice President of Information Technology for a large Energy company. Since the pandemic hit, they have shifted to about 85% work from home and we learn just how much more important data privacy and security is for their own internal sensitive data. We also talk about integrity and the weirdest thing Brian and his family have done during these changing times. Please enjoy wherever you listen to your podcasts
An awesome episode with Ed Hudson, CISO of CSU and trusted partner. Gabe and I enjoyed having Ed come onto the show for the first time to share his story and can't wait for everyone to listen. Below are some of the questions I ended up asking Ed and many more. Hope you enjoy!
· How are Universities exactly like a large company, and how are they different when it comes to Security and Privacy?
· If you only had $100 to spend on Security and Privacy, where would you spend it?
· What do you feel the difference is between security and privacy?
· What does CCPA mean in your mind and your business?
· How is Privacy a part of your role as CISO? Why is it important to CSU?
· What initial challenge was Cal State facing that sparked a need for a product like Spirion?
· Can you tell me a bit about the implementation and rollout process?
· How has Spirion helped the university since you started using it?
· What kind of success have you experienced since rolling out Spirion? Has it helped with compliance audits? Any quantitative results?
· Have you experienced any surprising results? Anything you didn't expect?
In today’s episode we interview CEO and Founder of Tonic. “This unique relationship with Tonic enables security and privacy leaders to meet the growing demand for personally identifiable information (PII) data removal without affecting business continuity or company performance,” stated Gabriel Gumbs, Chief Innovation Officer for Spirion. “Rather than deleting valuable PII, our combined solution maintains the integrity and business value of our customers’ data while adhering to regulatory requirements governing how such data is collected and processed.”
In today's episode, Cam and Gabe have a really good conversation with CIO and proud family man Kin Lee-Yow of CAA. It's always fascinating hearing where our industry peers started out. Hearing their passion around data privacy and how they ended up in the position they're in today. More notes to follow but please sit back and enjoy our conversation and how we touch on the following topics:
-Best practices around data privacy from a CIO's eyes
-Work from home changes and the effects on their staff and customers
-Kin gives us his take on the difference between Data Privacy and Data security
and much more!
In today's episode, Cam has a great conversation with Law partners at Cordery Compliance and co-authors - Johnathan and Andre around the EU, UK, and Americas compliance issues in the data privacy realm and the Brexit Impact plan.
Some of the questions asked during the episode:
Would you tell us about Cordery and your services?
Would you explain what was and is Brexit?
What should American companies who are considering conducting business in the U.K. know about Brexit?
What’s the biggest impact of Brexit when moving personal data into and out of the U.K.?
What’s the status of U.K. privacy laws based on EU Directives, such as the Privacy and Electronic Communications Regulations (PECR)?
What the status of Privacy Shield vis-à-vis the U.K.?
Anything else you’d like our listeners/readers to know about Brexit?
Johnathan Armstrong Profile - https://www.corderycompliance.com/our-people/jonathan-armstrong/
Andre Bywater Profile - https://www.corderycompliance.com/our-people/andre-bywater/
Brexit Impact plan - https://www.corderycompliance.com/solutions/brexit-impact-plan
Here is Jason's book - Strategic Privacy By Design https://iapp.org/store/books/a191a00000345yDAAQ/
Topics on today's episode:
1) the second edition of his book - privacy is an evolving field, as well as my thinking, is constantly evolving
2) Real-life examples of Differential Privacy
3) taking Jason's training online - both an LMS format and a longer format for privacy professionals (trying to figure out exactly how). we talk about the struggle to find tools that sufficiently mitigate privacy issues because they haven't been designed for privacy.
4) NIST Privacy Framework - ethics in privacy
The statements, views, and opinions expressed in this podcast are those of the podcast host and guests and do not necessarily reflect the official policy or position of Spirion, LLC.
In today's episode, Cam and Gabe had the pleasure of speaking with Jo Gordon. She is a Senior Consultant in Data Privacy. Very informative and really great points around two of the biggest topics in data privacy in the last few weeks. Please see the topics and notes below and enjoy!
Overview of privacy issues with regard to data sharing, security, and lack of disclosure
Zoom's response to criticism: https://www.theverge.com/interface/2020/4/3/21203720/zoom-backlash-apology-zoom-bombings-eric-yuan
Are the alternatives to Zoom better? Discuss Skype, Duo, Houesparty, etc.
Takeaways: The massive wave of negative press demonstrates that privacy matters to consumers and those organizations must be proactive about privacy protections in order to avoid a PR nightmare like this.
Overview of breach: discuss the cause, impact, and potential damages
Class action lawsuit has already been filed
We Discuss how this might affect Marriot long term
Why does privacy matter?
Invasions of privacy threaten liberty. Entities can exhibit a degree of control over consumers based on the personal information provided
Consumers should be cognizant of the privacy implications of their everyday actions
Lourdes M. Turrecha - Founder & CEO | Privacy & Cybersecurity Strategist & Board Advisor | Former Big Law & Fortune 300
Lourdes loves working on GDPR and CCPA but right now the law is always lagging behind. So in this episode Cam and Gabe discuss with Lourdes her career and how we can make a difference without law. We need to tackle it with Tech and build a community around it. Lourdes stated how she gets a lot of tech companies coming to her saying "We’re interested in this space (Privacy) but don't understand the problems."
Gabe and I have an awesome conversation with Chris in this episode. We already declared him a recurring guest and I hope you enjoy our chat. Here are some of the questions asked during the episode:
Do you see that disconnect between CISO's and CIO if so, what are some of the causes of it? As well as what can you do to bring harmony to it? “Cybersecurity and privacy are defining issues of our time,” said Dr. Hugh Thompson, Program Committee Chair at RSA Conference.
Alright, it’s August 21st, 1996 and Bill Clinton just signed the law for HIPAA to be in full effect! What were you doing at this time and Were you even in cybersecurity?
With all of your years of being a CISO and working in security, do you think most companies incorporate “privacy by design” which helps with global data privacy regulations into their IT systems today?
I know this is a long term approach but I think it’s something most organizations have just used as a checkbox exercise. Do you think organizations are able to measure and demonstrate compliance With global data privacy regulations? If so, How important is it to utilize a comprehensive governance framework?
I see a lot of organizations that don’t have a Data Protection or Privacy officer, they throw those data privacy and data access duties onto the CISO when does a company become to assign or hire a DPO And why do we see this shift happening across the states? Is it mainly because of GDPR?
What are you most looking forward to for 2020 in data privacy?
Join us on this very special episode and early release around COVID-19, the high push for remote working and how big this is for companies and employees worldwide for data privacy. Join us as we interview K Royal an Associate General Counsel attorney.
The article referenced in the episode -
Cam and Gabe talk RSA week, trends, highlights and much more. More notes to follow In our post blog release on the episode. Please enjoy!
In today's episode, Gabe, Cam, and Michael talk deep into Data Privacy, HIPAA and how he fell into being the security catalyst of today.
Michael’s unique path from DJ’ing/bartending to the Data Security and Privacy World
The un-designed security and privacy consequences of HIPAA
How opting out of tracking via GDPR may increase scrutiny of those still being tracked
Why organizations should focus on trust rather than fear when it comes to communicating about data privacy and security
Why leading to data privacy will matter for companies in 2020 and beyond
Questions from the episode:
When you first graduated from high school, we’re you already interested in data privacy and security before going to Cornell? If not, when and what intrigued you about infosec?
Alright it’s August 21st, 1996 and Bill Clinton just signed the law for HIPAA to be in full effect! What were you doing at this time and Were you even in cybersecurity?
What are you doing now with your company, Security Catalyst?
What are you most looking forward to for 2020 in data privacy?
Research shows that consumers care about data privacy, but many are unwilling to take the necessary precautions to do anything about it. We know that people aren’t going out of their way to protect their data. Gabe and I talk with Nina on these topics and dive further into them.
“Why do you feel that the convenience technology offers is regarded over an individual’s concern for data privacy today?”
Can you provide an example that consumers are not truly understanding how the technology works on the backend and how their choices on social media or other widely used platforms could cause an issue in the future
“Do we feel that this trend will change as the regulatory landscape around data privacy in the US is strengthened, and customers become more aware of data privacy principles?”
“What is the Feasibility of how companies respond to the heightened demand of consumer expectations?”
“What type of evidence do you think suggests that companies don’t have a handle on asset management?”
In today's episode, Cam interviews the very informative Scott Giordano (Dr. Scott!) Vice President, Senior Counsel and Compliance at Spirion. We dive into the CCPA deadline that went live on January 1st, 2020.
Did you prepare for this and how much will you have to pay if you're not? Stay with us on this special episode of Privacy Please as we take you through the mind of Scott Giordano.
When it comes to privacy, the CCPA is the main topic right now in the public and industry media. What kind of impact is it having?
The GDPR is a little over 18 months old. What’s your view on how it’s being enforced?
In your view, what are the most important legal developments in the world of data protection?
Do you see a Federal data privacy law anytime in the near future?
Anything else that you’d like to share with our audience?
Fun questions to close it out:
Scott, how did you end up being a data protection attorney?
What advice would you give other aspiring attornies?
What are you doing outside of the law that you enjoy
Episode One - #1 - Introductions / Chit chat
Ladies and Gentlemen welcome to the very first episode of Privacy Please!
My first guest is my lively colleague, co-host and Spirion's own CIO - Gabe Gumbs
In today's episode we go over -The convergence of Privacy and cyber security, find out in this episode why that is so important now more than ever to both people and companies. https://hbr.org/2019/01/privacy-and-cybersecurity-are-converging-heres-why-that-matters-for-people-and-for-companies
What are you most looking forward to in 2020?
How do you protect your own private data?