She Said Privacy/He Said Security

Phil Rubin is the Founder and Principal of Grey Space Matters, a consulting firm that works with companies ranging from early-stage and emerging growth to global brand leaders across various industries and sectors. He is a customer-focused strategic growth leader with more than 30 years of experience driving growth for global brands.  Recognized as an industry thought leader, Phil is a keynote speaker for events across North America, Asia, and Europe. He has been quoted in The Wall Street Journal, Forbes, and numerous other trade publications. Before GSM, Phil led Global Insights and Strategic Partnerships for Bond, a loyalty and customer marketing firm. In this episode… Airlines and other brands utilize loyalty programs to generate customer insights and enhance experiences. For instance, Delta Airlines has partnered with American Express and Lyft to offer frequent flier miles and discounted transportation — but this raises concerns regarding data collection. So how are brands collecting customer data, and how can you take precautions to protect privacy? According to Phil Rubin, brands collect two types of data: zero-party data that customers share willingly with the company and first-party data, which brands collect and own directly from their customers. When leveraging loyalty programs, brands should remain transparent about data collection methods to avoid costly privacy breaches. Customers join loyalty programs to receive value and benefits, so it’s crucial to provide useful services and establish trust to increase consent. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels interview Phil Rubin, Founder and Principal of Grey Space Matters, to discuss data-sharing in loyalty programs. Phil explains integrated loyalty experiences, the common forms of data collected for loyalty programs, and how privacy laws impact these programs.

Larry Slusser is the Senior Director of Professional Services at SecurityScorecard, the global leader in cybersecurity ratings. In his role, he assists clients in both active and reactive cybersecurity through services including global digital forensics, incident response, and ransomware mitigation. As a retired Air Force officer, Larry partnered with technical engineers, investigators, and business and external stakeholders to sustain focus and achieve milestones. Before SecurityScorecard, he held several leadership positions at Fortune 500 companies.   In this episode… As ransomware attacks grow increasingly elaborate, companies need to develop sound incident response measures to protect their data. Yet less than 10% of incident response plans are prepared to combat these attacks, and in the event of a threat, 80% of businesses pay the ransom. So how can you optimize your response strategies to ensure maximum preparation? Larry Slusser advises developing and executing tabletop exercises to simulate an actual attack. But this exercise is ineffective without proper data analysis, so it’s crucial to locate and safeguard your most valuable data. Optimal awareness and preparation require you to become educated on incident detection and response and invest in antivirus security tools. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels host Larry Slusser, Senior Director of Professional Services at SecurityScorecard, to discuss cyber attacks and incident response measures. Larry talks about the types of ransomware, the importance of tabletop exercises, and how companies respond to ransomware attacks.

Chris Bullock is the Founder, CEO, and Managing Member of Cyber Investigations and Intelligence Agency (CI2A), a company that provides world-class cybersecurity and cybercrime solution services. He is also an award-winning chief information security officer and a decorated law enforcement veteran. As a leader and program builder, Chris has built and managed several successful cybersecurity programs at large and small organizations across many business verticals and governments. He holds multiple certifications including Certified Information Systems Security Professional (CISSP) and Certified Cybercrime Examiner (CCCE). Chris frequently speaks at major security conferences and writes articles on cybersecurity, and in 2012, he was voted “85th Top Ranking CISO in the US.” In this episode… Open-source intelligence has provided public access to personal information on the internet, allowing hackers to compromise anyone’s digital profile. With technology becoming increasingly pervasive in our daily lives, what steps can you take to reduce your digital footprint? According to Chris Bullock, attackers can steal data from your personal devices to be exchanged on the dark web. Most users aren’t aware that seemingly mundane settings on these devices can collect and release your data. To prevent unwanted attacks, Chris recommends disabling location services, photo, and microphone access for all apps and deactivating the auto-join feature for Wi-Fi and Hotspots.  In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels welcome Chris Bullock, Founder, CEO, and Managing Member of CI2A, to discuss tips for protecting your digital profile. Chris also explains open-source intelligence, the impact of privacy laws on data security, and how security attacks against high-profile individuals have evolved.

Beatrice Botti is the Vice President and Global Data & Privacy Officer at DoubleVerify, a leading software platform for digital media measurement and analytics. After an academic career in the EU and the US, she became a contract attorney before working in various privacy roles at Virgin Pulse, including Director of Privacy, Partnerships & Legal, Privacy Officer, and Data Protection Officer.  In this episode… Privacy regulations in the US are rapidly evolving, with five new laws expected to be enacted by the end of the year. But with individual governments working independently, each law is interpreted differently, making it challenging for organizations to fully comprehend privacy. So how can you build a privacy program that conforms to each law’s regulatory framework? When it comes to privacy in the ad tech space, Beatrice Botti says that predicting the outlook of impending regulations is futile. It’s critical to prepare for uncertainty by analyzing your data’s location and categories to determine which laws apply to your business. Once you’ve collected the appropriate data, you can seek advice from a privacy consultant or attorney to help you assess possible solutions, create a compliant program, and decide on further action. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels sit down with Beatrice Botti, VP and Global Data & Privacy Officer at DoubleVerify, to discuss how privacy regulations impact ad tech. Beatrice speaks about the most pervasive privacy challenges companies face, advice for navigating US privacy laws, and how organizations can build privacy programs.

Curtis Preston is the Chief Technical Evangelist at Druva, a SaaS data protection platform. He is also the Founder and Webmaster of Backup Central, a website dedicated to data backup and recovery. Since 1993, Curtis has specialized in storage, backup, and recovery and has been an end-user, consultant, and analyst. He has written four books on these subjects and is the host of the Restore it All and No Hardware Required podcasts. In this episode… Ransomware is becoming increasingly sophisticated, with hackers deactivating companies’ backup servers to counteract cybersecurity efforts in a traditional attack. Still, businesses are neglecting to test and protect their backup servers. So how can you safeguard your data against cyberattacks? With the emergence of modern technology and impending security regulations, W. Curtis Preston says it’s more crucial than before to implement disaster recovery plans that facilitate data restoration. One way to ensure maximum protection is to utilize a SaaS data protection provider. Selecting a provider necessitates evaluating your cybersecurity methods and aligning them with the provider’s disaster response plans. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels sit down with W. Curtis Preston of Druva and Backup Central to talk about data protection and disaster recovery. Curtis explains how ransomware targets backup servers, the importance of updating backup plans, and key considerations for selecting data protection SaaS providers.

Jared Coseglia is the Founder and CEO of TRU Staffing Partners, an award-winning staffing company representing talent and opportunities in data privacy, e-discovery, and cybersecurity. TRU has been voted a top-three legal and/or litigation support staffing agency for seven consecutive years in both the National Law Journal and the New York Law Journal and has been named one of the Inc. 5000 Fastest Growing Private Companies in America.  Jared has placed over 3000 professionals in full-time and temporary positions at the Fortune 1000 and Am Law 200 levels and throughout the global consultancy, service, and software provider communities. As an active member of the legal and cybersecurity community, he is a member of the Board of Editors for Cybersecurity Law and Strategy, has written over 90 articles, regularly appears in podcasts and webinars, and has spoken at over 50 conferences.  In this episode… When it comes to hiring, data privacy and security companies aren’t sure what to look for in candidates. Similarly, professionals are struggling to understand businesses’ qualifications and gain the skills needed for each discipline. With so much variability surrounding hiring practices, how can organizations maintain clarity to attract and retain top talent? Privacy and security staffing expert Jared Coseglia says that companies need to develop robust, transparent, and simple privacy and security programs. This demonstrates that you recognize your business’ requirements and can assess the market effectively. Some companies have employed AI technology to streamline the hiring process. Yet, this raises representation issues, so Jared says it’s crucial to utilize this technology to enhance diversity and provide candidates with an inclusive experience.  In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Jared Coseglia about hiring and staffing trends in privacy and security. Jared talks about how companies can attract and retain privacy talent, AI’s role in the hiring process, and compensation in privacy versus security.

Zenobia Godschalk is the SVP of Communications at Hedera, an enterprise-grade public network for building decentralized applications. As the Founder and CEO of the technology marketing firm ZAG Communications, she has launched and grown multiple $1B, high-growth, global technology companies. Zenobia has experience in distributed databases, cybersecurity strategies, public relations, and financial reporting. She is also a board member of Stanford FLAN (First-Generation and/or Low-Income Alumni Network).  In this episode… Blockchain is surging in popularity — everything from banking transactions to digital concert tickets uses some form of decentralized finance. Yet, consumers distrust this software as it poses security risks and often results in adverse online experiences. So, what does this mean for the future of blockchain? Early adopters of this technology have employed a more synthetic version of decentralized finance (DeFi), exploiting customers by claiming unrealistic ROIs. Given that blockchain and other types of DeFi are still unregulated by FDIC and venture capital, Zenobia Godschalk says that the road to full adoption is likely to be hindered. Meanwhile, she notes that companies seeking to integrate blockchain must understand its underlying protocols and technology infrastructure to create seamless consumer interactions.  In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels welcome Zenobia Godschalk, SVP of Communications at Hedera, to discuss security trends in the blockchain space. Zenobia talks about venture capital’s security regulations for blockchain, how to build trust in decentralized finance, and how to optimize digital transactions.

Ian Cohen is the Founder and CEO of Lokker, a company committed to protecting businesses from third-party privacy risks. Before Lokker, he served as CEO of Credit.com, where he transformed the company into a trusted high-growth hub for consumers seeking guidance on credit and finance. Ian is also a Board Member of Uqual, an Industry Advisor at Long Ridge Equity Partners, and an Advisor and Investor at PolyScale.  In this episode… Data collection has become increasingly obscure, and companies like Meta and Oracle are facing lawsuits for unauthorized data tracking and sharing across third parties. With data sharing largely unregulated among companies, how can you protect customer data? When collecting consumer data, companies often struggle to interpret the data and lack knowledge about its location and usage. With the emergence of GDPR (General Data Protection Regulation) in the US, businesses must go beyond internal privacy programs to regulate external data sharing and comply with the law. Ian Cohen stresses the importance of establishing awareness campaigns and fostering transparency and visibility among third parties. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels host Ian Cohen, Founder and CEO of Lokker, to discuss protecting consumer data from third-party access. Ian explains how Lokker collects and analyzes data, discusses the compliance challenges of third-party data, and offers advice on third-party data sharing.

Vaibhav Antil is the Co-founder of Privado.ai, a developer-friendly privacy platform. Privado was purpose-built as a code-scanning solution for privacy to discover personal data, usage, flows, and leakages, as well as flag privacy issues in the code for GDPR regulations. Vaibhav became a privacy consultant to help companies remain compliant after the introduction of GDPR. Before Privado, he was the Co-founder of Jukebox Studio, which was acquired by Gaana, where he served as the Senior Product Manager of Subscriptions. In this episode… When developing apps and other software, engineers often collect excessive consumer data and lack consideration for potential breaches. As a privacy professional, how can you implement developer-friendly privacy programs? According to privacy consultant Vaibhav Antil, there is a knowledge barrier between engineering and privacy teams. To address and mitigate this, it’s essential to provide developers with readily-available privacy tools that display each code's data leaks and breaches. By collaborating with engineers and using familiar language when giving instructions, you can mitigate risks to your software. In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels host Vaibhav Antil, Co-founder of Privado.ai, to discuss building privacy programs for developers. Vaibhav explains privacy debt, the qualities of a developer-friendly privacy program, and how Privado scans codes for privacy risks.

Gary Vecchiarelli is the Chief Financial Officer at CleanSpark, a sustainable Bitcoin mining company solving modern energy challenges. As a licensed CPA, he has over 10 years of experience in public accounting, having worked for international firms with clientele ranging in size from $50 million to $1 billion while operating in various industries. Gary serves on the board of directors for the Doral Academy of Nevada and Financial Executives International Las Vegas Chapter. He was named by VEGAS INC magazine to the “Las Vegas 40 Under 40” list in 2014. In this episode… With the enforcement of the Sarbanes-Oxley Act of 2002, finance departments must remain transparent in their reporting practices to mitigate fraudulent activity. Yet these departments continue to struggle with privacy and security measures and as a result, fall victim to wire fraud and phishing scams. So, how can you assess and prevent risks to stay compliant and combat attacks? Finance and accounting expert Gary Vecchiarelli recommends implementing internal security controls to conduct preventative risk analyses and assessments and forecast potential attacks. At the foundational level, finance departments can invest in firewalls and encryption and instruct team members to approve transactions. To ensure maximum security, Gary advises incorporating the COSO Framework into your business processes to comply with industry standards and identify, monitor, and eliminate risks effectively. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels host Gary Vecchiarelli, Chief Financial Officer at CleanSpark, to discuss managing risks in financial environments. Gary shares how he manages security from a financial perspective, how finance departments can prevent fraud and hacking, and the impact of risk assessments on financial decisions.