Former Magistrate Judge Ronald J. Hedges and host Jody discuss how AI is shaping legislative and regulatory actions within the legal field, focusing on admissibility of evidence, ethical considerations, and model practices for professional sectors. They delve into AI integration in legal practices, billing models, and the impact of generative AI on the legal profession, emphasizing the need for lawyers to stay abreast of technological advancements.

In this episode of ADCG’s Privacy and Cybersecurity Podcast, Jody Westby interviews Jean Camp, Director of the Center for Security and Privacy in Informatics, Computing, and Engineering and Professor of Informatics at University of Indiana. Prof. Camp is a renowned thought leader in privacy and cybersecurity and has conducted meaningful research on issues related to SBOMs and how they could be more effective. In this podcast, we explore the role of SBOMs in cybersecurity, what limits their effectiveness, and the Federal Government's role in advancing the use of SBOMs, developing tools to ease the use of SBOMs, and international efforts to create a harmonized approach to the development and use of SBOMs. Links to some of Prof. Camp’s work in this area is available on the ADCG website.

This week the ADCG Privacy & Cybersecurity Podcast is pleased to have Shoshana Rosenberg, CEO and Founder of SafePorter and one of the most respected names in the field of privacy and a thought leader at the intersection of privacy and Diversity, Equity & Inclusion ("DEI"). We discuss her groundbreaking work analyzing how principles governing privacy and DEI can influence the development and use of AI technologies, including how privacy and bias concerns shape the conversation around AI, how the evolving landscape of AI is challenging our traditional understanding of privacy and inclusion, and how advancements in AI both challenge and embrace our ability to uphold DEI principles…and more!

This podcast discusses data deletion services, privacy researcher Jeff Jockisch, data brokers, managing personal data, and the approach of Avantis Privacy. Topics include challenges of deleting personal data, importance of privacy and cybersecurity, and the role of technology like AI in safeguarding personal information.

This episode features Donata Stroink-Skillrud, Co-Founder and President of Termageddon, a software service that specializes in the identification of privacy laws applicable to an organization and the development of privacy policies, terms of service, and end user license agreements for that organization. Donata is an attorney who also represents the American Bar Association’s Section of Science and Technology Law on the ABA President’s Cybersecurity Legal Task Force (CLTF). In this episode, we discuss the CLTF, its purpose, topics and issue areas it addresses, and the cybersecurity resources the CLTF has created for attorneys and law firms (which are free and applicable to many other organizations). We also discuss recent Resolutions that CLTF has put forward for adoption by the ABA, including is AI Resolution. Links to CLTF resources are provided on the ADCG website for this episode.

This episode features Dr. Peter Trim, a Reader in Marketing and Security Management at the University of London’s Birkbeck Business School. Dr. Trim has published a dozen books, and his most recent (2023) focuses on Strategic Cyber Security Risk Management. Cybersecurity best practices began in the UK with British Standard 7799, which morphed into ISO 27001/002. Dr. Trim discusses the necessity for a collective approach in cybersecurity and the need to maintain an international perspective. His work endeavors to link cyber risk management theory with practical application through use cases and simulation exercises. We explore the need for improved private sector interaction with academia and the need to integrate cybersecurity risk management content in interdisciplinary curricula.

In this episode of ADCG on Privacy & Security podcast, host Jody Westby is joined by Sabrina Gross, regional director of strategic partners at Veridas. Sabrina has worked globally and spent 15 years working with law enforcement agencies in Europe, the Middle East, and Africa. At Veridas, Sabrina focuses on cutting-edge technologies that are used for authentication and to prevent identity fraud. We discuss the importance of having a choice of authentication options, limitations of various devices, the pros and cons of facial recognition, fingerprints, and voice as authentication methods, what companies should look for in a biometrics provider, security factors, customer preferences, and more. We drill down into the role of state privacy laws and the circumstances under which a business should consider multiple, layered verification methods.

Ken Westin, a seasoned Field CISO at Panther Labs with over 15 years in cybersecurity, brings invaluable insights into the importance of digital asset inventories. He emphasizes how the lack of these inventories hampers effective incident response, especially following incidents like the MOVEit breach. Ken discusses navigating vulnerabilities in cloud environments, the rise of ransomware, and the need for better asset management. He advocates for collaboration between security and privacy teams to enhance protective measures in an increasingly complex cyber landscape.

Scott Giordano, former vice president and general counsel for Spirion, discusses the implications of AI for privacy and information security. He explores the development and dangers of generative AI, its impact on cyber crime, and the need for AI regulation. Scott also highlights the benefits of taking a Career Essentials and Generative AI Course.

In this episode, Jody Westby interviews Gerry Stegmaier, a partner in ReedSmith’s Tech & Data Group. Gerry focuses on digital issues, corporate governance, incident response, privacy, and cybersecurity matters, plus other areas. We discuss the new SEC Cybersecurity Risk Management Rule for public companies, how it differs from the proposed rule, key requirements and compliance deadlines, and the practical impact on cyber incident disclosures, identifying and disclosing material cyber risks, and how boards and C-suites will approach cyber governance.