Podcasts about cdpse

Join Kamyabi Network: https://kamyabinetwork.com/Guest Introduction: Joining us today is Shayan Shabir, the Founder and CEO of Strategic Pulse, a company helping businesses grow using AI, cybersecurity, and digital tools. Shayan has over 20 years of experience working across the UK, Australia, and South Asia.Before this, he was the CIO and CSO at Nova Systems, where he led a $35 million digital transformation and built a $7 million cybersecurity program. He has worked in defence, energy, and healthcare, and handled many real cyber attacks in his career.Shayan is certified in CISM, CRISC, and CDPSE, and is focused on helping businesses become faster, safer, and more future-ready.Do not forget to subscribe and press the bell icon to catch on to some amazing conversations coming your way!Socials:TBT's Official Instagram: https://www.instagram.com/thoughtbehindthings Muzamil's Instagram: https://www.instagram.com/muzamilhasan Muzamil's LinkedIn: https://www.linkedin.com/in/muzamilhasan Shahyan's LinkedIn: https://www.linkedin.com/in/shahyan-s-6994261a3/Podcast Links:Spotify: https://spoti.fi/3z1cE7F Google Podcast: https://bit.ly/2S84VEd Apple Podcast: https://apple.co/3cgIkf

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Beyond Compliance Cybersecurity Insights With Blake Hoge and Aaron CrowPub date: 2025-05-05Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crowe sits down with cybersecurity professional Blake Hoge for an unscripted deep dive into the world of IT, OT, and everything in between. In this engaging conversation, Aaron and Blake share their personal journeys through the cybersecurity landscape—from consulting roots and data center audits, to navigating third-party risk, compliance programs, and even some unforgettable experiences in global call centers and power plants.   This episode goes beyond the technicalities, exploring the importance of hands-on assessments, the unexpected vulnerabilities that linger in even the most sophisticated environments, and why fresh eyes are crucial for spotting hidden risks.  Aaron and Blake also open up about their favorite use cases for AI—both on and off the job, and how these evolving tools are reshaping everything from incident response planning to everyday productivity.   But it's not all about cyber threats and compliance checklists. The conversation takes a thoughtful turn as the two discuss the vital role of mental health, physical wellness, and community in sustaining long careers in high-pressure fields. From rucking at dawn and cycling in Moab to decompressing at cyber shootouts and embracing new technologies, Aaron and Blake remind us that protecting it all starts with taking care of ourselves and each other. Join us for a lively, candid episode packed with actionable insights, relatable stories, and a reminder that cybersecurity is, above all, a people business.   Key Moments:    09:47 Power Plant Fire Recovery Chaos 13:36 Infrastructure Maintenance & Security Compliance 16:10 Access Control Testing Concerns 23:22 "Design Process: Theory vs. Reality" 31:22 Dynamic Incident Response Planning 33:07 Commitment to Security and Transparency 39:21 Customized Consultancy for Unique Needs 47:05 "Understanding Contract Essentials" 50:42 In-House AI to Safeguard Data 57:47 AI Simplifies Search and Booking 59:13 Mental Wellness Strategies in Tech 01:03:52 Fitness and Energy Through Activity 01:10:44 "Business is a People Endeavor"   About the guest :  Blake Hoge leads third-party security at Airbnb, strengthening partnerships, and founded AmplifyGRC to support small businesses in building security and trust. At Instacart, he developed and scaled security and trust programs and compliance programs. At Salesforce, he managed security for global data and call centers. With over a decade in governance, risk, and compliance, Blake holds CISA, CDPSE, and PMP certifications, reflecting his expertise. Blake lives in the greater Austin, Texas area, and enjoys connecting with other professionals locally.   How to connect Blake:  Linkedin page: https://www.linkedin.com/in/blakehoge/ Company website: https://www.amplifygrc.com/   Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Professional certifications have become a defining feature of the cybersecurity industry, promising enhanced career prospects, higher salaries, and professional credibility. But do they truly deliver on these promises, or are there hidden drawbacks to pursuing them? This presentation takes a deep dive into the dual-edged nature of certifications like CISSP, CISM, CEH, and CompTIA Security+, analyzing their benefits and potential limitations. Drawing on data-driven research, industry insights, and real-world case studies, we explore how certifications influence hiring trends, professional growth, and skills development in cybersecurity. Attendees will gain a balanced perspective on the role of certifications, uncovering whether they are a gateway to career success or an overrated credential. Whether you are an aspiring professional or a seasoned practitioner, this session equips you with the knowledge to decide if certifications are the key to unlocking your cybersecurity potential—or if other paths may hold the answers. About the speaker: Hisham Zahid is a seasoned cybersecurity professional and researcher with over 15 years of combined technical and leadership experience. Currently serving under the CISO as a Security Compliance Manager at a FinTech startup, he has held roles spanning engineering, risk management, audit, and compliance. This breadth of experience gives him unique insight into the complex security challenges organizations face and the strategies needed to overcome them.Hisham holds an MBA and an MS, as well as industry-leading certifications including CISSP, CCSP, CISM, and CDPSE. He is also an active member of the National Society of Leadership and Success (NSLS) and the Open Web Application Security Project (OWASP), reflecting his commitment to professional development and community engagement. As the co-author of The Phantom CISO, Hisham remains dedicated to advancing cybersecurity knowledge, strengthening security awareness, and guiding organizations through an ever-evolving threat landscape.David Haddad is a technology enthusiast and optimist committed to making technology and data more secure and resilient.David serves as an Assistant Director in EY's Technology Risk Management practice, focusing on helping EY member firms comply with internal and external security, data, and regulatory requirements. In this role, David supports firms in enhancing technology governance and oversight through technical reviews, consultations, and assessments. Additionally, David contributes to global AI governance, risk, and control initiatives, ensuring AI products and services align with the firm's strategic technology risk management processes.David is in the fourth year of doctoral studies at Purdue University, specializing in AI and information security. David's experience includes various technology and cybersecurity roles at the Federal Reserve Bank of Chicago and other organizations. David also served as an adjunct instructor and lecturer, teaching undergraduate courses at Purdue University Northwest.A strong advocate for continuous learning, David actively pursues professional growth in cybersecurity and IT through academic degrees, certifications, and speaking engagements worldwide. He holds an MBA with a concentration in Management Information Systems from Purdue University and multiple industry-recognized certifications, including Certified Information Systems Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Data Privacy Solutions Engineer (CDPSE), and Certified Information Systems Auditor (CISA).His research interests include AI security and risk management, information management security controls, emerging technologies, cybersecurity compliance, and data protection.

Can trust be engineered? In this episode, Punit is joined by Steve Ahouanmenou, Global Privacy Engineering Lead for Open Banking at Mastercard, to explore the pivotal role of privacy engineering in creating digital trust. Steve discusses why trust isn't sector-specific, emphasizing how transparency is vital across industries like healthcare and finance. The conversation dives into open banking, a revolutionary approach that gives consumers control over their financial data while fostering competition among financial service providers. Steve explains how privacy engineering brings privacy principles to life, embedding privacy by design, conducting risk assessments, and bridging the gap between privacy teams and technical teams.   Join us in discussing how privacy engineering is shaping the future of digital trust. Hear expert insights, real-world strategies, and thought-provoking discussions that will change the way you think about data, trust, and innovation.   KEY CONVERSION  00:01:59 How would you describe Digital Trust  00:05:53 What is Privacy Engineering?  00:10:31 What kind of a role do you expect from tech team  00:12:01 How can privacy pros help tech colleagues?  00:17:10 Best way to Reach you    ABOUT THE GUEST  Steve Ahouanmenou is part of the Global Privacy & Data Protection Department at Mastercard and leads the privacy engineering program in Open Banking.  His mission is to enable innovation and trust in the digital finance realm, by applying his analytical skills, domain expertise, and collaborative approach to privacy and security challenges.  With over 10 years of experience in information security, privacy risks and data governance, he has worked with global organizations in various sectors with a focus on healthcare and finance. He also a PhD Candidate at Ghent University, investigating information security and privacy in healthcare institutions, and an alumni of Belgium's 40under40. He holds multiple certifications, such as ISO 27001 Senior Lead Implementer, CIPP/E, CISM, CDPSE, ITIL v3, DPO, COBIT 5. ABOUT HOST  Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals.  Punit is the author of books “Be Ready for GDPR'' which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.  As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe.  RESOURCES  Websiteswww.fit4privacy.com,www.punitbhatia.com,https://www.linkedin.com/in/steve-ahouanmenou/  Podcast https://www.fit4privacy.com/podcast  Blog https://www.fit4privacy.com/blog  YouTube http://youtube.com/fit4privacy

Podcast: Cyber Security Weekly Podcast (LS 38 · TOP 2% what is this?)Episode: Episode 416 - OT ISAC - Singapore Operational Technology Information Sharing and Analysis Summit 2024Pub date: 2024-11-08Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationWe had the privilege of speaking with Steven Sim, Chair of the OT-ISAC Executive Committee, during the recent summit in Singapore. As a seasoned expert in operational technology (OT) cybersecurity, Sim shared valuable insights into the importance of information sharing, the growing threat of ransomware, and the transformative role of AI in cybersecurity.Kicking off the podcast, Steven introduced the Executive Committee and its pivotal role in driving OT-ISAC's mission to foster a collaborative community and promote best practices. By providing advisory support and strategic guidance, the committee ensures OT-ISAC stays at the forefront of cybersecurity initiatives.Balancing Information Sharing and ConfidentialityOne of the most pressing challenges in OT cybersecurity is striking the right balance between information sharing and safeguarding sensitive data. He explained that OT-ISAC has implemented robust measures, such as the Traffic Light Protocol and data anonymization techniques, to protect confidentiality while promoting collaboration. The platform also employs protocols like STIX and TAXII to automate the exchange of cyber threat intelligence, enabling members to quickly share and respond to emerging threats.Cross-Jurisdictional CollaborationWith cyber threats spanning borders, cross-jurisdictional collaboration is essential. Sim highlighted that OT-ISAC allows members to share threat intelligence across different regions without breaching data sovereignty regulations by anonymizing the information sources. This approach strengthens global defenses against transnational cyberattacks.The Growing Threat of RansomwareRansomware remains a significant risk to OT environments. Steven urged organizations to avoid paying ransoms, citing the risks and long-term consequences. Instead, he emphasized the importance of investing in strong business continuity and incident response plans. By focusing on resilience and preparedness, organizations can minimize their exposure to future attacks.AI's Role in OT CybersecurityHe also discussed the potential of AI in OT cybersecurity, noting its ability to streamline incident response and improve threat detection. However, he cautioned that while AI offers powerful advantages, it must be implemented with human oversight to manage the risks associated with automated systems.Steven Sim has worked for more than 25 years in the cybersecurity field with large end-user enterprises and critical infrastructures, undertaken global CISO role, driven award-winning CSO50 security governance and management initiatives and headed incident response, security architecture, technology, awareness and operations at local, regional and global levels. He leads cybersecurity across large MNC, heading 8 direct reports at Group Cybersecurity Department as well as indirect reports across regional offices and local business units in 42 countries. He oversees both IT and OT Security Governance, Global Cybersecurity Technology Management and Incident Response as well as Cyber Security Masterplan Office. Always keen to give back to the community, he also volunteers at the ISACA Singapore Chapter (which won ISACA Global Outstanding Chapter Achievement in 2022) as the President (from 2021 to 2022) and OT-ISAC (since 2021), the second key thrust of the SG's OT Cybersecurity Masterplan 2019, as Chair Executive Committee, as well as member of Geneva Dialogue Technical Community, and holds Masters in Computing, CCISO, CGEIT, CRISC, CISM, CISA, CDPSE, CISSP as well as technical certifications GICSP, GREM, GCIH and GPPA. Recorded 5th Sept 2.30pm. Singapore Operational Technology Information Sharing and Analysis Summit 2024#otcybersecurity #mysecuritytv #cybersecurity #singaporecybersecurityThe podcast and artwork embedded on this page are from MySecurity Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

We had the privilege of speaking with Steven Sim, Chair of the OT-ISAC Executive Committee, during the recent summit in Singapore. As a seasoned expert in operational technology (OT) cybersecurity, Sim shared valuable insights into the importance of information sharing, the growing threat of ransomware, and the transformative role of AI in cybersecurity.Kicking off the podcast, Steven introduced the Executive Committee and its pivotal role in driving OT-ISAC's mission to foster a collaborative community and promote best practices. By providing advisory support and strategic guidance, the committee ensures OT-ISAC stays at the forefront of cybersecurity initiatives.Balancing Information Sharing and ConfidentialityOne of the most pressing challenges in OT cybersecurity is striking the right balance between information sharing and safeguarding sensitive data. He explained that OT-ISAC has implemented robust measures, such as the Traffic Light Protocol and data anonymization techniques, to protect confidentiality while promoting collaboration. The platform also employs protocols like STIX and TAXII to automate the exchange of cyber threat intelligence, enabling members to quickly share and respond to emerging threats.Cross-Jurisdictional CollaborationWith cyber threats spanning borders, cross-jurisdictional collaboration is essential. Sim highlighted that OT-ISAC allows members to share threat intelligence across different regions without breaching data sovereignty regulations by anonymizing the information sources. This approach strengthens global defenses against transnational cyberattacks.The Growing Threat of RansomwareRansomware remains a significant risk to OT environments. Steven urged organizations to avoid paying ransoms, citing the risks and long-term consequences. Instead, he emphasized the importance of investing in strong business continuity and incident response plans. By focusing on resilience and preparedness, organizations can minimize their exposure to future attacks.AI's Role in OT CybersecurityHe also discussed the potential of AI in OT cybersecurity, noting its ability to streamline incident response and improve threat detection. However, he cautioned that while AI offers powerful advantages, it must be implemented with human oversight to manage the risks associated with automated systems.Steven Sim has worked for more than 25 years in the cybersecurity field with large end-user enterprises and critical infrastructures, undertaken global CISO role, driven award-winning CSO50 security governance and management initiatives and headed incident response, security architecture, technology, awareness and operations at local, regional and global levels. He leads cybersecurity across large MNC, heading 8 direct reports at Group Cybersecurity Department as well as indirect reports across regional offices and local business units in 42 countries. He oversees both IT and OT Security Governance, Global Cybersecurity Technology Management and Incident Response as well as Cyber Security Masterplan Office. Always keen to give back to the community, he also volunteers at the ISACA Singapore Chapter (which won ISACA Global Outstanding Chapter Achievement in 2022) as the President (from 2021 to 2022) and OT-ISAC (since 2021), the second key thrust of the SG's OT Cybersecurity Masterplan 2019, as Chair Executive Committee, as well as member of Geneva Dialogue Technical Community, and holds Masters in Computing, CCISO, CGEIT, CRISC, CISM, CISA, CDPSE, CISSP as well as technical certifications GICSP, GREM, GCIH and GPPA. Recorded 5th Sept 2.30pm. Singapore Operational Technology Information Sharing and Analysis Summit 2024#otcybersecurity #mysecuritytv #cybersecurity #singaporecybersecurity

Ever wondered what separates good Privacy Pros from EXCEPTIONAL ones?In this episode of the Privacy Pros Podcast, Jamal Ahmed hosts Dr. Valerie Lyons, a seasoned privacy leader and author of the Privacy Leader Compass. They discuss:Transitioning from cybersecurity to privacy The key differences between good and exceptional privacy professionalsHow to balance technical skills, business acumen and soft skills Qualities that allow Privacy Pros to create maximum impactThis is a must listen episode for anyone who wants to understand how to turn adversity into strength.Dr. Lyons is author of the ‘The Privacy Leader Compass', and leading authority on privacy as a CSR and ESG. Included in the ‘Top 100 Women in Cybersecurity in Europe', Dr. Lyons is an accomplished and driven cybersecurity and privacy leadership expert. Her career spans over 30 years - working in both cybersecurity and privacy teams. She has worked for several global organisations, such as IBM, KPMG, and ABB, and served as Head of Information Security Risk in KBC Bank for almost 15 years. Dr. Lyons is director and Chief Operations Officer in BH Consulting since 2015. She has an in-depth knowledge of European data protection law and practices, and frequently presents at renowned international security and privacy conferences (such as RSA, COSAC, ISACA and CPDP). She has also lectured in Dublin City University on Privacy, Cybersecurity and Digital Ethics. In 2022, Dr Lyons was awarded a PhD in Information Privacy for her research into Privacy as a CSR. She also holds a Masters in Leadership, along with a post-graduate diploma in Executive Coaching. She is a certified CISSP for almost 25 years, a CDPSE for four years, and is a member of the Institute of Directors in Ireland.Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/Follow Dr. Valerie on LinkedIn: https://www.linkedin.com/in/valerielyons-privsec/Ready to become a World Class Privacy Expert? Book your call to join the World's Leading Privacy Program

Join us to delve into the pivotal interplay between artificial intelligence and cybersecurity. Join us as we unravel the ways AI is transforming threat detection, intrusion prevention, and incident response. We'll explore real-world applications, benefits, challenges, and the ethical dimensions of AI in cybersecurity. Be part of the conversation to stay informed about the latest trends and essential insights for navigating this evolving landscape effectively. Presenters: Amy McLaughlin, MS, MA, CETL, CISM, CHPS, CDPSE, CISSP, CoSN Cybersecurity Project Director,Executive Director, Technical and Solutions Architecture Oregon State University (OR) Bryan Ruzenski, Director of External Technology Services, Chester County Intermediate Unit (PA) Corey O'Connor, CETL, Director of Technology , Montgomery County Educational Service Center (OH) Thomas Molina, PMP, CISSP, SSCP, CTO, Corpus Christi Independent School District (TX) Jennifer Clouser, CETL,  Executive Director, Department of Technology, Auburn School District #408 (WA) In our professional advancement webinars, education technology experts from across the country and worldwide present their specialties. During each interactive session, experts engage in dialogue to address the challenges and opportunities facing educators. Webinars are FREE for members and $59 for non-members. Partner webinars are free for all. For a complete listing of all CoSN's webinars, please visit:⁠ ⁠⁠⁠https://www.cosn.org/education-events/webinars/⁠⁠⁠⁠ Be sure to follow us on Twitter ⁠⁠⁠⁠@CoSN⁠⁠⁠⁠ and ⁠⁠⁠⁠LinkedIn⁠⁠⁠⁠ to stay updated on CoSN events!

Podcast: Cyber Security Weekly Podcast (LS 38 · TOP 2% what is this?)Episode: Episode 379 - Cybersecurity information sharing – OT-ISAC Summit 2023 highlightsPub date: 2023-10-08In this interview, both John and Thian introduce the history of ISACs (formed in 1999, subsequent to the 1998 signing of U.S. Presidential Decision Directive-63), and in particular, the creation of OT-ISAC (Operational Technology Information Sharing and Analysis Centre) as one of the key trusts of the Cyber Security Agency of Singapore's “OT Cybersecurity Masterplan 2019 to facilitate the sharing of information.Reflecting on the journey from conceptualization to today, Thian Chin remarked that “OT-ISAC has become that safe harbour the platform for the organisations of the different parties with vested interest to different business lines come together to share, because their common goal is how do we then exchange information to reduce the risks that caused by threat actors.” Other topics covered in the interview include:• The types of information being shared – such as strategic threat landscape including cyber incidents and vulnerabilities, standards and best practices, and TTPs.• Closing the cultural / communication gap between the engineers and the IT cybersecurity practitioners because “because the problem statement they're dealing with is the same. It's a threat actor out there to try to disrupt.”• The maturing of conversations from beyond terminology such as zero trust, air gap to actual implementation• What does success mean in information sharing - diversity of opinions – in particular, including C-suite in cybersecurity conversations, and more more stakeholders coming forward to share real-life case studies of actual incidences. John Lee, Managing Director, Global Resilience FederationJohn has more than 20 years of experiences in ICT and Information Security. He is currently the Managing Director of the Operational Technology Information Sharing Analysis Centre (OT-ISAC) that supports member organizations (public and private) in OT threat information. The centre was setup in 2019 and has members from Transport, Aviation, Maritime, Healthcare, Manufacturing, Water, Energy, Government etc. His past roles were in Information Security Governance, Risk Management, Security Operations, Infrastructure and Application Delivery. He has led teams in Asia-Pacific as well as managing global services. He is also a certified cybersecurity trainer for ISACA.Thian Chin Lim Senior Director (Governance Group) GovTechThian Chin has over 20 years of experience in Information & Technology governance, risk management, resilience and compliance, and operational Technology cybersecurity. Prior to his current appointment at GovTech, he led the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). Before joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC Pte Ltd from 2008 – 2013. In his earlier years, he was a manager leading a team of Information Technology auditors in Ernst & Young.Thian Chin holds an Executive Masters in Cybersecurity from Brown University, Bachelor's Degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is a certified CGEIT, CRISC, CISM, CISSP, CISA, CDPSE, GICSP and SABSA practitioner.Recorded 7th Sept 2023, OT-ISAC Summit 2023, Voco Orchard, Singapore, 5pm.The podcast and artwork embedded on this page are from MySecurity Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Cyber Security Weekly Podcast (LS 38 · TOP 2% what is this?)Episode: Episode 379 - Cybersecurity information sharing – OT-ISAC Summit 2023 highlightsPub date: 2023-10-08In this interview, both John and Thian introduce the history of ISACs (formed in 1999, subsequent to the 1998 signing of U.S. Presidential Decision Directive-63), and in particular, the creation of OT-ISAC (Operational Technology Information Sharing and Analysis Centre) as one of the key trusts of the Cyber Security Agency of Singapore's “OT Cybersecurity Masterplan 2019 to facilitate the sharing of information.Reflecting on the journey from conceptualization to today, Thian Chin remarked that “OT-ISAC has become that safe harbour the platform for the organisations of the different parties with vested interest to different business lines come together to share, because their common goal is how do we then exchange information to reduce the risks that caused by threat actors.” Other topics covered in the interview include:• The types of information being shared – such as strategic threat landscape including cyber incidents and vulnerabilities, standards and best practices, and TTPs.• Closing the cultural / communication gap between the engineers and the IT cybersecurity practitioners because “because the problem statement they're dealing with is the same. It's a threat actor out there to try to disrupt.”• The maturing of conversations from beyond terminology such as zero trust, air gap to actual implementation• What does success mean in information sharing - diversity of opinions – in particular, including C-suite in cybersecurity conversations, and more more stakeholders coming forward to share real-life case studies of actual incidences. John Lee, Managing Director, Global Resilience FederationJohn has more than 20 years of experiences in ICT and Information Security. He is currently the Managing Director of the Operational Technology Information Sharing Analysis Centre (OT-ISAC) that supports member organizations (public and private) in OT threat information. The centre was setup in 2019 and has members from Transport, Aviation, Maritime, Healthcare, Manufacturing, Water, Energy, Government etc. His past roles were in Information Security Governance, Risk Management, Security Operations, Infrastructure and Application Delivery. He has led teams in Asia-Pacific as well as managing global services. He is also a certified cybersecurity trainer for ISACA.Thian Chin Lim Senior Director (Governance Group) GovTechThian Chin has over 20 years of experience in Information & Technology governance, risk management, resilience and compliance, and operational Technology cybersecurity. Prior to his current appointment at GovTech, he led the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). Before joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC Pte Ltd from 2008 – 2013. In his earlier years, he was a manager leading a team of Information Technology auditors in Ernst & Young.Thian Chin holds an Executive Masters in Cybersecurity from Brown University, Bachelor's Degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is a certified CGEIT, CRISC, CISM, CISSP, CISA, CDPSE, GICSP and SABSA practitioner.Recorded 7th Sept 2023, OT-ISAC Summit 2023, Voco Orchard, Singapore, 5pm.The podcast and artwork embedded on this page are from MySecurity Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Join us for this week's episode of LevelUp Cyber Live! Our guest, Jon Brandt, CISM, CDPSE, CCISO, CISSP, PMP, Director of Professional Practices and Innovation, shares insights and information from the recently released State of Cybersecurity Report produced by ISACA.

In this interview, both John and Thian introduce the history of ISACs (formed in 1999, subsequent to the 1998 signing of U.S. Presidential Decision Directive-63), and in particular, the creation of OT-ISAC (Operational Technology Information Sharing and Analysis Centre) as one of the key trusts of the Cyber Security Agency of Singapore's “OT Cybersecurity Masterplan 2019 to facilitate the sharing of information.Reflecting on the journey from conceptualization to today, Thian Chin remarked that “OT-ISAC has become that safe harbour the platform for the organisations of the different parties with vested interest to different business lines come together to share, because their common goal is how do we then exchange information to reduce the risks that caused by threat actors.” Other topics covered in the interview include:• The types of information being shared – such as strategic threat landscape including cyber incidents and vulnerabilities, standards and best practices, and TTPs.• Closing the cultural / communication gap between the engineers and the IT cybersecurity practitioners because “because the problem statement they're dealing with is the same. It's a threat actor out there to try to disrupt.”• The maturing of conversations from beyond terminology such as zero trust, air gap to actual implementation• What does success mean in information sharing - diversity of opinions – in particular, including C-suite in cybersecurity conversations, and more more stakeholders coming forward to share real-life case studies of actual incidences. John Lee, Managing Director, Global Resilience FederationJohn has more than 20 years of experiences in ICT and Information Security. He is currently the Managing Director of the Operational Technology Information Sharing Analysis Centre (OT-ISAC) that supports member organizations (public and private) in OT threat information. The centre was setup in 2019 and has members from Transport, Aviation, Maritime, Healthcare, Manufacturing, Water, Energy, Government etc. His past roles were in Information Security Governance, Risk Management, Security Operations, Infrastructure and Application Delivery. He has led teams in Asia-Pacific as well as managing global services. He is also a certified cybersecurity trainer for ISACA.Thian Chin Lim Senior Director (Governance Group) GovTechThian Chin has over 20 years of experience in Information & Technology governance, risk management, resilience and compliance, and operational Technology cybersecurity. Prior to his current appointment at GovTech, he led the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). Before joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC Pte Ltd from 2008 – 2013. In his earlier years, he was a manager leading a team of Information Technology auditors in Ernst & Young.Thian Chin holds an Executive Masters in Cybersecurity from Brown University, Bachelor's Degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is a certified CGEIT, CRISC, CISM, CISSP, CISA, CDPSE, GICSP and SABSA practitioner.Recorded 7th Sept 2023, OT-ISAC Summit 2023, Voco Orchard, Singapore, 5pm.

Large organizations are often faced with complex, wide-ranging challenges related to standards and regulations they need to meet. Wes Shattler (CISSP, CISA, CRISC, CGEIT, CDPSE), Vice President, Assurance and Testing at FIS, and Chelsea Lopez (CIA, CISA, CISSP, CRISC, PCI-ISA), Enterprise Risk Director at FIS, sat down with Host and Principal Security Analyst Jen Stone (MCIS, CISSP, CISA, QSA) at PCI Community Meeting North America to discuss:Elements of a mature regulatory compliance programSteps you can take to create a mature compliance program in your organizationChallenges you might face, and how to resolve themHosted by Jen Stone, Principal Security Analyst (MCIS, CISSP, CISA, QSA)[Disclaimer] Before implementing any policies or procedures you hear about on this or any other episodes, make sure to talk to your legal department, IT department, and any other department assisting with your data security and compliance efforts.

Máte skúsenosť s incidentom kybernetickej bezpečnosti? Štvrtina malých a stredných firiem na Slovensku áno. Na to, aby ste boli potenciálnym cieľom útoku stačí, že máte počítač, mobil, webovú stránku alebo účet v banke. Digitálne zručnosti a povedomie o kyberbezpečnosti by malo byť v súčasnosti povinnou výbavou každého zamestnanca. Čo môže firma urobiť, aby si ochránila svoje cenné dáta? Aké sú aktuálne hrozby? Aj o tom sme sa rozprávali s odborníkom, ktorý pôsobí v IT odvetví už od roku 1993. Spolupracoval tiež na slovenskej a európskej legislatíve súvisiacej s informačnou a kybernetickou bezpečnosťou. Naším hosťom bol Ing. Ivan Makatura, CRISC, CDPSE – generálny riaditeľ Kompetenčného a certifikačného centra kybernetickej bezpečnosti. Zároveň je predsedom správnej rady Asociácie kybernetickej bezpečnosti, certifikovaným audítorom informačnej bezpečnosti a súdnym znalcom v odvetví bezpečnosť a ochrana informačných systémov. V rozhovore sa dozviete: Aké sú hlavné úlohy Kompetenčného a certifikačného centra kybernetickej bezpečnosti (KCCKB) a prečo ho Národný bezpečnostný úrad zriadil? Kyberbezpečnosť ako nové znalecké odvetvie – odkedy je platná novela zákona a čo to znamená pre prax? Kto sa môže obrátiť na KCCKB a s akou otázkou? Čo je kybernetická bezpečnosť a prečo by sa ňou mala zaoberať každá firma? Kto je zodpovedný za kybernetickú bezpečnosť vo firme? Dá sa merať úroveň kybernetickej bezpečnosti vo firme? Ako súvisia digitálne zručnosti s kyberbezpečnosťou? Čo o digitálnych zručnostiach a kyberbezpečnosti vo firmách hovorí najnovší prieskum? Aké sú aktuálne hrozby? Aký je rozdiel medzi kybernetickým incidentom a kybernetickým útokom? Čo by mala firma urobiť pre zaručenie bezpečnosti svojich dát? Aké sú možnosti vzdelávania sa v oblasti kyberbezpečnosti? Október je v Európskej únii mesiacom kybernetickej bezpečnosti. Preto pre vás Poradca podnikateľa prináša 5. ročník EPI konferencie Kybernetická bezpečnosť 2023 pod záštitou NBÚ. Odborníci sa budú venovať aktuálnym témam bezpečnostných hrozieb, príležitostí umelej inteligencie, cez etické otázky vo vzťahu k auditu kyberbezpečnosti, ľudské zdroje a ochranu údajov až po odolnosť v kyberpriestore. ⁠Bližšie informácie a podrobný program nájdete TU. ⁠ Poradca podnikateľa - za každou radou je človek. pp.sk

We're continuing our Industry Podcast Series with a dive into the current opportunities and challenges specific to financial institutions. The Current Expected Credit Loss (CECL) Accounting Standard ushered in a new era for financial institutions that they are still grappling with, but the industry's recent focus has shifted towards discussions about liquidity after the failures of Silicon Valley Bank and others. Join our financial industry experts Jeff Burleson, CPA, and Josh Bowen, CPA, CGMA, CAMS, CITP, as they discuss the evolving landscape for financial institutions and the continued influence of CECL, as well as strategies for driving stability, growth and adaptability in the face of change.  Special Guest: Justin Headley, CISSP, CISA, CDPSE, CRISC, member of the firm's Risk Advisory & Assurance Services GroupIn this episode, you'll hear: Discussion surrounding CECL and its implementationHow the 2023 failures of Silicon Valley Bank and Signature Bank led to shifts in liquidity managementInformation about how economic uncertainty has led to the tightening of lending practicesThe importance of third-party risk management within a financial institution's cybersecurity policyStrategies to help financial institutions manage staffing levels Resources for additional information:Blog: Don't Turn Your Back on CECLBlog: Current Expected Credit Loss (CECL) Standard Update: Best Practices for ImplementationBlog: What is Enterprise Risk Management?Blog: The Biggest Cyber Risks for Your Company and How to Manage ThemPrevious Podcast Episode: Employee Retention and Recruiting in Today's Competitive EnvironmentEvent Invitations: Subscribe to receive invitations to future Bank and Credit Union Roundtables.

The second thing I did for overcoming impostor syndrome was just adopting this 1% better mindset that you're not seeking perfection. Every month or every year, you're going to improve yourself a little bit. The third thing is to just say yes to opportunity, even if you don't feel like you're 100% fit. And I think that goes more for applying for roles if you're looking for jobs, if you don't meet 100% of the job description, that's okay, you should still apply. Privacy is such an emerging field, and people encourage diversity, so you never know what your unique skill set would bring to the organisation, and maybe that's what they're looking for. So just say yes to job opportunities. Apply to speak at different conferences. Even if you don't think you have a very compelling story, you are judging yourself more harshly than others are.Attention Privacy Professionals, this episode is tailor-made for YOU! Join us as Jamal and Nandita dive deep into the strategies that will skyrocket your career.In this episode, we discuss:Practical tips to continue upskill and stay ahead of the curve.How to position yourself effectively and switch roles without starting from scratchHow to step out of your comfort zone and develop your personal brand with confidence Uncover the secrets to supercharge your privacy career!Nandita Rao Narla is the Head of Technical Privacy and Governance at DoorDash, where she leads the privacy engineering, privacy assurance and privacy operations teams. Previously, she was part of the founding team of NVISIONx.ai, a data profiling startup that classifies enterprise data to optimize security controls and solve privacy compliance challenges. As an advisory manager at EY, she focused on leveraging data governance to enhance privacy programs, scaling risk management functions, and driving data protection initiatives for Fortune 500 companies. Nandita currently serves on the Advisory Boards and committees for privacy and cybersecurity focused non-profits such as Extended Reality Safety Initiative (XRSI), Institute of Operational Privacy by Design, NIST, Techno Security & Digital Forensics Conference, and IAPP - Privacy Engineering. Nandita holds an MS in Information Security from Carnegie Mellon University, a BTech in Computer Science from JNT University, and privacy and security certifications such as FIP, CIPP/US, CIPT, CIPM, CDPSE, CISM, CRISC, and CISA.If you're ready to transform your career and become the go-to GDPR expert, download the first chapter of 'The Easy Peasy Guide To The GDPR' here: https://www.bestgdprbook.com/Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/Follow Nandita on LinkedIn: https://www.linkedin.com/in/nandita-narla/Get Exclusive Insights, Secret Expert Tips & Actionable Resources For A Thriving Privacy Career That We Only Share With Email Subscribers► https://newsletter.privacypros.academy/sign-upSubscribe to the Privacy Pros Academy YouTube Channel► https://www.youtube.com/c/PrivacyProsJoin the Privacy Pros Academy Private Facebook Group for:Free LIVE TrainingFree Easy Peasy Data Privacy GuidesData Protection Updates and so much...

On this week's Trailblazers episode, Russ welcomes CHIME CIO of the Year, Theresa Meadows, and CHIME's own resident cybersecurity expert, David Finn, to talk all things cybersecurity! Both esteemed guests recently received recognition through the Baldrige Foundation, and they share what this recognition means to them personally and professionally. Discussions on recent cybersecurity "battles" take place, plus they share the biggest cybersecurity challenges they have each faced over the course of their careers. Tune in for their insights and expert guidance, and learn from Theresa and David's perspectives on what the next five years in the industry will look like.  Russ Branzell, CHIME President & CEO  Theresa Z. Meadows, FCHIME, CHCIO, LCHIME, CDH-E  David Finn, CISA, CISM, CRISC, CDPSE 

Derek Morris is a virtual Chief Information Security Officer (vCISO) with almost 3 decades in IT, Information Security, Cybersecurity. He possesses numerous industry certifications including: CISSP, CISM, CISA, CDPSE, PCI-QSA, CCSFP, CCNA, and MCSA. Bachelor's Degree in Computer Information Systems from Bryant University with a minor in Applied Statistics. We discuss the virtual CISO space and what to look for in a virtual CISO, including "IT empathy". --- Send in a voice message: https://podcasters.spotify.com/pod/show/virtual-ciso-moment/message

Breaking into Cybersecurity Leadership - Jason James Jason James CISA, CDPSE on Linkedin The Breaking into Cybersecurity: It's a conversation about what they did before, why did they pivot into cyber, what the process was they went through Breaking Into Cybersecurity, how they keep up, and advice/tips/tricks along the way. The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership and tips/tricks/advice from cybersecurity leaders. For this and other episodes, subscribe to the following: https://anchor.fm/breakingintocybersecurity/subscribe #cybersecurity #breakingintocybersecurity #informationsecurity #AdvanceYourCyberCareer Check out our books: Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI Hack the Cybersecurity Interview: A complete interview preparation guide for jumpstarting your cybersecurity career https://www.amazon.com/dp/1801816638/ --- Send in a voice message: https://podcasters.spotify.com/pod/show/breakingintocybersecurity/message

Manufacturing companies face challenges that are different than any other industry. A global skills gap and worker shortage, an inability to pivot to remote work and changing regulations create a unique storm for these organizations. So, what are the solutions? Stephen Schaaf, CPA joins Kim Hartsock, CPA and Paul Perry, FHFMA, CISM, CITP, CPA, CDPSE […] The post The Wrap Podcast | Episode 058: Unlocking Success in the Manufacturing Industry | Warren Averett appeared first on Business RadioX ®.

Manufacturing companies face challenges that are different than any other industry. A global skills gap and worker shortage, an inability to pivot to remote work and changing regulations create a unique storm for these organizations. So, what are the solutions? Stephen Schaaf, CPA joins Kim Hartsock, CPA and Paul Perry, FHFMA, CISM, CITP, CPA, CDPSE […] The post The Wrap Podcast | Episode 058: Unlocking Success in the Manufacturing Industry | Warren Averett appeared first on Business RadioX ®.

Manufacturing companies face challenges that are different than any other industry. A global skills gap and worker shortage, an inability to pivot to remote work and changing regulations create a unique storm for these organizations. So, what are the solutions? Stephen Schaaf, CPA joins Kim Hartsock, CPA and Paul Perry, FHFMA, CISM, CITP, CPA, CDPSE […] The post The Wrap Podcast | Episode 058: Unlocking Success in the Manufacturing Industry | Warren Averett appeared first on Business RadioX ®.

Hello and welcome to Get It Started, Get It Done, the Banyan Security Podcast covering the security industry and beyond. In this episode, our host and Banyan's Chief Security Officer Den Jones speaks with Prabhath Karanth (aka PK), Global Head of Security and Trust at Navan. We hope you enjoy this discussion between Adobe alums about the state of security as an industry, as a career, and more. Prabhath Karanth (PK) is the Global Head of Security & Trust at Navan where his organization's core mission is to ensure Navan meets its security & privacy obligations to its customers, investors, regulators, and employees. He overseas Product & Platform Security, Detection & Response, Enterprise Security, Security Architecture & Engineering, Governance, Risk & Compliance and the Trust function at Navan. About Prabhath Karanth PK is Senior technology leader with 17+ years of leading global, cross-functional teams across hyper-growth startups, fortune 100 and big 4 consulting firms. Prior to Navan, PK served as a security leader in Adobe for 9+ years where he drove several initiatives to level up security & privacy as Adobe reinvented itself in the cloud and grew from $30B to $300B business. Prior to Adobe, PK was with PwC, advising fortune 100 companies on information security & privacy strategy, governance, operations & technologies. PK is active in the security community and is part of several advisory boards where he advises venture firms and startup CEO's on product & business strategy, market positioning and to solve security and business problems at scale. PK also mentors several professionals and presents in national and international conferences on thought leadership topics. His educational background includes a bachelor's degree in electronics & communications engineering and holds CISA, CISSP, CIPT, CDPSE, ISO 27001 Lead Implementor & PCI ISA certifications.

Derek Morris is a virtual Chief Information Security Officer (vCISO) with almost 3 decades in IT, Information Security, Cybersecurity. He possesses numerous industry certifications including: CISSP, CISM, CISA, CDPSE, PCI-QSA, CCSFP, CCNA, and MCSA. Bachelor's Degree in Computer Information Systems from Bryant University with a minor in Applied Statistics. We discuss the virtual CISO space and what to look for in a virtual CISO, including "IT empathy". --- Send in a voice message: https://podcasters.spotify.com/pod/show/virtual-ciso-moment/message

In this episode, Omar Turner, Managing Director of Cloud Security at Microsoft, discusses data privacy and protection. Key takeaways: Data protection and privacy Evaluating smaller vs. big companies Stakeholder buy-in Data protection/privacy divergence from security Classifying data Privacy defines who has access Being aware of the data you have Understanding data sovereignty About today's guest: Omar A. Turner is a Managing Director of Cloud Security for Microsoft. He brings over 25 years of experience supporting, deploying, architecting, and securing solutions for startups and globally recognized organizations. He holds numerous certifications, including the CISSP, CCSP, CRISC, CISA, CDPSE, and CISM, and holds B.S. degrees in Mathematics and Computer Science. Omar is passionate about cybersecurity enablement and training and career mentoring for those looking to start their journey in the fantastic and important field of cloud security. LinkedIn: https://www.linkedin.com/in/omarturner/ ___ Thank you so much for checking out this episode of The Tech Trek, and we would appreciate it if you would take a minute to rate and review us on your favorite podcast player. Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)

In this episode, Grant Reveal, the Director of Identity and Access Management at Micron Technology, talks about how we can demonstrate the business value of Identity and Access Management and how we get away from being viewed as the department of “NO” to “more SECURE”. Key Takeaways: From the department of “no” to “more secure” Three components of IAM (People, Process, and Technology) Why does the story matter? Why Is Information Security important? Time component in learning IAM is a must. The day-1 Process is building relationships and making people secure. Identity and Access Management vs Traction The Automation of training and hiring time. How does the SDLC process help customers' needs? Having a defined roadmap for a team is very helpful. When leaders share their stories, they also build credibility. Compliance with IAM policies and procedures Strong procurement and audit systems Importance of building relationships and awareness in the organization. About today's guest: Connect to Grant at: www.linkedin.com/in/grantreveal Grant is an experienced leader with breadth and depth throughout the IT and InfoSec disciplines. His focus for almost ten years has been within the Identity and Access Management space, with experience building and leading the IAM teams for three Fortune 500 firms. Before focusing on the InfoSec discipline, Grant led IT teams and held senior-level leadership positions within Higher Education, including CIO. He has several professional certifications, including CISSP, CCSP, CRISC, CISM, CDPSE, and earned his Bachelor of Science in Information Technology from Franklin University. Grant has spoken at numerous conferences and gatherings regarding the business values IAM can deliver and was named to Security Magazine's 2019 List of Most Influential People in Security. Grant also values lifelong learning as he continues to pursue his Master's degree and works to give back through training and mentoring the next generation of technologists. ________ Thank you so much for checking out this episode of The Tech Trek and if you enjoyed this episode, please take a minute and leave a quick rating and review on the Apple podcast app! Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)

ISACA's CDPSE validates a Data Analyst and Data Scientist's ability to manage the data lifecycle and guide the organization's experts on enforcing data protection practices and privacy compliance practices. Data science techniques allow data scientists and privacy experts to enhance the end user's experience, privacy, and trust. This article is curated to explore and provide an overview of ISACA CDPSE Domain 3, the Data Life Cycle. ISACA CDPSE Domain 3: Data Lifecycle

This comprehensive blog is to explore and provide an overview of contents and concepts covered in ISACA CDPSE domain 1. Certified Data Privacy Solutions Engineer (CDPSE) is a well-known certification accredited by ISACA to validate the skills required to design, assess, and implement privacy solutions. It helps to build customer and stakeholders' trust and mitigates the risks of non-compliance. It also validates the Data Analyst's or Data Scientist's ability to maintain the data lifecycle and guide other departments of the organization on privacy compliance and the best data practices. ISACA CDPSE Domain 1: Privacy Governance

This comprehensive blog is to explore and provide an overview of the contents and concepts covered in ISACA CDPSE Domain 2. Every organization requires a secure privacy architecture that helps to maintain and manage data centers, privilege access management, secure application and software development, and privacy controls. ISACA CDPSE Domain 2 : Privacy Architecture

This episode of Serious Privacy, co-host Ralph O'Brien joins Dr. K Royal of Outschool while Paul Breitbarth is on vacation for 3 weeks. This week, Dr. K and Ralph discuss certifications and the role of the DPO. Specifically, Ralph is a trainer for IAPP certification exams and we have had quite a few questions on certification exams and credentials. Key links: IAPP certification exams in generalCIPP CIPMCIPTFellow of Information PrivacyCDPO/BR and CDPO/FRJoin us as we discuss so much around certifications and on the job practicalities. As always, if you have comments or questions, let us know - LinkedIn, Twitter @podcastprivacy @euroPaulB @heartofprivacy @trustArc and email seriousprivacy@trustarc.com. Please do like and write comments on your favorite podcast act so other professionals can find us easier. 

Our world is becoming increasingly interconnected and more interdependent than ever before. We continue to see an increase in cybercrime, which brings us to an inflection point - who's responsible for addressing security in our integrated digital world and what should be the role of policymakers and industry regulators in promoting good cyber hygiene and incentivizing collaboration? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Product Manager, Microsoft Jay Hira, Cyber Security Strategy and Transformation Director This podcast is sponsored by DNSFilter. DNSFilter offers industry leading threat protection for companies across the globe. Utilizing powerful artificial intelligence, we identify and block threats 7 days earlier than competitors.

Thank you for listening, For more details or free demo with out expert write into us at sales@infosectrain.com ✅Learn more about our Training Course - https://bit.ly/3yFBkEI #infosectrain ✅Agenda of the Session ✔️What is Data Privacy, Scope and Opportunities ✔️CDPSE Certification from ISACA ✔️Syllabus review ✔️Exam Structure ✔️Exam Prep strategy ✔️CDPSE Q&A with Audience Subscribe to our channel to get video updates. Hit the subscribe button above. Facebook: https://www.facebook.com/Infosectrain/ Twitter: https://twitter.com/Infosec_Train LinkedIn: https://www.linkedin.com/company/infosec-train/ Instagram: https://www.instagram.com/infosectrain/ Telegram: https://t.me/infosectrains

Privacy & Compliance expert from Microsoft, Ingrid Rodriguez, joins hosts Jerich Beason& Whitney McCollum to discuss taking risk out of silos. They talk about how the entire organization needs to have understanding of the enterprise risks.  Specifically, how does security & compliance fit into the enterprise risk framework?  What are the situational perspectives of the C-Suite and how can those perspectives drive compliance goals?  How can the CISO and legal work together and with the enterprise for compliance? They will also talk about risk appetite, the tolerance of risk by leadership, and aligning acceptance of risks with business goals.  How much and how often should you communicate risks and mitigation strategy?  Note: “The statements of the guest speakers and hosts in this podcast should not be construed as legal advice.  They represent their views only and not those of Epiq or their respective employers.”BIOGRAPHYIngrid is an Advanced Compliance Global Black Belt with Microsoft Security Solutions Area supporting the South, Southeast of the US, and LATAM regions. In her role, Ingrid shares her enterprising multinational information and security risk management executive experience, to help customers strategize within their Risk and Compliance obligations leveraging our solutions in Compliance, Information Protection, Privacy Management, and Insider Threat management capabilities. During her 18 years tenure in IT Risk & Compliance Leadership, Ingrid designed for an innovative Global Technology Risk Management Framework, as well as a vision for tactical implementation of technology and security controls by combining a variety of data security standards such as: NIST, ISO, PCI, HIPAA, FFIEC, GDPR, to mention a few. Ingrid designed and built the first Global Technology Risk Management programs in most of her previous employers. She lead, supported and guided over 45 countries to meet US and country-level compliance and privacy needs and well as Global Standards.  Ingrid is from Puerto Rico, based in Dallas, TX but soon relocating to beautiful Pensacola, FL. She is a frequent speaker on Risk Management and Compliance topics, in both languages English and Spanish, in many global, national and regional events including ISACA, Microsoft Executive Briefing Center, Fintech, Partners and many other associations and affiliations within the Privacy, Risk and Compliance industry in the US and LATAM.  Ingrid received a Bachelor's Degree in Computer Engineering from the University of Puerto Rico, and also holds a Master's Degree in Sciences, Computer Sciences from the University of Phoenix. She holds various industry certifications, including CRISC, CDPSE, ITIL among others. LinkedIn: https://www.linkedin.com/in/inrodz/ Find us on LinkedIn, Twitter, Facebook, and Instagram or email us at cyberside@epiqglobal.com.

#CISOThursday - Breaking into Cybersecurity: Matt Stamper 5.5.22 Matt Stamper, MPIA, MS, CISA, CIPP-US, CISM, CDPSE, CRISC, ITIL https://www.linkedin.com/in/stamper/ It's really a conversation about what they did before, why did they pivot in cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber

#CISOThursday - Breaking into Cybersecurity: Matt Stamper 5.5.22 Matt Stamper, MPIA, MS, CISA, CIPP-US, CISM, CDPSE, CRISC, ITIL https://www.linkedin.com/in/stamper/ It's really a conversation about what they did before, why did they pivot in cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI _________________________________________ About the hosts:   Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's  Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a  solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber

According to ISACA's new survey report, State of Cybersecurity 2022: Global Update on Workforce Efforts, Resources and Cyberoperations, organisations are struggling more than ever with hiring and retaining qualified cybersecurity professionals and managing skills gaps. The eight annual survey features insights from more than 2,000 cybersecurity professionals around the globe, and examines cybersecurity staffing and skills, resources, cyberthreats and cybersecurity maturity. We speak with Jonathan Brandt and Jenai Marinkovic on behalf of ISACA for a report deep-dive discussion. A copy of the report is available here https://mysecuritymarketplace.com/rep... Jonathan Brandt, CISM, CDPSE, CCISO, CISSP, CySA+, CPI, PMP A senior information security practice manager in ISACA's Knowledge and Research department. In this role, he contributes thought leadership by generating ideas and deliverables relevant to ISACA's constituents. He serves ISACA® departments as a subject matter expert on information security projects and leads author management teams whenever external resources are necessary. Brandt is a highly accomplished US Navy veteran with more than 25 years of experience spanning multidisciplinary security, cyberoperations and technical workforce development. Prior to joining ISACA, Brandt was a project manager for classified critical infrastructure projects across the globe. Jenai Marinkovic, vCTO/CISO, Tiro Security; Technology & Information Security Consultant, Beyond; member, ISACA Emerging Trends Working Group Jenai Marinkovic is a multidisciplinary technologist and strategist with 20 years of experience in architecting, building and securing systems at scale. She has designed and operated in real-time over the top streaming ecosystems that power live sports, gaming, and entertainment. She's also worked in biomedical manufacturing and laboratory diagnostics, healthcare tech and robotics in agriculture. Jenai's worked with artificial intelligence, its impact on diversity and inclusion as well as improving human empathy towards machines. She has expertise in designing the next generation security experiences necessary to support digital transformation She has built and run design, architecture, innovation, engineering, security and operations teams. Her security expertise spans security architecture, engineering, defense, and forensics and invented a cyber defense framework for large scale breaches based on American football. Jenai has worked for large enterprise brands including DIRECTV, Electronic Arts, Beckman Coulter and international investigations firms such as Kroll. About ISACA For more than 50 years, ISACA® (www.isaca.org) has advanced the best talent, expertise and learning in technology. ISACA equips individuals with knowledge, credentials, education and community to progress their careers and transform their organisations, and enables enterprises to train and build quality teams. ISACA is a global professional association and learning organisation that leverages the expertise of its more than 150,000 members who work in information security, governance, assurance, risk and privacy to drive innovation through technology. It has a presence in 188 countries, including more than 220 chapters worldwide. In 2020, ISACA launched One In Tech, a philanthropic foundation that supports IT education and career pathways for under-resourced, under-represented populations. Twitter: www.twitter.com/ISACANews LinkedIn: www.linkedin.com/company/isaca Facebook: www.facebook.com/ISACAGlobal Instagram: www.instagram.com/isacanews

Today on the podcast Solace Awumee joins us to discuss Data Privacy and Compliance for Small and Mid-size Enterprises. Solace brings years of experience to the conversation. Listen in to get expert tips on how to get your business (and yourself) in to a better compliance."Data discovery is such and important exercise for every company to go through. You need to know where that data is before you protect that data. Then we can move into how do we actually protect this data." -Solace AwumeeSolace Awumee is a results driven Data Privacy and Compliance Attorney with over 7 years combined experience in Law and IT Compliance and Risk Management practices during corporate structuring and organizational transformations. Her primary role includes providing organizational, legal, and Information Technology guidance to both domestic and foreign companies by developing and improving organizational capabilities such as contracts, policies, and other business documents and processes. Her knowledge of USCIS regulations, NAIC Model Laws, Security Standards, Privacy regulations such as GDPR, CCPA/CPRA and newly adopted privacy laws and skill in negotiations enables her to provide all rounded legal advice to any business or organization. Complemented with a J.D from Florida Coastal School of Law, M.B.A from Jacksonville University, and a CDPSE certificate from ISACA, Solace is excited to provide your organization and team with the right legal counsel to ensure your business success.www.noparei.comLearn more about how WipeDrive Enterprise can help you keep your data secure.https://www.wipedrive.com/?utm_source=buzz&utm_medium=video&utm_campaign=WDchanel

People often talk about upskilling from a physical security role to becoming a cyber or converged security specialist. But what does that really mean?   On this episode of the podcast, we speak with Shaun Southall, an operator that has expertly and effectively converged the two worlds of physical and cyber together as a working security specialist. Join us this week as we talk about:  Shaun's asymmetric career journey into cyber security. How the ‘uninitiated,' physical security specialist can augment their skills. What steps to take and what to avoid when breaking into the field. The single biggest mindset shift that will determine your success.  As we say here, knowledge is power and, in our industry, “what you don't know can hurt you.” So, tune in and get skilled up with our latest expert sharing his tricks of the trade and gems of experience!   More about Shaun: Shaun is a Cyber Security Oversight Specialist for the Civil Aviation Authority, with almost twenty years of experience, a plethora of certifications, and an ambitious hashtag - #cisoby60! He holds a Level 6 diploma in Security Risk Management and an itch for formal self-improvement that has led to becoming an ISO 27001 Lead Implementer and gaining audit experience through voluntary work, before embarking on four ISACA certifications – CISM, CRISC, CDPSE and COBIT Foundation – in just four months. He is heavily influenced by Doug Hubbard, Alexei Sidorenko and Norman Marks and is driven to shift the mentality from ‘red amber green and five by fives' to a holistic appreciation of risk that considers the complexity of the threat landscape. Shaun is also a regular presenter at ASIS CPE events, promoting risk quantification and ‘debiasing the human', an active member of SIRA, FAIR and ISACA London Chapter, is a proud to be part of an organisation tasked with maintaining the safety and security of aviation in the UK. https://www.linkedin.com/in/shaunsouthall/ (Linkedin) More about the Circuit: The Circuit Magazine is written and produced by volunteers, most of who are operationally active, working full time in the security industry. The magazine is a product of their combined passion and desire to give something back to the industry. By subscribing to the magazine you are helping to keep it going into the future. https://circuit-magazine.com/read/ (Find out more >) If you liked this podcast, we have an accompanying weekly newsletter called 'On the Circuit' where we take a deeper dive into the wider industry. http://bit.ly/OntheCircuit (Opt in here >) The Circuit team is: Elijah Shaw Jon Moss Shaun West Phelim Rowe Connect with Us:  https://circuit-magazine.com/ (Circuit Magazine) https://mailchi.mp/the-bba.org.uk/bba-connect (BBA Connect) https://www.theprotectorapp.com/ (NABA Protector) https://the-bba.org.uk/ (British Bodyguard Association)

Podcast: Cyber Security Weekly Podcast (LS 37 · TOP 2.5% what is this?)Episode: Episode 292 - Critical Info Infrastructure Protection in Singapore with Cyber Security Agency of SingaporePub date: 2021-10-24Interview by Jane Lo, Singapore Correspondent with Lim Thian Chin (Director, Critical Info Infrastructure Division, Cyber Security Agency of Singapore) Thian Chin is leading the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). The division is responsible for building the cyber resilience of the Nation's essential services across 11 CII sectors covering government, utilities, transport and services clusters. His team works with sectoral regulators to strengthen the cyber resilience of CII owners, to promote confidence-building measures and to deepen the public-private partnership between the government and CII stakeholders. Thian Chin also represents Singapore in International and regional cybersecurity forums where he shares his knowledge on cybersecurity resiliency and capability building. Thian Chin has over 19 years of experience in Information & Technology governance, risk management, resilience and compliance, and Operational Technology cybersecurity. Prior to joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC from 2008 – 2013. In his earlier years, he was a Manager and had led a team of auditors in Information Technology in Ernst & Young. Thian Chin holds an Executive Masters (Cybersecurity) with Brown University, a bachelor's degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is certified as a GICSP, CGEIT, CDPSE, CRISC, CISM, CISSP, CISA, and SABSA practitioner. In this podcast, Thian Chin shared some highlights* on cybersecurity and operational technology (OT) at the Singapore International Cyber Week (SICW 2021), and the OT Cybersecurity Expert Panel (OTCEP), organized by the Cyber Security Agency of Singapore. Touching on cybersecurity incidents highlighted in the “Singapore Cyber Landscape 2020” such as ransomware and supply chain, he noted the increasing complexity of the threat landscape. He discussed some common perceptions of the cybersecurity professionals and the engineers running the operating infrastructure, including infrastructure “air gap” and cultural differences such as skills and language, and security goals (“CIA” - versus “SRP”). Referring to one of Singapore's largest cyber incidents in the CII sector, and the recent threats, he shared perspectives on how government policies such as the OT-ISAC, the OT Cybersecurity Code of Practice (updated in 2019) and the Cybersecurity Competency Framework (2021) help to boost cyber defenses. With the recent release of the “Singapore Cyber Security Strategy 2021”, he also several areas of focus for the CII cybersecurity ecosystem, including structuring an approach to managing supply chain risks and building cyber resiliency profiles. *also included highlights from OT-ISAC (Operational Technology Information Sharing and Analysis Centre) and ISACA Singapore Chapter Recorded: 15th October 2021 (SGT 8.30am)The podcast and artwork embedded on this page are from MySecurity Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Interview by Jane Lo, Singapore Correspondent with Lim Thian Chin (Director, Critical Info Infrastructure Division, Cyber Security Agency of Singapore) Thian Chin is leading the Critical Information Infrastructure (CII) Division at the Cyber Security Agency of Singapore (CSA). The division is responsible for building the cyber resilience of the Nation's essential services across 11 CII sectors covering government, utilities, transport and services clusters. His team works with sectoral regulators to strengthen the cyber resilience of CII owners, to promote confidence-building measures and to deepen the public-private partnership between the government and CII stakeholders. Thian Chin also represents Singapore in International and regional cybersecurity forums where he shares his knowledge on cybersecurity resiliency and capability building. Thian Chin has over 19 years of experience in Information & Technology governance, risk management, resilience and compliance, and Operational Technology cybersecurity. Prior to joining CSA in August 2015, he was responsible for the regional Technology Governance function in United Overseas Bank. He also led the Technology Risk function in GIC from 2008 – 2013. In his earlier years, he was a Manager and had led a team of auditors in Information Technology in Ernst & Young. Thian Chin holds an Executive Masters (Cybersecurity) with Brown University, a bachelor's degree in Computer Engineering from Nanyang Technological University and is an alumnus of the George C Marshall European Center for Security Studies. He is certified as a GICSP, CGEIT, CDPSE, CRISC, CISM, CISSP, CISA, and SABSA practitioner. In this podcast, Thian Chin shared some highlights* on cybersecurity and operational technology (OT) at the Singapore International Cyber Week (SICW 2021), and the OT Cybersecurity Expert Panel (OTCEP), organized by the Cyber Security Agency of Singapore. Touching on cybersecurity incidents highlighted in the “Singapore Cyber Landscape 2020” such as ransomware and supply chain, he noted the increasing complexity of the threat landscape. He discussed some common perceptions of the cybersecurity professionals and the engineers running the operating infrastructure, including infrastructure “air gap” and cultural differences such as skills and language, and security goals (“CIA” - versus “SRP”). Referring to one of Singapore's largest cyber incidents in the CII sector, and the recent threats, he shared perspectives on how government policies such as the OT-ISAC, the OT Cybersecurity Code of Practice (updated in 2019) and the Cybersecurity Competency Framework (2021) help to boost cyber defenses. With the recent release of the “Singapore Cyber Security Strategy 2021”, he also several areas of focus for the CII cybersecurity ecosystem, including structuring an approach to managing supply chain risks and building cyber resiliency profiles. *also included highlights from OT-ISAC (Operational Technology Information Sharing and Analysis Centre) and ISACA Singapore Chapter Recorded: 15th October 2021 (SGT 8.30am)

In this episode, we're bringing to you a discussion around critical national infrastructure with our host Kristen and her guests Chantel and Sandy. With OT technologies taking prime spot in news headlines with the recent ransomware attacks, our guests provide their insight on the different threat vectors that OT face with components of critical national infrastructure being exposed to the internet. Sandy and Chantel talk about how IT and OT can come together and how regulatory bodies are responding  to tackle the external adversaries that are exploiting the gaps in the dynamics of IT/OT and Cloud. Guests:Chantel HaswellChantel Haswell, PMP, is a Deloitte Advisory Manager within the Cyber Risk Services practice within the East Region.  Chantel has over 15 years of experience in the Energy industry, with a focus on the Power and Utilities sector.  In particular, Chantel has significant experience in regulatory reliability and compliance standards, including NERC Order 693 and Critical Infrastructure Protection (CIP).  Broadly, her activities have included Project Management, Cyber Policy development, Cyber metrics reporting, Compliance Training development and implementation, and overall Compliance program support and internal controls implementation.  Most recently, Chantel supported a large Cloud Service Provider (CSP) by performing analysis of the implications of Power & Utility customers hosting NERC CIP assets on the cloud. Sandy BacikSandy Bacik, CISSP, ISSMP, CGEIT, CISA, CDPSE, PCI QSA, is CipherTechs' Director Audit & Compliance, has over 20 years' direct information security and operational experience in the areas of IT Audit and Compliance, BCP/DR, Incident Response, Physical security, Privacy, Regulatory Compliance and Audit, Policies/Procedures, Operations, and Management. With an additional 15 years in Information Technology Operations.  Ms. Bacik has been heavily involved with local, national, and international security industry events.  Ms. Bacik is the author of Building an Effective Security Policy Architecture and a contributing author to the past years of Information Security Management Handbook.Host:Kristen Wilbur, CPA, CISSP, CCSK, CISA, ISO 27001 Lead Auditor, is a Director at Schellman & Company LLC, with over 10 years of experience in providing IT attestation and compliance services. Kristen has evaluated risk and controls for Global 1000, Fortune 500, and regional companies during the course of her career with a strong focus in the technology sector. Kristen currently leads the New York City practice at Schellman where she specializes in SOC 1, SOC 2, ISO 27001, and HIPAA reporting. In her portfolio she also oversees large scale engagements that include assessments around FedRAMP, HITRUST, and Privacy.Support the show (https://www.ewf-usa.com/)

The Department of Defense's Cybersecurity Maturity Model Certification (CMMC) is on the horizon and companies in the defense supply chain have many questions. In this podcast, Nick DeLena and Scott Goodwin from DGC's IT Risk Assurance & Advisory practice are here to tell us if these five statements about CMMC are true or false, and share their insights: CMMC will directly impact your ability to do business in the defense supply chain CMMC is just a project for the IT Department Reviewing your NIST 800-171 implementation is critical CMMC will not be retroactive on contracts There are five levels of CMMC certification and everyone must reach all five levels ***To watch a video version of this podcast, click here.*** For additional CMMC resources, visit our CMMC Insights Center page. DGC's IT Risk Assurance & Advisory Practice can help you achieve compliance with the CMMC. We are actively engaged with our clients across all areas of the CMMC framework including gap assessments, self-assessments, and both SSP and PoAM development. If you have questions about who is impacted by the CMMC standards and what the compliance and certification process looks like, please contact a member of your DGC client service team or Nick DeLena, CISSP, CISA, CRISC, CDPSE at 781-937-5191 / ndelena@dgccpa.com or Scott Goodwin, OSCP, OSWP at 781-937-5722 / sgoodwin@dgccpa.com. ***This podcast was originally recorded on March 26, 2021.***

Dustin Brewer, CISM, CSX-P, CDPSE, CEH, is ISACA's Senior Director, Emerging Technology and Innovation, a role in which he explores and produces content for the ISACA® community on the utilisation benefits and possible threats to current infrastructure posed by emerging technologies. He has 20 years of experience in the IT field, beginning with networks, programming […]

Listen in as ISACA Journal columnist, Steven Ross, CISA, CDPSE, AFBCI, CISSP, MBCP, delves deeper into his latest article, “Advanced Security for Secret Information.” As a follow up to his two previously published journals, “Keeping Secrets,” and “Secrets and Privacy,” Ross continues to make the case that the protection of secret information is becoming a significant issue in cybersecurity. All companies —no matter how small— need some form of a security program to protect their secret information. However, the security that is currently in place to protect those secrets are oftentimes insufficient. Steven discusses the use of encryption and extended monitoring to keep the “bad guys” at bay from stealing your important information.

With the increased scale and pace of automated processes along with migrations to the cloud, proper design of security architecture becomes a critical component of your overall IT architecture implementation. Considering this, what should your business prioritize as the ultimate driver for security architecture decisions - and where does risk, privacy and compliance fit into the picture? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Principal Program Manager, Microsoft Aparna Murthy, Aparna Murthy, CA, CPA, Principal Risk and Compliance Consultant Kacy Zurkus, Content Strategist, RSAC

In this episode of The FIT4PRIVACY episode, Punit Bhatia has a conversation with Ramkumar Ramachandran. The conversation highlights include: Privacy is the freedom for individual to do what they want to do. Go with the flow of business and ask yourself of what data you hold. Customers do not like GDPR controls. The abuse of individuals data has to come down at some time. Data privacy bill in India will bring in a lot of discipline. Data privacy is a good thing that is happening. Ramkumar ‘Ram' Ramachandran is a veteran in the IT industry with global service delivery experience across 10+ countries, which includes US, UK, France, China, Singapore, Malaysia, Indonesia, Thailand, Taiwan, Philippines, Kuwait, Bahrain, Qatar, Saudi, Srilanka, Bhutan etc. He is a IIM-Calcutta Alumni and a qualified PMP, CISA , CSQA and CDPSE. He is also a Lead Auditor for QMS, ISMS, BCMS and ITSM. He is a certified Systems Thinker from MIT Sloan Institute of Management. He provides services in the areas of Information Security, Data Privacy, Agile, DevOps, CMMI and ISO standards. He also happens to be the past President of SPIN Chennai and currently on its Board. He runs his own Consulting Firm ‘Ascentant Corporation' which is primarily into IT consulting. Prior to starting his own Firm, he has worked with organizations like HCL, Polaris, KPMG and Renault-Nissan. He started his career as a Programmer and has been in various responsibilities in software delivery. He later moved into Software Quality and Security. He has taken many organizations into successful ISO and CMMI journeys. He is an avid reader of books and boasts a great collection of fiction and non-fiction in physical and e-forms. He loves travelling and would like to visit places of heritage importance. He loves music and his Alexa helps him get the best. Listen to this conversation and share your comments on what you think. You can subscribe to FIT4PRIVACY podcast so that you are notified about new episodes. --- Send in a voice message: https://anchor.fm/fit4privacy/message