Podcasts about Data Privacy Day

This week on Cyber Uncut, David Hollingworth and Bethany Alvaro discuss the murky world of employee data theft, look at a pair of ransomware attacks – one local, one a touch further afield – and take a look at the new cyber security strategy announced by the NSW government. The podcast opens with research that suggests the new year, and January in particular, is a prime time for employees to make off with important business data, either by accident or accidentally on purpose. In cyber security news, World Leaks has taken responsibility for hacking athletics giant Nike, while the Anubis operation has shared passports and legal documents it stole from a New Zealand law firm. Hollingworth also breaks down a cyber security tabletop exercise he recently took part in, and why they are an essential part of any organisation's cyber resilience strategy. Finally, the eSafety Commissioner is asking people to dob in kids getting around the social media ban, while the pair share some insights from the experts for World Data Privacy Day. Enjoy, The Cyber Uncut team

This week on Cyber Uncut, David Hollingworth and Bethany Alvaro discuss the murky world of employee data theft, look at a pair of ransomware attacks – one local, one a touch further afield – and take a look at the new cyber security strategy announced by the NSW government. The podcast opens with research that suggests the new year, and January in particular, is a prime time for employees to make off with important business data, either by accident or accidentally on purpose. In cyber security news, World Leaks has taken responsibility for hacking athletics giant Nike, while the Anubis operation has shared passports and legal documents it stole from a New Zealand law firm. Hollingworth also breaks down a cyber security tabletop exercise he recently took part in, and why they are an essential part of any organisation's cyber resilience strategy. Finally, the eSafety Commissioner is asking people to dob in kids getting around the social media ban, while the pair share some insights from the experts for World Data Privacy Day. Enjoy, The Cyber Uncut team

Kevin Szczepanski is back with the debut of Season 5, just in time for international Data Privacy Day and Data Privacy Week. In this first episode of the season, Kevin discusses critical aspects of data privacy and vendor agreements. He outlines five key negotiating points that organizations should consider when entering into vendor agreements, including data-use terms, data-security requirements, auto renewals and termination, indemnification, and insurance. This solo episode emphasizes the importance of clear agreements to mitigate risks associated with vendor relationships.

Season 20, Episode 11 of The Adventures of Pipeman.The End Begins. Pipeman went to the Megadeth: Behind The Mask Movie and will review it on and the new album on today's show. Behind The Mask is a documentary featuring Dave Mustaine reflecting on 40 years of the band's history, covering career highs, lineup changes, and personal struggles with addiction. Directed by Casey Tebo, it combines interviews with a track-by-track breakdown of their final studio album. And as a BONUS, Pipeman finds out that Dave Mustaine loves one of Pipeman's favorite books (The Art of War by Sun Tzu) on his bookshelf and even used it for one of the songs on the new album: Megadeth.As we all know, Pipeman is a gamer and loves Madden Football. Well, the new Xbox Madden Football 2026 is so up to date and intuitive that Pipeman decided to play both NFL Championship games on Saturday before game day. Let's talk and compare what happened with the Xbox Video Game and The Real Life NFL Championship Playoff Games on CBS & FOX. How smart was the AI and updates and how did it affect Pipeman's Madden superiority.Then, we will talk about recent interviews and upcoming festivals on The Pipeman Radio Tour in 2026. We might even give away some festival tickets to Sonic Temple and Welcome to Rockville!Rebel WTF national day is it today? Holocaust Remembrance Day was yesterday and we will discuss why today more than ever is a time to NEVER FORGET! It was also Nation Chocolate Cake day. So yesterday was a very special day for Pipeman. But, what is special today? Juan will confirm how Pipeman is the example of Library Shelf Day. We will discuss the irony of Data Privacy Day in 2026. Let's find out what pancakes Rebel ate today and what other special days Rebel found out today is.Click Here to Subscribe to The Adventures of Pipeman for PERKS, BONUS Content & FREE GIVEWAYS! Take some zany and serious journeys with The Pipeman aka Dean K. Piper, CST on The Adventures of Pipeman also known as Pipeman Radio syndicated globally “Where Who Knows And Anything Goes.”   Would you like to be a sponsor of the show?Would you like to have your business, products, services, merch, programs, books, music or any other professional or artistic endeavors promoted on the show?Would you like interviewed as a professional or music guest on The Adventures of Pipeman, Positively Pipeman and/or Pipeman in the Pit?Would you like to host your own Radio Show, Streaming TV Show, or Podcast?  PipemanRadio Podcasts are heard on Pipeman Radio, Talk 4 Media, iHeartRadio, Pandora, Amazon Music, Audible, Spotify, Apple Podcasts, and over 100 other podcast outlets where you listen to Podcasts.The following are the different podcasts to Follow, Listen, Download, Subscribe:•The Adventures of Pipeman•Pipeman Radio•Pipeman in the Pit – Music Interviews & Festivals•Positively Pipeman – Empowerment, Inspiration, Motivation, Self-Help, Business, Spiritual & Health & WellnessClick Here to Subscribe for PERKS, BONUS Content & FREE GIVEWAYS!Follow @pipemanradio on all socials & Pipeman Radio Requests & Info at www.linktr.ee/pipemanradioStream The Adventures of Pipeman daily & live Mondays, Tuesdays, Wednesdays at 1PM ET on W4CY Radio & Talk 4 TV. Download, Rate & Review the Podcast at The Adventures of Pipeman, Pipeman Radio, Talk 4 Media, iHeartRadio, Apple Podcasts, YouTube & All Podcast Apps.

Adv Pansy Tlakula: Information Regulator Chairperson spoke to Clarence Ford ahead of International Data Privacy day (28 Jan) Views and News with Clarence Ford is the mid-morning show on CapeTalk. This 3-hour long programme shares and reflects a broad array of perspectives. It is inspirational, passionate and positive. Host Clarence Ford’s gentle curiosity and dapper demeanour leave listeners feeling motivated and empowered. Known for his love of jazz and golf, Clarrie covers a range of themes including relationships, heritage and philosophy. Popular segments include Barbs’ Wire at 9:30am (Mon-Thurs) and The Naked Scientist at 9:30 on Fridays. Thank you for listening to a podcast from Views & News with Clarence Ford Listen live on Primedia+ weekdays between 09:00 and 12:00 (SA Time) to Views and News with Clarence Ford broadcast on CapeTalk https://buff.ly/NnFM3Nk For more from the show go to https://buff.ly/erjiQj2 or find all the catch-up podcasts here https://buff.ly/BdpaXRn Subscribe to the CapeTalk Daily and Weekly Newsletters https://buff.ly/sbvVZD5 Follow us on social media: CapeTalk on Facebook: https://www.facebook.com/CapeTalk CapeTalk on TikTok: https://www.tiktok.com/@capetalk CapeTalk on Instagram: https://www.instagram.com/ CapeTalk on X: https://x.com/CapeTalk CapeTalk on YouTube: https://www.youtube.com/@CapeTalk567See omnystudio.com/listener for privacy information.

When you hear the words “data privacy,” what do you first imagine?Maybe you picture going into your social media apps and setting your profile and posts to private. Maybe you think about who you've shared your location with and deciding to revoke some of that access. Maybe you want to remove a few apps entirely from your smartphone, maybe you want to try a new web browser, maybe you even want to skirt the type of street-level surveillance provided by Automated License Plate Readers, which can record your car model, license plate number, and location on your morning drive to work.Importantly, all of these are “data privacy,” but trying to do all of these things at once can feel impossible.That's why, this year, for Data Privacy Day, Malwarebytes Senior Privacy Advocate (and Lock and Code host) David Ruiz is sharing the one thing he's doing different to improve his privacy. And it's this: He's given up Google Search entirely.When Ruiz requested the data that Google had collected about him last year, he saw that the company had recorded an eye-popping 8,000 searches in just the span of 18 months. And those 8,000 searches didn't just reveal what he was thinking about on any given day—including his shopping interests, his home improvement projects, and his late-night medical concerns—they also revealed when he clicked on an ad based on the words he searched. This type of data, which connects a person's searches to the likelihood of engaging with an online ad, is vital to Google's revenue, and it's the type of thing that Ruiz is seeking to finally cut off.So, for 2026, he has switched to a new search engine, Brave Search.Today, on the Lock and Code podcast, Ruiz explains why he made the switch, what he values about Brave Search, and why he also refused to switch to any of the major AI platforms in replacing Google.Tune in today.You can also find us on Apple Podcasts, Spotify, and whatever preferred podcast platform you use.For all our cybersecurity coverage, visit Malwarebytes Labs at malwarebytes.com/blog.Show notes and credits:Intro Music: “Spellbound” by Kevin MacLeod (incompetech.com)Licensed under Creative Commons: By Attribution 4.0 Licensehttp://creativecommons.org/licenses/by/4.0/Outro Music: “Good God” by Wowa (unminus.com)Listen up—Malwarebytes doesn't just talk cybersecurity, we provide it.Protect yourself from online attacks that threaten your identity, your files, your system, and your financial well-being with our exclusive offer for Malwarebytes Premium for Lock and Code listeners.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this first episode of 2026, Justin interviews Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine. They discuss major cyber events of 2025, court rulings on AI fair use, and what risk professionals should take away about AI training data and intellectual property. They discuss regulations about forever chemicals or PFAS and what to look for in 2026 and beyond as these regulations change. They discuss the U.S. government shutdown of October and its residual effects.   Listen for a call for content submissions for RIMS Risk Management Magazine.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. This is our first episode of 2026. We're going to look forward and back, and who better to do that with than Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine? [:44] We will discuss some of the top risk management stories of 2025 and what they might mean for 2026. There's so much to discuss, from forever chemicals to AI! But first… [:55] RIMS-CRMP and Some Prep Courses. The next virtual prep course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. This is the last call for "Intro to ERM for Senior Leaders". It will be held on January 8th, led by Joe Mayo. [1:24] On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:35] On February 4th and 5th, Ken Baker will return to deliver the course, "Applying and Integrating ERM". [1:45] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:57] RIMS members always enjoy deep discounts on the virtual workshops. [2:06] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:19] You can enroll now for the next cohort, which will be held over 12 weeks from April 14th through June 23rd. Links to registration and enrollment are in this episode's show notes. [2:34] On with the show! The annual Year in Risk Review edition of RIMS Risk Management Magazine is now available. Visit RMMagazine.com for more information. [2:47] We're going to pick up where we left off with Morgan O'Rouke and Hilary Tuttle of RIMS Risk Management Magazine and the RIMS Publication Department. [2:54] Feel free to check out Episode 371 to get caught up as we discuss natural catastrophes and their impact on the landscape. [3:04] In this episode, we're going to talk about AI, PFAS forever chemicals, and how you can contribute to RIMS Risk Management Magazine in 2026. [3:14] Risk Management Magazine is an Azbee award winner, so you are hearing insights from the best in the business of risk management reporting. Let's get to it… [3:24] Interview!  Morgan O'Rourke and Hilary Tuttle, welcome back to RIMScast! [4:01] The Year in Risk 2025 Edition of RIMS Risk Management Magazine has been on digital shelves for a few weeks now. We're going to look a little bit forward and backward. [4:34] Data Privacy Day comes up on January 20th every year. All eyes turn to cyber. At RIMS, all eyes turn to Hilary because she is the cyber guru. Hilary thinks every day of the year is Data Privacy Day. [5:15] Hilary says, in the Year in Risk edition, they talked about 2025's Amazon Web Services outage, which took about 70,000 companies offline. It's a solid example of third-party risk and vendor security risks. [5:31] The economic impact of the outage was estimated to be in the billions of dollars, in terms of lost business and business interruption. Hilary said the AWS outage lasted about 16 hours. [5:53] It's a good reminder of vendor concentration risk in cloud services. The cloud services market has three major vendors; Amazon has about 30% of the market. If Amazon goes down, that's a significant number of clients who are at risk. [6:10] Hilary says insurers are not at real risk for this outage. A lot of cyber coverage has provisions for outages with waiting periods of eight to 12 hours. Your insurer might come in for the end of that situation, but most of it is on the insured. [6:38] For insurers and reinsurers, it was a pretty mild event. It's not going to cause huge changes in capacity or rates. It is a reminder that a lot of the risk is going to be on you, depending on the factors that are involved and the vendors that you pick. [6:58] There was also the Marks & Spencer ransomware incident that impacted their stores and online services. They sell about four million Great British pounds a day of products online. Their website was down for three months because of the ransomware event and recovery process. [7:29] Marks & Spencer had to go to pen and paper for in-store sales, and they operate hundreds of stores. It also caused inventory problems. It was a huge increase in waste because they didn't have ways of tracking or selling all of their inventory of food and other goods. [7:45] The cost to Marks & Spencer was estimated to be about three hundred million Great British pounds. [7:53] 2025 was a big year for cyber. Some other British retailers had some issues that have had retailers around the world taking note. [8:04] Morgan was interested in the Jaguar Land Rover case. Since Morgan was a child, he wanted a Jaguar for the hood ornament. If they're taken offline, how is Morgan ever going to get himself a Jaguar? [8:35] Hilary says, You and a lot of other customers, because they had to take all of their very automated production offline for a while. Parts and Sales were interrupted. They saw quarterly revenues drop around 24%, year-over-year, a difference of several hundred million pounds. [8:58] Morgan says it becomes a little bit the same. It doesn't mean that it's not important. It's one of those things we encounter with perpetual risks, whether it's disasters or cyber. [9:12] When they're always happening, they tend to get overlooked until some marquee event like an Amazon Web Services outage takes down a lot of people, or a company is taken offline for months and has to go back to pen and paper. That's not easy at large volumes. [9:38] The underlying current of the risks you have to deal with still needs to be a part of your day-to-day mitigation exercises.  [9:59] Hilary says The more things change, the more things stay the same. [10:18] Morgan says There is a broader perspective to everything. A risk is not just going to affect you; it's going to affect people down the line who are connected to your business. A cybersecurity event that happens over here is bound to have an impact on you, in some way. [10:35] Hilary says concentration risk is an increasing issue, and dependency is an issue. We have allowed some of the market players to become so large that the impact, if anything happens to them, is astounding. [10:50] There are advantages in having a large company as your vendor, but there's also a certain amount of instability in the lack of control you have in what's going on upstream. There's a lot that can happen downstream, to you. [11:26] Hilarity may attend a Black Hat conference this year. From that, she may see what is coming several years down the pike. [12:00] Justin says that AI is omnipresent. Regarding AI, in 2025, courts ruled on Fair Use. Multiple lawsuits were filed, and major settlements were reached. One lawsuit about scrubbing user data came from violating the Terms of Use, rather than copyright infringement. [12:44] Morgan says companies that use AI or are creating an AI should be looking at the emerging liabilities and governance challenges of AI. [12:55] There were a lot of cases. Two cases discussed in the Year in Risk 2025 were about Anthropic and Meta being sued by groups of authors. The courts ruled in both cases that if the AI made substantial changes to the material, they could use it under Fair Use. [13:32] The cases weren't definitive that you have an open free-for-all. Anthropic was guilty of using pirated materials from the authors to train its AI. Anthopic settled by paying $1.5 billion to the authors. The ruling was that you can use material that you get legally, by paying for it. [14:14] There are ways that the AI companies may be held accountable. There are 40 to 50 cases from every manner of media that may be adjudicated differently. It may come down to the sense of the case. There is some precedent set by one case. [14:36] Morgan says, from a content creator perspective, it's heartening that copyright is protected. Hilary says it's disheartening that larger companies like Disney have more negotiating power in what they allow AI to use, but smaller companies may not have as much power. [15:52] Morgan says the New York Times has licensed individual pieces for AI to use. [16:06] If the company creating AI doesn't have an agreement with a content creator, in a lot of court cases, the settlement ends up being a licensing agreement to use the content. [16:19] There's somewhat of an inevitability to the use of AI. You can't do anything about it, so you might as well get on board and get your piece. AI will take a little getting used to. [16:56] Morgan says their future coverage of AI will be less about the promise of AI and more about how to use AI responsibly in your business. What are the risks of AI in your business? [17:37] Everybody's doing it anyway, and risk depends on the level of fact-checking or information verification you are doing when you're putting together anything from an email to an RFP for a new vendor. You don't lose sight of the ball just because it's been around a few years. [17:58] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [18:20] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available starting on March 3rd. Links are in this episode's show notes. [18:35] Let's Return to Our Interview with Morgan O'Rourke and Hilary Tuttle! [18:52] Justin brings up forever chemicals. They're in a lot of the things he drinks. The foods that he eats have consumed the same water. Executives in Italy were sentenced for not doing enough about them. In the U.S., the Trump administration started regulatory rollbacks. [19:47] Justin mentions the RIMS webinars about forever chemicals, showing that if we don't work to curtail PFAS, they will have a lasting, harmful effect. [20:21] Morgan says environmental liability for PFAS has been a topic of discussion for a few years. [20:52] The discussions are around how PFAS will be regulated from a business standpoint, and what that means for my company. How do I need to report them? How do I need to mitigate it and clean up the systems I am responsible for? [21:05] Morgan reports that in Italy, 11 executives were sentenced to a total of 141 years in prison for polluting the groundwater in an area of Italy. Studies showed that over time, there were thousands more cancers and cases of cardiovascular disease because of this pollution. [21:35] Morgan says, That's the extreme side of it. It's what everyone wants to prevent. A lot of other countries and U.S. states are passing regulations banning or restricting PFAS. In 2025, in the U.S., some regulations were softened or paused. [21:59] Hilary says there were various efforts to soften different regulations. Morgan explains that it was mainly for the costs to businesses. From the business standpoint, it's going to cost money to mitigate or report whatever the requirement is. [22:14] Morgan says, It's not that restrictions were taken off the table, but it's concerning from a public health standpoint that they are slow-walking PFAS regulations. Morgan would like to think that just because a regulation is paused doesn't mean it won't be put into effect soon. [22:56] Hilary says when she was in Calgary, in the fall, there was a session specifically on PFAS litigation, because Canada has also passed some measures on this. It's a solid reminder that other countries are starting to pick up on this regulation. [23:17] In terms of compliance with what can or can't be used in product development, it's good to keep in mind some of these emerging regulations and the direction they are going. Remediation is definitely a component of it. [23:33] In product development and new product releases, and product reformulations, it is often more expensive to figure out how to use substances that are not the PFAS that have been used for a long time, but that is the direction in which some businesses need to be looking. [23:49] Morgan says, We did it with asbestos, years ago. PFAS started as a health concern, but it is a business concern. If you're responsible for injuring people, as we saw in Italy, you could go to jail. It doesn't mean that will happen in every country, but it doesn't mean it won't. [24:19] Hilary thinks it will be interesting to see what moves the needle in different countries, as there are different business climates in different parts of the world. The United States is a lot more litigious than a lot of other cultures. Some of the regulations are being driven by lawsuits. [24:30] Other places are focused more on compliance, where there's more of a sense of social good, like the Nordics, or parts of Western Europe, Hilary says, where some regulations coming from the government will be enough to move the needle. [24:58] Multinational companies will need to be aware of the regulations in different countries and decide if they will make products for a specific country, restrict sales in that country, or reformulate their offerings. [25:12] Morgan says the idea that there is an acceptable level of PFAS in the water is what bothers him the most. Hilary says there are risks more direct than water. You're cooking your food in PFAS. You have fire blankets to keep your children safe in the wake of wildfires. [25:38] Things that you take for granted, that are serving a function, have the forever chemicals because they serve the function. Waterproof shoes, for example. You're relying on the benefit, but you're not necessarily thinking about the risks that you're introducing. [25:54] Morgan says that it's all about the concentration of things. PFAS are in whatever you consume. At a certain point, it becomes harmful. Hilary says, You might buy one pair of waterproof shoes, but what if everyone does, and they all end up in landfills and cause runoff? [26:39] It's a personal risk vs. a collective risk issue. It's a short-term risk vs. a long-tail risk issue. Hilary and Morgan discuss tapwater. Ignorance is bliss. It's a long-term risk. [27:11] A Final Break! The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada. [27:30] Spencer awards undergraduate, graduate, Ph.D., and Pre-Instructor of Practice Scholarships to students enrolled at an accredited college or university in the U.S. and Canada, and physically studying in either location. No remote coursework eligibility from other locations. [27:47] Including part-time, graduate scholarships to risk management and insurance professionals continuing their education. [27:53] Since 1980, Spencer has invested more than $11.1 million in the scholarship program with awards to over 1,700 students. More than 85% of Spencer's scholarship recipients remain in the industry to this day. [28:09] They've got undergraduate scholarships, full-time Master's scholarships, part-time Master's scholarships, pre-dissertation Ph.D. candidates, doctoral candidates, and pre-instructor of practice scholarships all open now. The application deadline is January 31st, 2026. [28:30] Visit SpencerEd.org/scholarships. You'll find the different application buttons. See the link in this episode's show notes for more information. [28:42] Let's Return to the Conclusion of Our Interview with Morgan O'Rourke and Hilary Tuttle!  [28:59] RIMS Risk Management Magazine is looking for risk managers, business professionals, and legal professionals to contribute by way of articles and share their knowledge. [29:21] Morgan says We're looking for articles talking not just about the risk, but about what a risk manager can do about the risk. The actionable part of the article describes the risk management. We're trying to help our risk manager readers do their jobs better. [29:44] If you're looking to contribute something, share your knowledge. How did you deal with this risk that you are encountering? What are the steps that you recommend people take to mitigate that risk? [29:58] That ends up being the most successful article. It accomplishes our mission most clearly. [30:06] Hilary adds, if there is something that has come up at work that surprises you, as a seasoned risk professional, it may be new, emerging, or surprising to someone else. [30:18] Sharing your expertise with your colleagues is something we are always looking to do, and we're happy to help you figure out how to do it. [30:34] Justin says When we attend a RIMS event, we have a chance to mingle with our members and the attendees. People have come up to me and said they listen to the show, and they would love it if I would do an episode on "this." [30:54] One that stood out to Justin is amusement park ride safety risk. He plans to do an episode on that in the summer. [31:13] Hilary says, We love a novelty risk. They have done articles on water parks and ski resorts. Morgan says everybody's got a risk they're facing. Hilary wrote a blog post years ago about bouncy houses. Justin did an episode on hot air balloons. [31:35] Morgan recalls doing an article on microbreweries, and a brewery sent them a six-pack. He'd like to do pizza risks next, maybe do a full spread! [32:07] Justin says, We do want to give you a forum to share your knowledge, experience, and recommendations on how to mitigate a risk or tackle it head-on, or a new idea for a strategy on an emerging risk. [32:25] Margan says some of those things may start as an article and later become a podcast episode. It's key to provide content that RIMS may be looking for, in general. It all starts with reaching out to Morgan or Hilary with an idea. [32:44] Hilary says if you've put together a PowerPoint for a presentation, you probably have a pitch. Morgan says, You've basically got an article or a conversation started. If it's worthwhile to share with a conference audience, it's worthwhile to share with everybody. [33:01] When Hilary meets a risk manager, her favorite questions to ask are What is the most unexpected risk that you've dealt with? What is the number one risk that you've dealt with? What did you not think that you'd be spending your days on? [33:17] Hilary met a risk manager who worked for a group of public universities. He said the biggest unexpected problem that he deals with is kids riding motorized scooters on sidewalks or leaving them for people to trip over. Ebikes catch on fire. 100 kids a year get hurt from them.  [33:56] Hilary says, If you have a situation like that, if there's a risk that you never expected, if nothing else, we'd be really interested to hear about it. [34:05] There are so many topics from 2025 to check out in the Q4 edition of RIMS Risk Management Magazine at RMMagazine.com now. [34:26] In October, the longest U.S. Government shutdown in history occurred. This led to a 10% cut in air traffic capacity and a lapse in the NFIP, which is one of RIMS's top legislative priorities. Once the government reopened, the NFIP was reauthorized until the end of January. [35:06] The NFIP has been kicked down the road for a shorter period than anyone really wants. This was one of the few times it has been allowed to fully lapse. It leaves claims up in the air. [35:46] Homeowners, buyers, and developers in high-risk areas can't get federally-backed mortgages without flood insurance. The lapse put a lot of property purchases in peril or on hold. Morgan says there wasn't a big run on claims in the last 40 days, but there could have been. [36:28] Hilary points out that real estate developers couldn't sell homes in that period in areas where flood insurance is required. There are business impacts that are not storm-related. [37:01] The shutdown had an enormous human toll with people losing jobs or being furloughed and going without money, not being able to pay rent, mortgage, or childcare. SNAP was cut for a significant period. [37:30] Ernst & Young estimated the hit to the GDP as 1 to 1.5%, or a loss of $7 to $14 billion of economic output that would not be made back up after the government reopened. It was a disruption with long-term implications. [37:57] Morgan says We're coming up on another fight as the reopening of the government only lasts until the end of January. If there is debate, as there always has been, we'll go through this process again. How long will that take? Have we learned from our mistake two months ago? [38:22] Morgan says uncertainty is never good for the economy or for our mental well-being. [38:31] Justin says, we're going to cap the conversation for now, and invites Morgan and Hilary back in about five months for the 2026 Mid-year Risk in Review. [38:42] It's been such a pleasure to be rejoined by you here on RIMScast. Everyone can go to RMMagazine.com, and you're already hard at work on Q1 2026, right? Morgan says we put up new articles every week. There's always something new. The digital issues come up every quarter. Check your email inboxes for Editor's Picks, which we will send out once a month! [38:22] Morgan says those are ways to check us out or be reminded that we're out there providing you with information that you can use. [39:30] Morgan says, for RIMS members, there is the RIMS Now newsletter we send out to members quarterly with RIMS-centric news. [39:52] Justin says, It's been a pleasure, and I look forward to seeing you both, hopefully at RISKWORLD in Philadelphia! [40:13] Special thanks again to Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management Magazine and the RIMS Publications Department for joining us here on RIMScast. Remember to listen to Part 1 of this interview, via the link in this episode's show notes. [40:19] Visit RMMagazine.com to check out the Year in Risk feature and the Q4 edition of RIMS Risk Management Magazine. This is reporting from the best in the profession. You can't get any better than RIMS Risk Management Magazine. [40:37] Morgan and Hilary will return for the Mid-year in Risk episode of RIMScast, so subscribe to RIMScast today, don't miss it! [40:44] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [41:11] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [41:29] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [41:46] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [42:01] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [42:15] Justin Smulison is the Business Content Manager at RIMS. Please remember to subscribe to RIMScast on your favorite podcasting app. You can email us at Content@RIMS.org. [42:27] Practice good risk management, stay safe, and thank you again for your continuous support!   Links: RIMS Risk Management Magazine: Year In Risk Edition | Feature Article RIMS-CRO Certificate Program In Advanced Enterprise Risk Management | April‒June 2026 Cohort | Led by James Lam RISKWORLD 2026 Registration — Open for exhibitors, members, and non-members! Reserve your booth at RISKWORLD 2026! The Strategic and Enterprise Risk Center RIMS Diversity Equity Inclusion Council RIMS Risk Management Magazine | Contribute RIMS Now Spencer Educational Foundation Scholarships | Submission Deadline Jan. 31, 2026 RISK PAC | RIMS Advocacy RIMS-Certified Risk Management Professional (RIMS-CRMP) | Insights Series Featuring Joe Milan! Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP Exam Prep January 14‒15, 2026, 9:00 am‒4:00 pm EST, Virtual Full RIMS-CRMP Prep Course Schedule See the full calendar of RIMS Virtual Workshops "Intro to ERM for Senior Leaders" | Jan 8! — LAST CALL! "Managing Worker Compensation, Employer's Liability and Employment Practices in the US" | Jan. 21‒22, 2026 "Applying and Integrating ERM" | Feb 4‒5 "Facilitating Risk-Based Decision Making" | March 4‒5, 2026   Upcoming RIMS Webinars: RIMS.org/Webinars   Related RIMScast Episodes: "Year In Risk 2025 with Morgan O'Rourke and Hilary Tuttle" "Mid-Year Update 2025: RIMS Legislative and Risk Management News" "James Lam on ERM, Strategy, and the Modern CRO" "The Evolving Role of the Risk Analyst" "Presilience and Cognitive Biases with Dr. Gav Schneider and Shreen Williams" "Risk Rotation with Lori Flaherty and Bill Coller of Paychex" "Risk Quantification Through Value-Based Frameworks"   Sponsored RIMScast Episodes: "Secondary Perils, Major Risks: The New Face of Weather-Related Challenges" | Sponsored by AXA XL (New!) "The ART of Risk: Rethinking Risk Through Insight, Design, and Innovation" | Sponsored by Alliant "Mastering ERM: Leveraging Internal and External Risk Factors" | Sponsored by Diligent "Cyberrisk: Preparing Beyond 2025" | Sponsored by Alliant "The New Reality of Risk Engineering: From Code Compliance to Resilience" | Sponsored by AXA XL "Change Management: AI's Role in Loss Control and Property Insurance" | Sponsored by Global Risk Consultants, a TÜV SÜD Company "Demystifying Multinational Fronting Insurance Programs" | Sponsored by Zurich "Understanding Third-Party Litigation Funding" | Sponsored by Zurich "What Risk Managers Can Learn From School Shootings" | Sponsored by Merrill Herzog "Simplifying the Challenges of OSHA Recordkeeping" | Sponsored by Medcor "How Insurance Builds Resilience Against An Active Assailant Attack" | Sponsored by Merrill Herzog "Third-Party and Cyber Risk Management Tips" | Sponsored by Alliant   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Morgan O'Rourke, RIMS Director of Publications and Risk Management Magazine Editor in Chief Hilary Tuttle, Managing Editor, Risk Management Magazine   Production and engineering provided by Podfly.  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this last episode of 2025, Justin interviews Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine on the most impactful risks of 2025 and what's expected in 2026. They discuss the difficulty of reporting on the rapid pace of risk change. Morgan and Hilary discuss the most impactful natural events of 2025: wildfires in California and Canada, Hurricane Melissa, and flooding. They discuss the economic risks posed by the unusual tariff changes in 2025 and how supply chains and inflation are affected. These risks are covered in the Q4 edition of RIMS Risk Management magazine online now.   Morgan and Hilary will return for the first episode of 2026, launching on January 5th.   Key Takeaways: [:01] About RIMS and RIMScast. [:17] About this episode of RIMScast. This is our final episode of 2025, and who better to spend it with than Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine? [:44] We will discuss some of the top risk management stories of 2025 and what they might mean for 2026. They will rejoin us for the first episode of 2026! But first… [:55] RIMS-CRMP and Some Prep Courses. The next virtual prep course will be held on January 14th and 15th, 2026. These are virtual courses. Links to these courses can be found through the Certification page of RIMS.org and through this episode's show notes. [1:12] RIMS Virtual Workshops are coming up. On January 21st and 22nd, Chris Hansen returns to deliver the course, "Managing Worker Compensation, Employer's Liability and Employment Practices in the US". [1:26] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes. [1:38] RIMS members always enjoy deep discounts on the virtual workshops. [1:48] The RIMS-CRO Certificate Program in Advanced Enterprise Risk Management is hosted by the famous James Lam. This is a live virtual program that helps elevate your expertise and career in ERM. [2:01] You can enroll now for the next cohort, which will be held over 12 weeks from January through March of 2026. Registration closes on January 5th. Or Spring ahead and register for the cohort that will be held from April through June, 2026. Registration closes on April 6th. [2:20] Links to registration and enrollment are in this episode's show notes. [2:27] On with the show! The annual Year in Risk Review edition of RIMS Risk Management magazine is now available. Visit RMmagazine.com for more information. [2:39] I wanted to dive deeper into some of the pages and the stories that made major headlines in risk management this year. Morgan and Hilary are rejoining us as part of our annual tradition. [2:54] We're not just looking back; we're also going to talk about how these events should be some warning signs and provide some extra insight for risk managers around the world. [3:05] Interview! This is our final episode of the year, and we're going out with a bang with two of my favorite people! [3:12] Morgan O'Rourke and Hilary Tuttle, welcome back to RIMScast! [3:23] Justin saw Morgan and Hilary, just a month ago in Seattle, at the ERM Conference. Morgan says it was raining the whole time, but it was a good conference. It was well-attended, and everybody enjoyed themselves, and the attendees got a lot out of it. It was a great event! [3:51] Hilary also thought it was great! The turnout was fantastic! There was some great feedback on a lot of the sessions. There were some packed rooms! People seemed pleased with the programming. Hilary didn't see the sun until she left, but she enjoyed the city! [5:12] Morgan and Hilary's goal for attending the ERM Conference is to gather good ideas for articles. They look for presenters who might be good content contributors in other formats. They look to get a sense of what is new and what is emerging. [5:24] Morgan and Hilary talk to members about what they're seeing in practice and what's concerning to them. Morgan says if there's a packed room for a session, it's clearly a topic that's resonating, which bumps it to the top of the list of things to pursue, since there's interest in it. [6:17] Justin notes that Morgan's always there in the sessions with pen and paper. He's old school! [7:36] Morgan says the hardest part of reporting on risk is the breadth of the risks they cover. Everything has a lot more nuance and a lot more effect. This incident happened, which had 57 knock-on effects. [7:47] Morgan explains why distilling that down to something that makes sense in article form is a huge challenge and compares writing about risk to the experience risk managers have with everything they deal with. [8:10] Morgan says that, at the end of the year, spotlighting the year in risk coverage is a challenge. How do you get the entire economic, geopolitical situation down to 200 words? [8:37] Hilary says the velocity of change is a challenge when covering risk. Unlike in everyday news coverage, they have to add an amount of value or takeaways for a reader who is looking to do something about risk. Developing that value, at the speed of risk, is particularly challenging. [9:15] Hilary continues. Crises are compounded now. You can't ignore a lot of those factors that make a crisis a bad issue. Hilary cites hurricanes, rapid intensification, which is a knock-on effect of climate change, lax building codes, and people building more in certain regions. [9:38] Hilary says you have to add so many layers to explain why this crisis is happening now. It becomes a lot more challenging to figure out how it impacts insurance. You have to take into account different exclusions or the way the policies are created. There are a lot of moving parts. [10:04] Morgan says, It's not just your picture. It's the picture of your suppliers and your customers, who might be across the country or around the world. All of their risks become your risks or, at least, will impact your business. [10:33] Justin compliments the digital layout of RIMS Risk Manager magazine. He speaks of how Morgan and Hilary go to RIMS events looking for inspiration for content and content contributors. [11:05] Morgan says, We're only as good as the information we've learned through the people we've met, or what we've read. We're not practicing risk managers. Hearing from experts who deal with it every day is the strongest way to get good content that resonates with our readers. [12:17] Morgan says wildfires were probably the most costly insured loss of 2025. Hilary says that earthquakes were the most costly in terms of the loss of life. The LA fire was the largest single economic loss. There are lots of expensive homes in Southern California. [13:26] Canada has had wildfires raging almost non-stop for two or three years. Wildfires are no longer secondary perils. They're a prime source of loss. Severe convective storms, in the aggregate, probably caused more damage than wildfires this year. [14:04] Hilary says severe convective storms have been in the top 10 for seven out of the last 10 years. Morgan says this was one of the top convective storm years. In natural disasters, you're not looking just at hurricanes and earthquakes, but also fires, floods, and more. [14:32] Hilary talks about secondary factors, like tremendous wind events in California, increasing the rate at which fires spread, making containment difficult. Things were moving fast. A lot of buildings were burning. It took three weeks to put out two of the largest fires. [15:05] Canada faced different challenges. All but two provinces had record, above-average fire seasons. Some fires impacted remote areas where getting people out is logistically extremely difficult. Seventy-something First Nations communities had to be evacuated. [15:35] If you're dealing with areas that are largely only accessible by air, getting communities of people out for long periods is logistically very challenging, with a devastating human impact. They're very different fires. [15:52] Hilary says it was quite a year. Morgan ties it back to the impact of climate change. It starts with drought, and it's exacerbated by winds. Then you've got these weird things that pop up where Mother Nature says, Hey, I've got a weird twist for you! [16:13] Quick Break! RISKWORLD 2026 will be held from May 3rd through the 6th in Philadelphia, Pennsylvania. RISKWORLD attracts more than 10,000 risk professionals from across the globe. It's time to Connect, Cultivate, and Collaborate with them. Booth sales are open now! [16:35] General registration and speaker registration are also open right now! Marketplace and Hospitality badges will be available starting on March 3rd. Links are in this episode's show notes. [16:50] Let's Return to Our Interview with Morgan O'Rourke and Hilary Tuttle! [17:11] Some of the fires Canada experienced this year were zombie fires, also called holdover fires, or overwintering fires. They can live in the soil under the snow until it gets warm, the snow melts, and they reignite. Some of the fires of 2025 were started in 2023. [16:23] Hilary believes those holdover fires were in Saskatchewan, Manitoba, the Northwest Territories, and up North. Holdover fires are most common in the Arctic Circle. [18:43] Morgan and Hilary believe that's a good example of things that will happen more frequently with climate change, affecting a larger number of people than before. [19:15] Morgan says convective storms are tornadoes and thunderstorms. Hilary adds that it has to do with the pressure front that leads to forming them. Outbreaks of many tornadoes in a couple of days wreak havoc in the U.S. Midwest. [20:06] Morgan says the highest intensity of a tornado is EF5. There was an EF5 tornado in North Dakota for the first time in 10 years. It touched down in a place where there were not a lot of people. [20:35] Hilary says we're seeing increasingly severe convective storms and inland flooding losses. Severe storms are flooding areas that weren't thought of as being at risk of flooding. [20:50] The more we build into these plains with high-value properties, the more damaging convective storms are getting. The storms are also getting worse. We're also seeing increasingly damaging hail. That's a severe convective storm issue, as well. [21:27] Morgan says climate change makes things more intense and widespread. Morgan says his favorite climate change after-effect was the attack of the jellyfish this year. [21:57] There were multiple instances of French nuclear power plants being taken offline by giant swarms of jellyfish clogging the coolant intake lines. Europe had a super-hot summer. Water temperatures rose, which increased jellyfish activity and presence. [22:26] There were so many jellyfish, they ended up in places they shouldn't be. France generates 70% of its electricity through nuclear power. If nuclear power plants are taken offline, it's not just a minor annoyance. [22:51] If you're a company during a blackout, you don't care that it was jellyfish. You're still not in business for the time that you don't have power. Suddenly, this climate change effect is now a part of a disaster preparedness plan because of climate change. You have to plan for jellyfish. [24:43] Hurricane Melissa was another storm with widespread flooding and enormous insured losses. Morgan notes that 2025 was a relatively low-activity season from the standpoint of how many hurricanes made landfall. [25:18] Melissa was the most damaging and probably accounted for 90% of economic losses and loss of life. It did billions of dollars' worth of damage. [25:33] There were three Category 5 Hurricanes this year; four is the record, but they mostly went out into the ocean; they didn't do anything. That doesn't mean it's always going to happen. If one storm hits the right place, you're in trouble. [26:07] It was an active storm season for Jamaica. It only takes one storm in your area to be an active season for you. [26:25] Hilary says Melissa is a textbook case of some of the perils of rapid intensification. It got much worse very quickly. The fact that we've seen such a proportion of Category 5 storms is a pattern that is concerning. [26:57] They discussed rapid intensification in the hurricane outlook for the season. Hurricane Erin also occurred this year. It intensified quickly, but it didn't cause a lot of damage. Your lead time is less when a storm intensifies quickly. [27:32] Morgan says it's important to get things in order before storms hit because you may not have the time to do it when it's mid-season. You don't know where or when a storm will hit. [27:50] Wikipedia calls Melissa the costliest storm in Jamaican history, at $10 billion in damage, 102 fatalities, 141 injuries, and 27 missing. [28:38] A Final Break! The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada. [28:57] Spencer awards undergraduate, graduate, Ph.D., and Pre-Instructor of Practice Scholarships to students enrolled at an accredited college or university in the U.S. and Canada, and physically studying in either location. No remote coursework eligibility from other locations. [29:14] Including part-time, graduate scholarships to risk management and insurance professionals continuing their education. [29:20] Since 1980, Spencer has invested more than $11.1 million in the scholarship program with awards to over 1,700 students. More than 85% of Spencer's scholarship recipients remain in the industry to this day. [29:35] They've got undergraduate scholarships, full-time Master's scholarships, part-time Master's scholarships, pre-dissertation Ph.D. candidates, doctoral candidates, and pre-instructor of practice scholarships all open now. The application deadline is January 31st, 2026. [29:57] Visit SpencerEd.org/scholarships. You'll find the different application buttons. See the link in this episode's show notes for more information, giving you some extra homework to do over the holiday break, if you are taking a holiday break! [30:14] Let's Return to the Conclusion of Our Interview with Morgan O'Rourke and Hilary Tuttle!  [30:46] Justin mentions that tariffs in 2025 affect 90% of U.S. imports. That's a supply chain management issue and an ERM issue. Tariffs themselves are an issue. [31:16] What Morgan connects most to tariffs is the uncertainty they create, especially in the way they've been implemented this year. Tariffs are promised, then the terms are changed, creating uncertainty. What level of costs will businesses absorb or pass on to customers? [31:50] Morgan says those things make the business landscape unstable. Tariffs in April would be better than 57 different announcements that change the picture every other week and tend to tank the stock market. [32:20] Morgan says Goldman Sachs estimated in September that 55% of the incurred costs have been passed to consumers, depending on the business. Once it impacts your customers, you've got less revenue coming in. It's an unstable environment. [32:47] Hilary contrasts this year's tariffs with past tariffs. Usually, it's a "set it and forget it" situation. Hilary calls this year's tariffs erratic and confusing. The scale and the frequency of change are unprecedented. [33:31] Morgan says you can feel it when you go to the store. That's not helping from a personal standpoint or a business standpoint. Justin speaks of shrinkflation. [33:47] Tariffs are going to affect inflation. Nobody wants that. [34:22] Hilary speaks of alternate supply chains that are in more friendly tariff environments. Some of the items in your products are going to be different. Some of your processes will be different. You don't know if you're also going to be getting inferior products. [34:52] Morgan says it's not as simple as saying just get a new supplier. That's an operational shift from procurement, on. Hilary says, hopefully, you won't have to do product safety testing or environmental impact studies, or reporting around your supply chain. [35:09] Morgan notes that some raw materials may only be available in five countries, like a rare earth mineral. [35:32] Justin asks if this is explored in depth in the Q4 edition of RIMS Risk Management magazine. Hilary says we are not talking about rare earth minerals in that issue. Morgan is working on figuring out how we can cover that, perhaps, in 2026. [35:53] Morgan is fascinated by this topic. There are limited deposits of things. The broader point is that if you're affected by tariffs and you're trying to change suppliers or sources, you may not have all the options. [36:12] Hilary says it is a situation where the risk is very much there, but the management or mitigation of it is not necessarily something you can do much about. Only so many places make cobalt. Morgan adds, There are only so many mines out there. [36:31] Justin says, The Q4 edition of RIMS Risk Management magazine is out now. This is the last episode of 2025. We're going to have you back to discuss a little bit more in the first episode of 2026. [37:01] Morgan's parting words: "I'm just glad you're listening. I'm glad you're listening. I'm glad you're reading. I'm glad you're here. I feel like it's a privilege to keep writing for you, talking to you, so hopefully, we continue to do that in the new year. Everybody, be safe and happy." [37:14] Hilary's parting words: "Thanks for making it through another year!" [37:18] So, we're going to have you back in January, and we'll pick up there, probably with some cyber and some Data Privacy Day kick-off, January 5th, 2026. [37:35] Special thanks again to Morgan O'Rourke and Hilary Tuttle of RIMS Risk Management magazine and the RIMS Publications Department for joining us on RIMScast. They will rejoin us for the first episode of 2026. That will launch on January 5th. [37:52] Mark your calendar and subscribe to RIMScast through your podcasting app of choice! Visit RMmagazine.com to check out The Year in Risk edition of Risk Management magazine. That's the Q4 edition. This is reporting from the best in the profession. [38:12] You can't get any better than RIMS Risk Management magazine. [38:17] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes. [38:44] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [39:01] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [39:18] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [39:34] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [39:47] Justin Smulison is the Business Content Manager at RIMS. Please remember to subscribe to RIMScast on your favorite podcasting app. You can email us at Content@RIMS.org. [39:59] Practice good risk management, stay safe, and thank you again for your continuous support!   Links: RIMS Risk Management Magazine: Year In Risk Edition | Feature Article Facilitating Risk-Based Decision Making | Virtual Workshop | March 4‒5, 2026 RIMS-CRO Certificate Program In Advanced Enterprise Risk Management | Jan‒March 2026 Cohort | Led by James Lam RISKWORLD 2026 Registration — Open for exhibitors, members and non-members! Reserve your booth at RISKWORLD 2026! The Strategic and Enterprise Risk Center RIMS Diversity Equity Inclusion Council RIMS Risk Management magazine | Contribute RIMS Now Spencer Educational Foundation Scholarships | Submission Deadline Jan. 31, 2026 RISK PAC | RIMS Advocacy RIMS-Certified Risk Management Professional (RIMS-CRMP) | Insights Series Featuring Joe Milan! Upcoming RIMS-CRMP Prep Virtual Workshops: RIMS-CRMP Exam Prep | January 14‒15, 2026,  9:00 am‒4:00 pm EST, Virtual Full RIMS-CRMP Prep Course Schedule See the full calendar of RIMS Virtual Workshops "Managing Worker Compensation, Employer's Liability and Employment Practices in the US" | Jan. 21‒22, 2026   Upcoming RIMS Webinars: RIMS.org/Webinars   Related RIMScast Episodes: "Mid-Year Update 2025: RIMS Legislative and Risk Management News" "James Lam on ERM, Strategy, and the Modern CRO" "The Evolving Role of the Risk Analyst" "Presilience and Cognitive Biases with Dr. Gav Schneider and Shreen Williams" "Risk Rotation with Lori Flaherty and Bill Coller of Paychex" "Risk Quantification Through Value-Based Frameworks"   Sponsored RIMScast Episodes: "Secondary Perils, Major Risks: The New Face of Weather-Related Challenges" | Sponsored by AXA XL (New!) "The ART of Risk: Rethinking Risk Through Insight, Design, and Innovation" | Sponsored by Alliant "Mastering ERM: Leveraging Internal and External Risk Factors" | Sponsored by Diligent "Cyberrisk: Preparing Beyond 2025" | Sponsored by Alliant "The New Reality of Risk Engineering: From Code Compliance to Resilience" | Sponsored by AXA XL "Change Management: AI's Role in Loss Control and Property Insurance" | Sponsored by Global Risk Consultants, a TÜV SÜD Company "Demystifying Multinational Fronting Insurance Programs" | Sponsored by Zurich "Understanding Third-Party Litigation Funding" | Sponsored by Zurich "What Risk Managers Can Learn From School Shootings" | Sponsored by Merrill Herzog "Simplifying the Challenges of OSHA Recordkeeping" | Sponsored by Medcor "How Insurance Builds Resilience Against An Active Assailant Attack" | Sponsored by Merrill Herzog "Third-Party and Cyber Risk Management Tips" | Sponsored by Alliant   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guests: Morgan O'Rourke, RIMS Director of Publications and Risk Management Magazine Editor in Chief Hilary Tuttle, Managing Editor, Risk Management Magazine   Production and engineering provided by Podfly.  

In this special compilation episode of AI and the Future of Work, we celebrate Data Privacy Day by revisiting powerful conversations with industry leaders tackling some of today's biggest AI challenges. From deepfake detection to ethical AI, this episode highlights the critical role of privacy, trust, and security in the future of AI.Join us as we revisit insights from top experts in AI:

The nature of work and careers is undergoing profound changes that are often obscured by debates over return-to-work mandates. This week we consider the rise of decentralized work that's networked and elevates autonomy over outdated command and control approaches developed in a different century. Plus: a celebration of Data Privacy Day and Deepseek's cannonball into the Big Tech AI pool party.Watch us on YouTubeTroy Young's People vs Algorithms newsletterBrian Morrissey's The Rebooting newsletterAlex Schleifer's Human ComputerFollow Alex, Brian and Troy on Twitter

It's national data privacy day! What better day to focus your attention on keeping your data secure than now. Take a couple of moments today and throughout the week to evaluate and safeguard your identity so you can effectively protect yourself from current or future threats.   Links: Check out resources from the National Cybersecurity Alliance and the Cybersecurity & Infrastructure Security Agency  Learn more about the features and benefits of a Better Checking Account with IDProtect Register or log into our Better Checking portal to access the credit score tracker, credit report and other account benefits Transcript:  Welcome to Money Tip Tuesday from the Making Money Personal podcast.   One of the most important things you can do for yourself is to take identity and privacy threats seriously. There are new breaches occurring every day that choosing to not take steps for proper security could be costly. It's critical to put guards in place before any threat arises.   If you use digital services, tools and technology, National Privacy Day, and Week, is a great time to assess your existing security protocols and determine whether you're adequately protected.   With fraud threats everywhere, it's important to remember to stay on top of current scams to keep your privacy secure. Familiarize yourself with common tactics scammers use to trick you as well as stay abreast of new tactics arising. Check out the National Cybersecurity Alliance at Stay Safe Online for up to date information and resources about proper cyber protection. You can also explore resources and tools from the Cyber Security and Infrastructure Security Agency at CISA.gov.   Other, more active steps to take involve reviewing your current situation and identifying any areas where security could be improved.   Ensure all account passwords are secure, that you have proper PIN or biometric authentication on all devices and that all have been maintained with the most recent updates.   Monitor all your credit and credit card information. Make sure you're paying attention to all your credit cards and have sufficient access to card controls to easily turn them off if they're lost or stolen. Set up notifications for immediate awareness any time your cards are used. Receiving a simple message on card usage gives you the ability to act immediately if a suspicious charge occurs.   Keep an eye on your credit score for any inconsistencies or anomalies. Familiarize yourself by checking your score and viewing your current credit report. Your credit report will list out all your open credit lines, loans and other information like credit inquiries, payment history and other personal data regarding your credit activity. Look over the report to ensure all the activity is legitimate and accurate.  Finally, consider identity theft protection. Having identity theft protection offers benefits that help prevent fraud as well as cover you in case fraud occurs. These services monitor data bases and the dark web for sensitive information that way if any issue arises, you can act swiftly to resolve any issues. They also offer expense reimbursement, case managers and recovery assistance to help all throughout the recovery process.   With a Triangle Better Checking account you can get affordable access to amazing identity theft protection benefits for a small monthly fee of $4.99. With this one account you'll gain access to identity theft monitoring, reimbursement coverage, a credit score tracker, credit reporting, card registration as well as reimbursement coverage and full service identity recovery with a case manager if you ever become a victim. To learn more about the benefits and for further account information, visit trianglecu.org.  If you already have a Better Checking account you're already enrolled in the protection service but to access the other great benefits register at betterchecking.trianglecu.org to get started there.   If keeping your identity and sensitive information is high on your priority list, take some time today or throughout the week to set up additional protections for your devices and identity.  If there are any other tips or topics you would like us to cover, let us know at tcupodcast@trianglecu.org. Like and follow our Making Money Personal FB and IG page and look for our sponsor, Triangle Credit Union on social media to share your thoughts.   Thanks for listening to today's Money Tip Tuesday and check out our other tips and episodes on the Making Money Personal podcast.   Have a great day! 

What should we celebrate on January 28th? What is the difference between Privacy and Data Protection? What about Data Privacy? Will Data Protection (or Data Privacy) evolve to encompass many of the things we now discuss in the context of AI regulation? We have asked Carissa Véliz (Oxford University), Gabriela Zanfir-Fortuna (Future of Privacy Forum), Markus Wünschelbaum (Advisor, Hamburg Data Protection Authority), Brendan Quinn, and Tim Turner.  What do you think? Feel free to participate in the conversation by finding this episode's post on: Our Spotify feed: https://open.spotify.com/show/6M2DpgfTPaGCHm31rKstBr  Our LinkedIn channel: https://www.linkedin.com/company/masters-of-privacy/ Our YouTube channel: https://www.youtube.com/@MastersofPrivacy  References: Council of Europe: Data Protection Day US Government: Data Privacy Day  

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews CISA Chief Privacy Officer James Burd about data privacy and protection. Topics include how CISA protects agencies and critical infrastructure, how they responded to a recent data attack, and what risk professionals and data privacy professionals can work together to ensure their organization is resistant to data breaches.   Listen for actionable ideas to improve the cyber security at your organization. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:32] About this episode. We will discuss data privacy with James Burd, the Chief Privacy Officer of The Cyber Infrastructure Security Agency (CISA) here in the U.S. [:58] RIMS-CRMP Workshops! On February 19th and 20th, a two-day virtual workshop for the RIMS-CRMP will be led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:20] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:36] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:59] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:22] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:34] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:51] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! It is Data Privacy Week here in the U.S., through January 31st. This is an annual effort to promote data privacy awareness and education. Its events are sponsored by the National Cybersecurity Alliance. This week's theme is Take Control of Your Data. [3:23] Here to discuss how to take control of your data, and the best practices that risk professionals and business leaders need to know, is Chief Privacy Officer of CISA, James Burd. [3:36] James is the senior agency leader responsible for managing and overseeing CISA's privacy, external civil rights, civil liberties, and transparency programs. [3:46] We're going to talk about some of the big events that made headlines in late December and early January around cybersecurity and data privacy and the frameworks and strategies that risk professionals can implement to take control of their data. [4:02] CISA Chief Privacy Officer James Burd, welcome to RIMScast! [4:18] James has a fantastic team of privacy, transparency, and access professionals who provide transparency to the American public while integrating full privacy rights, liberties, and protections into the management of a safe, secure, and resilient infrastructure. [4:48] As Chief Privacy Officer, James Burd's primary responsibility is to ensure that privacy is at the forefront and integrated into every initiative, program, and policy CISA undertakes, regardless of whether it's by policy, process, or technical solutions. [5:00] This includes ensuring compliance with Federal privacy laws and embedding privacy considerations in the agency's operations and partnerships. [5:08] Protecting critical infrastructure inherently involves safeguarding sensitive and critical information that any organization holds, whether it's CISA or any of the many stakeholders of CISA. Privacy and cybersecurity are inherently interconnected. [5:21] CISA ensures its cybersecurity programs focus on protecting systems, networks, and data from unauthorized access while the privacy portion ensures that personal and sensitive data are handled responsibly, ethically, and securely. [5:39] What are the keys to a strong cybersecurity strategy? [5:52] The work CISA does in the privacy world is to ensure that the information CISA is holding is secure and safeguarded and also to tell the public how exactly they do that. [6:14] In the early days of CISA, it was a Computer Emergency Readiness Team (CERT). CERTs respond to major cybersecurity incidents at a state, local, national, or international level. A cybersecurity incident in the U.S. is similar to a cybersecurity incident in any nation. [6:50] All nations are facing the same cybersecurity issues. CISA's international work is about information sharing and helping each other understand what threats we all face. [7:19] Integrating privacy into risk management frameworks is a core consideration. A lot of the privacy work CISA does with risk managers is for ERM, identifying privacy risks and impacts and ensuring that mitigation strategies align with goals. [7:42] Risk managers are key partners in implementing strong data governance practices. CISA works with them to establish policies for data handling, access, and usage that align with the security needs and privacy protection of an agency or organization. [7:56] Risk managers have the opportunity to help privacy officers identify a privacy problem or privacy risk all across the organization. That's part of the risk manager's job as a point person. [9:13] CISA wants to do this privacy protection work with organizations before a breach. Many privacy professionals have learned the hard way that if you don't collaborate up front, you have to collaborate later, as a result of your emergency. That's not a great day. [9:29] Risk professionals have different viewpoints to consider. They may see that some privacy risks overlap with some financial risks, depending on the risk owner's point of view. It doesn't make sense to solve the same problem in 10 different ways. [10:30] The National Institute of Standards and Technology (NIST) is a valuable partner of CISA's. NIST can see what works or doesn't work as a conceptual or technical framework. NIST studies a problem from several angles and gives CISA an effective solution for the framework. [11:23] Daniel Elliott of NIST has been on RIMScast. James has collaborated with Daniel. [11:49] CISA is a collaborative agency. It does not exist without its partners and stakeholders. When NIST facilitates conversations between CISA and other stakeholders, it helps CISA figure out, of all the problems in the world, which critical problem we need to solve right now. [12:17] CISA has Cyber Performance Goals or CPGs, which are a subset of the NIST Cybersecurity Framework. CISA will tell a small business that they should start with the CPG and get it right, and then expand to everything else. [12:38] CPGs are not a substitute for a risk management framework, but they are a starting point. The CPGs would not exist if not for the work NIST had done in talking to small, medium, and large businesses and figuring out all the different issues they face. [13:08] In December, Chinese cyber attackers infiltrated U.S. agencies. When there is a major incident like that, there is a whole-government response. CISA plays an important role in that response, like a firefighter. Law enforcement plays the role of investigator. [14:16] CISA and its interagency partners are heavily involved in responding to recent Chinese activity associated with both Salt Typhoon and Volt Typhoon. They've been working very closely with the Treasury Department to understand and mitigate the impacts of the recent incident.  [14:35] There's no indication that any other Federal agency has been impacted by the incident but CISA continues to monitor the situation and coordinate with other authorities, like the FBI, to ensure that there's a comprehensive response. [14:50] The security of federal systems and data is of critical importance to national security. CISA is working aggressively to safeguard any further impacts. The People's Republic of China is a persistent threat, specifically, the GRC and related entities, who perform these activities. [15:12] They're one of the most persistent and strategically sophisticated adversaries we face in cyberspace today. The PRC has decades of experience in conducting rampant cyber espionage against U.S. businesses and critical infrastructure. [15:26] CISA has become increasingly concerned over the last year that the PRC is not just doing espionage but is trying to burrow into the critical infrastructure for a rainy day. These state-sponsored activities are coming from campaigns like Volt Typhoon and Salt Typhoon. [15:45] What happened to Treasury provides a stark example of these types of tactics. These tactics target critical infrastructure such as telecommunications, aviation, water, and energy. [15:56] Their goal, as far as we can tell, is not to cause immediate damage but to gain persistent access to those systems and remain undetected until they want to do something. [16:08] CISA has been very involved, not just responding to these incidents, but deeply studying these incidents to understand what is happening and what we need to do as a government and nation to protect ourselves from these burrowing activities. [16:27] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:39] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:55] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:07] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:20] Let's Return to My Interview with James Burd of the Cyber Infrastructure Security Agency!   [17:42] Whether talking about AI, IoT, or 5G, the issues are hardware problems and software problems. [18:02] The issues of the 1970s are similar to the issues of the 2020s, regarding vulnerabilities, exposure, and unsafe practices when developing software and hardware. [18:20] What we're seeing in the emerging technology space with AI, IoT, and 5G is an increase in the volume and velocity of data. The improvement of technology in this space is based on power and efficiency. Software improvement is based on the reach of interconnectivity. [18:34] Privacy and cybersecurity risks do not just appear. We're seeing existing risks and issues increasing in size and complexity. What we previously thought of as a perceived risk is now a real risk, thanks to advances in computational power and the amount of data available. [18:54] It's always been a risk but it was less likely to occur until this point where there's more data, more volume, and more complexity. AI systems rely on a vast amount of personal data, raising concerns about data security, algorithmic bias, and a lack of transparency. [19:11] We've heard about these risks with machine learning and big data databases. They require governance frameworks that address how data is collected, stored, and used in systems, or, in this case, AI models. [19:28] Those frameworks should be familiar to anyone working in the data protection space or the risk management space for the last three decades. Insurers getting into the cybersecurity space have been paying stark attention to this. [19:58] We've found out that IoT devices are probably the easiest and most risky entrance points within networks into homes and critical infrastructure devices. The biggest risks they create are unauthorized access, data breaches, and potential surveillance. [20:19] These are not new risks. They're existing risks that are promulgated because of the new avenue to get in. It used to be that the worst thing that could happen to an IoT device like a router is that it gets compromised and becomes part of a botnet to take down websites. [20:38] Today, that still happens, but that IoT device is looked at as the back door for entering someone's network if it's not properly secured. [20:49] In itself, 5G is awesome. There are fantastic things to do with increased data flow. With increased speed and connectivity come the ability to move more data at a time and we're facing data being transferred in an insecure manner. People don't know what data they're sharing. [21:15] We're running into the same classic issues but they're exacerbated by something we view as a major success, access. Access should be celebrated but we shouldn't open doors because we can open them. We need to be able to make sure those doors are secured. [21:48] James paraphrases Mark Groman, a privacy expert formerly with the FTC. “Privacy and cybersecurity are sometimes viewed as competing priorities. They are two sides of the same coin. I refuse to live in a world where you compromise security for privacy or vice versa.” [22:11] We live in a world where you can have both. The great thing about advancing technologies is that we can do both. Both cybersecurity and privacy aim to protect sensitive data and systems, just from slightly different angles and for different reasons. [22:31] There has to be a collaborative approach between cybersecurity and privacy. An intermediary like a risk professional can help cybersecurity and privacy teams work together. [22:41] By leveraging things privacy-preserving technologies and designing privacy into cybersecurity measures, organizations can bridge the gap and achieve harmony between the two essential functions. This strengthens the organization and its overall risk management. [22:58] When a risk is realized in one area, it's common for it to be a harmonious risk with another risk in a different area. In the privacy and cybersecurity space, risks overlap often. Conflicts between cybersecurity and privacy are easily bridged. [23:24] Cybersecurity professionals want to collect more data; privacy professionals want you to minimize the amount of data you collect. [23:34] Cybersecurity relies on extensive data collection to detect, monitor, and respond to threats. Privacy wants to collect only what's necessary and maintain it for a minimum time. [23:46] Security monitoring tools like intrusion detection systems may gather logs or metadata that could include personal data, creating potential privacy risks, especially for an insider threat. [24:00] Organizations can implement privacy-aware cybersecurity solutions that anonymize or pseudo-anonymize data where possible, allowing cybersecurity professionals to get to the root of the problem they're trying to solve while masking sensitive data. [24:13] If you're investigating an insider threat, you can unmask the data. Do you need that data to do the job that you're tasked to do? If not, why run the risk of inappropriately accessing it? [24:53] Privacy frameworks will always encourage transparency about data usage and sharing, especially by private entities doing consumer business and handling personal information. [25:07] The public needs to know what you are collecting from them, how you are using it, and whether are you sharing it. They need to know if you are handling their data securely. [25:38] James would tell cybersecurity professionals that if they think obscurity is security, they should find another job. Obscurity is typically the worst way to secure things. [25:51] There are ways to describe how data is being held or secured by an organization without compromising the cybersecurity tools or techniques used to monitor or look for vulnerabilities. [26:03] Transparency can be maintained without compromising security and can be used in a way to assure the public that an organization is keeping serious security techniques in mind when handling the public's data. James tells how to share that message with the public. [27:08] When James opens software, he reads the Third Party Agreements. He knows most people don't. Government agencies include a plain language version of the agreement. Some private companies are doing the same to help people understand how their data is being used. [28:40] Quick Break for RIMS Plugs! The first of hopefully many RIMS Texas Regional Conferences will be held in San Antonio from August 4th through August 6th, 2025. [28:58] This groundbreaking event is set to unite the Texas RIMS Chapters and welcome risk management professionals from around the world! Also known as the Risk Management Roundup in San Antonio, you can join as a speaker!  [29:11] The Conference planning committee is interested in submissions that explore technology and cyber risk, workforce protection and advancement, energy and sustainability, extreme weather, construction, restaurant, retail, hospitality, and other trending now sessions. [29:28] The deadline to submit your proposal is Monday, February 24th. The link to the event and the submission process is in this episode's show notes. Go check it out! [29:39] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [29:58] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [30:20] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [30:30] Let's Return to the Conclusion of My Interview with the Chief Privacy Officer of CISA, James Burd! [31:00] A lot of ERM frameworks exist because they were required by regulation or law. [31:10] Privacy professionals are starting to see the same risks that risk management and compliance professionals have been dealing with for decades. The big tools that privacy professionals use are called Data Privacy Impact Assessments (DPIA). [31:29] DPIAs vary, depending on the regulatory framework or law. DPIAs do two things: they identify what data assets you have and they examine the risks that are associated with the handling of those data assets and what mitigations must be in place to buy down those risks. [31:48] That assessment can populate half of an ERM framework's register. Getting involved with your privacy program manager as they do these DPIAs may first cause the privacy program manager to resist your risk assessment, but a risk in one space is a risk in another space. [32:21] The DPIA is a valuable source of information for a risk manager. You can see the risks earlier. You can identify with the privacy program manager what some of the major risks might become. That means both realized and unrealized risks, which are equally important. [33:06] A privacy program manager will be preoccupied with a lot of the perceived risks. A risk manager wants to know which risks are more likely and identify them early. [33:40] A likelihood assessment will help the privacy officer identify how many “calories” to spend on this risk. The risk manager and privacy manager have a mutually beneficial relationship. They help each other. [34:17] CISA provides cybersecurity education, news on vulnerabilities and cyber threats, threat intelligence, and service to critical infrastructure providers once there is an incident of some sort. The CISA website shows cyber threat indicators of what a compromise might look like. [35:40] CISA has found novel patterns on networks that make it hard to tell that your network has been compromised. CISA calls those things “Left of Doom.” On the “RIght of Doom,” CISA prioritizes the incidents that it responds to. [36:02] CISA focuses primarily on critical infrastructure. If you have a situation CISA cannot respond to, they will assist you by a local field office to find the people to help you, whether it's law enforcement, local cyber security service providers, or a local Emergency Response Team. [37:03] Companies are involved in the California wildfires. Could an incident like that distract them that they might become susceptible to data breaches? James notes that you can't address every problem at the same time. Prioritize, rack, and stack. [37:17] Incidents are going to happen. CISA asks agencies and companies to take the time and spend the resources to knock out all the low-hanging fruit. The great majority of incidents CISA sees are bad actors exploiting very simple, easy-to-fix vulnerabilities. [37:55] It might be companies not using encrypted traffic, or only using a password to secure access to a server. The fix is relatively low cost or low impact. It takes time to figure out how to do the fix, but you'll be grateful that you took the time and spent the money to implement it. [38:24] The cost of a greater fix from the breach of a simple vulnerability will be far greater than the resources you'd spend to address it in the first place. Establishing that floor will help you focus on other “fires” that pop up while assuring you won't get “popped” for a silly reason. [38:49] If somebody's going to get you, make sure they've tried their hardest to get you. [38:58] It's Data Privacy Day today, as this episode is released! It's the start of Data Privacy Week! The theme is Take Control of Your Data!  [39:22] Robust privacy governance tips: Figure out where your data asset inventory is for your organization. Keep track of it and keep track of the risk associated with each data asset, Each data asset may have a different set of risks. [39:47] Every organization should maintain a comprehensive inventory of data assets, detailing what data is collected, where it is stored, who has access to it, and how it's used. [39:56] The risk professional probably isn't the one who takes the inventory, but they should have access to it and they should be evaluating that inventory.  [40:06] The risk professional can help the privacy manager by helping them establish clear policies and procedures for handling data, access control, and breach response, based on real risk. A privacy officer sometimes has difficulty identifying a real risk over a perceived risk. [40:23] By focusing on real risks, you avoid the problem where privacy officers spend too much energy coming up with solutions for the most unlikely scenarios, leaving organizations unprepared for what's likely to happen. [40:42] Special thanks again to James Burd of CISA for joining us here on RIMScast! There are lots of links about Data Privacy Day and Data Privacy Week in this episode's show notes. [40:54] Also see links to RIMS Risk Management magazine coverage of data privacy through the years and links to some RIMScast episodes that touch upon the topic. Be sure to tune into last week's episode with Tod Eberle of the Shadowserver Foundation on cyber risk trends of 2025! [41:18] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [41:47] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [42:05] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [42:23] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [42:39] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [42:53] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [43:00] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4-7. | Register today! RIMS Legislative Summit — March 19‒20, 2025 Cyber Infrastructure Security Agency National Cybersecurity Alliance | Data Privacy Week 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Texas Regional Conference 2025 | Submit an Educational Session by Feb. 24. RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP” | Presented by the RIMS Greater Bluegrass Chapter February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 | Instructor: Gail Kiyomura “Applying and Integrating ERM” | Feb. 26‒27, 2025 | Instructor: Elise Farnham “Managing Data for ERM” | March 12, 2025 | Instructor: Pat Saporito See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Cyberrisk Trends in 2025 with Shadowserver Alliance Director Tod Eberle” “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024) “Cybersecurity and Insurance Outlook 2023 with Josephine Wolff”   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance”| Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: James Burd, Chief Privacy Officer, Cyber Infrastructure Security Agency (CISA)   Production and engineering provided by Podfly.  

¿Qué diferencia hay entre protección de datos personales y privacidad? ¿Deberíamos más bien sustituir este último concepto por el derecho a la intimidad en España?  Hemos conseguido aclarar estas dudas en el día internacional de la protección de datos personales (28 de enero), también conocido como “Data Privacy Day” en Estados Unidos o Australia.  Borja Adsuara es Doctor en Filosofía del Derecho, Profesor de Derecho Digital en la Universidad Complutense y en varios Másters, Consultor Experto en Derecho, Estrategia y Comunicación Digital. También es colaborador en varios medios de comunicación y divulgador en redes sociales. Ha participado en toda la legislación digital en España desde 1992 (LORTAD), es Premio de la Agencia Española de Protección de Datos (2019) a las Buenas Prácticas y es Ponente de la Carta Española de Derechos Digitales (2021).  Referencias: Borja Adsuara en Bluesky Borja Adsuara en LinkedIn Masters of Privacy: Data Protection vs. Privacy and Data Privacy: a January 28th conundrum Consejo de Europa: Día Internacional de la Protección de Datos Gobierno de los EE.UU: Data Privacy Day  

This special episode of Legally Bond is a part of Bond's 2025 Countdown to Data Privacy Day. Bond's cybersecurity and data privacy practice group co-chair, Jessica Copeland, speaks with Christine Wiktor, Area Vice President for Gallagher. Christine discusses how cyber insurance is crucial for organizations in today's digital landscape and provides best practices for responding to cyber incidents and engaging with insurance carriers.

Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.   In this episode, Justin interviews Shadowserver Foundation Alliance Director Tod Eberle about cybersecurity. Tod tells how his background as a prosecutor led to his interest in cybersecurity, how he encountered the non-profit Shadowserver Foundation, and how he left the public sector to work with them. He explains how Shadowserver provides actionable data to alert network owners and law enforcement of network vulnerabilities that need to be mitigated. He discusses trends in malware attacks, especially in ransomware. He shares his thoughts on ransomware threats of 2025 and the years to come. He provides tips on preparing your network against ransomware.   Listen to how you can harden your organization's network against malware attacks. Key Takeaways: [:01] About RIMS and RIMScast. [:14] Public registration is open for RISKWORLD 2025! RIMS wants you to Engage Today and Embrace Tomorrow in Chicago from May 4th through May 7th. Register at RIMS.org/RISKWORLD and the link in this episode's show notes. [:33] About this episode. We will discuss cybersecurity with Tod Eberle, the Alliance Director of the Shadowserver Foundation. [:55] RIMS-CRMP Workshops! On February 19th and 20th, there will be a two-day virtual workshop for the RIMS-CRMP led by former RIMS President Chris Mandel and presented by the RIMS Greater Bluegrass Chapter, the 2024 RIMS Chapter of the Year. [1:18] The next RIMS-CRMP-FED exam course will be held from February 4th through the 6th, 2025. Links to these courses can be found through the Certification page of RIMS.org and this episode's show notes. [1:34] Virtual Workshops! Chris Hansen will return on February 11th and 12th to lead the two-day course “Claims Management”. Gail Kiyomura of The Art of Risk Consulting will host the “Fundamentals of Insurance” virtual workshop on February 19th and 20th, 2025. [1:58] On February 26th and 27th, Elise Farnham of Illumine Consulting will lead “Applying and Integrating ERM”. “Managing Data for ERM” will be hosted by Pat Saporito. That course starts on March 12th, 2025. [2:20] A link to the full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's show notes. [2:31] The RIMS Legislative Summit 2025 is back! It will be held on March 19th and 20th in Washington, D.C. Join RIMS for two days of Congressional meetings, networking, and advocating on behalf of the risk management community. [2:49] This event is open for RIMS members only so if you're not a member, join now! Visit RIMS.org/advocacy for registration details. [3:02] Interview! Our guest Tod Eberle is the Alliance Director of the Shadowserver Foundation, a non-profit security organization working altruistically behind the scenes to make the internet more secure for everyone. [3:15] Tod Eberle is with us to discuss the cybersecurity trends on his risk radar and the threats he wants risk professionals to be aware of as 2025 kicks into high gear. Shadowserver Alliance Director, Tod Eberle, welcome to RIMScast! [3:41] Justin saw that Shadowserver Foundation was promoted by the National Cybersecurity Alliance and he thought it would be great to have a follow-up on his appearance there. [3:54] Tod says the National Cybersecurity Alliance is a great organization. After working together with them for a year, they invited Tod to do a webinar. It was a great experience. [4:28] Tod's background is as a career prosecutor, starting as a county prosecutor in Western Pennsylvania in 1997. In 2004, Tod became a Federal Prosecutor in Pittsburgh for the U.S. Department of Justice. [5:00] In 2014, He transitioned over to the National Security and Cybercrime section in Pittsburgh. Pittsburgh was at the forefront of cyber investigations by both the U.S. Attorney's Office and the FBI. Tod wanted to be a part of that. [5:34] The Pittsburgh office has run investigations and issued indictments against Chinese Military Intelligence officers and Russian GRU officers for hacking. In 2014, Pittsburgh had the first criminal indictment of nation-state threat actors. [6:00] In that case, Chinese Military Intelligence PLA officers hacked into Pittsburgh companies Westinghouse, ALCOA, U.S. Steel, and United Steel Workers. Some forward-thinking folks at the FBI and the U.S. Attorney's Office, particularly U.S. Attorney David Hickton, focused on cyber. [6:29] That continued over the years until the present. [6:46] To begin an investigation, the FBI and U.S. Attorney's Office in Pittsburgh, need to have some aspect of an organization's criminal activity touch that district, the Western District of Pennsylvania. A national ransomware case with one victim in Pittsburgh can be investigated. [7:16] In the investigation of Russian GRU actors responsible for the destructive NotPetya malware attack, a district hospital's network was attacked and destroyed. They expanded the investigation and charging documents to include other attacks around the country. [7:58] In 2015 Tod was a prosecutor working with the FBI on an investigation. He was at Europol at the Hague in the Netherlands, a center that brings together investigators and prosecutors from different countries who investigate the same threat group through Europol and Eurojust. [8:33] Tod met the Shadowserver Foundation non-profit group at the Hague in 2015. They were helping, through free technical support to the takedown operation, to dismantle the infrastructure of a crime group, using sinkholing and other security measures. [9:08] Tod Joined the Shadowserver Foundation in January of 2023. He is the Shadowserver Alliance Director. As a small non-profit, everyone wears many hats. The Shadowserver Foundation is a 501(c)(3) in the U.S. and a separate non-profit legal entity in the Netherlands. [9:47] The Shadowserver Foundation started about 2004. It celebrated its 20th anniversary in 2024. It began as a loose group of volunteers made up of cybersecurity researchers and technical experts who came together to help network owners and law enforcement. [10:15] Over the years they became more structured and became a non-profit organization. It's an unusual non-profit organization working 100% in operations. It works in three core areas. First, it's the world's largest provider of free, actionable cyber threat intelligence. [10:45] Second, the Shadowserver Foundation does cybersecurity capacity-building around the world. Third, it also provides free support to law enforcement investigations and disruption operations with technical support and expertise. Those three things are its core mission. [11:07] Justin notes commonalities between RIMS cyber risk reporting and the Shadowserver Foundation's work. Shadowserver collects a vast amount of threat data daily. What are the patterns it sees for 2025? [11:29] Shadowserver Foundation can help organizations mitigate risks. It collects cyber threat data at its data center in California through internet-wide scanning, honeypot sensors, sinkholing operations, and collecting and analyzing malware samples. [11:57] Every day for free the Shadowserver Foundation takes that data and provides it to over 9,000 organizations around the world and to 201 National C-CERTs that cover about 176 countries. [12:13] These reports identify exposed, misconfigured, vulnerable, compromised instances or devices on networks that need patching. [12:25] The organizations that get Shadowserver's data can be anything from banks to hospitals, universities, K-12 school districts, ISPs, local, state, and federal governments, small, medium, and large businesses, Fortune 500s, and NGOs; just about anyone can sign up. [12:46] The idea behind this is that cyber security should be available to everyone, regardless of the ability to pay. Organizations can sign up at the Shadowserver Foundation website, and provide their contact information and network information with IP ranges and ASNs. [13:12] The Shadowserver Foundation does its due diligence and if everything checks out, it automates those reports to go out to the organization daily. About 9,000 organizations sign up directly to receive daily reports. [13:22] The Shadowserver Foundation also sends out data for entire countries to the national C-CERT designated to handle that in those countries. In the U.S., CISA gets hundreds of millions of events from them every day for all the U.S. It is the same around the world. [13:52] Tod says that some things never change. Networks are breached primarily through phishing attacks, malicious links or attachments, and social engineering. [14:09] One trend is a focus on vulnerabilities. Criminals exploit vulnerabilities in the network that aren't timely patched and before they are patched. Shadowserver gives organizations an external snapshot view of their networks just as criminals are scanning for themselves. [14:52] Cybercriminal groups increasingly leverage zero-day vulnerabilities to breach a network. A zero-day vulnerability is a flaw in software or hardware that's unknown to the vendor and has no patch. The vendor has had zero days to fix the vulnerability after it has been discovered. [15:16] That was the case with the Clop ransomware gang. In 2024, they started exploiting zero-day vulnerabilities in Fortra's GoAnywhere software. That continued in May, with them exploiting Progress Software's MOVEit file transfer application. [15:38] Very recently, in December, the Clop Ransomware group claimed responsibility for using a zero-day vulnerability in Clio's file transfer platform that breached victims' networks. [15:49] Cyber criminals extort victims and steal data with ransomware attacks. Risk managers in cybersecurity need to stay on top of critical vulnerabilities that often go unpatched. Those are often the easiest gateway into a network. [16:26] Plug Time! RIMS Webinars! Resolver will be joining us on February 6th to discuss “4 Themes Shaping the Future of GRC in 2025”. [16:38] HUB International continues its Ready for Tomorrow Series with RIMS. On February 20th, they will host “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025”. [16:54] More webinars will be announced soon and added to the RIMS.org/webinars page. Go there to register. Registration is complimentary for RIMS members. [17:06] Nominations are also open for the Donald M. Stuart Award which recognizes excellence in risk management in Canada. Links are in this episode's show notes. [17:17] The Spencer Educational Foundation's goal to help build a talent pipeline of risk management and insurance professionals is achieved in part by its collaboration with risk management and insurance educators across the U.S. and Canada. [17:35] Since 2010, Spencer has awarded over $3.3 million in general grants to support over 130 student-centered experiential learning initiatives at universities and RMI non-profits. Spencer's 2026 application process will open on May 1st, 2025, and close on July 30th, 2025. [17:58] General grant awardees are typically notified at the end of October. Learn more about Spencer's general grants through the Programs tab at SpencerEd.org. [18:08] Let's Return to the Conclusion of My Interview with Tod Eberle of Shadowserver! [18:49] Justin notes that In December of 2024, China attackers breached the Committee on Foreign Investment in the U.S. That is the government office that assesses foreign investments for national security risks. [18:58] China also targeted the Treasury's Sanctions Office after it sanctioned a Chinese company for its alleged role in cyberattacks. [19:14] Tod thinks we should acknowledge that this is nothing new and nothing we should be surprised about. It's been going on for many years and it's going to continue. Justin was in the Federal government in 2013 and 2014. [19:32] In 2015, it was announced that the U.S. Office of Personnel Management had been breached. Personal sensitive data for 42 million people were stolen. [19:44] In May 2014, five Chinese military officers were indicted for computer hacking and economic espionage against companies based in Pittsburgh. This is nothing out of the ordinary. Unfortunately, indictments don't seem to have a deterrent effect. [20:21] Countries can deny the charges of hacking even with strong evidence of their involvement. [20:37] There are different types of hacking, with different types of motivation. There is traditional espionage against U.S. government agencies. There is theft of intellectual property with nation-states trying to gain a commercial advantage in business. [21:23] There are destructive hacks by nation-state actors, like the NotPetya attack, or attacks on the Ukrainian power grid and banking systems in 2015 and 2016. [21:36] The Volt Typhoon threat actor group and its access to the U.S. critical infrastructure is one of the greatest national security concerns because of its potential to disrupt everything from water to power, to food, to transportation. [22:10] The ripple effect that can come from those disruptions would be enormous. The Colonial Pipeline ransomware attack of a few years ago affected fuel supplies, commerce, and the prices of goods. [22:31] Nation-state hacking is no longer just a concern for government agencies and companies that do business internationally, but it's now a concern for all of society. There's the potential to affect the daily lives of innocent civilians through attacks on critical infrastructure. [23:16] Tod mentions another 2014 indictment out of Pittsburgh, on the GameOver Zeus Botnet takedown. Part of that was a crypto locker ransomware disruption. This was in the infancy of ransomware, for $300 ransoms. Now ransom demands are in the tens of millions of dollars. [23:53] We have seen a huge evolution in ransomware. It's not going away. One thing we're seeing is bypassing data encryption and focusing on data theft. It's easier and less time-consuming for the threat actors because they don't have to map out the network. [24:41] If a victim company had good backups and easy restoration, that was an issue ransomware actors had to deal with, so why would the threat actors bother with that? They just focus on easy data theft and extortion of ransom for the data. [25:04] Tod thinks we will continue to see extortion. Ransomware continues to be the greatest concern for companies. The use of AI has been increasing both for defenders and attackers.  [25:14] A new ransomware group, FunkSec, is claiming large numbers of victims of extortion, encryption, and data theft. They seem to have ransom demands of less than $10,000. They have sold stolen data. Researchers think this is a less experienced group using AI to write code. [27:22] Shadowserver's very talented team collects the data. It's free. They want to get it into the hands of those who can use it. The reports identify things that are seen to be misconfigured or unnecessarily exposed to the internet. Sometimes they can show if something is compromised. [28:12] Shadowserver designates the events by severity level so the end user can prioritize their patching and address first the ones that are most critical and severe. The reports act both as an early warning system and a victim notification system if a device is seen to be compromised. [28:59] The network owner needs to remediate that and patch it before further exploitation like a ransomware attack can occur. [29:07] Shadowserver has two ways to detect that a device is compromised. The first is if they have indicators that tell them a device on the network is compromised. The second is with their support for law enforcement, law enforcement may share sensitive data with Shadowserve. [29:32] When law enforcement does a takedown and they get victim identification data like IP addresses, they must do victim notification. Law enforcement isn't scaled to do victim notification for hundreds of thousands of users. Shadowserver helps them with notifications. [30:48] Shadowserver is very careful to share data responsibly. Company A will get the data they have for Company A and it won't be shared with Company B and vice versa. Shadowserver views the data as belonging to that network owner. [31:08] If a company authorizes Shadowserver and wants them to share their data with a third party, Shadowserver will happily do it. There are several companies with MSSPs to manage their security. If the company asks, Shadowserver will send the data to their MSSP. [31:43] As a small, non-profit organization, not everyone has heard of the Shadowserver Foundation. They want people to know they have this data and they want to share it. It could be relevant for cyber insurance companies' due diligence, with the insurance applicant's consent. [32:20] It's important because those reports can show whether a network has remained healthy and secure over time. Tod would love to see Shadowserver be able to help more in the risk mitigation areas. [32:56] Special thanks again to Shadowserver Foundation's Tod Eberle for joining us here on RIMScast! Check out this episode's show notes for links to the Shadowserver reports we mentioned. [33:07] Be sure to tune in next week for Data Privacy Day! We've got a special episode with James Burd, Chief Privacy Officer of the Cybersecurity and Infrastructure Security Agency (CISA). That's going to be a good one! [33:22] More RIMS Plugs! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. [33:50] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate and help you reach them! Contact pd@rims.org for more information. [34:07] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. [34:25] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.  [34:41] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management. [34:55] Justin Smulison is the Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [35:03] Thank you all for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe!   Mentioned in this Episode: RIMS Risk Management magazine RISKWORLD 2025 — May 4‒7 | Register today! RIMS Legislative Summit — March 19‒20, 2025 Nominations for the Donald M. Stuart Award Spencer Educational Foundation — General Grants 2026 — Application Dates RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy Shadowserver Foundation National Cybersecurity Alliance RIMS Webinars: RIMS.org/Webinars “4 Themes Shaping the Future of GRC in 2025” | Sponsored by Resolver | Feb. 6, 2025 “Ready for the Unexpected? Strategies for Property Valuation, Disaster Recovery and Business Continuity in 2025” | Sponsored by Hub International | Feb. 20, 2025 Upcoming Virtual Workshops: “Claims Management” | February 11‒12, 2025 | Instructor: Chris Hansen “Fundamentals of Insurance” | Feb. 19‒20, 2025 “Applying and Integrating ERM” | Feb. 26‒27 “Managing Data for ERM” | March 12, 2025 See the full calendar of RIMS Virtual Workshops RIMS-CRMP Prep Workshops   Upcoming RIMS-CRMP Prep Virtual Workshops: “Stay Competitive with the RIMS-CRMP | Presented by the RIMS Greater Bluegrass Chapter” February 19‒20, 2025 | Instructor: Chris Mandel Full RIMS-CRMP Prep Course Schedule Full RIMS-CRMP Prep Course Schedule   Related RIMScast Episodes: “Kicking off 2025 with RIMS CEO Gary LaBranche” “Year In Risk 2024 with Morgan O'Rourke and Hilary Tuttle” “AI and Regulatory Risk Trends with Caroline Shleifer” “Cybersecurity Awareness and Risk Frameworks with Daniel Eliot of NIST” (2024)   Sponsored RIMScast Episodes: “Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor “Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL “How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog “Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant “RMIS Innovation with Archer” | Sponsored by Archer “Navigating Commercial Property Risks with Captives” | Sponsored by Zurich “Breaking Down Silos: AXA XL's New Approach to Casualty Insurance” | Sponsored by AXA XL “Weathering Today's Property Claims Management Challenges” | Sponsored by AXA XL “Storm Prep 2024: The Growing Impact of Convective Storms and Hail' | Sponsored by Global Risk Consultants, a TÜV SÜD Company “Partnering Against Cyberrisk” | Sponsored by AXA XL “Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh “Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos “Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL “Elevating RMIS — The Archer Way” | Sponsored by Archer “Alliant's P&C Outlook For 2024” | Sponsored by Alliant “Why Subrogation is the New Arbitration” | Sponsored by Fleet Response “Cyclone Season: Proactive Preparation for Loss Minimization” | Sponsored by Prudent Insurance Brokers Ltd. “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response   RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars RIMS-Certified Risk Management Professional (RIMS-CRMP) RISK PAC | RIMS Advocacy RIMS Strategic & Enterprise Risk Center RIMS-CRMP Stories — Featuring RIMS Vice President Manny Padilla!   RIMS Events, Education, and Services: RIMS Risk Maturity Model®   Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.   Want to Learn More? Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.   Have a question or suggestion? Email: Content@rims.org.   Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn.   About our guest: Tod Eberle, Shadowserver Foundation   Production and engineering provided by Podfly.  

My guest this week is Jay Averitt, Senior Privacy Product Manager and Privacy Engineer at Microsoft, where he transitioned his career from Technology Attorney to Privacy Counsel, and most recently to Privacy Engineer.In this episode, we hear from Jay about: his professional path from a degree in Management Information Systems to Privacy Engineer; how Twitter and Microsoft navigated a privacy setup, and how to determine privacy program maturity; multiple of his Privacy Engineering community projects; and tips on how to spread privacy awareness and stay active within the industry. Topics Covered:Jay's unique professional journey from Attorney to Privacy EngineerJay's big mindset shift from serving as Privacy Counsel to Privacy Engineer, from a day-to-day and internal perspectiveWhy constant learning is essential in the field of privacy engineering, requiring us to keep up with ever-changing laws, standards, and technologiesJay's comparison of what it's like to work for Twitter vs. Microsoft when it comes to how each company focuses on privacy and data protection Two ways to determine Privacy Program Maturity, according to JayHow engineering-focused organizations can unify around a corporate privacy strategy and how privacy pros can connect to people beyond their siloed teamsWhy building and maintaining relationships is the key for privacy engineers to be seen as enablers instead of blockers A detailed look at the 'Technical Privacy Review' processA peak into Privacy Quest's gamified privacy engineering platform and the events that Jay & Debra are leading as part of its DPD'24 Festival Village month-long puzzles and eventsDebra's & Jay's experiences at the USENIX PEPR'23; why it provided so much value for them both; and, why you should consider attending PEPR'24  Ways to utilize online Slack communities, LinkedIn, and other tools to stay active in the privacy engineering worldResources Mentioned:Review talks from the University of Illinois 'Privacy Everywhere Conference 2024'Join the Privacy Quest Village's 'Data Privacy Day'24 Festival' (through Feb 18th)Submit a Proposal / Register for the USENIX PEPR ‘24 ConferenceGuest Info:Connect with Jay on LinkedIn Privado.ai Privacy assurance at the speed of product development. Get instant visibility w/ privacy code scans.Shifting Privacy Left Media Where privacy engineers gather, share, & learnTRU Staffing Partners Top privacy talent - when you need it, where you need it.Disclaimer: This post contains affiliate links. If you make a purchase, I may receive a commission at no extra cost to you.Copyright © 2022 - 2024 Principled LLC. All rights reserved.

Data Privacy is not a tough nut to crack if done with proper guidance and the right support! Let us help you choose the right learning path for you to break into the world of #DataPrivacy & Security with confidence. Schedule a Free Career Guidance write into us at sales@infosectrain.com with your requirements #PrivacyAware #DataPrivacyWeek

It has been almost three years since Rebecca has done a show answering listener questions; it is time she did another one! In this episode she answers a wide range of questions. Some of the questions include: • Why are location trackers (Apple Airtag, Tile, etc.) bad from a privacy perspective? They aren't even sending any personal information; just location. Should they be outlawed if they are actually bad? Listen in to hear not only her answer, but how she explains what engineers need to consider in the design of these, and other types of, IoT products. • How do you think the Dobbs decision was leaked last year from the US Supreme Court? Rebecca provides some insightful theories that have not yet been discussed anywhere else! • Some spam blockers, like AOL spam blocker, are not effective against email addresses. How can more email spam be blocked? Rebecca provides some good advice in response. • How can spoofed emails be prevented? Everyone needs to hear Rebecca's answer to this. • Should spoofed emails be reported? To where? Rebecca provides answers that all listeners, anywhere in the world, can use. Listen in to hear the answers to these, and more, questions. #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #Spam #Spoofing #Dobbs #DobbsLeak #Government Security #IoT #IoTSecurity #IoTPrivacy #LocationTrackers #IoTAssaults #IoTCrime

It has been almost three years since Rebecca has done a show answering listener questions; it is time she did another one! In this episode she answers a wide range of questions. Some of the questions include: • Why are location trackers (Apple Airtag, Tile, etc.) bad from a privacy perspective? They aren't even sending any personal information; just location. Should they be outlawed if they are actually bad? Listen in to hear not only her answer, but how she explains what engineers need to consider in the design of these, and other types of, IoT products. • How do you think the Dobbs decision was leaked last year from the US Supreme Court? Rebecca provides some insightful theories that have not yet been discussed anywhere else! • Some spam blockers, like AOL spam blocker, are not effective against email addresses. How can more email spam be blocked? Rebecca provides some good advice in response. • How can spoofed emails be prevented? Everyone needs to hear Rebecca's answer to this. • Should spoofed emails be reported? To where? Rebecca provides answers that all listeners, anywhere in the world, can use. Listen in to hear the answers to these, and more, questions. #Privacy #PrivacyManagement #RiskManagement #CyberSecurity #DataSecurity #Cybercrime #PersonalData #Awareness #Education #Spam #Spoofing #Dobbs #DobbsLeak #Government Security #IoT #IoTSecurity #IoTPrivacy #LocationTrackers #IoTAssaults #IoTCrime

Jan. 28 was Data Privacy Day - a day to better understand the importance of keeping your personal information private. To celebrate the day and its importance, the province's privacy commissioner, Michael Harvey, released a new video - aptly called "Know Your Privacy Rights."

A big week of updates from Apple. Episode 313 of The Checklist by SecureMac looks at: - Features and fixes in the various OS updates - Security Keys 102 - Data Privacy Day initiatives from Apple   Check out our show notes: SecureMac.com/Checklist And get in touch with us: Checklist@Securemac.com

In this special World Data Privacy Day episode of Legally Bond, Kim talks with Bond cybersecurity and data privacy attorney Mario Ayoub about the Epic Games settlement.For the full article discussed in this episode, click here.

Friday Jan 27th - Provincial Information And Privacy Commissioner Michael Harvey - Data Privacy Day by VOCM

2023 MacBook Pro review: More of the same, in a good way. M2 Mac Mini review: Whatever you want it to be. Apple resurrects full-size HomePod with updated acoustics. Cat activates Homepod music playback. Apple postpones AR/VR glasses, plans cheaper mixed-reality headset. How Apple's upcoming mixed-reality headset will work. iOS 16.3 fixes multiple security vulnerabilities. About security keys for Apple ID. Apple builds on privacy commitment by unveiling new education and awareness efforts on Data Privacy Day. Apple enlists 'Ted Lasso' star power and Today at Apple sessions for 'Data Privacy Day'. How Apple has so far avoided layoffs: Lean hiring, no free lunches. iOS 16.3 code reveals Apple continues to work on classical music app. Apple releases HomePod 16.3 software with humidity and temperature sensing, find my improvements, audio tuning, and more. AI and the Big Five. The Lisa: Apple's most influential failure. Picks of the Week Jason's Pick: Ivory Andy's Pick: Iconfactory - Tot/Tot Pocket Alex's Pick: Affinity Bundle Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to this show at https://twit.tv/shows/macbreak-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

2023 MacBook Pro review: More of the same, in a good way. M2 Mac Mini review: Whatever you want it to be. Apple resurrects full-size HomePod with updated acoustics. Cat activates Homepod music playback. Apple postpones AR/VR glasses, plans cheaper mixed-reality headset. How Apple's upcoming mixed-reality headset will work. iOS 16.3 fixes multiple security vulnerabilities. About security keys for Apple ID. Apple builds on privacy commitment by unveiling new education and awareness efforts on Data Privacy Day. Apple enlists 'Ted Lasso' star power and Today at Apple sessions for 'Data Privacy Day'. How Apple has so far avoided layoffs: Lean hiring, no free lunches. iOS 16.3 code reveals Apple continues to work on classical music app. Apple releases HomePod 16.3 software with humidity and temperature sensing, find my improvements, audio tuning, and more. AI and the Big Five. The Lisa: Apple's most influential failure. Picks of the Week Jason's Pick: Ivory Andy's Pick: Iconfactory - Tot/Tot Pocket Alex's Pick: Affinity Bundle Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to this show at https://twit.tv/shows/macbreak-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

In this episode of Privacy Files, Rich and Sarah celebrate Data Privacy Week. Running January 22-28, 2023, this annual event, sponsored by the National Cybersecurity Alliance, is designed to raise awareness about online privacy. The mission is two-fold: help individuals understand that they have the power to manage their data and educate organizations on why it's important to respect their users' data. We kicked off the episode by covering the recent T-Mobile data breach where a hacker compromised the data of 37 million customers. This is the eighth time T-Mobile has been hacked since 2018. Data Privacy Week commemorates the January 28, 1981 signing of Convention 108, the first legally binding international treaty dealing with privacy and data protection. Last year, the National Cybersecurity Alliance extended Data Privacy Day into Data Privacy Week. We cover how every online activity leaves a data trail linking back to you and your personally identifiable information. Then we give you a series of simple solutions to better protect your data. Both Rich and Sarah tell some personal stories that underscore the prevalence of data collection in our everyday lives. Then we wrap up the episode by talking about how MySudo, the world's only all-in-one privacy app, can help individuals live more privately, and how organizations can leverage privacy to acquire more customers and make them loyal. Links Referenced: https://staysafeonline.org/programs/data-privacy-week/ OUR SPONSORS: Anonyome Labs - Makers of MySudo and Sudo Platform. Take back control of your personal data. www.anonyome.com MySudo - The world's only all-in-one privacy app. Communicate and transact securely and privately. Talk, text, email, browse, shop and pay, all from one app. Stay private. www.mysudo.com Sudo Platform - The cloud-based platform companies turn to for seamlessly integrating privacy solutions into their software. Easy-to-use SDKs and APIs for building out your own branded customer apps like password managers, virtual cards, private browsing, identity wallets (decentralized identity), and secure, encrypted communications (e.g., encrypted voice, video, email and messaging). www.sudoplatform.com

This Data Privacy Day, we have a message from Axel Voss. For business owners on Data Privacy Day. Go ahead with your idea. Concentrate on it, and make it as secure as possible from the starting point. It's privacy by design, avoiding a delay in your processes by waiting for the consent of the data protection authority. Concentrate on your product and keep in mind that it is as secure as possible, as privacy protected as possible. By doing so, you will be on the right track from the beginning. For Professionals / Practitioners in data protection. Enable it, then you can move forward with your ideas of achieving the best possible outcome. You need to have service orientated mindset when implementing data protection. As a legislator, I am not trying to reduce your potential. We should be there in aiding businesses and professional practitioners in creating and providing the relevant framework. And, please make sure that you are not overstepping the rights of others. But it's all a matter of mindset and using the potential of what is already there to be more successful as a result. This is a trailer from the full episode of The FIT4PRIVACY Podcast. If you like this, you would enjoy the full episode. If this is your first time, the FIT4PRIVACY Podcast is a privacy podcast for those who care about privacy. In this podcast, you listen to and learn from industry influencers who share their ideas. The episodes are released as audio every Wednesday and video every Thursday. If you subscribe to our podcast, you will be notified about the new episodes. And, if you have not done it, write a review and share this with someone who will benefit from this. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com Take advantage of our Free GDPR training: https://www.fit4privacy.com/course/free CONNECT Instagram https://www.instagram.com/punit.world/ Facebook https://www.facebook.com/PunitBhatiaSpeaker/ LinkedIn https://www.linkedin.com/showcase/fit4privacy-podcast --- Send in a voice message: https://anchor.fm/fit4privacy/message

2023 MacBook Pro review: More of the same, in a good way. M2 Mac Mini review: Whatever you want it to be. Apple resurrects full-size HomePod with updated acoustics. Cat activates Homepod music playback. Apple postpones AR/VR glasses, plans cheaper mixed-reality headset. How Apple's upcoming mixed-reality headset will work. iOS 16.3 fixes multiple security vulnerabilities. About security keys for Apple ID. Apple builds on privacy commitment by unveiling new education and awareness efforts on Data Privacy Day. Apple enlists 'Ted Lasso' star power and Today at Apple sessions for 'Data Privacy Day'. How Apple has so far avoided layoffs: Lean hiring, no free lunches. iOS 16.3 code reveals Apple continues to work on classical music app. Apple releases HomePod 16.3 software with humidity and temperature sensing, find my improvements, audio tuning, and more. AI and the Big Five. The Lisa: Apple's most influential failure. Picks of the Week Jason's Pick: Ivory Andy's Pick: Iconfactory - Tot/Tot Pocket Alex's Pick: Affinity Bundle Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to this show at https://twit.tv/shows/macbreak-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

2023 MacBook Pro review: More of the same, in a good way. M2 Mac Mini review: Whatever you want it to be. Apple resurrects full-size HomePod with updated acoustics. Cat activates Homepod music playback. Apple postpones AR/VR glasses, plans cheaper mixed-reality headset. How Apple's upcoming mixed-reality headset will work. iOS 16.3 fixes multiple security vulnerabilities. About security keys for Apple ID. Apple builds on privacy commitment by unveiling new education and awareness efforts on Data Privacy Day. Apple enlists 'Ted Lasso' star power and Today at Apple sessions for 'Data Privacy Day'. How Apple has so far avoided layoffs: Lean hiring, no free lunches. iOS 16.3 code reveals Apple continues to work on classical music app. Apple releases HomePod 16.3 software with humidity and temperature sensing, find my improvements, audio tuning, and more. AI and the Big Five. The Lisa: Apple's most influential failure. Picks of the Week Jason's Pick: Ivory Andy's Pick: Iconfactory - Tot/Tot Pocket Alex's Pick: Affinity Bundle Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to this show at https://twit.tv/shows/macbreak-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

2023 MacBook Pro review: More of the same, in a good way. M2 Mac Mini review: Whatever you want it to be. Apple resurrects full-size HomePod with updated acoustics. Cat activates Homepod music playback. Apple postpones AR/VR glasses, plans cheaper mixed-reality headset. How Apple's upcoming mixed-reality headset will work. iOS 16.3 fixes multiple security vulnerabilities. About security keys for Apple ID. Apple builds on privacy commitment by unveiling new education and awareness efforts on Data Privacy Day. Apple enlists 'Ted Lasso' star power and Today at Apple sessions for 'Data Privacy Day'. How Apple has so far avoided layoffs: Lean hiring, no free lunches. iOS 16.3 code reveals Apple continues to work on classical music app. Apple releases HomePod 16.3 software with humidity and temperature sensing, find my improvements, audio tuning, and more. AI and the Big Five. The Lisa: Apple's most influential failure. Picks of the Week Jason's Pick: Ivory Andy's Pick: Iconfactory - Tot/Tot Pocket Alex's Pick: Affinity Bundle Hosts: Leo Laporte, Alex Lindsay, Andy Ihnatko, and Jason Snell Download or subscribe to this show at https://twit.tv/shows/macbreak-weekly. Get episodes ad-free with Club TWiT at https://twit.tv/clubtwit Sponsor: Melissa.com/twit

In this episode of the DLC Blend, we continue with the month's theme of Innovative Designer. Discussion topics include designing lessons with increased student voice and choice, Get Organized Month and how to use the design process to achieve goals, Data Privacy Day, and ways to clean up your digital footprint.

In this episode of Legally Bond, Kim speaks with Bond cybersecurity and data privacy attorney Shannon Knapp. Shannon discusses what to expect during Bond's fourth annual countdown to World Data Privacy Day.

As part of my daily routine, I scan dozens of blogs, visit a handful of Facebook groups, and skim through Twitter. The goal: find the most helpful resources, tools, and articles that I can share with my teacher friends (that's you!). These are my favorite links for January 2023.  ----------------------------- Thanks for tuning into the Chromebook Classroom Podcast! If you enjoyed today's episode, I would appreciate your honest rating and review! You can connect with me, John Sowash, on Facebook, Twitter, or Instagram. I would love to hear your thoughts on the show!

Got a Minute? Website owner checkout today's episode of The Guy R Cook Report podcast - the Google Doc for this episode is @ 20220718 Replay 20220207 Browsercast Vivaldi and Startpage CEOs join forces on Data Privacy Day ----more---- Support this podcast Subscribe where you listen to podcasts I help goal oriented business owners that run established companies to leverage the power of the internet Contact Guy R Cook @ https://guyrcook.com The Website Design Questionnaire https://guycook.wordpress.com/start-with-a-plan/ In the meantime, go ahead follow me on Twitter: @guyrcookreport Click to Tweet Be a patron of The Guy R Cook Report. Your help is appreciated.   https://guyrcook.com https://theguyrcookreport.com/#theguyrcookreport Follow The Guy R Cook Report on Podbean iPhone and Android App | Podbean   https://bit.ly/3m6TJDV Thanks for listening, viewing or reading the show notes for this episode. Vlog files for 2022 are at 2022 video episodes of The Guy R Cook ReportHave a great new year, and hopefully your efforts to Entertain, Educate, Convince or Inspire are in play vDomainHosting, Inc 3110 S Neel Place Kennewick, WA 509-200-1429

Jan 31, 2022 See acast.com/privacy for privacy and opt-out information.

History of Data Privacy Day, FAQs, how to celebrate Data Privacy Day, five ways to protect your data privacy, and three ways data privacy day is important.Mick Smith, Consultant M: (619) 227.3118 E: mick.smith@wsiworld.com Commercials Voice Talent:https://www.spreaker.com/user/7768747/track-1-commercials Narratives Voice Talent:https://www.spreaker.com/user/7768747/track-2-narrativesDo you want a free competitive analysis? Let me know at:https://hubs.ly/Q0139TgJ0Website:https://www.wsiworld.com/mick-smithLinkedIn:https://www.linkedin.com/company/wsi-smith-consulting/Make an appointment:https://app.hubspot.com/meetings/mick-smithBe sure to subscribe, like, & review The Doctor of Digital™ Podcast:https://www.spreaker.com/show/g-mick-smith-phds-tracksSign up for the Doctor Up A Podcast course:https://doctor-up-a-podcast.thinkific.com/

In this special World Data Privacy Day episode of Legally Bond, Kim talks with Bond cybersecurity and data privacy attorney Amber Lawyer about security and privacy risk management in vendor contracts.

Data Privacy Day - January 28, 2022 Browsing Safely - TOR, Brave Browser with TOR, Ublock Origin, Privacy Badger Using a VPN to secure traffic on public networks - iVPN, Proton VPN are wha tI use Password Manager - Yes, I will continue talking about them - I use Bitwarden Encrypted Communications - Signal, Threema, Session, Matrix Cloud Server - Nextcloud Server - Let's talk about this - Simple Login / MySudo - email aliases, phone number and text Email - ProtonMail / Tutanota Notes - Standard Notes - Skiff.org Use two factor authentication - Authy - Bitwarden - Yubikey Way You Can Support The Podcast - Direct Donations and tips on our support page https://www.closedntwrk.com/support/ Follow Me On Twitter - https://twitter.com/closedntwrk Download a Podcast 2.0 app. We recommend Breez or Fountain. You can load them up with Bitcoin / Sats and stream sats to the podcast. https://podcastindex.org/apps - NEWPODCASTAPPS.COM Leave a review for the podcast, you can do this by visiting https://www.closedntwrk.com/reviews/ Reviews are greatly appreciated and of course share the podcast with friends or family A Bug in iOS 15 Is Leaking User Browsing Activity in Real Time https://arstechnica.com/information-technology/2022/01/safari-and-ios-bug-reveals-your-browsing-activity-and-id-in-real-time/ Pegasus attacks in El Salvador: spyware used to target journalists and activists https://www.accessnow.org/pegasus-el-salvador-spyware-targets-journalists/

Kate and Brian take issue with some of the assumptions in the Video Advertising Bureau's investigation into Nielsen's audience undercounting, discuss Google's Topics proposal, and Brian talks to Joseph Turow, the Robert Lewis Shayon Professor of Media Systems & Industries at the Annenberg School for Communication about the state of data privacy. Links to news, reports, and research cited in this episode: https://www.nexttv.com/news/nielsen-out-of-home-error-was-a-big-deal-vab-says https://blog.google/products/chrome/get-know-new-topics-api-privacy-sandbox/ https://www.asc.upenn.edu/people/faculty/joseph-turow-phd

Friday Jan 28th - World Data Privacy Day With Privacy Commissioner Michael Harvey by VOCM

(Starts at 1:00 mark) "Shift Recovery" support group in Grand Falls-Windsor offers help to people with addictions, (11:00) "One Thousand Words" photography project gives survivors of sexual violence a safe space to share their stories, (17:38) researchers of family history may get help from old vital statistics records recently digitized by The Rooms in St. John's, and (24:17) Newfoundland and Labrador's Information and Privacy Commissioner talks about Data Privacy Day - and why we all need to help protect ourselves.

CyberHub Podcast Data Privacy Matters Jan 28th, 2022   Hey Security Gang, Lets talk Privacy on International Data Privacy Day with special guest Lecio DePaula from KnowBe4. Tune in as we discuss the latest trends in Privacy and highlights how Privacy and Security intersect.   CyberHub Podcast is supported by these great partners please make sure to check them out: KnowBe4: https://info.knowbe4.com/phishing-security-test-cyberhub **** Find James Azar Host of CyberHub Podcast, CISO Talk, Goodbye Privacy, Tech Town Square, Other Side of Cyber James on Linkedin: https://www.linkedin.com/in/james-azar-a1655316/ James on Parler: @realjamesazar Telegram: CyberHub Podcast ****** Sign up for our newsletter with the best of CyberHub Podcast delivered to your inbox once a month: http://bit.ly/cyberhubengage-newsletter ****** Website: https://www.cyberhubpodcast.com Youtube: https://www.youtube.com/c/TheCyberHubPodcast Rumble:  https://rumble.com/c/c-1353861 Facebook: https://www.facebook.com/CyberHubpodcast/ Linkedin: https://www.linkedin.com/company/cyberhubpodcast/ Twitter: https://twitter.com/cyberhubpodcast Instagram: https://www.instagram.com/cyberhubpodcast Listen here: https://linktr.ee/cyberhubpodcast   The Hub of the Infosec Community. Our mission is to provide substantive and quality content that's more than headlines or sales pitches. We want to be a valuable source to assist those cybersecurity practitioners in their mission to keep their organizations secure.   #Privacy #cybersecurity #dataprivacy

In this episode of the FIT4PRIVACY Podcast, we celebrate International Data Protection Day. We all know that Jan 28 is the Data Protection Day and on this occasion, Punit shares the Top 10 fines in the EU GDPR regime and what we can learn from these. KEY CONVERSATION POINTS 02:44 - 10. Notebooksbilliger.de — €10.4 million ($12.5 million) 05:27 - 9. Vodafone Italia — €12.3 million ($14.5 million) 08:41 - 8. Wind — €17 million ($20 million) 11:01 - 7. Marriott – €20.4 million ($23.8 million) 13:33 - 6. British Airways – €22 million ($26 million) 17:40 - 5. TIM – €27.8 million ($31.5 million) 20:14 - 4. H&M — €35 million ($41 million) 22:06 - 3. Google – €50 million ($56.6 million) 23:56 - 2. WhatsApp — €225 million ($255 million) 26:10 - 1. Amazon — €746 million ($877 million) ABOUT THE HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach privacy professionals. Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How To Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com CONNECT Instagram https://www.instagram.com/punit.world/ Facebook https://www.facebook.com/PunitBhatiaSpeaker/ LinkedIn https://www.linkedin.com/in/punitbhatia/ Podcast http://hyperurl.co/fit4privacy YouTube http://youtube.com/fit4privacy Email hello@fit4privacy.com --- Send in a voice message: https://anchor.fm/fit4privacy/message

To celebrate Data Privacy Day 2022, we talked to the godfather of GDPR, Paul Nemitz, about how bigtech threatens democracy, the role law can play in protecting people and societies from adverse effects of technology and why it's time to regulate AI. Tune in to learn more about the upcoming European AI act and find out what role synthetic data is likely to play in this regulated future! 

In this episode of Legally Bond, Kim speaks with Bond cybersecurity and data privacy attorney Jessica Copeland. Jessica discusses what to expect during Bond's third annual countdown to World Data Privacy Day.

Understanding how our data is used on Data Privacy Day, Google has kicked off an information war about the News Media Bargaining Code - but they've also presented a solution, Tesla has unveiled the latest version of the Model S electric car, we review the Samsung Galaxy S21 Ultra smartphone, Norton releases new internet security for gamers, Ring launches its smallest and cheapest video doorbell and we'll answer your tech questions in the Tech Guide Help Desk. Learn more about your ad choices. Visit megaphone.fm/adchoices

Each week we take a look at the most recent and interesting events and trends related to data security and privacy. This week is a replay from our webinar on Data Privacy Day, hosted by our partner the National Cybersecurity Alliance, where we revealed our new 2020 Data Breach Report including the top trends in cyberattacks. Download a copy of the ITRC's 2020 Data Breach Report here: notified.idtheftcenter.org/s/ Follow on LinkedIn: www.linkedin.com/company/idtheftcenter/ Follow on Twitter: twitter.com/IDTheftCenter

2018 privacy hero of the year, Tara Taubman-Bassirian, discusses the EU GDPR, the increasing need for protecting privacy in the increasingly technology-rich environment, and some activities for Data Privacy Day on January 28, 2019. What are the benefits of GDPR? Where can it be improved upon? What do companies struggle with most for GDPR compliance? What is a “hot potato” GDPR issue? How are binding corporate rules (BCRs) used for non-adequate countries? How has Brexit impacted GDPR compliance? Why does privacy matter? What are the current largest threats to privacy? What are some activities for Data Privacy Day? Hear Tara discuss these topics, and more, with Rebecca.

George Rettas talks about Cyber Security at the Super Bowl, gives some data security pointers in recognition of Data Privacy Day in America, and then is joined by special guest Dr. Rebecca Wynn where they discuss Woman in Cyber Security and the successes, failures, and challenges around efforts to secure confidential data across organizations in all the critical infrastructures. Dr. Wynn was named the 2017 Cyber Security Professional of the Year sponsored by the Cyber Security Excellence Awards, and she was also awarded SC Magazine's Chief Privacy Officer of the Year Award in 2017. Dr. Wynn is an inspiration to thousands of women in Cyber Security and the broader technology space and has been published dozens of times on various different topics in the Cyber Security field.