POPULARITY
Categories
Send us a textOn this week of Serious Privacy, Paul Breitbarth, and Dr. K Royal (Ralph O'Brien was traveling), we cover a wild wrap up of privacy activities, including Tom Kemp as the newly appointed head of the California Consumer Privacy Protection Agency, and a wide sweep of enforcement actions including Roku, Honda Motor Company, National Public Data, Tom Snyder, plus class actions against Insomnia and Pill Pack, and a reprimand sent to Deep Seek, IAPP's state privacy law tracker update, California is seeking public feedback on proposed regulations for the delete request and opt-out platform - the DROP system, CNIL's guidance on monitoring self-checkouts, and Meta's request for a court to invalidate the EDPB guidance (can't do it, it's not a law) and Belgium's new law plus quite a bit more. We are packed with news.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
AFCEA'S TechNet Cyber conference held in Baltimore, Maryland was the perfect opportunity to sit down with Greg Carl, Principal Technologist from Pure Storage. Pure Storage is used by 175 federal agencies. Time to sit down from a subject matter expert and explain their value proposition. Today's federal government is attempting to accomplish digital modernization through a move to the cloud and, at the same time, reduce staff. To multiply the risk associated with this endeavor, we see an increase in cyber attacks on data at rest, in transit, and while in use. Greg Carl drills down on how Pure Storage can help federal leaders in several areas, he begins with Retrieval Augmented Generation, RAG. People have jumped into AI without knowing how to structure a large language model, the popular LLM. RAG focuses on text generation and tries to make sure the data collected is accurate, relevant, and contextually aware. Pure Storage asks, if RAG protects the results of a query, what protects the “Retrieval” part of RAG. We know LLMs are being attacked every day. Malicious code could be placed in a LLM, and the RAG system might not know. A decade ago, backups were child's play. A server down the hall, a backup appliance. Today, one needs an agile cloud solution to perform continuous backups in a hybrid world. One way to gain resilience is to use immutable backups where the attacked system can be restored and not lose valuable time. Speed and security handling important data activities can reduce costs for federal leaders by improving accuracy of LLMs and speed the time to recover after an attack. Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com
Send us a textOn this episode of @SeriousPrivacy, hosts Paul Breitbarth and Dr. K Royal (Ralph wasn' able to join us in DC) catch up with Tahu Kukutai, Professor, The University of Waikato; Jade Makory, CIPP/E, CIPM, CIPT, FIP, Legal and Advocacy Director, Data Analytics Kenya, and Privacy Expert, PwC (on Sabbatical); and Shana Morgan, AIGP, CIPP/E, CIPM, FIP, Global Head of AI / Privacy, L3Harris Technologies - just after the first IAPP panel on indigenous privacy at GPS25 (moderated by Shoshana Rosenberg). Fabulous and enlightening. Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Parisa Tabriz is vice president and general manager for Google Chrome, the world's leading browser platform. She leads efforts to make Chrome a secure and essential enterprise workspace, integrating AI and advanced cybersecurity to meet evolving business needs. In this episode, Parisa joins Bob to explore how Chrome is redefining the browser as a productivity and security platform, the role of AI in enterprise protection, and what's next for Chrome's innovations.Chrome at Google Cloud NextThe Big Themes:Chrome's Evolution into a Central Productivity and Security Platform: Over the past 17 years, Chrome has transformed from a simple web browser into a comprehensive platform integral to enterprise productivity and security. Users now spend a significant portion of their workday within Chrome, utilizing it for tasks ranging from document editing to video conferencing. This shift has positioned Chrome as the new endpoint in enterprise environments.Simplifying Enterprise Security with Chrome: Complexity is often the enemy of security. Chrome aims to simplify enterprise security by integrating protective measures directly into the browser, reducing the need for multiple, potentially conflicting security solutions. Features like automatic updates, built-in phishing protection, and centralized policy management allow IT teams to maintain a secure environment with less overheads.Personalization, Governance, and AI Empowerment: Chrome prioritizes features that allow organizations to personalize user experiences while maintaining strict governance over data and AI usage. Tools like data masking, controlled copy-paste functionalities, and the ability to designate approved AI applications help prevent data leaks and ensure compliance with internal policies. By providing these controls, Chrome empowers enterprises to harness the benefits of AI technologies responsibly.The Big Quote: ". . . the browser is the place where you can give people access to the benefits [of AI], but also make sure that you have the controls and governance to turn it off or make sure that your employees aren't copying and pasting data into an unsanctioned AI surface."More from Parisa Tabriz and Google Chrome:Connect with Parisa on LinkedIn or learn more about Google Chrome.
In this episode of Actualizing Success, our experts discuss the pressing need for enhancing treasury defenses against the evolving landscape of fraud risks. Actualize Consulting's Treasury Consultant, Dom Boyle, is joined by Baptiste Collot, co-founder and CEO of TrustPair, who brings extensive experience from his days as a treasurer. Together, they discuss the alarming rise of sophisticated fraud tactics fueled by artificial intelligence and how treasury teams can adapt to these new challenges. As AI technology continues to advance, fraudsters are leveraging it in unprecedented ways, necessitating a strategic response from organizations.Listen to learn more about:How fraudsters are exploiting AI to enhance their tactics.Building a clean and centralized data lake across your organization to protect proprietary data.The importance of a multi-layered defense strategy in treasury operations.Practical use cases and best practices for strengthening treasury against fraud risks.Avoiding blind trust and automation, and ensuring human oversight and approval layers is part of the process.Join us for an enlightening discussion on the crucial need for technological integration in financial processes to effectively combat these evolving threats and better safeguard your treasury operations.Thanks for listening to this episode of the Actualizing Success Podcast! We hope you enjoyed the discussion and will come back for more. In the meantime, don't forget to rate this episode and leave a review! We invite you to contact Actualize and Trustpair for any inquiries regarding preventing fraud and further preparing for the AI revolution.Get in touch with Actualize at www.actualizeconsulting.com Get in touch with Trustpair at https://trustpair.com/ |We'd love to hear from you! If you have any questions, comments, or would like to collaborate on a future episode, please contact us at podcast@actualizeconsulting.com.
In today's episode of Tech Talks Daily, I sit down with Christian Reilly, Field CTO for EMEA at Cloudflare, the Connectivity Cloud company, to examine the latest findings from their cybersecurity research and what they reveal about how prepared different industries really are. While sectors like IT, gaming, and financial services have seen a higher volume of cyberattacks, they also report greater readiness and resilience. In contrast, industries like education and healthcare, although less frequently targeted, remain far less prepared to defend against growing threats. This gap raises important questions about how organizations approach security depending on their legacy systems, revenue models, and digital maturity. Christian brings years of frontline experience to the discussion and shares actionable insights into how companies can build cybersecurity strategies that not only protect but also improve performance. From the shift toward zero trust architecture to the critical role of board-level engagement, we explore how forward-thinking organizations are rethinking the role of cybersecurity in modern digital operations. He explains why simplicity often beats complexity, and how reducing friction for end users is key to long-term resilience. We also look ahead to some of the key trends shaping the future of security. Christian dives into the challenges posed by emerging technologies such as quantum computing, AI, and the explosion of data generated by IoT and smart infrastructure. He stresses the importance of preparing now for scenarios like Harvest Now, Decrypt Later, and why organizations need to begin thinking seriously about post-quantum cryptography. On the human side, Christian outlines what effective training looks like today and how to shift employee culture from compliance to awareness. If you're wondering how to stay one step ahead of evolving threats, this conversation offers a wealth of insight from the heart of the Connectivity Cloud. How is your organization preparing for what's coming next?
PEBCAK Podcast: Information Security News by Some All Around Good People
Welcome to this week's episode of the PEBCAK Podcast! We've got four amazing stories this week so sit back, relax, and keep being awesome! Be sure to stick around for our Dad Joke of the Week. (DJOW) Follow us on Instagram @pebcakpodcast Please share this podcast with someone you know! It helps us grow the podcast and we really appreciate it! 25% of community college students are AI bots https://calmatters.org/education/higher-education/2024/04/financial-aid-fraud/ https://x.com/elonmusk/status/1916365142918300053 Microsoft makes accounts passwordless by default https://www.bleepingcomputer.com/news/microsoft/microsoft-makes-all-new-accounts-passwordless-by-default/ Scattered Spider ransomware crew lives on https://www.darkreading.com/cyberattacks-data-breaches/despite-arrests-scattered-spider-continues-hacking Data Protection https://www.zscaler.com/products-and-solutions/data-protection Dad Joke of the Week (DJOW) Find the hosts on LinkedIn: Chris - https://www.linkedin.com/in/chlouie/ Brian - https://www.linkedin.com/in/briandeitch-sase/ Glenn - https://www.linkedin.com/in/glennmedina/ Raja - https://www.linkedin.com/in/rajazkhalid/
Send us a textOn this week of Serious Privacy, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal connect to cover a week in privacy as Paul Breitbarth is away. This weeks shorter episode includes a guide to what's coming up from Serious Privacy at IAPP summit in DC, a penalty from the UK ICO, EDPB draft Guidance on blockchain, state laws, enforcement actions, and more!Please subscribe in your favorite podcast app - sharing is caring! Some resourceshttps://ico.org.uk/about-the-ico/media-centre/news-and-blogs/2025/04/law-firm-fined-60-000-following-cyber-attack/https://www.edpb.europa.eu/news/news/2025/edpb-adopts-guidelines-processing-personal-data-through-blockchains-and-ready_enhttps://iapp.org/resources/article/us-state-privacy-legislation-tracker/#state-privacy-law-chart Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
What's the secret to winning a trade secret trial? Find out in this compelling episode of Spilling Secrets, where Epstein Becker Green attorneys Katherine G. Rigby, James P. Flynn, and Adam Paine break down the art of navigating these high-stakes cases. From designing winning courtroom tactics and leveraging key witnesses to using storytelling as a tool to clarify complex trade secret claims, our panelists offer actionable insights and essential tips for safeguarding confidentiality and determining the right trial format to secure the best outcomes for your business. Visit our site for this week's other highlights and links: https://www.ebglaw.com/eltw389 Spilling Secrets is a special monthly podcast series about the future of non-compete and trade secrets law. We invite you to view Employment Law This Week® – learn about significant developments in employment and labor law and workforce management in a matter of minutes every #WorkforceWednesday®. Watch the series and subscribe for email notifications: http://www.EmploymentLawThisWeek.com. These materials have been provided for informational purposes only and are not intended and should not be construed to constitute legal advice. The content of these materials is copyrighted to Epstein Becker & Green, P.C. EMPLOYMENT LAW THIS WEEK® and #WorkforceWednesday® are registered trademarks of Epstein Becker & Green, P.C. ATTORNEY ADVERTISING.
The following article of the Cybersecurity industry is: “Data Protection in Mexico: New Challenge in Era of Conversations” by Thiago Goncalves, Executive Director LATAM, Blip.
Stay in control as GenAI adoption accelerates across your organization using Data Security Posture Management for AI in Microsoft Purview. With built-in visibility into how AI apps and agents interact with sensitive data—whether inside Microsoft 365 or across unmanaged consumer tools—you can detect risks early, take decisive action, and enforce the right protections without slowing innovation. Monitor usage trends, investigate prompts and responses, and respond to potential data oversharing or policy violations in real time. From compliance-ready audit logs to adaptive data protection, you'll have the insights and tools to keep data secure as AI becomes a part of everyday work. Shilpa Ranganathan, Microsoft Purview Principal Group PM, shares how to balance GenAI innovation with enterprise-grade data governance and security. ► QUICK LINKS: 00:00 - GenAI app security, governance, & compliance 01:30 - Take Action with DSPM for AI 02:08 - Activity logging 02:32 - Control beyond Microsoft services 03:09 - Use DSPM for AI to monitor data risk 05:06 - ChatGPT Enterprise 05:36 - Set AI Agent guardrails using DSPM for AI 06:44 - Data oversharing 08:30 - Audit logs 09:19 - Wrap up ► Link References Check out https://aka.ms/SecureGovernAI ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
In today's threat environment, it's not enough to back up your data—you have to be able to trust that those backups will be there when you need them. That's the message from Sterling Wilson, Field CTO at Object First, during his conversation at RSAC Conference 2025.Object First is purpose-built for Veeam environments, offering out-of-the-box immutability (OOTBI) with a hardened, on-premises appliance. The goal is simple but critical: make backup security both powerful and practical. With backup credentials often doubling as access credentials for storage infrastructure, organizations expose themselves to unnecessary risk. Object First separates those duties by design, reducing the attack surface and protecting data even when attackers have admin credentials in hand.Immutability as a Foundation—Not a FeatureThe conversation highlights data from a recent ESG study showing that 81% of respondents recognize immutable object storage as the most secure way to protect backup data. True immutability means data cannot be modified or deleted until a set retention period expires—an essential safeguard when facing ransomware or insider threats. But Sterling emphasizes that immutability alone isn't enough. Backup policies, storage access, and data workflows must be segmented and secured.Zero Trust for Backup InfrastructureZero trust principles—verify explicitly, assume breach, enforce least privilege—have gained ground across networks and applications. But few organizations extend those principles into the backup layer. Object First applies zero trust directly to backup infrastructure through what they call zero trust data resilience. That includes verifying credentials at every step and ensuring backup jobs can't alter storage configurations.A Real-World Test: Marysville School DistrictWhen Marysville School District suffered a ransomware attack, nearly every system was compromised—except the Object First appliance. The attacker had administrative credentials, but couldn't access or encrypt the immutable backups. Thanks to the secure design and separation of permissions, recovery was possible—demonstrating that trust in your backups can't be assumed; it must be enforced by design.Meeting Customers Where They AreTo support both partners and end customers, Object First now offers OOTBI through a consumption-based model. Whether organizations are managing remote offices or scaling their environments quickly, the new model provides flexibility without compromising security or simplicity.Learn more about Object First: https://itspm.ag/object-first-2gjlNote: This story contains promotional content. Learn more.Guest: Sterling Wilson, Field CTO, Object First | https://www.linkedin.com/in/sterling-wilson/ResourcesLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, sterling wilson, ransomware, immutability, backups, cybersecurity, zero trust, data protection, veeam, recovery, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this episode of the Obehi Podcast, Christina Tueje and Gloria discuss the importance of professional privacy and data protection in the online environment. They delve into the challenges individuals and businesses face in safeguarding personal and sensitive information while exploring strategies and best practices for ensuring privacy in the digital world.
Georgia Voudoulaki is Senior Legal Counsel at Bosch, certified Compliance Officer, and adjunct professor at the University of Applied Sciences in Ludwigsburg and the Cooperative State University of Baden-Württemberg in Germany. In addition to her legal and academic roles, Georgia regularly publishes articles in leading legal journals and magazines, contributing valuable insights to the evolving conversation around compliance, digital innovation, and responsible AI. References: Georgia Voudoulaki on LinkedIn University of Applied Sciences Ludwigsburg Baden-Wuerttemberg Cooperative State University (DHBW)
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal have a short week in privacy (a lot about #Meta and children using #AI) along with some updates on the IAPP #GPS25 where we learned that it was all about the people, such as our friends at TrustArc, Ben Siegal, Dan Solove, and so many others. Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Storage often sits in the background of cybersecurity conversations—but not at Infinidat. In this episode, Eric Herzog, Chief Marketing Officer of Infinidat, joins Sean Martin to challenge the notion that storage is simply infrastructure. With decades of experience at IBM and EMC before joining Infinidat, Herzog explains why storage needs to be both operationally efficient and cyber-aware.Cyber Resilience, Not Just StorageAccording to Herzog, today's enterprise buyers—especially those in the Global Fortune 2000—aren't just asking how to store data. They're asking how to protect it when things go wrong. That's why Infinidat integrates automated cyber protection directly into its storage platforms, working with tools like Splunk, Microsoft Sentinel, and IBM QRadar. The goal: remove the silos between infrastructure and cybersecurity teams and eliminate the need for manual intervention during an attack or compromise.Built-In Defense and Blazing-Fast RecoveryThe integration isn't cosmetic. Infinidat offers immutable snapshots, forensic environments, and logical air gaps as part of its storage operating system—no additional hardware or third-party tools required. When a threat is detected, the system can automatically trigger actions and even guarantee data recovery in under one minute for primary storage and under 20 minutes for backups—regardless of the dataset size. And yes, those guarantees are provided in writing.Real-World Scenarios, Real Business OutcomesHerzog shares examples from finance, healthcare, and manufacturing customers—one of which performs immutable snapshots every 15 minutes and scans data twice a week to proactively detect threats. Another customer reduced from 288 all-flash storage floor tiles to just 61 with Infinidat, freeing up 11 storage admins to address other business needs—not to cut staff, but to solve the IT skills shortage in more strategic ways.Simplified Operations, Smarter SecurityThe message is clear: storage can't be an afterthought in enterprise cybersecurity strategies. Infinidat is proving that security features need to be embedded, not bolted on—and that automation, integration, and performance can all coexist. For organizations juggling compliance requirements, sprawling infrastructure, and lean security teams, this approach delivers both peace of mind and measurable business value.Learn more about Infinidat: https://itspm.ag/infini3o5dNote: This story contains promotional content. Learn more.Guest: Eric Herzog, Chief Marketing Officer, Infinidat | https://www.linkedin.com/in/erherzog/ResourcesLearn more and catch more stories from Infinidat: https://www.itspmagazine.com/directory/infinidatLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, eric herzog, storage, cybersecurity, automation, resilience, ransomware, recovery, enterprise, soc, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Stay in control with Microsoft Defender. You can identify which AI apps and cloud services are in use across your environment, evaluate their risk levels, and allow or block them as needed—all from one place. Whether it's a sanctioned tool or a shadow AI app, you're equipped to set the right policies and respond fast to emerging threats. Defender XDR gives you the visibility to track complex attack paths—linking signals across endpoints, identities, and cloud apps. Investigate real-time alerts, protect sensitive data from misuse in AI tools like Copilot, and enforce controls even for in-house developed apps using system prompts and Azure AI Foundry. Rob Lefferts, Microsoft Security CVP, joins Jeremy Chapman to share how you can safeguard your AI-powered environment with a unified security approach. ► QUICK LINKS: 00:00 - Stay in control with Microsoft Defender 00:39 - Identify and protect AI apps 02:04 - View cloud apps and website in use 04:14 - Allow or block cloud apps 07:14 - Address security risks of internally developed apps 08:44 - Example in-house developed app 09:40 - System prompt 10:39 - Controls in Azure AI Foundry 12:28 - Defender XDR 14:19 - Wrap up ► Link References Get started at https://aka.ms/ProtectAIapps ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Professor Werbach talks with Ashley Casavan, Managing Director of the AI Governance Center at the IAPP, the global association for privacy professional and related roles. Ashley shares how privacy, data protection, and AI governance are converging, and why professionals must combine technical, policy, and risk expertise. They discuss efforts to build a skills competency framework for AI roles and examine the evolving global regulatory landscape—from the EU's AI Act to U.S. state-level initiatives. Drawing on Ashley's experience in the Canadian government, the episode also explores broader societal challenges, including the need for public dialogue and the hidden impacts of automated decision-making. Ashley Casovan serves as the primary thought leader and public voice for the IAPP on AI governance. She has developed expertise in responsible AI, standards, policy, open government and data governance in the public sector at the municipal and federal levels. As the director of data and digital for the government of Canada, Casovan previously led the development of the world's first national government policy for responsible AI. Casovan served as the Executive Director of the Responsible AI Institute, a member of OECD's AI Policy Observatory Network of Experts, a member of the World Economic Forum's AI Governance Alliance, an Executive Board Member of the International Centre of Expertise in Montréal on Artificial Intelligence and as a member of the IFIP/IP3 Global Industry Council within the UN. Transcript Ashley Casovan IAPP IAPP AI Governance Profession Report 2025 Global AI Law and Policy Tracker Mapping and Understanding the AI Governance Ecosystem
Send us a textWe are a little late this week, but with good reason: Paul Breitbarth and Dr. K Royal were attending the IAPP Global Privacy Summit in Washington D.C. and bring you their report from the Opening General Session of the conference. The speakers during this session were professor Lawrence Lessig, Hans Peter Brøndmo and Catie Cuan, each reflecting on 25 years of IAPP and what is next for us privacy professionals. Apparently: it's robots! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Protect your Microsoft 365 data and stay in control with Microsoft 365 Backup —whether managing email, documents, or sites across Exchange, OneDrive, and SharePoint. Define exactly what you want to back up and restore precisely what you need to with speeds reaching 2TB per hour at scale. With flexible policies, dynamic rules, and recovery points up to 365 days back, you can stay resilient and ready. Jeremy Chapman, Director on the Microsoft 365 product team, shares how to minimize disruption and keep your organization moving forward with Microsoft 365 Backup. QUICK LINKS: 00:00 - Automate recovery process 00:37 - How to use Microsoft 365 Backup 01:49 - Compare with migration-based solutions 02:30 - How to set it up 03:33 - Exchange policy for email backup 05:00 - View and manage backups 05:24 - Recover from a restore point 07:45 - Restore from OneDrive & SharePoint 08:33 - Bulk restore 09:41 - Wrap up ► Link References Check out https://aka.ms/M365Backup Additional backup and restore considerations at https://aka.ms/M365BackupNotes ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
The Gene Simmons of Data Protection: Protegrity's KISS MethodToday, we are releasing another episode from our series, entitled The Gene Simmons of Data Protection - the KISS Method, brought to you by none other than Protegrity. Protegrity is AI-powered data security for data consumption, offering fine grain data protection solutions, so you can enable your data security, compliance, sharing and analytics.Episode Title: Are You Ready For the GenAI Data Frontier? Exploring GenAI SecurityIn this episode, we talk with Anthony Cammarano, CTO & VP of Engineering, as he breaks down and simplifies GenAI for companies struggling in the new frontier. There is a flood of unstructured data pouring into workflows - thanks to GenAI - and traditional security methods aren't prepared to cover this expanded attack surface. The good news is that companies already have what they need to fix this, and it's a simple mindset shift.QuestionsWhat are some of the most common misconceptions or trends about GenAI, as it relates to data protection and privacy, that organizations face today?What are the primary business challenges facing the adoption of GenAI today?How do modern GenAI systems create data security vulnerabilities and what are the potential risks?What is crucial in the implementation of GenAI-security solutions, and how can it accelerate AI adoption?Can you provide examples of how attackers are targeting data during its use and the importance of securing this data?What are some best practices for robust data governance and how can organizations stay ahead in the rapidly evolving GenAI landscape?Linkshttps://www.protegrity.com/https://www.linkedin.com/in/ac56/Our Sponsors:* Check out Vanta: https://vanta.com/CODESTORYSupport this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
In this episode of The Data Chronicles, host Scott Loughlin is joined by Charmian Aw, a partner in the firm's Singapore office, to explore the current state of data protection law across the Asia Pacific region. As countries throughout the region ramp up regulations around privacy, cybersecurity, incident response, and AI, it has become increasingly difficult for organizations to keep pace with the rapid developments. Together, Scott and Charmian provide a timely update on recent trends, enforcement activity, and what the future may hold for data governance in this complex and evolving landscape.
The Gene Simmons of Data Protection: Protegrity's KISS MethodToday, we are releasing another episode from our series, entitled The Gene Simmons of Data Protection - the KISS Method, brought to you by none other than Protegrity. Protegrity is AI-powered data security for data consumption, offering fine grain data protection solutions, so you can enable your data security, compliance, sharing and analytics.Episode Title: Are You Smarter Than a Threat Actor? Maybe Your Current Methods Are ObsoleteIn today's episode, we are talking with Eve Rajca, Senior Solutions Engineer, as she dives into the ever-evolving landscape of cybersecurity. As threat actors become more sophisticated, its critical to reassess and simplify security strategies. She will explore outdated methods, which can leave your data vulnerable, and discuss the importance of adopting straightforward security methods.QuestionsWhat are some common signs that an organization's current cybersecurity methods might be outdated?How have threat actors evolved in their tactics over the past few years?Can you explain the concept of "security through simplicity" and why it's important?How can organizations balance the need for robust security with the need for simplicity?What role does employee training play in maintaining effective data security?Linkshttps://www.protegrity.com/https://www.linkedin.com/in/iwonarajca/Our Sponsors:* Check out Kinsta: https://kinsta.com* Check out Vanta: https://vanta.com/CODESTORYSupport this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal connect with Darren Abernethy of Greenberg Traurig to discuss all things #cookies and #trackers.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Fully Charged's 'top two' tackle the thorniest topics in this thought-provoking tete-a-tete. Don't forget to fill in EVUK's Rapid Survey - Drivers Attitudes To All-Electric Vehicles here: https://www.surveymonkey.com/r/W2CBK6D Electric Vehicles UK, and the whole Fully Charged Show team, will be at Everything Electric LONDON this Wednesday, Thursday & Friday and we would love to meet you. Tickets can be purchased here: https://uk.everythingelectric.show/london Please note your data will be stored and managed according to Data Protection regulations by Fully Charged Show Ltd and will not be shared with 3rd party recipients Check out our sister channel: https://www.youtube.com/@fullychargedshow Why are our episodes now sponsored? https://fullycharged.show/blog/dan-caesar-on-x-insta-youtube-and-why-we-made-a-contro[…]s-on-fully-charged-everything-electric-electric-vehicles-uk/ Support our StopBurningStuff campaign: https://www.patreon.com/STOPBurningStuff Become a Fully Charged SHOW Patreon: https://www.patreon.com/fullychargedshow Become a YouTube member: use JOIN button above Buy the Fully Charged Guide to Electric Vehicles & Clean Energy : https://buff.ly/2GybGt0 Subscribe for episode alerts and the Fully Charged newsletter: https://fullycharged.show/zap-sign-up/ Visit: https://FullyCharged.Show Find us on X: https://x.com/Everyth1ngElec Follow us on Instagram: https://instagram.com/fullychargedshow To partner, exhibit or sponsor at our award-winning expos email: commercial@fullycharged.show Everything Electric LONDON (UK) - ExCel - 16th, 17th & 18th April 2025 Everything Electric CANADA - Vancouver Convention Center - 5th, 6th & 7th September 2025 Everything Electric SOUTH (UK) - Farnborough International - 10th, 11th & 12th October 2025 Everything Electric AUSTRALIA VIC - 14th, 15th & 16th November 2025 #fullychargedshow #everythingelectricshow #homeenergy #cleanenergy #battery #electriccars #electricvehicles
How can cloud computing be completely isolated from the internet? This week, Technology Now explores the next step in data storage and processing: the concept of a disconnected cloud. Why would someone want their cloud cut off like this? From a single building to an entire country, what are the security and regulatory compliance benefits?! Rich Bird, Worldwide Hybrid Cloud Marketing at HPE tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it.Sources cited in this week's episode:Gartner Report on cloud usage and spending:https://www.gartner.com/en/newsroom/press-releases/2024-11-19-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-total-723-billion-dollars-in-2025History of the Cloud: https://www.bcs.org/articles-opinion-and-research/history-of-the-cloud/Dark Matter and Dark Energy (Today I Learnt):https://www.cfa.harvard.edu/research/topic/dark-energy-and-dark-matterhttps://www.nature.com/articles/d41586-024-01273-4https://www.newscientist.com/article/2471743-dark-energy-isnt-what-we-thought-and-that-may-transform-the-cosmos/History of Daylight Savings in the US (This Week in History):https://unrememberedhistory.com/tag/march-31-1918-daylight-saving-time/https://www.thecongressproject.com/standard-time-act-of-1918
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien, and Dr. K Royal make it personal. They talk about their own mental health in light of busy workloads and global developments, whether privacy related or not. And they talk about the 23andme bankruptcy and what that means for personal data, as well as a fine issued by the Jersey Data Protection Authority..Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Tech behind the Trends on The Element Podcast | Hewlett Packard Enterprise
How can cloud computing be completely isolated from the internet? This week, Technology Now explores the next step in data storage and processing: the concept of a disconnected cloud. Why would someone want their cloud cut off like this? From a single building to an entire country, what are the security and regulatory compliance benefits?! Rich Bird, Worldwide Hybrid Cloud Marketing at HPE tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it.Sources cited in this week's episode:Gartner Report on cloud usage and spending:https://www.gartner.com/en/newsroom/press-releases/2024-11-19-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-total-723-billion-dollars-in-2025History of the Cloud: https://www.bcs.org/articles-opinion-and-research/history-of-the-cloud/Dark Matter and Dark Energy (Today I Learnt):https://www.cfa.harvard.edu/research/topic/dark-energy-and-dark-matterhttps://www.nature.com/articles/d41586-024-01273-4https://www.newscientist.com/article/2471743-dark-energy-isnt-what-we-thought-and-that-may-transform-the-cosmos/History of Daylight Savings in the US (This Week in History):https://unrememberedhistory.com/tag/march-31-1918-daylight-saving-time/https://www.thecongressproject.com/standard-time-act-of-1918
How can cloud computing be completely isolated from the internet? This week, Technology Now explores the next step in data storage and processing: the concept of a disconnected cloud. Why would someone want their cloud cut off like this? From a single building to an entire country, what are the security and regulatory compliance benefits?! Rich Bird, Worldwide Hybrid Cloud Marketing at HPE tells us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it.Sources cited in this week's episode:Gartner Report on cloud usage and spending:https://www.gartner.com/en/newsroom/press-releases/2024-11-19-gartner-forecasts-worldwide-public-cloud-end-user-spending-to-total-723-billion-dollars-in-2025History of the Cloud: https://www.bcs.org/articles-opinion-and-research/history-of-the-cloud/Dark Matter and Dark Energy (Today I Learnt):https://www.cfa.harvard.edu/research/topic/dark-energy-and-dark-matterhttps://www.nature.com/articles/d41586-024-01273-4https://www.newscientist.com/article/2471743-dark-energy-isnt-what-we-thought-and-that-may-transform-the-cosmos/History of Daylight Savings in the US (This Week in History):https://unrememberedhistory.com/tag/march-31-1918-daylight-saving-time/https://www.thecongressproject.com/standard-time-act-of-1918
The Gene Simmons of Data Protection: Protegrity's KISS MethodToday, we are releasing another episode from our series, entitled The Gene Simmons of Data Protection - the KISS Method, brought to you by none other than Protegrity. Protegrity is AI-powered data security for data consumption, offering fine grain data protection solutions, so you can enable your data security, compliance, sharing and analytics.Episode Title: Fortifying Your Data Defenses: The Conversation that Should have Happened Yesterday with Clyde WilliamsonIn this episode, we will be talking with Clyde Williamson, Senior Product Security Architect. Clyde is going to help us see how we've created a broken systems - and it's OK, we are willing to take the necessary steps to fix it. Business face immense pressure to safeguard data, ensure compliance, follow regulation, and make data easily available when needed. This is the conversation we should have heard yesterday, when it comes to our data.QuestionsWhy is consumer privacy more critical than ever in today's digital world, and what role do businesses play in protecting and consuming data? How that concern translates to regulatory requirements and changes for businesses. What does it mean to “future-proof” consumer data in terms of regulatory compliance, and why should businesses care? How can businesses effectively balance the need for data accessibility with the need to protect consumer privacy? What role does data de-identification play in helping businesses secure sensitive data while minimizing risk, and what are the tangible benefits? What are some common pitfalls businesses face when implementing privacy measures, and how can they avoid them? Can you provide an example of a company that improved consumer trust by adopting stronger data protection strategies? What are some emerging technologies in data protection and cybersecurity that are making, or will make, a significant impact? Can you share any real-world examples of data breaches that could have been prevented with better security practices? Linkshttps://www.protegrity.com/https://www.linkedin.com/in/clyde-williamson-6211192/Our Sponsors:* Check out Kinsta: https://kinsta.com* Check out Vanta: https://vanta.com/CODESTORYSupport this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
Protect your organization's data with Microsoft Purview. Gain complete visibility into potential data leaks, from AI applications to unmanaged cloud services, and take immediate action to prevent unwanted data sharing. Microsoft Purview unifies data security controls across Microsoft 365 apps, the Edge browser, Windows and macOS endpoints, and even network communications over HTTPS —all in one place. Take control of your data security with automated risk insights, real-time policy enforcement, and seamless management across apps and devices. Strengthen compliance, block unauthorized transfers, and streamline policy creation to stay ahead of evolving threats. Roberto Yglesias, Microsoft Purview Principal GPM, goes beyond Data Loss Prevention (DLP) and shows how to ensure your data stays protected no matter where it goes. ► QUICK LINKS: 00:00 - Data Loss Prevention in Microsoft Purview 01:33 - Assess DLP Policies with DSPM 03:10 - DLP across apps and endpoints 04:13 - Unmanaged cloud apps in Edge browser 04:39 - Block file transfers across endpoints 05:27 - Network capabilities 06:41 - Updates for policy creation 08:58 - New options 09:36 - Wrap up ► Link References Get started at https://aka.ms/PurviewDLPUpdates ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
If you've ever felt overwhelmed or confused by the idea of conducting a Data Protection Impact Assessment (DPIA), you're not alone and this episode is here to help.Join Jamal Ahmed, the King of Data Protection, as he shares his expert insights on how to make your DPIAs credible, compliant, and actually useful. In this episode, you'll discover:The steps you should take to conduct a legally valid and effective Data Protection Impact AssessmentWho should really be involved in completing a DPIA (spoiler alert: it's not just the DPO)How to prepare and run stakeholder meetings that gather the right information without wasting timeWhy asking the right questions is more important than simply filling out templatesWhat makes the difference between a DPIA that enables business and one that blocks progressThis episode is packed with real-world advice, practical tips, and a clear approach you can apply straight away to level up your privacy practice.Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/
Send us a textOn this week of Serious Privacy, Paul Breitbarth , Ralph O'Brien of Reinbo Consulting, and Dr. K Royal talk about the controversy with executive changes to the U.S. Federal Trade Commission #FTC, the UK #adequacy extension, and the Norwegian decision about Data Protection Officer #DPO conflicts of interest.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
The Gene Simmons of Data P rotection: Protegrity's KISS MethodToday, we are kicking off a new series on the podcast, entitled The Gene Simmons of Data Protection - the KISS Method, brought to you by none other than Protegrity. Protegrity is AI-powered data security for data consumption, offering fine grain data protection solutions, so you can enable your data security, compliance, sharing and analytics.Episode Title: KISS (Keep It Simple, Stupid): A Data Security Dilemma with James RiceIn this episode, we are talking with James Rice, VP at Protegrity. He is going to help us strip away the nonsense, when it comes to securing data, and help us understand why we don't need a fortress... just a kill switch. While companies throw billions at firewalls, AI driven threat detection, and fortress like defenses - attackers still find their way in. James reminds us to keep it simple, with Protegrity's KISS Method which stands for Keep It Simple Stupid - and how when data is useless to attackers, breaches become mere inconveniences instead of existential threats.Questions:What exactly is the KISS method, and how does it apply to cybersecurity?Why are traditional cybersecurity approaches failing to stop breaches?What are some of the biggest myths about security that lead businesses to waste money on ineffective defenses?How do encryption, tokenization, and de-identification work together to make stolen data useless?Can you share an example where a company's focus on complex security backfired, and how a simpler approach could have helped?What's the biggest pushback you hear from companies hesitant to adopt a simpler, data-first security model? If a company wanted to implement the KISS method tomorrow, what are the first three steps they should take?Linkshttps://www.protegrity.com/https://www.linkedin.com/in/jamesrice1/Our Sponsors:* Check out Kinsta: https://kinsta.com* Check out Vanta: https://vanta.com/CODESTORYSupport this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy
In this episode of 'The Wisdom Of' Show, host Simon Bowen speaks with Sheila FitzPatrick, a leading international employment and data protection attorney, recognized for her expertise in privacy and security. The conversation covers Sheila's journey from employment law to becoming an influential figure in data privacy, her role in shaping international privacy laws, including the GDPR, and her insights on the burgeoning field of AI and its implications for data privacy. Sheila discusses the critical differences between privacy and security, the importance of data minimization, and how businesses can turn privacy into a competitive advantage. The episode also touches on the ethical considerations of AI, the transparency required in privacy policies, and practical steps businesses can take to ensure compliance with global privacy regulations.Ready to elevate your business approach? Join Simon's exclusive masterclass on The Models Method. Learn how to articulate your unique value and create scalable impact: https://thesimonbowen.com/masterclassEpisode Breakdown00:00 Meet Sheila FitzPatrick: Privacy and Security Expert03:21 The Journey into Data Privacy05:57 The Impact of GDPR and Privacy Laws14:57 Global Privacy Strategies for Businesses23:53 Marketing and Data Privacy Challenges29:20 Turning Data Privacy into a Competitive Advantage30:34 Leveraging Data Privacy as a Competitive Advantage31:16 The Growing Importance of Privacy in Contract Negotiations32:44 AI and Data Privacy Concerns35:34 Ethical and Legal Considerations in AI41:11 Challenges for Small and Large Companies in Data Privacy43:33 The Intersection of Ethics, Law, and Technology46:02 Advice for Aspiring Data Privacy Professionals55:43 The Importance of Passion in Data Privacy56:38 Final Thoughts on Data Privacy and AIAbout Sheila FitzPatrickSheila FitzPatrick is a world-renowned authority in data privacy, protection, and sovereignty, with a career spanning more than 38 years. As the Chief Privacy Officer for numerous multinational corporations, she has pioneered global compliance strategies that align legal, ethical, and operational frameworks across more than 160 countries.Sheila's work has had a far-reaching impact—collaborating with the U.S. Government, the Council of the European Union, and data protection authorities across Europe, Asia-Pacific, and the Americas. She has served as a trusted intermediary between corporate leadership and Works Councils, drafting over 550 model contracts and bargaining agreements and securing Binding Corporate Rules (BCRs) approvals for six global organizations.Her expertise spans GDPR, CCPA, data sovereignty, AI regulations, cloud computing, cybersecurity, and breach management. Sheila has helped over 500 multinational companies achieve full data protection compliance, navigating the ever-evolving regulatory landscape with precision and foresight.Connect with Sheila FitzPatrickLinkedIn: https://www.linkedin.com/in/sheila-fitzpatrick-4b458/Twitter: https://x.com/sheilafitzpAbout Simon BowenSimon has spent over two decades working with influential leaders across complex industries. His focus is on elevating thinking in organizations, recognizing that success is directly proportional to the quality of thinking and ideas within a business. Simon leads the renaissance of thinking through his work with global leaders and...
Where is the UK data protection reform headed? How are we to deal with behavioural advertising in the context of sports betting and gambling? Will the UK stay clear of regulating or supervising AI à la EU? Tim Turner has worked on Data Protection, Freedom of Information (FOI) and Information Rights law since 2001. He started at the Information Commissioner's Office as a Policy Manager on FOI issues. After that, he was a Data Protection & FOI Officer for two councils and then an Information Governance Manager for an NHS (National Health Service) organisation. He has been offering data protection training and consultancy since 2011. Also, Tim is the author of the very popular DPO Daily newsletter and LinkedIn feed. References: Tim Turner on LinkedIn 2040 Training The DPO Daily on LinkedIn ICO: Action taken against Sky Betting and Gaming for using cookies without consent UK betting giants under fire for ads targeting at-risk gamblers (The Guardian) UK Data Reform: What's Proposed (Bird & Bird) Stephen Almond (ICO): data protection laws as a primary tool for AI governance (Masters of Privacy)
BONUS: AI and Cybersecurity - An Introduction to The Hidden Threats in Our Connected World with Dr. Eric Cole In this BONUS episode, we explore the evolving landscape of cybersecurity in the age of artificial intelligence. Dr. Eric Cole, a renowned cybersecurity expert and author of Cyber Crisis: Protecting Your Business from Real Threats in the Virtual World, shares critical insights about how AI is transforming security strategies. From the privacy concerns of our always-connected devices to practical tips for protecting your business and personal information, this conversation offers essential knowledge for navigating our increasingly digital world. The Double-Edged Sword of AI in Cybersecurity "We are giving away our IP, our data, and our privacy. The data set is what gives value to AI." The rise of artificial intelligence presents both opportunities and serious risks in the cybersecurity landscape. Dr. Cole emphasizes that while many focus solely on AI's benefits, we often overlook the fact that we're surrendering vast amounts of our sensitive information, intellectual property, and private data to AI providers. This data becomes the foundation of AI's value and capabilities, creating a significant privacy concern that many organizations fail to properly address. As we embrace these new technologies, we must carefully consider what information we're willing to share and what safeguards should be in place. Modern Attack Vectors: The Human Element "Attacks today are mostly social engineering. We end up having to retrain people to not trust their email." Today's cybersecurity threats have evolved beyond traditional technical exploits to focus primarily on social engineering—manipulating people into compromising their own security. Dr. Cole explains that modern attackers increasingly target the human element, requiring organizations to fundamentally retrain employees to approach communications with healthy skepticism. Particularly concerning are mobile threats, as our phones constantly record audio and other personal data. Dr. Cole warns that "free" apps often come with a hidden price: your privacy and security. Understanding these attack vectors is essential for developing effective defense strategies in both personal and professional contexts. Cybersecurity as a Business Enabler "Security is not a barrier, not an obstacle. Cybersecurity is a business enabler." Dr. Cole challenges the common perception that security measures primarily restrict functionality and impede business operations. Instead, he reframes cybersecurity as a critical business enabler that should be integrated into strategic decision-making. Organizations need to make deliberate decisions about the tradeoffs between security and functionality, understanding that proper security measures protect business continuity and reputation. Dr. Cole particularly warns about supply chain attacks, which have become increasingly prevalent, and emphasizes that awareness is the foundation of any effective protection strategy. He recommends centralizing data for easier security management and advises that client devices should minimize storing sensitive data. Mobile Phones: The Ultimate Tracking Device "You don't go anywhere without your cell phone. Your cell phone is never more than a foot from you it's with you wherever you go... which means if somebody wants to track and monitor you they can." We often worry about theoretical tracking technologies while overlooking the sophisticated tracking device we voluntarily carry everywhere—our mobile phones. Dr. Cole points out the irony that people who would never accept being "chipped" for tracking purposes willingly keep their phones within arm's reach at all times. These devices record our locations, conversations, messages, and activities, creating a comprehensive digital trail of our lives. With access to someone's phone, anyone can trace their movements for months and access an alarming amount of personal information. This risk is compounded when we back up this data to cloud services, effectively giving third parties access to our most sensitive information. Understanding these vulnerabilities is the first step toward more mindful mobile security practices. Business Opportunities in the Security Space "We have too much information, too much data. How can we use that data effectively?" The cybersecurity landscape presents significant business opportunities, particularly in making sense of the overwhelming amount of security data organizations collect. Dr. Cole identifies data correlation and effective data utilization as key investment areas. Modern security systems generate vast quantities of logs and alerts, but transforming this raw information into actionable intelligence remains a challenge. Companies that can develop solutions to effectively analyze, correlate, and extract meaningful insights from security data will find substantial opportunities in the market, helping organizations strengthen their security posture while managing the complexity of modern threats. Essential Training for Security-Conscious Developers "Go for secure coding courses. This helps us understand how software can be exploited." For software developers looking to build more secure applications, Dr. Cole recommends focusing on penetration testing skills and secure coding practices. Understanding how software can be exploited from an attacker's perspective provides invaluable insights for designing more robust systems. By learning the methodologies and techniques used by malicious actors, developers can anticipate potential vulnerabilities and incorporate appropriate safeguards from the beginning of the development process. This proactive approach to security helps create applications that are inherently more resistant to attacks rather than requiring extensive security patches and updates after deployment. About Dr. Eric Cole Dr. Eric Cole is the author of "Cyber Crisis, Protecting Your Business from Real Threats in the Virtual World." He is a renowned cybersecurity expert with over 20 years of experience helping organizations identify vulnerabilities and build robust defense solutions against advanced threats. He has trained over 65,000 professionals worldwide through his best-selling cybersecurity courses and is dedicated to making cyberspace a safe place for all. You can link with Dr. Eric Cole on LinkedIn, or visit his company's website Secure-Anchor.com.
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal cover a month in privacy. This includes UK adequacy, the March meeting of the European Data Protection Board where they released a statement on the implementation of the PNR directive, we talk about BCRS and the number of companies who have adopted BCRs and BSPRs, and the UK list of BCRs, court cases, we talk about the future of the GDPR and lots of data protection consultation, and that is just the European part of it.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
In this episode of CSO Tradecraft, host G. Mark Hardy introduces 'The Full Irish,' a cybersecurity framework based on the '12 Steps to Cybersecurity' guidance from Ireland's National Cybersecurity Center. The episode covers comprehensive steps from governance and risk management to incident response and resilience, making it a valuable resource for cybersecurity professionals. G Mark also discusses the implications of multinational companies operating in Ireland, including tax strategies and notable GDPR fines. The episode provides pragmatic guidance and actionable insights to enhance your cybersecurity program. References: https://www.ncsc.gov.ie/pdfs/Cybersecurity_12_steps.pdf Transcripts: https://docs.google.com/document/d/1VLeRozClLZAkZsusYsUn4Q9_1v7WCoN0 Chapters 00:00 Introduction to the Full Irish 01:32 Why Ireland? 02:40 Tax Avoidance Schemes 04:25 GDPR Penalties and Data Protection 05:54 Overview of the 12 Steps to Cybersecurity 07:19 Step 1: Governance and Organization 09:24 Step 2: Identify What Matters Most 10:31 Step 3: Understanding the Threats 12:35 Step 4: Defining Risk Appetite 14:10 Step 5: Education and Awareness 16:00 Step 6: Implement Basic Protections 18:00 Step 7: Detect and Attack 19:37 Step 8: Be Prepared to React 21:24 Step 9: Risk-Based Approach to Resilience 22:52 Step 10: Automated Protections 23:58 Step 11: Challenge and Test Regularly 25:29 Step 12: Cyber Risk Management Lifecycle 26:29 Conclusion and Final Thoughts
Investigate data security, risk and leak cases faster by leveraging AI-driven insights with Microsoft Purview Data Security Investigations. This goes beyond the superficial metadata and activity-only signals found in incident management and SIEM tools, by analyzing the content itself within compromised files, emails, messages, and Microsoft Copilot interactions. Data Security Investigations allows you to pinpoint sensitive data and assess risks at a deeper level—quickly understanding the value of what's been exposed. Then by mapping connections between compromised data and activities, you can easily find the source of the security risk or exposure. And using real-time risk insights, you can also apply the right protections to minimize future vulnerabilities. Data Security Investigations is also integrated with Microsoft Defender incident management as part your broader SOC toolset. Nick Robinson, Microsoft Purview Principal Product Manager, joins Jeremy Chapman to share how to enhance your ability to safeguard critical information. ► QUICK LINKS: 00:00 - Microsoft Purview Data Security Investigations 01:00 - Risks of data theft & data leaks 03:20 - Start an investigation 04:45 - Results of an investigation 06:15 - Vector-based search & semantic indexing 08:00 - Use AI for the investigation 09:21 - Map activities 10:44 - Connect SOC & Data Security teams 11:21 - Known leaked information 12:26 - Steps to get DSI up and running 13:15 - Wrap up ► Link References Get started at https://aka.ms/DataSecurityInvestigations Stay up-to-date with our blog at https://aka.ms/DSIBlog ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
Today, I'm sharing something deeply personal and serious—my stalker story. For over a year, Timothy C. (we can share his full name soon if need be) has been physically stalking me, and his digital harassment goes back even further. Law enforcement is now involved, but I wanted to update you all in case anything happens to me—so there's no question about who did it. This episode isn't just about my experience; it's also about the reality of stalking, the dangers of obsession, and the importance of taking threats seriously. Stay aware, stay safe, and let's talk about it all, shall we?—https://noblegoldinvestments.com
Join hosts Danielle Gallant and Guy Hanson as they dive deep into email compliance and deliverability with Mickey Chandler, founder of Whizardries. In this eye-opening episode, they explore why compliance should be the bedrock (not the ceiling) of email marketing, unpack the complex landscape of US privacy laws, and discuss the future of email regulations.
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal connect with MissIGGeek herself, Rowenna Fielding on all things ethics.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Cybersecurity in Italy: ITASEC 2025 Recap & Future Outlook with Professor Alessandro ArmandoCybersecurity is no longer a niche topic—it's a fundamental pillar of modern society. And in Italy, ITASEC has become the go-to event for bringing together researchers, government officials, and industry leaders to tackle the biggest security challenges of our time.Although we weren't there in person this year, we're diving into everything that happened at ITASEC 2025 in this special On Location recap with Professor Alessandro Armando. As Deputy Director of the Cybersecurity National Laboratory at CINI and Chairman of the Scientific Committee of the SERICS Foundation, Alessandro has a front-row seat to the evolution of cybersecurity in Italy.This year's event, held in Bologna, showcased the growing maturity of Italy's cybersecurity landscape, featuring keynotes, technical sessions, and even hands-on experiences for the next generation of security professionals. From government regulations like DORA (Digital Operational Resilience Act) to the challenges of AI security, ITASEC 2025 covered a vast range of topics shaping the future of digital defense.One major theme? Cybersecurity as an investment, not just a cost. Italian companies are increasingly recognizing security as a competitive advantage—something that enhances trust and reputation rather than just a compliance checkbox.We also discuss the critical role of education in cybersecurity, from university initiatives to national competitions that are training the next wave of security experts. With programs like Cyber Challenge.IT, Italy is making significant strides in developing a strong cybersecurity workforce, ensuring that organizations are prepared for the evolving threat landscape.And of course, Alessandro shares a big reveal: ITASEC 2026 is heading to Sardinia! A stunning location for what promises to be another exciting edition of the conference.Join us for this insightful discussion as we reflect on where cybersecurity in Italy is today, where it's headed, and why events like ITASEC matter now more than ever.
Send us a textOn this week of Serious Privacy, Paul Breitbarth, Ralph O'Brien of Reinbo Consulting, and Dr. K Royal join Joanne Furtsch, VP extraordinaire of TrustArc to discuss all things #AI. Tune in to learn about the practical and innovative aspects of AI and its privacy and data protection implications.Please subscribe in your favorite podcast app - sharing is caring! Powered by TrustArcSeamlessly manage your privacy program, assess risks, and stay up to date on laws across the globe.With TrustArc's Privacy Studio and Governance Suite, you can automate cookie compliance, streamline data subject rights, and centralize your privacy tasks—all while reducing compliance costs. Visit TrustArc.com/serious-privacy.If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Apple has pulled the availability of their opt-in iCloud end-to-end encryption feature, called Advanced Data Protection, in the UK. This doesn't only affect UK Apple users, however. To help us make sense of this surprising move from the fruit company, we got Matt Green, Associate Professor at Johns Hopkins, and Joe Hall, Distinguished Technologist at the Internet Society, on the horn. Recorded Saturday February 22nd, 2025.Transcript: https://securitycryptographywhatever.com/2025/02/24/apple-pulls-adp-in-uk/Watch episode on YouTube: https://youtu.be/LAn_yOGUkR0Links:- https://www.lawfaremedia.org/article/apples-cloud-key-vault-and-secure-law-enforcement-access- https://www.androidcentral.com/how-googles-backup-encryption-works-good-bad-and-ugly- https://gdpr.eu/right-to-be-forgotten/- https://www.legislation.gov.uk/id/ukpga/2024/9- https://www.nytimes.com/2021/05/17/technology/apple-china-censorship-data.html- https://en.wikipedia.org/wiki/Salt_Typhoon- Salt Typhoon: https://www.cisa.gov/news-events/news/strengthening-americas-resilience-against-prc-cyber-threats- https://www.bloomberg.com/news/articles/2025-02-21/apple-removes-end-to-end-encryption-feature-from-uk-after-backdoor-order- https://support.apple.com/en-us/102651"Security Cryptography Whatever" is hosted by Deirdre Connolly (@durumcrustulum), Thomas Ptacek (@tqbf), and David Adrian (@davidcadrian)
Plus, the SEC agrees to drop a lawsuit against crypto exchange Coinbase. And BE Semiconductor Industries Q4 results miss expectations. Learn more about your ad choices. Visit megaphone.fm/adchoices