Podcasts about it risk management

Everyone, from top leadership to the frontline, has a role in safeguarding against cyber threats. In this episode, Peter Naumovski, the Global CISO and VP of IT Risk Management at AbbVie, and  Teresa Tonthat, Vice President and Associate Chief Information Officer at Texas Children's Hospital, emphasize the critical role of maintaining good cyber hygiene. Peter explains how simple measures like enabling multi-factor authentication, effective vulnerability management, and promptly addressing identified risks can prevent many potential breaches. Teresa discusses the persistent cyber threats targeting the healthcare industry and shares insights into Texas Children's robust risk evaluation process and their inspiring mission to expand healthcare access. Throughout this eye-opening conversation, both guests highlight the necessity of cultivating a proactive security culture.  Stay tuned for a deep dive into the strategies and mindsets that keep these leaders ahead in cybersecurity! Note: What is discussed by Peter Naumovski are his personal views and not the views of AbbVie.  Resources:  Connect and follow Teresa Tonthat on LinkedIn. Learn more about Texas Children's Hospital on their LinkedIn and website. Connect and follow Peter Naumovski on LinkedIn. Learn more about AbbVie on their LinkedIn and website. Explore insights, emerging threats, and their potential impact in Deloitte's Annual CyberThreat Trends Report Here. 

10,000 flight cancellations, disruptions in the UK National Health Service, and the banking sector cast into turmoil. The CrowdStrike outage sent the entire world into disarray. In this episode of the Tech For Non-Techies podcast, host Sophia Matveeva imparts crucial knowledge on how to prevent IT crises and emphasizes the importance of understanding tech for business leaders.   Timestamps 00:00:00 Introduction 00:02:21 Severity of the CrowdStrike outage 00:03:22 Overview of the CrowdStrike Incident 00:04:23 Implications of Software Malfunctions 00:06:30 Importance of IT Risk Management 00:08:34 Software Testing and Quality Assurance 00:11:27 Aligning Engineering and Business Objectives 00:13:23 Relationship-Building between Tech and Business Teams   To learn about the Post Office disaster,  https://www.techfornontechies.co/blog/lessons-from-the-post-office-scandal   For the transcript, go to: https://www.techfornontechies.co/blog/business-leaders-lessons-from-the-global-it-outage   For more career & tech lessons, subscribe to Tech for Non-Techies on: Apple Spotify YouTube Amazon Podcasts Stitcher Pandora Do you want to succeed in the Digital Age? Check out the Digital Leadership Coaching Program Say hi to Sophia on Twitter and follow her on LinkedIn. Following us on YouTube, Facebook, Instagram and TikTok will make you smarter

Join us for this episode of The CyberPHIx podcast, where we hear from Morgan Hague.   Morgan is the manager of IT Risk Management at Meditology Services and has been in the industry for nearly a decade. He has worked with hundreds of organizations in an advisory capacity helping to assess or audit security functions to drive program maturity. He also leads Meditology's strategic risk management consulting service line and is a subject matter expert in threat mitigation and risk program development.  Topics covered in this session include:   A deep dive into the emerging use cases for AI in the healthcare setting The risks related to AI that defenders need to be aware of and how real and relevant those risks are in the current state Data Poisoning, Input Manipulation, Membership Reference & Model Inversion AI-driven attacks and human security risks Privacy concerns with the use of AI New regulations coming online that directly affect the use of AI Controls we should be considering for AI Frameworks that already exist to help us understand the control options And some practical tips on where to get started 

Privacy challenges continue to emerge. If we thought GDPR implementation was complex, then we had AI and when we thought AI was challenging, now we have chat GPT. It continues to evolve. There is no end to it. Now, this is exactly what we are going to talk about with our guest Patrick Soenen today. In this episode, the host PunitBhatia holds a conversation with Patrick Soenen, a member of DPO Pro and certified auditor, about the emerging trends in privacy, specifically AI and chat GPT. Patrick explains how he got started in the privacy field 10 years ago when his customer asked him to help them improve their privacy. Patrick further explains his experience with DPO Pro and how he has been a trainer for IIA in Paris, discussing the GDPR in order to help organizations put in place the requirements to avoid sanctions. He then talks about big tech having all the data and how it is too late to protect it. However, he is optimistic and believes Europeans should invest more money in research and come up with alternative solutions that are compliant with the GDPR. Lastly, he talks about AI and chat GPT, explaining how it can be used for good, but also how it could lead to people abusing it if a framework is not created for its correct usage. A fascinating conversation between two privacy enthusiasts Patrick Soenen and Punit Bhatia. Take a listen to this open conversation. About Patrick Soenen Patrick is an expert in assessing, governing, and guiding organizational and technological transformation; experience in IT and project audit, implementation of IT and project governance, GDRP Assessment, and Info Security coaching. Outsourcing coaching and implementation. Extensive experience in ICT management, project management, IT audit, IT Governance, and Business Performance. IT audits are based on CobiT 5 and IT Service Management ITIL v3. IT Risk Management. Accredited training provider on COBIT 5. About Punit Bhatia Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organizational culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentoring and coaching privacy professionals. Punit is the author of books “Be Ready for GDPR” which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured among the top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's values to have joy in life. He has developed the philosophy named ‘ABC for the joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites: www.fit4privacy.com, www.punitbhatia.com, www.dpopro.be Podcast: https://www.fit4privacy.com/podcast   Blog: https://www.fit4privacy.com/blog   YouTube: http://youtube.com/fit4privacy --- Send in a voice message: https://podcasters.spotify.com/pod/show/fit4privacy/message

On our 12th episode of our women in tech spin-off series, our Principal IP Consultant Maddy Norris was joined by Sia Møller. Sia is the Senior IT Security Specialist at DSV - Global Transport and Logistics. She is an experienced IT Security Specialist with a demonstrated history of working in large international companies. Certified GCIH & CISSP. Skilled in Information Security - including Security Operations (IR), Network Security, Vulnerability Management and IT Risk Management. The pair talk through Sia's career and the opportunities which enabled her to get into the position she's in today.Learn more from Sia:https://www.linkedin.com/in/siamoeller/

In this episode you will hear Hamid's insights on IT Risk, and the strategies around IT Risk Management. Hamid Raja is an IT Audit, Security, Governance, Risk and Compliance Expert and a Speaker. He has 9+ years of IT security, compliance, governance, and auditing experience; 2+ years of IT process engineering skills; and 6+ years of IT operations and infrastructure experience amongst other experiences and skill sets. Currently he is working at Gulf Warehousing Company. If you want to be our guest, or you know some one who would be a great guest on our show, just send your email to info@globalriskconsult.com with a subject line “Global Risk Community Show” and give a brief explanation of what topic you would like to to talk about and we will be in touch with you asap.

Hello and welcome to Season 4 Episode 2 of the NextExec Podcast. In this episode, Ashley speaks with Joyce Brocaglia the founder of the Executive Women's Forum (EWF) about her vision some 20 years ago and what the EWF is today. They discuss the sisterhood this platform has created, how the EWF has impacted growth in the lives of conference attendees and their corporate benefactors as well as the trajectory created by the various programs that have been instituted over the years. Please enjoy.Guest - Joyce BrocagliaJoyce Brocaglia is a visionary entrepreneur who created both the first executive search firm specializing in cybersecurity and a ground-breaking membership organization that builds women leaders in cybersecurity, risk, and privacy.Joyce founded Alta Associates in 1986 and today Alta is the most prominent executive search firm specializing in Cybersecurity, IT Risk Management and Data Privacy. Alta, ranked one of the top 50 executive search firms in the US has an unprecedented track record of placing Chief Information Security Officer's and building world class organizations.In March of 2022, Alta was acquired by Diversified Search Group, the largest women-led, women-founded executive search firm. Joyce is the Global Cybersecurity Practice Leader. This joining of forces has expanded Alta's search capabilities throughout the C-Suite and into the boardroom. Joyce is a business advisor to her clients who has gained the trust and respect of the industry's most influential executives by accomplishing their strategic and diverse hiring goals. For over three decades Joyce has helped to define, elevate, and integrate the role of cybersecurity leaders and professionals in firms ranging from private equity, venture-backed growth companies to the world's largest and most complex global corporations.  Joyce is the leading authority on the recruitment of Chief Information Security Officers. She is a career advisor to executive thought leaders, sought after for her deep knowledge of the industry, market conditions, and business intelligence.Joyce is a fierce advocate for women and has dedicated her career to advancing women leaders in cybersecurity, risk and privacy. In 2002, Joyce founded the Executive Women's Forum ( EWF). Today the EWF is the largest member organization serving over 15,000 emerging leaders as well as the most prominent and influential female executives in their field. With over 80 Corporate Benefactors globally, the EWF is turbocharging the advancement of their DE&I and ESG goals. The EWF Leadership Academy equips women with the self-awareness, resiliency, and skills necessary to compete for leadership roles. The EWF Cybersecurity Women on Capitol Hill Symposium strengthens public-private relationships. The Carnegie Mellon University, Joyce Brocaglia Endowed Fellowship Fund provides scholarships to underrepresented students.Host - Ashley BaichAshley Baich is a Cybersecurity Senior Analyst at Accenture on the Cyber Investigation, Forensic, and Response team (CIFR). with experience in many disciplines of cybersecurity.  Her analytical background in marketing, communications, technology, and business development inform her mindful but competitive approach.Ashley is fueled by her desire to bridge the communication between IT Professionals and Business Executives.  She considers herself a ‘forever student', eager to continue to build her academic foundation to be innovative and forward thinking in the world of cybersecurity.  She is in the process of earning her MBA in information security and is an active participant in the EWF, currently as a co-lead for the Rising Leader Forum.  Support the show (https://www.ewf-usa.com/)

Sholom Ber was the Chief Technology Officer and Head of Global Infrastructure at Bankers Trust, Lehman Brothers and Goldman Sachs; Head of IT Risk Management at JPMorgan Chase; Head of Global Products & Services at Credit Suisse. Experienced in architecture, engineering and operations of global technology infrastructure with specialization in information security. In this interview: Growing up in Crown Heights of the 1960's The Rebbes guidance to a non-conformist teen The role of hashgacha pratis in career pathway Amazing opportunity of a tech career The definition of a secure job To climb the ranks become the best If you go with pride they will respect you You are a representative of the Jewish People A mentch is respected in Corporate America When an opportunity presents itself step forward Tips to thrive in Corporate America

Cybercriminaliteit heeft een enorme impact op onze samenleving en economie. Tijdens deze Company Challenge ging Fabienne de Vries in gesprek met Mark de Groot, Ethical Hacker bij KPN REDteam en Erno Doorenspleet, CTO van KPN Security. Mark voert dagelijks aanvallen uit op de infrastructuur van KPN en haar klanten, middels deze aanval versterken zij niet alleen hun aanval maar ook hun eigen "afweersysteem". Erno maakt deel uit van KPN Security als CTO is hij het technische geweten van het bedrijf. Hij houdt toezicht op de Security Research activiteiten, waaronder Cyber Central en het Security Lab. Vanuit de wetenschap belde Fabienne met Temme Sikkema. Temme is verbonden als assistant-professor aan de Vakgroep Accountancy van de Rijksuniversiteit Groningen. De afgelopen vijfentwintig jaar heeft hij als specialist op het gebied van informatiebeveiliging en IT Risk Management gewerkt, met een sterke focus op het middenbedrijf in binnen en buitenland. Wat valt hem op in de praktijk? En hoe waarborg je het continue securityproces in jouw bedrijf? Hierover ging Fabienne met de heren in gesprek.

To survive—and thrive—after a digital transformation, organizations must establish a robust resilience program. In this episode of the ISACA® Podcast, sponsored by ServiceNow, Risk Solutions Specialist Brandon Reese explains how to navigate the path to resilience by continuously monitoring compliance, creating cross-functional workflows and embedding risk awareness throughout the entire enterprise. To access the ServiceNow webinar on which this podcast is based, visit the Future of Data Protection, Privacy and IT Risk Management page of the ISACA website.

Ransomware attacks against hospitals are proliferating, in part because the attackers understand the consequences of compromising healthcare finances, patient privacy, and patient safety. With well over 60 known ransomware attacks against hospitals and health systems this year, healthcare leaders need to be thinking about what they can do to protect themselves better. On today’s show, Bob Hoover speaks with John Zuziak about the latest healthcare IT strategies that can help mitigate ransomware attack risk. Today’s show panel features Bob Hoover, VP of Change Healthcare Consulting, and John Zuziak, practice director, IT Risk Management at Change Healthcare. Here’s what they discussed: Why ransomware attacks targeting hospitals are increasing Reasons why hospitals are vulnerable to attack Hospitals and health systems that were attacked this year How ransomware compares with other cybersecurity threats How risk assessment differs for hospitals vs. other businesses How to quantify risk for executive leaders and board members The connection to COVID-19, remote work, and phishing attacks Strategies for preventing and mitigating against ransomware attacks When defenses fail: How to limit ransomware’s impact and recover quickly Episode Resources Bob Hoover’s bio John Zuziak’s bio Change Healthcare Consulting Podcast: Cybersecurity During and After a Pandemic Change Healthcare Industry Insights COVID-19 Updates and Resources COVID-19 Updates Newsletter Change Healthcare Insights Newsletter Show Resources SUBSCRIBE to the podcast using any podcatcher or RSS reader Suggest or become a guest Contact Change Healthcare

006 - Juman has a bachelor's degree in applied mathematics, a Master of Science in Computer Engineering, from the University of Michigan-Dearborn and currently a PhD candidate in the Industrial Engineering program at Wayne State University. Mrs. Doleh-Alomary is a proud serving past President of the Information System Audit & Control Association ISACA Detroit Chapter and she was appointed to serve on the ISACA International Audit & Risk Committee serving over 145,000 members. She is recognized as an expert in the subject of cybersecurity, risk management, IT audits, governance, strategy, and compliance and is a frequent speaker and online contributor in Business and Information Technology related forums. She is a certified ISO 27001 Lead Auditor, a Certified Information System Auditor (CISA), a Certified Information Security Manager (CISM), and a Certified in Risk and Information Systems Control (CRISC). Juman Doleh-Alomary is a board member and the past President of the Arab American Women's Business Council (AAWBC) for two consecutive years 2012 & 2013. During her tenure, the AAWBC dispensed $10,000 in scholarships to young college bound women, continued a partnership with the University of Michigan to mentor and provide training seminars to over 50 MENA Pro-Fellows. Highlighted women leaders in Michigan through the AAWBC TV Program “Her Path to Success”, and hosted over 10 networking and educational events. In addition, she is one of the International speakers for the US State Department on Women’s advancement initiatives. She is also on the Advisory Board of the Michigan Muslim Community Council (MMCC) and a graduate of the elite Detroit Leadership (Class of XXXVI) program that is run by the prestigious Detroit Chamber. In June 2015, she got appointed by Michigan’s Governor to the Underground Storage Tank Authority Board (MUSTA) representing the public interest in managing funds that exceed $100 million in environmental cleanup.Mrs. Doleh-Alomary worked at Ford Motor Company where she served in a variety of leadership positions, including IT Risk Management and Prevention Controls and IT Audits. She has been with Wayne State University since 2007 as The Information Technology Audit Director within the Internal Audit organization.

“The greatest thing to do, the best thing to do, is to be prepared… But if you’re not prepared, it’s going to bring down your business.” ~Tom Held If you haven’t given IT security much of a thought, this episode will change your mind about doing so...immediately! I got the chance to speak with Tom Held, Senior Consultant of Cyber Security and IT Risk Management with The Oakland Group, about intellectual property theft and why your business - yes, even a “small” nuts-and-bolts kind of distributorship - is ripe for ransoming. “The thing about ransomware that you don’t hear about it because it’s happening on these small scales,” says Tom about the day-to-day business of hacking. Once the domain of basement-dwelling malcontents, the industry is now a profitable, illegitimate revenue stream. At one extreme are the organized crime syndicates from countries like Russia and China making big news by targeting large corporations and institutions. But a more likely threat to your business is posed by the 9-to-5 job con men. These criminals hit multiple small marks in a day, racking up millions of dollars a year with dozens of daily low-ransom hits - all from the relative safety of the internet.  In addition to jamming company laptops, phishing tactics - those “help a Nigerian prince reclaim his kingdom” emails - have also become more sophisticated. Think you’re too savvy to fall for a fraudulent bank notice, tax documentation request, or accounts payable issue? Think again. “We’re vulnerable to our daily routines, right? We’ve got other things to worry about…,” says Tom. Those day-to-day responsibilities can overpower our better judgement, especially when we’re in a hurry. “That email comes in and, okay, fine. I’ll click on this thing...” By the time you’ve realized what you’ve done, the damage is done and it will cost you not only money but lost time to repair your business. It’s difficult to persuade small businesses they need cybersecurity but Tom has seen hacking’s devastating consequences. He recommends three key actions for getting a handle on your exposure. *** Distribution Talk is produced by The Distribution Team, a consulting services firm dedicated to helping wholesale distribution clients remove barriers to profitability, generate wealth and achieve personal goals.    http://www.distributionteam.com This episode was edited & mixed by The Creative Impostor Studios. Connect with Jason on LinkedIn: https://www.linkedin.com/in/jasonbader/ Connect with Tom on LinkedIn: https://www.linkedin.com/in/tom-held-0776a7126/ Phish testing strengthens employee susceptibility to socially engineered scams. A data inventory and risk assessment narrow down potential access points for hackers. Where’s your going? Where’s it being stored? Who’s sending it? And creating policy ensures that protocols are in place before your company is forced to address a breach.  Still not convinced? You may find yourself scrambling for Bitcoin and taking ransom instructions from a hacker’s hotline. “In some cases, the customer service is so great that you’re almost reassured that you will [regain access to your data] because they want future business,” Tom says. “What’s odd is, in this industry of ransomware, the big players want people to know that they will get their stuff back because then they’re more likely to pay the ransom.”  That’s a level of dark web client care we can all do without.

In this episode, Avani and Kristen discuss the plans that you make for your life, and what it turns out to be in reality. They discuss mom guilt, hardships experienced by family, and how making sacrifices and lending a helping hand can influence the life of generations to come. Avani Desai is a Partner and President at Schellman & Company, LLC, the largest niche CPA firm in the world that focuses on technology and security assessments. She is also CEO and co-founder of MyCryptoAlert, a push notification and portfolio app for cryptocurrency. Avani started her career working at KPMG for over 10 years, where she was involved with IT Risk Management and Privacy service-lines. Now at Schellman & Company, Avani has been focusing on growth strategies, strategic client and market development, industry analysis, and new services for the last seven years. In 2017, Avani, a crypto enthusiast, launched MyCryptoAlert. Also passionate about strategic philanthropy, Avani sits on the board of several non profit organizations. Avani still considers her greatest accomplishment to be personal rather than professional—she is the proud mother to her 8-year-old son, Sahil, and her 5-year-old daughter, SareenaSupport the show (https://www.ewf-usa.com/)

Productivity, not visibility, is the key to maturing risk management. Obviously BigFoot is not happy about the drone bothering his family. Learn more about our IT Risk Management team today.

Nathan Lawver is a self-employed consultant who specializes in IT Risk Management and Compliance.  He began his career working for a large, well-known consulting company, and after four years, transitioned to a full time job on the industry side. After gaining more experience in his field, Nathan decided to quit his corporate job and become a full-time independent consultant, working solely for himself. For the last two years, Nathan has consulted for many high profile / Fortune 500 clients in both the private and public sectors. Email: nlawver@gmail.com Linked In: Nathan Lawver ------- VISIT: www.progress-not-perfection.com SPREAD THE WORD: If you liked this episode, please subscribe in iTunes and WRITE A REVIEW. This is what helps make the podcast easily accessible to those who could benefit from it. GET NEW EPISODES DELIVERED TO YOUR PHONE: Download the Podcasts app and subscribe to the progress-not-perfection podcast to have new episodes delivered directly to your phone. FEEDBACK: If you want to bounce any ideas off me, provide show feedback, or guest recommendations, email me at zaid@progress-not-perfection.com.   

In this episode Jay and Bob talk about their new book A discussion on using data as 'supporting evidence' rather than gut feelings Do we have actuarial quality data to answer key security questions? A discussion on "asking the right question", and why it's THE single most important thing to do Bob attempts to ask security professionals to use data we already have, to be data-driven Jay tells us why he wouldn't consider "SQL Injection" a "HIGH" risk ranking - and why data challenges what you THINK you know Quick shout out to Allison Miller on finding the little needles in the big, big haystack We think about why security as an industry needs to start looking outside of itself to get its data - now Jay discusses how there is a definite skills shortage in working with large data sets, and doing analysis I ask whether there is a chicken and egg problem in large-scale data analysis Bob brings up the "kill chain" and whether we really need real-time data analysis for attacks Bob makes a pitch for having a "Cyber CDC" ... stop laughing Jay laments the absolute bonkers problems dealing with information sharing (when you don't have any to share) Jay urges you to "count and compare"   Guests Jay Jacobs ( @JayJacobs ) - www.linkedin.com/pub/jay-jacobs/3/896/4b0, Jay is currently a Principal at Verizon Business Bob Rudis ( @hrbrmstr ) - www.linkedin.com/in/hrbrmstr, Director. Enterprise Security, IT Risk Management at Liberty Mutual Insurance & Co-author of Data-Driven Security