What happens when AI adoption moves faster than your security strategy?

Today, Ward sits down with Adrian Guevara, Chief Information Security Officer at TELUS Digital Solutions, to unpack one of the biggest challenges facing organizations today: how to secure your business in an AI-driven world. Adrian brings over two decades of IT and cybersecurity experience and a refreshingly candid take on what it really takes to lead through massive change. Adrian shares insights on the impact of AI on businesses, the importance of understanding and tinkering with technology, and the crucial role of building trust and relationships within an organization. He emphasizes the need for a culture of continuous feedback and collaboration, especially in rapidly growing and technologically evolving environments. The episode also delves into Adrian's fascinating career journey from an IT director who was voluntold to be a security officer to his current role as a CISO, highlighting key strategies for navigating the ever-changing landscape of data security.

Takeaways:

• Ask “Can We Do It Better?”: Regularly question existing processes and tools. Encourage feedback from your team to drive continuous improvement.
• Create a Path of Least Resistance: Make secure, approved tools and processes as easy to use as possible to reduce the temptation for employees to circumvent security.
• Build a Culture of Trust and Approachability: Be visible, approachable, and responsive. Building trust makes it easier to implement change and get buy-in.
• Leverage Feedback for Better Security: Involve your team in decision-making, listen to their feedback, and let them help shape security policies and tool choices.
• Invest in Tools that Support Security: Provide employees with tools like password managers to make secure practices easier to follow.
• Build Relationships: Strong professional relationships help you navigate change, get buy-in, and create a more fulfilling work environment.
• Be Transparent and Communicate the “Why”: When implementing new policies or changes, explain the reasoning and how it benefits the team and organization.

Quote of the Show:

• “ You gotta love what you're doing because there's gonna be hard times and there's gonna be times you have to learn things on your own. Without that love, it just makes it much harder to do.” - Adrian Guevara

Links:

• LinkedIn: https://www.linkedin.com/in/adrian-guevara17/ 
• Website: https://www.telusdigital.com/ 

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

Are we so obsessed with new AI tools that we’ve forgotten the basics of security?

Kraig Faulkner, Field CTO at Infolock, joins the show to discuss the pressing challenges and solutions around data security, particularly focusing on AI and access control. Kraig elaborates on the importance of understanding business data, securing AI access, and the necessary steps organizations need to take to prevent data exfiltration. He shares his professional journey and thoughts on the future trends in data security, including a potential shift back to on-prem solutions and the integration of AI into larger security portfolios. The episode highlights key strategies for implementing and securing AI within organizations, making it a must-listen for security leaders.

Takeaways:

• Start Small, Don’t Boil the Ocean: Begin with a manageable subset of data or a pilot group rather than trying to secure everything at once.
• Audit Access Regularly: Conduct regular audits to determine who has access to what data, why they have access, and whether that access is still appropriate.
• Implement Role-Based Access Controls (RBAC): Use RBAC to ensure only the right people have access to sensitive data, and review these controls periodically.
• Control AI and Tool Access: Roll out generative AI and other new tools methodically. Test with small, trusted groups before wider deployment, and avoid unsanctioned tools.
• Validate AI Outputs: Always verify the accuracy and appropriateness of AI-generated outputs before acting on them or sharing them.
• Involve HR in Identity Management: Ensure HR processes are integrated with IT to manage onboarding, offboarding, and changes in access as roles evolve.
• Prepare for Ongoing Change: Recognize that securing data and managing access is an ongoing process. Regularly revisit policies, tools, and practices as technology and business needs evolve.

Quote of the Show:

• “We have gotten so fascinated with what's new, what's hot, what's moving the needle, right? And we forget about some of the basics.” - Kraig Faulkner

Links:

• LinkedIn: https://www.linkedin.com/in/kraigfaulkner/ 
• Website: https://www.infolock.com/ 

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

What happens when your organization doesn’t know what it needs to protect?

Today Ward welcomes Hans Vargas, Enterprise Data Protection Lead at Marathon Petroleum Corporation, who brings over two decades of experience in cybersecurity. Hans shares insights on the importance of understanding what data needs to be protected, and the challenges organizations face in this area, especially with the adoption of cloud services. He discusses the significance of communicating the value of data protection to business leaders and data owners, and offers practical advice on data discovery, retention, and governance. Hans emphasizes the necessity of including data security considerations in the early stages of application development and innovation. He also shares his personal journey from Peru to a successful career in the U.S., highlighting the importance of mentorship, continuous learning, and proactive problem-solving in cybersecurity. This episode provides valuable strategies for integrating data security into organizational processes and fostering collaboration between cybersecurity professionals and business stakeholders.

Takeaways:

• Know What You Need to Protect: Start with data discovery and identify what data you have, where it is, and what is sensitive. You can't protect what you don't know exists.
• Engage Data Owners Directly: Build relationships with data owners, not just stakeholders. Have open conversations to understand what is truly sensitive and important to the business.
• Communicate the Value of Data Protection: Clearly explain to business units why data protection matters, using relatable analogies if needed (e.g., moving houses, hoarding).
• Establish and Strengthen Data Governance: Ensure your organization has clear data governance policies covering the entire data lifecycle from creation to disposition.
• Collaborate Across Teams: Work closely with data governance, legal, and business units. Data security is a two-way street; share discoveries and insights to improve overall protection.
• Don’t Rely Solely on Tools: Deploying a tool is not enough. Make sure processes and responsibilities are in place before or alongside technology adoption.
• Consider the Full CIA Triad: Don’t focus only on confidentiality. Ensure data integrity and availability are also prioritized to keep the business running smoothly.

Quote of the Show:

• “If you don't know what you need to protect, that's a problem.” - Hans Vargas

Links:

• LinkedIn: https://www.linkedin.com/in/hansvargas/ 
• Website: https://www.marathonpetroleum.com/ 

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

What’s harder than stopping a breach? Convincing leadership your data security program is worth the investment.

Zach Luze, Data Security Advisory Practice Director at TBD Cyber joins Ward today to focus on the challenges organizations face in demonstrating the value of data security. Zach explains how the inability to show value can impact budgets and resources, emphasizing that many data security programs struggle with meaningful key performance indicators (KPIs). He suggests a blended approach to data discovery and provides insights into building metrics that highlight the value of security programs. Zach also shares his career journey from an IT auditor to his current role, highlighting his work in assessing, designing, and building data security programs. The conversation touches on various aspects of data security, including data discovery, cloud transformation, insider threats, and the burgeoning role of AI in improving data detection and response. The episode concludes with Zach's predictions on AI's growing influence in data security through 2026 and advice for those looking to break into the field.

Takeaways:

• Focus on Meaningful Metrics: Prioritize data security metrics that reflect real impact, not just what’s easiest to measure.
• Align People, Process, and Technology: Engage stakeholders across teams and ensure your data security approach integrates people, processes, and technology from the start.
• Eliminate Stale Data for Savings: Regularly identify and remove outdated or unused data to reduce risk and demonstrate cost savings.
• Adopt an Agile Discovery Mindset: Stay flexible and ready to adjust your data discovery strategy as new information and challenges arise.
• Look Beyond the Obvious: Investigate areas where sensitive data might be hiding, even if you don’t expect to find it there.
• Demonstrate Value Clearly: Communicate the benefits and results of your data security efforts to build support and momentum.

Quote of the Show:

• “Metrics are great. Stories are just as good to back those up and through your insider threat program, that’s where you get the case notes to develop those stories.” - Zach Luze

Links:

• LinkedIn: https://www.linkedin.com/in/zachluze/ 
• Website: https://www.tbdcyber.com/ 

For more insights on data discovery, visit: https://www.sentra.io/product/data-discovery-and-classification

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

Think hackers are your biggest data threat? Think again.

Daley Varghese, a seasoned privacy expert, joins Ward Balcerzak to reveal why data sprawl and AI misuse may be even more dangerous, and what companies can do to get ahead. Daley emphasizes the importance of governance strategies, data mapping, and the need for cross-functional collaboration among privacy, security, and data governance teams. The episode also highlights the pressing need for education and clear communication within organizations to mitigate risks and build trust with consumers. Daley shares insights on how to start privacy initiatives, manage assessment fatigue, and the role of education and relationships in overcoming these challenges. Additionally, Daley provides advice for professionals looking to enter the privacy field and discusses the evolving landscape of privacy regulations.

Takeaways:

• Engage Governance Early: Start conversations with privacy, legal, security, and data governance professionals as early as possible in any project involving sensitive data.
• Keep Assessments Simple and Understandable: Design privacy and security assessments in clear, layman’s terms so business users can complete them without excessive handholding.
• Educate Continuously: Go beyond mandatory training. Join team meetings, host town halls, and make privacy and security topics relevant and accessible to all employees.
• Mitigate, Don’t Just Identify Risks: Once risks are identified, take concrete steps to address them. Add them to your roadmap and allocate resources to resolve them over time.
• Leverage Privacy and Security Champions: Train and empower champions within business units to advocate for privacy and security, spreading knowledge and best practices.
• Trust, But Verify: Always verify the output of AI and data-driven tools, especially when using external or generative AI systems.
• Stay Informed on Regulations: Partner with legal and policy teams, use industry tools, and pursue certifications to keep up with evolving privacy and security regulations.

Quote of the Show:

• “No company is perfect; every company is struggling with this. It's okay to have these risks identified. What is not okay is once you know that these risks are identified, don't do nothing.” - Daley Varghese

Links:

• LinkedIn: https://www.linkedin.com/in/daley-varghese/ 

For more insights on data sprawl, visit: https://www.sentra.io/use-cases/data-sprawl

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

How does the accidental insider pose a threat to your company’s security?

Today, Ward dives deep into data security challenges with Rick Scot, the global CISO at Elevate Textiles. With almost 20 years of cybersecurity experience, Rick emphasizes the critical importance of addressing insider threats, especially those posed by well-meaning employees unaware of their risky actions. He shares real-world experiences, the evolution of cyber awareness training, the necessity of building strong internal relationships, and insights into his multifaceted career journey. The episode is packed with expert advice for cybersecurity professionals on fostering a culture of security within an organization and tips for young professionals to find a mentor.

Takeaways:

• Prioritize People in Data Security: Recognize that most data breaches are caused by insiders who make mistakes. Focus on educating and supporting employees to reduce accidental risks.
• Stay Vigilant Against Social Engineering: Be aware of sophisticated phishing and social engineering tactics, especially those leveraging personal information from social media and deepfakes. Always verify requests for sensitive information, even if they appear to come from trusted sources.
• Make Security Training Personal and Relevant: Move beyond generic, checkbox-style training. Tailor security awareness programs to real-life scenarios and make them relatable to employees’ daily experiences.
• Know Your Data and Its Value: Understand what data your organization holds, where it resides, and why it’s valuable. This knowledge is crucial for protecting sensitive information and responding to incidents.
• Build Relationships Across the Organization: Foster open communication and trust between security teams and other departments. Building relationships makes it easier for employees to ask questions and report suspicious activity.
• Balance Security and Trust: Implement necessary controls without creating a culture of distrust. Explain the “why” behind security measures to avoid alienating employees.
• Network and Seek Mentorship: Build a professional network inside and outside your organization. Seek mentors, and be open to mentoring others to grow your knowledge and resilience in the field.

Quote of the Show:

• “ I always feel like if I have the institutional knowledge, then I can better protect the company if I understand the business.” - Rick Scot

Links:

• LinkedIn: https://www.linkedin.com/in/ricksscot/ 
• Website: https://www.elevatetextiles.com/ 

For more insights on data loss prevention, visit: https://www.sentra.io/use-cases/data-loss-prevention

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

What’s the meaning behind the data your team is collecting?

Derek Fisher, Director of the Cybersecurity Defense and Information Assurance Program at Temple University, joins Ward to hash out the ‘why’ behind data security. Derek emphasizes the importance of understanding the integrity and proper usage of data, especially in scenarios like healthcare and financial services. The conversation also explores the differences in data security practices across various industries such as healthcare, financial services, and higher education. Derek shares insights on teaching the next generation of cybersecurity professionals and the relevance of the NIST NICE framework in aligning education and job roles. The episode offers practical advice for aspiring and current cybersecurity professionals on staying curious, demonstrating skills, and the importance of understanding the broader ecosystem of data security.

Takeaways:

• Question Every Data Collection: Before collecting any data, ask yourself if you truly need it. If the answer is no, don’t collect it. This reduces your responsibility to protect unnecessary information and minimizes risk.
• Show Your Work and Stand Out: Document and share your work, especially if you’re entering a new field like cybersecurity. Demonstrating your process and achievements helps you differentiate yourself from others.
• Data Minimization for Security: Avoid collecting data just because you might need it in the future. Every piece of data you store increases your attack surface. Only collect what is essential to reduce potential vulnerabilities.
• Use the NIST NICE Framework for Career Growth: Leverage frameworks like NIST NICE to understand the skills and knowledge required for specific roles. This can help you target your learning and career development more effectively.
• Stay Curious and Threat Model: Maintain a curious mindset and always think like an attacker. Regularly ask, “What can go wrong?” and “What will we do about it?” Practicing basic threat modeling is a critical skill for navigating today’s security landscape.
• Risk-Based Approach to Data Decryption: When deciding whether to decrypt data, use a risk-based approach. Work with legal and HR teams to set clear guidelines and avoid decrypting sensitive categories like healthcare unless necessary.

Quote of the Show:

• “ For me, teaching this next generation of cyber individuals or technologists, it's about showing them sort of the entire picture.” - Derek Fisher

Links:

• LinkedIn: https://www.linkedin.com/in/derek-fisher-sec-arch/ 
• Website: https://www.securelybuilt.com/ 
• Substack: https://substack.com/@securelybuilt

For more insights on data security posture management, visit: https://www.sentra.io/data-security-posture-management

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

Human risk is the most unpredictable factor in cybersecurity and insider risk.

Lisa Gunning, a counterintelligence and insider risk expert with over 18 years of experience in both the public and private sectors, joins Ward today to dive into human risk. Lisa shares her unique perspective on the human element in cybersecurity, the evolving landscape of insider threats, and the critical importance of building a strong security culture within organizations. The conversation covers the intersection of AI, human behavior, and data protection, offering practical advice for organizations of all sizes. She provides actionable recommendations and stories around her experiences that any listener can benefit from.

Takeaways:

• Recognize the Human Element: Understand that human behavior is often the biggest risk in data security. Both intentional and accidental actions by insiders can create vulnerabilities.
• Foster Security Culture: Build a culture where security is everyone’s responsibility. Encourage open conversations about risks and make security policies clear and rational.
• Partner Across Departments: Collaborate with stakeholders like HR, compliance, IT, and business leaders to address insider risk from multiple angles.
• Iterate Policies: Keep security and data policies up to date. Make them flexible enough to adapt to new technologies and edge cases, rather than relying on rigid, outdated rules.
• Monitor for Insider Threats: Identify high-risk individuals and roles, not just executives or IT admins, but anyone with access to sensitive data or mission-critical processes.
• Leverage Counterintelligence Tactics: Use counterintelligence strategies to understand what assets are valuable to adversaries and how your organization might be targeted.
• Be Transparent About AI Tools: Set clear guidelines for the use of AI note-takers and other digital assistants, especially in confidential meetings.

Quote of the Show:

• “Human behavior is the biggest risk. We are an unpredictable, ever-evolving group, and as a very wise colleague of mine once said, humans are gonna human.” - Lisa Gunning

Links:

• LinkedIn: https://www.linkedin.com/in/lisa-gunning/ 
• Website: https://www.vaillancegroup.com/ 
• Substack: https://lotstounpackthere.substack.com/  

For more insights on generative AI risks, visit: https://www.sentra.io/learn/ghosts-in-the-model-uncovering-generative-ai-risks

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

What’s the balance between data governance and data stewardship?

Lance Fischer, Principal Security Architect at Guidepoint Security, joins the show today and dives into the complexities of data security, highlighting the differences between data governance and data stewardship. He emphasizes the significance of visibility and collaboration among stakeholders in maintaining robust data security frameworks. Lance shares insights from his extensive career, revealing the practical challenges and strategies in improving data security through governance, tool rationalization, and pragmatic approaches. The discussion also touches on the evolving landscape of AI, APIs, and the critical importance of securing sensitive data. This episode provides a comprehensive look into the foundational aspects of data security and offers practical advice for organizations to enhance their data protection efforts.

Takeaways:

• Prioritize Visibility First: Before implementing controls or buying tools, ensure you have a clear understanding of what data you have, where it resides, and how it flows within your organization.
• Clarify Data Governance vs. Data Stewardship: Define clear roles. Governance sets the policies and rules; stewardship ensures those rules are applied consistently. Foster communication and cooperation between these groups.
• Start Small and Scale: Don’t try to solve everything at once. Tackle visibility and controls in manageable pieces. Focus on a subset of data or a specific business unit to build momentum.
• Engage Stakeholders Across the Business: Involve HR, Legal, IT, and business units early to ensure policies are practical and have buy-in. Encourage open dialogue rather than top-down mandates.
• Understand and Plan for Resource Needs: Assess the people, time, and budget required for data security initiatives before launching. Avoid overburdening staff with too many roles; dedicate resources where possible.
• Document Decisions and Processes: Track inputs and outputs from governance meetings and policy changes for audit and continuous improvement.
• Anticipate and Manage Tool Sprawl: Regularly review existing tools for effectiveness and eliminate redundant or unused solutions. Don’t assume swapping tools will solve underlying process or visibility issues.

Quote of the Show:

• “What we're talking about here is not visibility, just from putting in a DLP tool. We're also talking about business: having those conversations between real humans to get a sense for what's going on.” - Lance Fischer

Links:

• LinkedIn: https://www.linkedin.com/in/lance-fischer-a0301219/ 
• Website: https://www.guidepointsecurity.com/ 

For more insights on data security posture management, visit: https://www.sentra.io/data-security-posture-management

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod 

How can cybersecurity professionals balance both the regulatory requirements and the fundamentals of data protection?

Today, Trevor Dolan, Cyber Security Executive Advisor at NinjaJobs, shares insights on balancing regulatory compliance with the fundamentals of data protection, designing holistic data protection programs, and the importance of strategic planning. He delves into the five main areas of developing data protection organizations: governance and leadership, risk assessment, policies and procedures, training and awareness, and team and organizational structure. Trevor also offers practical advice for young professionals starting in the field and discusses the significance of building trustworthy relationships with stakeholders. For organizations facing budget and hiring challenges, he suggests prioritizing top-risk areas and leveraging existing resources effectively. The episode concludes with Trevor reflecting on his career journey and sharing his contact information for further connection.

Takeaways:

• Establish Strong Governance and Leadership: Build a solid foundation by defining the scope of your data protection program.
• Conduct a Comprehensive Risk Assessment: Use frameworks like NIST CSF or CIS Controls to assess your current state and maturity. Be honest about gaps and deficiencies; use data to drive consensus and prioritize improvements.
• Develop and Maintain Clear Policies and Procedures: Ensure policies map directly to regulatory, legal, and contractual requirements. Create a hierarchy: policies, procedures, standards, and control implementation patterns.
• Invest in Targeted Training and Awareness: Go beyond generic security training; provide specific modules for privacy, incident management, and data protection. Reinforce training with assessments that encourage critical thinking, not just box-checking.
• Be Flexible and Resourceful with Budget and Staffing: If faced with budget or hiring freezes, focus on top-priority risks and use available tools creatively (“gold, silver, bronze” approach).
• Use Data to Drive Decisions and Build Consensus: Bring objective data to stakeholder discussions to resolve disagreements and focus on solving real problems.
• Continuously Improve and Adapt: Treat your data protection program as a living, evolving effort. Regularly revisit your risk assessments, policies, and training to ensure they remain effective and aligned with business objectives.

Quote of the Show:

• “Make sure that those expectations are well communicated, but do it in a way that helps them to really incorporate that in their day-to-day so that they feel empowered as far as protecting the organization's data, and they feel part of the mission.” - Trevor Dolan

Links:

• LinkedIn: https://www.linkedin.com/in/trevor-dolan-91a1ab12/ 

For more insights on data privacy and compliance, visit: https://www.sentra.io/use-cases/data-privacy-and-compliance

Ways to Tune In:

• Transistor: https://guardiansofthedata.show/  
• Spotify: https://open.spotify.com/show/5gZXInkb12Qrs2Lyv0hstQ 
• Apple Podcasts: https://podcasts.apple.com/us/podcast/guardians-of-the-data/id1826819323 
• Amazon Music: https://music.amazon.com/podcasts/0754cdde-f1c4-4f6c-92a2-e263f7840eb8/guardians-of-the-data
• iHeart Radio: https://www.iheart.com/podcast/269-guardians-of-the-data-285972170/
• YouTube: https://www.youtube.com/@GuardiansoftheDataPod