In this bite-sized AI episode, Aakash Suri dives into the trendy new world of vibe coding. Vibe coding allows anyone to build software and applications simply by describing their ideas to an AI in plain English. While tools like Lovable, Replit, and Cursor are democratizing app development and drastically increasing speed, they also introduce significant privacy and security risks if left unchecked.

KEY TAKEAWAYS

Vibe coding lowers the barrier to entry: Anyone can now build software by using plain English prompts to tell an AI what they need. This empowers non-technical staff to create tools without waiting weeks for developers.

Establish strict guardrails: Organizations need clear rules regarding who is authorized to use Vibe coding tools. This prevents the creation of unmonitored shadow IT systems right under your nose.

Privacy must be proactive, not reactive: Incorporate privacy controls early in the vibe coding process. Do not wait until the end or after launch when the app has already grown legs and become business-critical.

BEST MOMENTS

"In the simplest possible terms, it means using AI to help you build software by describing what you want in plain English."

"Instead of thinking, right, I need to build a database, connect an API, create a front end, fix the errors, you just simply say, build me a simple app to track my podcast guests, store notes, and remind me how to follow up. And the AI gets to work."

"If people start building tools with real customer data, employee data, or sensitive business information without proper controls, then, in my opinion, you've got a massive issue."

"You may not even know someone has built a shadow IT system right under your nose."

"Bring privacy in early. Not at the end, not after launch, but early. Before the thing grows legs and becomes business-critical."

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/ 

FREE GIVEAWAY 

Jennifer is offering a 1-hour extended discussion and review of your organisation's compliance with ISO standards.

This could include discussion on:

Is ISO certification worth it for you?

Whether to get certified?

How should we prepare for stage 1 or stage 2 audits before certification?

How to improve your internal audits?

What to do if your external audits keep finding non-conformances. 

How to improve your ISO manual.

ALSO, Free review of your certificate: 

Please send Jennifer a copy of your certificate, and she will review it and let you know whether it covers what you are expecting.  If you are sending a copy of a third-party certificate, typically a supplier's, please ensure you can share it. We may need additional information, but we will request it once we have reviewed the certificate.  Certificate reviews are limited to three certificates per company requesting them.

Please contact Jennifer here, linkedin.com/in/jennifer-hirst-44b3b5b7  

In this episode, Aakash Suri sits down with Jennifer Hirst, a seasoned compliance and ISO consultant, to demystify the ISO 27001 certification. Moving beyond the idea that ISO is just an IT security badge, Jennifer explains how it serves as a structured framework for organizations of all sizes to implement best practices in data protection. 

KEY TAKEAWAYS

ISO 27001 is a Framework, Not Just a Label: It is a structured way of working that focuses on the confidentiality, integrity, and availability of data, regardless of company size.

Regulatory Alignment is Embedded: ISO 27001 is not separate from laws like GDPR; it requires organizations to be aware of and integrate their legal and regulatory obligations into their security controls.

The "Human Firewall" is Critical: Technical tools are insufficient without staff awareness. Training employees to recognize simple risks—like leaving a workstation unlocked or working on public transport—is vital to preventing breaches.

Scope Matters in Certification: A major red flag is a certificate with a limited "scope" that excludes the specific departments or processes where sensitive data is actually handled.

Continuous Improvement is Mandatory: Certification is not a one-time event. It requires regular internal audits, annual external assessments, and a full recertification every three years to adapt to new risks.

BEST MOMENTS 

"It's not a badge, it's a way of working. It's making sure that IT security... is there high on the agenda for that company."

"While we all live in a very technical world... we don't. You just click on a link because it all looks so perfect."

"A certificate on the wall means very little if people are still bypassing processes, hoarding data, or ignoring basic hygiene."

"Top management needs to have the buy-in... if top management hasn't got the buy-in, you're never going to sustain it."

"Just putting one question into AI uses the amount of water that a town might use in a day... It's a staggering amount."

TO CONNECT WITH JENNIFER

linkedin.com/in/jennifer-hirst-44b3b5b7 

https://qualityexcellence.co.uk/ 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/ 

This episode of Let’s Talk AI features Aakash Suri diving into the Black Mirror reality of OpenAI’s latest headlines. The discussion centers on Sam Altman’s radical succession plan to eventually hand the company over to an AI model, his claims that OpenAI has "basically built AGI," and the resulting tension with Microsoft’s Satya Nadella. 

KEY TAKEAWAYS

The AI Succession Plan: Sam Altman revealed a plan to eventually replace himself with an AI model, arguing that if OpenAI’s mission is to build AGI, that system should eventually be capable of running the company.

The AGI Claim & Microsoft Friction: OpenAI reportedly claims to have "basically built AGI," a statement that prompted a restrained pushback from Microsoft CEO Satya Nadella, who described the two companies as "frenemies" with different incentives.

Governance & Accountability Gaps: Replacing a human CEO with an AI model raises massive legal questions: who is responsible when an AI makes a harmful decision, and can a board truly "override" a system that is also the company's primary tool?.

BEST MOMENTS

"If your whole mission is to build AGI... then at some point that system should be able to run a company."

"Satya Nadella... described the relationship between Microsoft and OpenAI as 'frenemies' but with different incentives, timelines, and levels of hype tolerance."

"How do you audit the decision-making of a system that is both the tool and the boss?"

TO CONNECT WITH YOUR HOST

⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠ 

https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/

HOST BIO
Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/ 

FREE GIVEAWAY 

To have access to the 2 FREE books, we have included a link here - https://drive.google.com/drive/folders/1IR6FamA9-XqC5txHBvi5MwkArAPVQBU5 

ALSO, contact Chetandeep on LinkedIn for a FREE mentorship call HERE - linkedin.com/in/achetansbatra  

This episode of Let’s Talk Privacy features a deep dive into the evolving landscape of data protection and artificial intelligence in India. Aakash Suri welcomes Chetandeep Batra, a senior security and privacy consultant at EY and IAPP New Delhi Chapter Chair, to discuss the practical challenges organizations face with the Digital Personal Data Protection (DPDP) Act.

KEY TAKEAWAYS 

The Execution Gap: The biggest challenge for Indian organizations isn't the text of the DPDP Act, but the disconnect between boardroom policies and real-life data handling practices.

DPDP vs. GDPR: Unlike the GDPR, India's DPDP Act applies strictly to digital personal data, excluding paper-based records, which requires a specific digital-first maturity.

Collaborative Governance: Effective privacy management requires an "amalgamation" of legal, security, and management perspectives rather than any single department dominating the conversation.

AI’s Silent Integration: Regulators often underestimate how "invisibly" GenAI is being embedded into everyday enterprise tools, making auditing and tracing more complex.

Privacy by Design in AI: Beyond breach prevention, the future of AI compliance lies in "Privacy-Enhanced Technologies" and ensuring data is used only for its original documented purpose.

BEST MOMENTS

"Privacy is not implemented in isolation; it is negotiated."

"The biggest misunderstanding I see... is they underestimate the challenge of security, with terming with privacy all in all. It is not about documentation; it is not about certifications."

"I look at it as GDPR is the parent and the other legislations are like kids... they still have to follow what the parents are saying, but be bespoke to the country." 

"Real risk lies in the silent usage of AI... it doesn't just process data; it is how it is interpreted, it creates abstractions, it creates embeddings."

"People like to be heard here... when the voice is heard, 50% of the things just go very smoothly."

TO CONNECT WITH CHATENDEEP

linkedin.com/in/achetansbatra 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/  

In this episode, Aakash Suri moves beyond science fiction to explore the sobering reality of AI on the modern battlefield. Using the current conflict in Iran as a case study, the discussion breaks down how AI is being used to scan satellite imagery, prioritize targets, and assist in cyber operations. 

KEY TAKEAWAYS

Active Deployment: AI is no longer theoretical; it is actively used in the Iran war for target identification, threat ranking, and cyber warfare.

The "Rubber-Stamp" Risk: High-pressure environments lead commanders to reflexively approve AI recommendations, blurring the lines of human accountability.

Infrastructure as a Target: Tech companies’ data centers and cloud campuses are now considered military assets and potential targets due to their role in running war-fighting AI.

BEST MOMENTS

"AI isn’t just in the lab anymore; it’s in the war room."

"On paper, humans are in the loop. In reality, they’re just approving what the machine has already decided."

"We speed up the pipeline from a possible target to an explosion on the ground faster than our ethics, our laws, and our investigations can keep up."

TO CONNECT WITH YOUR HOST

⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠ 

https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/ 

FREE GIVEAWAY INFORMATION: Nav has provided a discount for all Let’s Talk Privacy listeners, 50% off the knowledge Blockchain course by using the code: AAKASH50

In this episode, Aakash is joined by risk expert Nav Sandhu to explore the intersection of blockchain technology and data protection. Nav breaks down complex concepts like Zero-Knowledge Proofs and pseudonymization, illustrating how blockchain can protect personal identity while still proving authenticity. Aakash and Nav also discuss the evolving role of the AI Officer and why boards must move beyond to embrace privacy as a fundamental trust mechanism and business enabler.

KEY TAKEAWAYS

Blockchain Terminology vs. Risk Frameworks: Current risk vocabularies often fail to capture the nuances of blockchain, requiring regulators to build new frameworks that define elements like wallet addresses as Personally Identifiable Information.

The Power of Immutability: Because blockchain data is permanent and unchangeable, it offers a highly reliable "data lineage" for verifying income, transaction history, and consent.

Zero-Knowledge Proofs (ZKP): This technology allows a user to prove they possess specific knowledge without actually revealing the sensitive information itself.

Granular Consent: Unlike traditional "on/off" consent switches, blockchain allows individuals to fine-tune what data is visible to third parties, such as allowing a bank to see transaction categories without seeing specific retailers or locations.

Privacy as a Revenue Driver: When organizations demonstrate a robust commitment to looking after personal information, privacy evolves from a compliance hurdle into a competitive advantage that builds customer trust. 

BEST MOMENTS

"If you risk nothing, you risk everything."

"Blockchain is the internet; industries will be built on top of it."

"Zero-knowledge proof is where a person can prove knowledge or authenticity without revealing that personal information."

"Privacy is not seen as a blocker; it's seen as a revenue driver and as a trust mechanism that will win you more customers."

"We need the right people in the right room; you cannot expect a Data Protection Officer to try and understand everything happening in AI on top of what they're already doing."

TO CONNECT WITH NAV

https://www.linkedin.com/in/nav-s-6194468b 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.
This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

FREE GIVEAWAY

Free entry into Blockchain Introductory Course offered by AS Privacy & AI Solutions LTD, DM the word BLOCKCHAIN to ⁠⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠⁠⁠ 

ONLY AVAILABLE FOR THE FIRST 3 LISTENERS/RESPONSES SO DM NOW!

Welcome to a brand-new, bite-sized edition of Let's Talk Privacy, with Aakash Suri, a privacy and AI thought leader, who breaks down the monumental shifts of 2025. This episode moves beyond the "chatbot hype" to explore the intersection of global geopolitics, massive infrastructure investments, and the evolving risks of synthetic media.

KEY TAKEAWAYS

Geopolitical Competition: The release of China's DeepSeek R1 proved that powerful AI can be built more affordably, challenging the dominance of high-cost U.S. chipmakers like NVIDIA.

AI as Utility: Projects like "Stargate" (a collaboration between OpenAI, Oracle, and SoftBank) are treating AI data centers like energy or telecom infrastructure, requiring power equivalent to multiple nuclear plants.

The Death of Video Proof: High-fidelity video models now make it nearly impossible to distinguish between real and synthetic footage on small screens, creating massive fraud risks for CEOs and brands.

BEST MOMENTS

"2025 wasn’t just another year in AI. It was the year the market realized AI isn’t just about clever chatbots; it’s about geopolitics."

"Maybe you don't need to spend crazy money on NVIDIA to get good AI anymore."

"This is not a small IT project. This is infrastructure on the same scale as energy or telecoms."

TO CONNECT WITH YOUR HOST

⁠https://www.linkedin.com/in/aakashsuri-thoughtleader/⁠ 

https://www.linkedin.com/company/as-privacy-ai-solutions-ltd/

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. ⁠https://disruptivemedia.co.uk⁠/ 

In this episode, Aakash Suri sits down with Yassine Mernit, a freelance Data Protection Officer and consultant who recently made the bold move from Paris to the UAE. Yassine shares candid stories from the front lines of global privacy, including the high-stakes moments he had to challenge powerful stakeholders and even general managers to protect data subjects. 

KEY TAKEAWAYS

The Power of "No": A DPO’s most critical moments often involve halting high-value projects or forcing breach notifications, even when faced with resistance from senior leadership.

Communication is the Best Tool: Conflict is best resolved through early communication and training, helping departments see the DPO as a value-add rather than a "blocker".

Data Minimization as a Business Asset: Beyond legal compliance, data minimization is a revenue and efficiency driver that reduces storage costs and builds consumer trust.

AI Requires Specialized Knowledge: To govern AI effectively, DPOs must move beyond the "tick-box" mentality and understand technical architectures and AI-specific risks.

Freelancing Demands a Growth Mindset: Transitioning from an employee to a consultant is less about escaping a job and more about intentionally designing a career around your core values.

BEST MOMENTS

"You rarely win by just saying no... you need to communicate, you need to train people, you need to discuss with them one by one."

"The DPO is not responsible for the company... the responsibility is under the general manager. Our role is independent: we help and we advise."

"Real data protection leadership often looks like being willing to slow things down or even say no when it really matters."

"Responsible AI is not mysterious; it’s a set of disciplined habits, not magic."

"If you don't understand the AI lifecycle behind a solution, you will never be able to advise correctly prior to its launch."

TO CONNECT WITH YASSINE 

linkedin.com/in/yassine-mernit 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

FREE GIVEAWAY INFORMATION: Eniola has provided a discount for all Let’s Talk Privacy listeners, up to 20% off to join her Privacy Career Community by using the code: AAKASH20 

In this episode, Aakash Suri is joined by Eniola Akinkugbe, a global privacy consultant and the visionary behind The Privacy Career Coach. Eni explains that real privacy is a living system embedded in a company’s DNA, not just a PDF. Aakash and Eni dive into the practicalities of AI governance, the certification trap facing new professionals, and how shifting the perspective from risk to trust advantage can turn privacy into a powerful revenue driver for businesses.

KEY TAKEAWAYS

Privacy is a System, Not a Document: A template policy off the internet won't protect you; a real program reflects your specific tech stack, data flows, and risk profile.

The "Certification Trap": Having multiple certifications doesn't guarantee job readiness. True proficiency comes from hands-on experience and the ability to operationalize law into plain-English business steps.

Shift to "Privacy by Design": Engaging privacy professionals at the start of a project, especially in AI, is far cheaper and more efficient than trying to "bolt on" compliance right before launch.

Revenue through Trust: When framed correctly to leadership, privacy is not just a cost center or a "no" department; it is a competitive advantage that builds customer trust and reduces organizational risk.

AI Literacy is the New Minimum: For privacy professionals to remain relevant, they must deeply understand how AI models are trained and how data flows through them across different jurisdictions.

BEST MOMENTS 

"CEOs still see privacy as a document and not a system."

"Privacy isn't a PDF you download; it's a living system."

"The word 'risk' has a negative connotation... but the other side of risk is upside potential."

"Start now and get perfect later... jump and grow wings on the way down."

"Visibility is credibility. We've got to share our knowledge... even if it helps just one person."

TO CONNECT WITH ENIOLA 

https://www.linkedin.com/in/enijack 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/

FREE GIVEAWAY INFORMATION: 

Please enjoy one free audio review copy of Blooming Good Information Management now available on Audible. Connect, Follow & DM Aakash Suri on Linkedin for Promo Code.   

In this episode, Aakash Suri is joined by Jacqueline Stockwell, CEO and founder of Leadership Through Data. Jacqueline shares her unique journey from working in a dingy records library to founding a global training organization that operates across the UK, Australasia, and the USA. Jacqueline provides a masterclass on effective communication, explaining how to use sizzling copy, a 60-second elevator pitch, and behavioral psychology to win over senior stakeholders and transform privacy from a non-department into a strategic business enabler.

KEY TAKEAWAYS

The 60-Second Pitch: Professionals must be able to articulate who they are, what they do, and what they want to achieve in one minute to gain immediate authority in meetings.

Sell the Sizzle, Not the Steak: Stakeholders don't care about the intricacies of the law; they care about the outcome. Frame privacy as a way to solve problems rather than a "tick-box" exercise.

The "I/Me" Website Test: Audit your internal communications and website copy. If you say "I" or "Me" more than twice per page, the messaging is too self-centered and needs to be flipped to focus on the audience's benefit.

Color Communication: Tailor your pitch to the personality of the stakeholder: "Reds" want the bottom line, "Blues" want the data, "Yellows" want the enthusiasm, and "Greens" want to feel supported.

Visibility is Credibility: For introverted professionals, building a brand isn't about being loud; it’s about consistently showing up, sharing authentic lessons, and being visible so that the organization views you as a partner rather than an obstacle.

BEST MOMENTS

"Privacy isn't here to slow you down; it's here to help you move faster, safely."

"People learn from people... it shouldn't just be 'talk and talk' for eight hours while they wait for the next coffee break."

"If privacy only appears during an incident, you are seen as the police."

"Visibility is credibility. If you don’t show up, nobody is going to know what you’re doing."

"Take the risk or lose the chance... most decisions are reversible."

TO CONNECT WITH JACQUELINE 

https://www.linkedin.com/in/jacquelinestockwell 

TO CONNECT WITH YOUR HOST

https://www.linkedin.com/in/aakashsuri-thoughtleader/ 

HOST BIO

Aakash is a recognised Data Privacy leader who helps organisations navigate complex regulations with clarity, confidence, and common sense. Unlike the legalese-driven privacy pros who simply regurgitate the law, Aakash breaks down what the rules actually mean, translates them into plain English, and gives businesses three SMART, pragmatic steps to demonstrate real compliance.

This Podcast has been brought to you by Disruptive Media. https://disruptivemedia.co.uk/