She Said Privacy/He Said Security

Angeline Corvaglia is the Founder of Data Girl and Friends, where she is committed to helping young people thrive in an AI-driven digital world. Her strategy encompasses three key pillars: privacy and security awareness, critical thinking skills, and balancing the benefits and risks of AI. Angeline is on a mission to equip young minds with the tools they need to navigate and succeed in the ever-evolving digital landscape.

With rapid advancements in technology and AI, it is now more crucial than ever to protect children, particularly girls, online. Many parents are unaware of the full extent of digital and social media threats, such as AI-driven chatbots used by predators to manipulate children. How can parents protect their children, especially their daughters, and educate them about online risks?

To combat these risks, parents should activate privacy settings and restrict information sharing on electronic devices. Parents should activate enable privacy settings and restrict information sharing on electronic devices. And with resources like Data Girl and Friends, parents can engage in meaningful conversations with their children, empowering them to become digitally savvy and take charge of their online  privacy.

In this week’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Angeline Corvaglia, the Founder of Data Girl and Friends, about protecting girls online. She shares actionable insights on shielding kids from intrusive data practices and online predators and discusses the underlying societal pressures that amplify these risks especially for girls.

Christina Shannon is an accomplished Chief Information Officer (CIO) in the CPG chemical manufacturing sector. With a career spanning over two decades, she transitioned from senior security leadership roles in Fortune 100 companies to executive technology leadership positions in mid-to-large-sized, private equity-owned firms. Christina's journey includes serving as a Chief Information Security Officer (CISO) four times, in which she gained deep experience in developing effective strategies to address enterprise cyber risk across various industries. As a CIO, she focuses on leveraging technology to drive innovation, improve operational efficiency, and secure critical digital assets in the CPG chemical manufacturing industry.

Understanding the multifaceted role of a CIO offers valuable insights into the synergy between technology and business operations, highlighting the importance of operational efficiency, robust cybersecurity measures, and comprehensive privacy controls. How does one effectively navigate these complex responsibilities?

As a Chief Information Officer for the chemical manufacturing company, Christina Shannon emphasizes the need for strategic alignment between technology and business objectives. To be effective, CIOs must grasp the broader business implications of their decisions, not just the technical and security aspects. This involves developing a framework that integrates effective AI policies, ensures privacy compliance, and addresses operational security risks.

Christina Shannon, CIO at KIK Consumer Products, joins Jodi and Justin Daniels on this week’s episode of She Said Privacy/He Said Security to discuss her role as a CIO, offering practical strategies for leveraging technology to drive innovation while safeguarding digital and physical assets. Christina describes the process of shifting from a technical mindset to an operational viewpoint to align technology with business goals, understand risk exposures, and manage privacy and security initiatives effectively. The conversation also covers how organizations can derive value from their security measures beyond checking off compliance requirements.

Aaron Mendelsohn is currently Director - Privacy Officer at the LEGO Group in Denmark, where he leads data protection and privacy compliance within the Digital Technologies teams, including LEGO.com, LEGO Insiders, LEGO Marketing, and LEGO Retail. Prior to joining the LEGO Group, Aaron held leadership roles in data protection, privacy, and information security, including creating and managing global data protection and privacy programs at two Fortune 500 companies

Establishing a functional privacy framework within an organization is crucial for maintaining compliance and safeguarding data. It goes beyond simply adhering to legal regulations. Effective privacy management involves understanding how privacy laws and privacy initiatives work together to impact overall business operations. So, how can companies seamlessly integrate privacy into their day-to-day activities?

Customizing privacy objectives to align with a company's individual needs, culture, and risk profile is imperative. To be successful in this approach, privacy professionals must be flexible and strategic, tailoring their strategies to align with organizational priorities through comprehensive policies, privacy-by-design programs, training, and other initiatives.

In today’s episode of She Said Privacy/He Said Security, Jodi and Justin Daniels welcome Aaron Mendelsohn to discuss practical strategies for operationalizing privacy within organizations. Aaron emphasizes integrating people, processes, and technology to achieve effective privacy management. The discussion also underscores the value of targeted privacy training tailored to specific business roles and how privacy professionals can successfully adapt and evolve privacy strategies as business needs change.

Kabir Barday’s career journey illustrates the power of innovation in privacy. As the Founder, CEO, and Chairman of OneTrust, he has transformed the landscape of privacy automation. He holds a Fellow of Information Privacy with the IAPP, the highest designation of a privacy professional, and is a Henry Crown Fellow at the Aspen Institute. With a BS in Computer Science from the Georgia Institute of Technology, where he serves on the Georgia Tech Advisory Board (GTAB), Kabir continues to lead OneTrust in setting new standards for privacy automation and responsible AI.

Many companies struggle with responsible use of data, AI, and creating privacy programs. From ethical data use to complying with evolving privacy laws and using new AI tools, it can be challenging for companies, especially with manual processes. How can businesses and privacy professionals ease the burden of manual privacy work and keep up with regulations?

Trust has become a fundamental societal trend, so businesses must facilitate trusted interactions with customers and stakeholders by embedding privacy controls into the user experience. Fortunately, there is OneTrust, the company revolutionizing responsible use of data, AI, and privacy management with its proprietary software that automates privacy processes, helps organizations comply with regulations, and builds trust with customers.

Kabir Bardy, Founder, CEO, and Chairman of the Board at OneTrust, joins Jodi and Justin Daniels on this week’s episode of She Said Privacy/He Said Security to discuss OneTrust’s innovative approach to privacy, automation, and AI. Kabir shares AI and privacy trends from Trust Week 2024, how OneTrust champions responsible use of data and AI, and how companies can evolve their privacy programs at various maturity levels.

Charlotte Baker is the CEO and Co-founder of Digital Hands, a leading cybersecurity services provider. Under Charlotte’s leadership, Digital Hands has won numerous industry awards, with the most recent in 2023, which includes “Most Innovative MSSP”: at CyberDefenseCon and Inc’s “Power Partner of Privacy and Security.” With a 100% US-based delivery model, Digital Hands’ clients received unparalleled speed in threat detection and incident response.

The recent security regulations and SEC cyber rules have shifted companies’ focus from risking fines to maintaining mandatory compliance. While these regulations force businesses to adopt stringent security and ethical data privacy practices, some privately held companies are turning a blind eye. What strategic measures can businesses implement to comply with these regulations?

Many privately held companies don’t understand that regardless of their size, they must adhere to new SEC rules and thoroughly review security contract addendums to avoid breach response hijacks by publicly traded companies. Companies also need to understand that compliance involves more than just reviewing security addendums or publishing a privacy policy on their website. They must prove they follow these policies. Even when companies have cybersecurity solutions, follow the rules, and achieve compliance, they may still get breached. That's why companies like Digital Hands aim to get ahead of every threat. With its “get there first” approach to security, Digital Hands maintains speed and flexibility to execute security solutions, taking a proactive approach to compliance.

In today’s She Said Privacy/He Said Security episode, Jodi and Justin Daniels welcome Charlotte Baker, the CEO of Digital Hands, to discuss the strategic measures businesses can implement to comply with security regulations. Charlotte emphasizes the need for multi-factor authentication, the benefits of avoiding point solutions, and the importance of having a strategic roadmap for security maturity.

Gretchen Herault is Chief Privacy Officer at Randstad USA and the global job board Monster.com. She has held several privacy leadership roles, including Chief Privacy Officer at Haven Healthcare, HIPAA Privacy Officer at GE Healthcare, and Chief Privacy Officer of Nuance Communications.

Since the introduction of CCPA and as of this recording there are just under two dozen privacy laws either signed or about to be, altering how companies manage consumer data.As compliance becomes increasingly urgent, how can businesses structure their privacy programs around these laws?

Gretchen Herault manages Randstad USA's privacy program, collaborating with a cross-functional team of legal and business professionals to develop comprehensive strategies and operational solutions. As a result, Randstad's privacy program takes a proactive approach and adapts to new regulations by aligning with California's strict privacy standards. This simplifies compliance efforts and prepares the company for upcoming laws.

In today’s She Said Privacy/He Said Security episode, Jodi and Justin Daniels engage in a thought-provoking conversation with Gretchen Herault, the Chief Privacy Officer of Randstad USA and Monster.com, about building and operationalizing privacy programs. They discuss how to develop privacy programs under a growing number of privacy laws, regulating company AI use, and Gretchen's advice for evaluating and building privacy teams.

Michael Moore is the Chief Privacy Officer at Lacework, handling privacy and cybersecurity, product counseling, transactions, intellectual property strategy, and open-source software. He holds the IAPP privacy qualifications of CIPP-US, CIPP-E, CIPP-C, CIPM, and CIPT. Michael is also an inventor on 10 patents and author of over 20 published articles.

Cloud solutions are immensely helpful and strategic tools for companies, offering ubiquitous and immediate access to stored data. The benefits are abundant, but so are the dangers.

Cloud software's vulnerabilities stem from the same features that make it valuable, making it a prime target for privacy and security threats in a centralized space. That's why companies like Lacework are tackling this issue with a tile-based cloud security platform that detects data and identity risks to protect against both known and unknown threats. How can your company amplify its cloud security to stay ahead in the evolving threat landscape?

In this episode of the She Said Privacy/He Said Security Podcast, Jodi and Justin Daniels are joined by Michael Moore, the Chief Privacy Officer at Lacework, to discuss security and privacy for the cloud. They discuss the modern concerns, how Lacework helps companies, the increasing threats companies face, and Michael’s personal privacy tips for anyone and everyone.

Richy Glassberg is the CEO and Co-founder of SafeGuard Privacy, a company established in 2019 to help businesses manage privacy compliance with effectiveness and efficiency. He is a digital media veteran with more than 25 years of experience. Richy has led seven startups and held executive roles at renowned brands and businesses, such as CNN, MTVN, and Turner Broadcasting.

Every professional sector benefits from its regulatory and professional organizations, which hold any given industry up to higher standards and harmonize processes. As concerns over privacy and security intensify, so does the need for these types of organizations to offer support. 

For digital marketing, the Interactive Advertising Bureau (IAB) plays a pivotal role by championing the interests of media and marketing professionals in the modern era. Navigating compliance remains a burning issue, and many companies are lost on how to address it. That’s why the IAB partnered with SafeGuard Privacy on the IAB Vendor Diligence platform to help make it easier for companies to perform vendor due diligence. Now you can learn from leading organizations and experts on what it takes to stay ahead of the curve.

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels chat with Richy Glassberg, Co-founder and CEO of SafeGuard Privacy, on ad tech, compliance, and the IAB’s role. They delve into Richy’s extensive career in media, tackle pressing compliance issues in digital advertising, explore the impact of Demand Side Platforms (DSPs), and discuss the future trajectory of the industry.

Bryson Bort is the CEO and Founder of SCYTHE, a threat emulation platform. He is Co-founder of GRIMM, a cybersecurity consultancy and ICS Village, a 501c3 for industrial control security systems. He is recognized as a Top 50 in Cyber by Business Insider and SANS Difference Maker Awards’ Innovator of the Year.

Any security or privacy protocol comes with a plan, and every plan fits into a larger strategy. Coordinating a large-scale strategy while maintaining the finer details is more complicated than it sounds. It helps to have professionals experienced not only in security, but also in strategy in general.

Bryson Bort has translated much of his military experience into cybersecurity. His team-forward, offensive mindset has been the foundation of his consulting service and the SCYTHE tool. This framework has proven useful for many notable companies, and it could also work in your arsenal.

In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Bryson Bort, the CEO and Founder of SCYTHE, to discuss his offensive cybersecurity strategy. They talk about the issues with training, the problems SCYTHE solves, learning about ransomware, and his previous work with Target. They also touch on Bryson’s process for grabbing and keeping attention.

Svetlana Braunscheidel is the General Counsel and VP of Operations at PNG Cyber, a forensic investigations and remediation business. In her role, she deals in digital forensics, incident response, threat actor communications, and cyber risk compliance services. Her previous experience spans executive operations, business development, and national security fields as a legal expert.

Cybersecurity is more than a corporate issue, bleeding directly into ever-evolving federal and state legislation. Legal protections can be immensely beneficial, but can also be equally confusing and opaque. As new SEC rules and regulations are put into place, how should businesses best adapt?

Svetlana Braunscheidel is a professional privacy and security expert who helps companies navigate these exact issues. Her advice includes nimble action, keeping up with trends, and utilizing the knowledge of other experts to ensure compliance.

In this episode of She Said Security/He Said Privacy, Jodi and Justin Daniels speak with Svetlana Braunscheidel, the General Counsel and VP of Operations at PNG Cyber, on the topic of cybersecurity after new SEC regulations. The three touch on current laws and recent additions, how these changes affect privacy, and what businesses should do to respond.