Sheila Jambekar, Chief Privacy Officer at Plaid, and Michael Phillips, Cyber Practice Leader, USA at CFC, discuss the human element at the forefront of security innovations and policies.
by Nikhil Chawla
The goal of this conversation is to frame privacy risk from a legal/regulatory perspective as well as an operational (privacy engineering) perspective. As security leaders we need to understand that privacy is more than checking a set of compliance boxes. It includes concepts like “privacy by design.” Those ideas embody the regulatory/compliance requirements as specifications to be engineered in to systems. The goal is to create systems that enable “privacy by default.”
In our first post, we established why comprehensive vendor discovery matters and how most organizations approach it incorrectly. Today, we’re diving into the practical mechanics: the seven data streams that can reveal vendor relationships hiding in your existing systems. The key insight is to start with data you already have rather than surveys or questionnaires. […]
Getting executive sign-off on a new control? Hard. Getting peer buy-in on security initiatives when they don’t report to you? Harder. In modern organizations, cybersecurity professionals often find themselves in the ultimate matrix of organizational challenges: you need buy-in from every department within the organization – operations, sales, HR, and finance – but none of […]
The average enterprise relies on hundreds—sometimes thousands—of third-party vendors to operate. Yet when security leaders are asked for a complete inventory of these vendors, the response is often a patchwork of spreadsheets, outdated procurement lists, and educated guesses. This vendor blindness isn’t just an operational inconvenience—it’s a critical business risk that’s becoming increasingly expensive to […]
Spotify
Apple Podcast
Google Podcast