S2:E12 | Cybersecurity and Teleworking Part II | Compliance In Context
Welcome back to the Compliance In Context Podcast! On today’s show, we welcome the return of former NSCP Board Chair and all-around compliance expert, Craig Watanabe, to analyze some recent comments from SEC Chair Gensler around cybersecurity, and reveal some practical tips firms can use to enhance the cybersecurity measures inside their own firms. In our Headlines section, we look at the new NSCP Firm and CCO Liability Framework and its broader application to the industry. And finally, we wrap up today’s show with another installment of What’s On My Mind where we examine what an 80s classic song from Mike and the Mechanics and the life of John Madden can teach us about being the best compliance officer and CCO for your respective firms.
Headlines
NSCP Firm and CCO Liability Framework
Interview
Reaction to SEC Chair Gensler’s Speech at Northwestern Pritzker School of Law’s Annual Securities Regulation Institute
Reviewing “Twelve Tips for Teleworking Cybersecurity” in May 2020 edition of Currents
What is the Windows 11 upgrade?
Usability vs. Security
What is the Trusted Platform Module?
What are the best tips for cybersecurity and user awareness training?
What is cyber hygiene?
What are some other best practices you’ve seen in cybersecurity lately?
How best to leverage cyber insurance and related expertise?
What’s On My Mind?
“Living Years” by Mike + The Mechanics
The Life of John Madden
Fastidious preparation as compliance coach
Living with a sense of appreciation
Quotes:
“Cybersecurity is almost always at the top or near the top of the list in terms of risks and I think that’s going to be the case for some time for this foreseeable future so it’s going to be a big risk for everyone, a big risk for the industry.” – Craig Watanabe
10:12 - “I think Regulation SP is somewhat of a misnomer because the S stands for safeguarding and the P stands for privacy. But if you ask most people, ‘Reg SP?’ ‘Oh, yeah! Privacy.’ We kinda forget Section 30, which is the safeguarding part of the rule. And that’s where all cybersecurity regulation basically resides.” – Craig Watanabe
“In the Fortress Model, the idea is you create this fortress. Everything on the inside of the fortress, all the interior is safe and you try to keep all the unknowns (all the bad stuff) out. That model works really well when you have a centralized work environment and you have a centralized IP. It’s a perfectly reasonable, very usable, and a very functional model. That model, however, doesn’t work as well in a remote or hybrid work environment.” – Craig Watanabe
“I think there has been a paradigm shift at Microsoft and other big vendors, with an emphasis on security. That’s clear to me. I don’t think Microsoft would have done these things prior.” – Craig Watanabe