Life with GDPR

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. Jonathan is on a short hiatus and in this episode, we have a special guest, Karen Moore who discusses the EU’s Corporate Sustainability-Due Diligence Directive. Karen Moore is a well-versed professional in the area of impact assessments and due diligence, with a particular focus on human rights and environmental issues to prevent and address potential harm. Her perspective, shaped by her extensive experience, is that impact assessments and due diligence are key indicators of a corporation’s commitment to preserving the environment and upholding human rights. Moore emphasizes the importance of these processes not only within a company’s own activities, but also within those of its suppliers and indirect suppliers. She stresses the need for a robust due diligence process, including tracking progress, publishing annual statements, implementing complaints procedures, and involving all employees. Additionally, she highlights the challenges of managing these processes, such as complex questionnaires for third-party suppliers and the need for streamlined assessments. She believes in a proactive approach to corporate responsibility, going beyond regulatory requirements to foster sustainable practices and ethical decision-making. Key Takeaways: Ethical and Sustainable Business Practices Compliance Guidelines Ethical Evaluation for Data Privacy Compliance in the US Ethical Data Handling for GDPR Compliance Ethical Business Practices in Supply Chains Resources: Connect with Tom Fox Instagram Facebook YouTube Twitter LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Connect with Karen Moore LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. Today we consider the NIS2 Directive, which is the EU-wide legislation on cybersecurity. It provides legal measures to boost the overall level of cybersecurity in the EU. Cybersecurity regulations are reshaping the landscape, demanding swift action and accountability from organizations and individuals. The NIS2 Directive tightens reporting deadlines, putting pressure on organizations to comply with cybersecurity incidents. This means that organizations need to be prepared to act quickly and efficiently in the event of a cyber incident to avoid penalties and maintain trust with their stakeholders. Management faces increased personal liability under the NIS 2 Directive, highlighting the need for proactive cybersecurity measures. This emphasizes the importance of implementing strong cybersecurity protocols and staying ahead of potential threats to protect both the organization and individual leaders from legal and financial repercussions. Regulatory bodies advocate for a shift towards prevention in cybersecurity to combat rising cyber threats. This shift in focus underscores the importance of investing in proactive cybersecurity measures rather than simply reacting to incidents after they occur, ultimately leading to a more secure and resilient digital environment. Join Tom Fox and Jonathan Armstrong as they delve deeper into this topic on this episode of the Life with GDPR podcast. Key Takeaways: NIS Two Directive: Stricter Reporting and Jurisdiction NIS Two Directive: Management’s Cybersecurity Liability Operational Resilience: Proactive Cybersecurity Measures Resources: Connect with Tom Fox Instagram Facebook YouTube Twitter LinkedIn Connect with Jonathan Armstrong Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at the continued fallout from the Solar Winds data breach. In the complex world of data protection, the General Data Protection Regulation (GDPR) has placed a spotlight on the importance of transparency, honesty, and corporate responsibility. Experts Tom Fox and Jonathan Armstrong bring their unique perspectives to this topic, shaped by their extensive experience in compliance and data protection. Fox emphasizes the potential legal consequences for corporate leaders who fail to disclose vulnerabilities or engage in dishonest practices, while Armstrong highlights the increasing pressure on individuals and corporations to disclose data breaches, with regulators focusing more on individual liability. Both stress the importance of transparency, the potential for litigation, and the role of whistleblowers. Join Fox and Armstrong as they delve deeper into these issues on this episode of the Life with GDPR podcast. Key Takeaways: The Importance of Truthfulness in GDPR The Importance of Transparency in Data Breaches Legal risks in data breaches and cybersecurity The Impact of Budget Constraints on Vulnerability Fixes Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their websitehere. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance by clickinghere. Check out the Cordery Data Breach Academyhere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at a breach of a big law. In the wake of a recent spearphishing attack and data breach at a UK law firm, the legal community is abuzz with discussions on the responsibility of lawyers to prevent such attacks. Tom Fox, known for his critical perspective on big law firms, highlights the mistakes made by the firm in question, emphasizing the increasing concern over cyber-attacks targeting law firms and the need for timely reporting to regulatory authorities. Jonathan Armstrong, on the other hand, underscores the importance of proactive cybersecurity measures and timely reporting, commending the firm for taking immediate action but criticizing the delay in reporting the breach. Both Fox and Armstrong bring their unique perspectives shaped by their experiences in the field. Join them on this episode of the Life with GDPR podcast as they delve deeper into this topic. Key Takeaways: A spearphishing Attack Leads to Data Breach Cybersecurity Measures for Law Firms The Power of Dedicated Data Protection Training Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their websitehere. Also, check out the GDPR Navigator, one of the top resources for GDPR compliance, by clickinghere. Check out the Cordery Data Breach Academyhere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. In this episode, they look at litigation over a data breach against Singtel Opus in Australia and the fallout from an investigation report. The recent data breach at Intel Optus, affecting 1.2 million individuals, has brought to light the critical role of strategic communication in managing cybersecurity breaches. Tom and Jonathan Armstrong, offer their unique perspectives on this issue. Fox emphasizes the inevitability of cybersecurity breaches and the need for a comprehensive strategy, including effective communication, to manage them. He warns against the potential consequences of mishandling communication during a breach, such as jeopardizing insurance coverage. Armstrong highlights the complexity of maintaining privilege in a global corporate structure and the importance of careful language to avoid invalidating insurance or causing unnecessary speculation. He also underscores the need for a holistic approach to cybersecurity, encompassing prevention, detection, remediation, and crisis communication. Join Tom Fox and Jonathan Armstrong as they delve deeper into this topic in the latest Life with GDPR podcast episode. Key Takeaways: Implications of Language in Data Breach Reporting Navigating CEO Communication and Insurance Coverage Navigating Insurance Coverage in Data Breaches Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go to their websitehere. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clickinghere. Check out the Cordery Data Breach Academyhere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. We take things in a different direction today as we discuss the somewhat lurid allegations around former Abercrombie & Fitch CEO Mike Jeffries. This matter illustrates the need for robust background checks and support of those who bring forward complaints against top management. The topic of CEO risk, specifically the importance of accountability and investigations in corporate compliance, is a critical issue in today’s business world. It explores the potential dangers CEOs can pose to corporations and the necessity of holding them accountable for compliance initiatives. Tom Fox, a renowned compliance expert, emphasizes the importance of conducting thorough due diligence on individuals, particularly at the senior executive level, to mitigate risks. He believes that behavior patterns often exist before public scandals occur and that it is crucial to identify these patterns through deep investigations. On the other hand, Jonathan Armstrong highlights the challenge of pushing compliance up the organization and the need for thorough due diligence when hiring senior executives. He also stresses the importance of accountability and investigations in addressing misconduct allegations, even if they are historic. Join Tom Fox and Jonathan Armstrong as they delve deeper into this topic on this episode of the Life with GDPR podcast. Key Takeaways: CEO Accountability and Risk Exposure Allegations of Sex Trafficking and Abuse The Significance of Investigating Past Misconduct Resources For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their websitehere. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clickinghere. Connect with Tom Fox ●LinkedIn ● Twitter ● YouTube ● Facebook ● Instagram Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned experts in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage’s banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss a data breach in a Scottish hospital during the COVID-19 pandemic. The breach occurred when hospital staff shared patient details on WhatsApp, raising concerns about GDPR compliance. The hospital informed the ICO about the breach but chose not to notify affected patients, highlighting the need for appropriate advice and support when making such decisions. The conversation also explores communication challenges in internal investigations and the privacy and security risks of platforms like WhatsApp. It emphasizes the importance of organizations adapting to the preferences of digital native employees and conducting data protection impact assessments. The podcast also highlights the importance of effective policies, training, and proactive phishing training to prevent cyber-attacks and protect sensitive information. Key Takeaways: ·Data breach in Scottish hospital ·The Challenges of Communication in Internal Investigations ·Importance of Policies and Training ·Phishing Training Effectiveness Resources: For more information on the issues raised in this podcast, check out the Cordery Compliance News Section. For more information on Cordery Compliance, go to their websitehere. Also, check out the GDPR Navigator, one of the top resources for GDPR Compliance, by clickinghere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. In this episode, Tom and Jonathan discuss a troubling inadvertent data release by the Police Service of Northern Ireland (PSNI). The release occurred when a document containing sensitive information about PSNI employees was mistakenly uploaded to a public site, putting officers at risk. The document, inadvertently released based upon a valid FOIA request, wrongfully included the names, ranks, locations, and even surveillance and intelligence details from the Northern Ireland constabulary. This inadvertent release highlights how the bypassing of security checks the caused the breach, emphasizing the real-world impact of data breaches on individuals. Tom and Jonathan also discuss the use of spreadsheets in data breaches and express frustration with the lack of attention given to these incidents. Overall, the conversation stresses the importance of data protection and compliance, and the urgent need for improved measures to address this issue. Key Takeaways: ·Data release at PSNI ·Data release implications ·Regulator's Call for Improved Data Protection ·Spreadsheets are evil Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their websitehere. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clickinghere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. The recent controversy surrounding Nigel Farage's banking situation highlights the risks and compliance challenges faced by the banking industry in relation to data protection. In this episode, Tom and Jonathan discuss the closure of Farage's bank account with Coutts, a high-end bank owned by NatWest, and the potential data breach that ensued. They discuss the risks of internal emails being exposed through subject access requests (SARs) and emphasize the importance of caution in email communication. The conversation also explores the cost and consequences of non-compliance with GDPR obligations, particularly in relation to SARs. The potential legal implications for banks that violate their own policies or delete data that should be provided in response to a SAR are highlighted. Overall, the episode underscores the need for banks to prioritize data protection, compliance, and proper decision-making in the financial industry. Key Takeaways: ·Nigel Farage's Banking Controversy ·Data Protection Risks in Banking ·The Cost and Consequences of Subject Access Requests ·Serious concerns about data protection and access to banking Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their websitehere. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clickinghere. Connect with Tom Fox ●LinkedIn Connect with Jonathan Armstrong ●Twitter ●LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Tom Fox and Jonathan Armstrong, renowned expert in cyber security, co-host the award-winning Life with GDPR. Matt Kelly and Jonathan Marks join Tom and Jonathan Armstrong on this episode, as they explore the case of former Uber CISO Joe Sullivan and the lessons compliance officers can learn from his lenient sentence. From growing trends of personal accountability to conflict of interests, the hosts provide six tips for chief compliance officers to protect themselves, including rehearsing responses and seeking external advice when necessary. This eye-opening episode also delves into the challenges faced by compliance officers in situations like Etsy's ransomware scheme and how they must be cautious with threat actors' demands. Don't miss out on this insightful episode that will leave you questioning whether Sullivan was unfairly punished and whether executives' remuneration packages will receive greater scrutiny going forward. Tune in now to Life With GDPR.  Key Takeaways: ·      The Joe Sullivan Uber Case and Lessons Learned ·      Individual Liability in Corporate Malpractice ·      Compensation and Conflicts of Interest ·      The Challenges of Compliance Officers in Wrongdoing Incidents  Resources For more information on the issues raised in this podcast, check out the Cordery Compliance, News Section. For more information on Cordery Compliance, go their website here. Also check out the GDPR Navigator, one of the top resources for GDPR Compliance by clicking here.  Connect with Tom Fox ●      LinkedIn Connect with Jonathan Armstrong ●      Twitter ●      LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices