Cybersecurity vs. GRC
04/04/24 • 36 min
With large data breaches making headline news nearly every week, cybersecurity is a hot topic.
Recently, AT&T discovered the personal information of more than 70 million current and former customers being sold on the Dark Web.
Compounding this is the fact that it takes on average nearly seven months for a corporate security and compliance team to even identity that a data breach occurred in the first place.
With the average cost of a data breach in the United States hitting $10 million per incident, companies are spending more than ever to defend against cyber attacks.
However, despite this, the number of data breaches happening today has never been higher.
In this episode of Privacy Files, we talk to Elvis Moreland, a Virtual Chief Information Security Officer at Blue Cyren. Elvis has an extensive background helping some of the largest companies in the world with their cybersecurity, and Governance, Risk and Compliance (GRC) strategies.
We talk a lot about the importance of implementing strong GRC frameworks and how cybersecurity tools alone are not enough to protect people, systems and data.
With the recent AT&T and Change Healthcare data breaches making the news, we analyze what happened and how these can be prevented in the future.
Elvis also talks about the risks of not conducting the proper due diligence during mergers and acquisitions, and how this can significantly increase a company's exposure to a data breach.
Overall, Elvis provides great insight into how corporations approach cybersecurity and GRC, and how his decades of experience has impacted the way he handles his own personal data.
Links Referenced:
https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers
https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/
https://www.varonis.com/blog/data-breach-statistics
https://www.npr.org/2024/03/30/1241863710/att-data-breach-dark-web
OUR SPONSORS:
Anonyome Labs - Makers of MySudo and Sudo Platform. Take back control of your personal data. www.anonyome.com
MySudo - The world's only all-in-one privacy app. Communicate and transact securely and privately. Talk, text, email, browse, shop and pay, all from one app. Stay private. www.mysudo.com
MySudo VPN - No personal information required to sign up. You don't even need a username and password. Finally, a VPN that is actually private. https://mysudo.com/mysudo-vpn/
Sudo Platform - The cloud-based platform companies turn to for seamlessly integrating privacy solutions into their software. Easy-to-use SDKs and APIs for building out your own branded customer apps like password managers, virtual cards, private browsing, identity wallets (decentralized identity), and secure, encrypted communications (e.g., encrypted voice, video, email and messaging). www.sudoplatform.com
With large data breaches making headline news nearly every week, cybersecurity is a hot topic.
Recently, AT&T discovered the personal information of more than 70 million current and former customers being sold on the Dark Web.
Compounding this is the fact that it takes on average nearly seven months for a corporate security and compliance team to even identity that a data breach occurred in the first place.
With the average cost of a data breach in the United States hitting $10 million per incident, companies are spending more than ever to defend against cyber attacks.
However, despite this, the number of data breaches happening today has never been higher.
In this episode of Privacy Files, we talk to Elvis Moreland, a Virtual Chief Information Security Officer at Blue Cyren. Elvis has an extensive background helping some of the largest companies in the world with their cybersecurity, and Governance, Risk and Compliance (GRC) strategies.
We talk a lot about the importance of implementing strong GRC frameworks and how cybersecurity tools alone are not enough to protect people, systems and data.
With the recent AT&T and Change Healthcare data breaches making the news, we analyze what happened and how these can be prevented in the future.
Elvis also talks about the risks of not conducting the proper due diligence during mergers and acquisitions, and how this can significantly increase a company's exposure to a data breach.
Overall, Elvis provides great insight into how corporations approach cybersecurity and GRC, and how his decades of experience has impacted the way he handles his own personal data.
Links Referenced:
https://www.mckinsey.com/capabilities/risk-and-resilience/our-insights/cybersecurity/new-survey-reveals-2-trillion-dollar-market-opportunity-for-cybersecurity-technology-and-service-providers
https://www.statista.com/statistics/273550/data-breaches-recorded-in-the-united-states-by-number-of-breaches-and-records-exposed/
https://www.varonis.com/blog/data-breach-statistics
https://www.npr.org/2024/03/30/1241863710/att-data-breach-dark-web
OUR SPONSORS:
Anonyome Labs - Makers of MySudo and Sudo Platform. Take back control of your personal data. www.anonyome.com
MySudo - The world's only all-in-one privacy app. Communicate and transact securely and privately. Talk, text, email, browse, shop and pay, all from one app. Stay private. www.mysudo.com
MySudo VPN - No personal information required to sign up. You don't even need a username and password. Finally, a VPN that is actually private. https://mysudo.com/mysudo-vpn/
Sudo Platform - The cloud-based platform companies turn to for seamlessly integrating privacy solutions into their software. Easy-to-use SDKs and APIs for building out your own branded customer apps like password managers, virtual cards, private browsing, identity wallets (decentralized identity), and secure, encrypted communications (e.g., encrypted voice, video, email and messaging). www.sudoplatform.com
Previous Episode
Pig Butchering Scams
According to a recent study at the University of Texas at Austin, from January 2020 to February 2024, people lost more than $75 billion around the world to the scam of pig butchering.
Named after the practice of farmers fattening hogs before slaughter, victims are lured into fake crypto investments. Once victims send enough funds, the scammers disappear. Hence, the pig is slaughtered.
Victims routinely lose hundreds of thousands or even millions of dollars. And each story often begins as an online romance.
In this episode of Privacy Files we speak to Troy, a private investigator who specializes in exposing pig butchering scams.
Troy works for the non-profit organization called the Global Anti-Scam Organization.
To learn more:
https://www.globalantiscam.org/
Troy has his own pig butchering story to tell and it's the reason he got involved in the fight to warn the public about this ruthless criminal activity.
This is so much more than just a story about another online scam. It's also about organized crime and human trafficking.
Above all, the hope is that this interview helps you better understand a rapidly rising global scam and what to look out for to avoid becoming a victim.
Links Referenced:
https://time.com/6836703/pig-butchering-scam-victim-loss-money-study-crypto/
OUR SPONSORS:
Anonyome Labs - Makers of MySudo and Sudo Platform. Take back control of your personal data. www.anonyome.com
MySudo - The world's only all-in-one privacy app. Communicate and transact securely and privately. Talk, text, email, browse, shop and pay, all from one app. Stay private. www.mysudo.com
MySudo VPN - No personal information required to sign up. You don't even need a username and password. Finally, a VPN that is actually private. https://mysudo.com/mysudo-vpn/
Sudo Platform - The cloud-based platform companies turn to for seamlessly integrating privacy solutions into their software. Easy-to-use SDKs and APIs for building out your own branded customer apps like password managers, virtual cards, private browsing, identity wallets (decentralized identity), and secure, encrypted communications (e.g., encrypted voice, video, email and messaging). www.sudoplatform.com
Next Episode
Decentralizing the Web
Web3, or Web 3.0, is a new vision for the World Wide Web where the user is in control. While Web3 has been called many things, there's no doubt that its architecture enables for the democratization of the web.
The key concepts of Web3 include decentralization, blockchain technologies and token-based economies.
While the pervasiveness of fraud in cryptocurrency has tarnished the image of Web3, decentralization continues to be the greatest promise emanating from the emerging technologies of this new paradigm.
In this episode of Privacy Files, we talk to Daniel Harris, the Founder and CEO of Kendraio, an independent nonprofit research project, building free, open-source software with data privacy and autonomy at its core.
For the majority of this interview, we discuss the Kendraio app, a highly customizable, no-code environment to explore how people can interact with technology with more personal control.
The Kendraio app's focus is on user-centric design, data portability, privacy, interoperability, and user-configurable interfaces.
It's a revolutionary app that gives users control over their data, the process and the interface.
We also talk to Daniel about his thoughts on today's battle for individual privacy.
To learn more about Daniel:
https://www.linkedin.com/in/dahacouk/
To learn more about Kendraio:
https://www.kendra.io/
OUR SPONSORS:
Anonyome Labs - Makers of MySudo and Sudo Platform. Take back control of your personal data. www.anonyome.com
MySudo - The world's only all-in-one privacy app. Communicate and transact securely and privately. Talk, text, email, browse, shop and pay, all from one app. Stay private. www.mysudo.com
MySudo VPN - No personal information required to sign up. You don't even need a username and password. Finally, a VPN that is actually private. https://mysudo.com/mysudo-vpn/
Sudo Platform - The cloud-based platform companies turn to for seamlessly integrating privacy solutions into their software. Easy-to-use SDKs and APIs for building out your own branded customer apps like password managers, virtual cards, private browsing, identity wallets (decentralized identity), and secure, encrypted communications (e.g., encrypted voice, video, email and messaging). www.sudoplatform.com
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/privacy-files-283771/cybersecurity-vs-grc-48284349"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to cybersecurity vs. grc on goodpods" style="width: 225px" /> </a>
Copy