エピソード

  • Towards a Cyber-Secure Future with Jenna Waters
    2021/06/21
    Jenna Water’s time in the US Navy equipped her with sophisticated skills she now finds invaluable in her work as Cybersecurity Consultant at True Digital Security. She joins Tom Fox and Valerie Charles on this episode of ComTech to talk about how the cybersecurity industry is evolving, her vision to end security breaches, and what she thinks about President Biden’s executive order on cybersecurity. Putting Corporate America on Notice “I think businesses - particularly those that work in industries regarded as critical infrastructure, obviously because of the Colonial Pipeline hack - ...a lot of them know now that they're on notice,” Jenna tells Tom and Valerie. Recent cybersecurity attacks as well as the rise in ransomware, have driven home the need for good cybersecurity. These attacks not only impact businesses but are now tangibly affecting the lives of everyday citizens. Jenna believes this is sparking change in the industry, as the government, companies, and even the general public are taking cybersecurity more seriously.  End Security Breaches Tom comments that his clients are now asking about their information security program, something they weren’t concerned about before. He asks Jenna how she would advise a company to start thinking about this issue. She outlines the steps her company takes to help their clients create a customized cybersecurity program. “...By prioritizing your risk, that's how you can develop a more tailored cybersecurity program,” she points out. She and Tom discuss her vision of ending security breaches overall. She remarks, “For me, ending security breaches is a vision of the future in which a security breach can be detected, identified, and contained effectively… It's not allowing a security incident to go to the point of a security breach… and it doesn't affect or impact the organization or public in any significant way other than maybe the time it takes to contain it.” Improving Cybersecurity with Data “When you're trying to combat this kind of breach, how do you use data?” Valerie asks Jenna. “Cybersecurity is actually one of the best areas in technology where it can be very data-driven,” Jenna responds. Data can help you build a threat profile and come up with an action plan to combat threats. Analyzing recent and past data can help you establish an operational baseline, and in turn recognize deviations from the norm. It can also help you identify gaps and vulnerabilities in your organization. There’s also the global perspective: gathering and analyzing data on threat groups helps you recognize their patterns before they attack. However, don’t focus only on data and ignore basic psychology. Hackers are still just human beings and are “subservient to human behaviors and motivation,” Jenna reminds listeners.  Cyber Risk Assessment is for Everyone “I think everybody could benefit from a risk assessment in terms of cybersecurity,” Jenna tells Valerie; businesses in critical industries should prioritize it. Generally, she recommends an annual assessment. However, it should also be done when there is a significant change in operations or in the direction of the business. She argues that leadership buy-in is imperative: “Leadership buy-in for an organization is paramount to the success of the cybersecurity team.”  Thoughts on Biden’s Executive Order “Do you have any urgent or immediate thoughts on President Biden's executive order on cybersecurity?” Valerie asks. Jenna responds that she is excited and on board with the order. “As cybersecurity professionals, we like to take advantage of every emergency,” she quips. It’s a positive step signaling that cybersecurity is seen as important at the highest levels of government. On the other hand, however, the executive order may not last after Biden’s term of office as it can be revoked by the next President. Additionally, only certain federal bodies are bound by the order. Resources Jenna Waters on LinkedIn  True Digital Security 
    続きを読む 一部表示
    25 分
  • Structured Collaboration in Compliance with Charles Schwager
    2021/06/07
    Charles Schwager is the Chief Compliance and Ethics Officer of Waste Management. Tom Fox describes his role as “one of the most unique CECO roles in compliance around”. Charles, Tom, and Valerie Charles discuss what Waste Management does differently, how the company managed the two major crises of 2020, and why more data may not necessarily be better. Looking at Compliance Holistically Charles explains that all departments at Waste Management work together to build a holistic compliance culture. “We are all partnering together to create a very strong and comprehensive culture of compliance and ethics, so we try not to have one area where it's strong and others where it might be different. We really do try to make it collaborative, holistic and [there’s] a lot of teamwork involved that goes into that,” he tells Tom. Many of their 50,000 employees work on the field, and Charles explains how they foster a “two-way communication loop” for these team members using technology. Handling COVID and Social Injustice Tom asks Charles, “... you asked your compliance team to look at reporting data and perhaps see if there were some new or different insights you might be able to gain from that data. Could you describe the process you and your team went through?” Charles responds that their workforce is reflective of American society, so the two major issues that defined 2020 - COVID and the social justice movement - were reflected in the calls coming through their helpline. “When we saw that, we decided to create a special triage process around that so we could get out in front of that as quickly as possible, knowing that if it happened in one place it could be happening in others,” Charles remarks. He describes the tracking system they put in place to handle both crises. “We were fortunate to be on top of our helpline and utilize it in different ways like that. And the technology worked well for us to have visibility and be able to react to those things.” he points out. Structured Collaboration “I’m a believer in structured collaboration,” Charles remarks. Cross-functional and cross-departmental teams at Waste Management work together to keep up-to-date with compliance. Everyone needs to work together, Charles emphasizes: “it’s only as good as everyone working together and getting that buy in…” The leadership has to want it as well. Their company’s strong compliance culture is proof of this. For Charles, operationalizing compliance means getting everyone actively involved. Using Data Charles tells Valerie, “We really focus on a strong ‘Speak up, Listen up, Follow up’ culture.” He sees increased reporting as a natural result of their focus on building a vibrant compliance culture. Valerie asks his thoughts on whether data analytics will transform compliance in the future. He responds that it’s a good skill set to have in your organization and that he is always thinking about how to use data. However, he argues, “If you really don't understand the data, it can create situations where people extrapolate or make conclusions that... are faulty.”  Resources Charles Schwager on LinkedIn Waste Management
    続きを読む 一部表示
    18 分
  • Technology, Learning and Communications with Natalia Shehadeh
    2021/04/26
    Natalia Shehadeh is a well-known compliance expert who worked in the energy sector for over a decade. She is now the Chief Integrity Officer at ABB, a multinational corporation in the robotics and process automation space. Natalia believes that using data and technology in compliance is no longer an option: “It is absolutely mission-critical to the proper functioning and success of our function and our mission,” she tells Tom Fox and Valerie Charles. In this week’s show, Natalia chats with Tom and Valerie about the importance of leading with data, including how to use data to measure cultural buy-in.   Building Culture with Data “We are trying to look at opportunistically, how to leverage data for purposes of giving us real-time insights on the health of our integrity culture in the company; how to do so effectively and efficiently, and with a real keen eye towards innovation,” Natalia remarks. Her cross-functional team - which includes data professionals and business analytics experts - is a major reason they have been so successful in moving towards that goal, she says. Their focus is not only on monitoring from a risk perspective, but also measuring how effective their communications for learning purposes are. Valerie asks her about the data sets they use. She explains that they monitor internal social media posts as well as their learning assets to measure sentiment. “A lot of data we’re looking at and trying to get a feel for, Are we communicating effectively in the eyes of our employees? And how do we think that's moving the culture needle?” she tells Valerie. Getting Cultural Buy-In “Data analytics or tech solutions on their own aren't particularly useful without the cultural buy-in of the organization,” Valerie comments. She asks Natalia how she gets buy-in at ABB. Natalia responds that ABB is a data-focused organization, so they understand the importance of using data. However, she advises, it takes “care and feeding culturally” to get to the point where you have quality data sets that can provide rich insights.   Facilitating Learning Through Data ABB is focused on “communicating learning in an effective way”, Natalia tells Tom and Valerie. To this end, they revamped their approach to employee training, focusing instead on a data-driven stratified approach. Traditional compliance and integrity training is no longer mandatory; instead, employees interact with learning assets as and when they need, similar to how they use Youtube to find a quick solution to a problem. “We really believe in inculcating an adult self-learning objective,” Natalia says. “...The concept is [to] create a simple learning approach where people will want to come back for more because it's easy, it answered the question that they had, and hopefully we can make it a little bit fun.”  Resources Natalia Shehadeh on LinkedIn  ABB
    続きを読む 一部表示
    22 分
  • Using Your Data to Get a Better Answer with Neil Lustig
    2021/04/12
    Neil Lustig, CEO of GAN Integrity, brings a non-lawyer perspective to compliance, Tom Fox says. Neil spent the first half of his career working at IBM as an engineer and later in sales and marketing. “For the second half of my career - the last 15 or so years - I've been running young technology startups and early stage companies based out of both Silicon Valley and New York,” he tells Tom and Valerie Charles. Tom comments that the compliance industry needs someone like Neil, who can talk about using data. In this week’s show, they talk about why compliance needs to embrace data and the future outlook for the industry. The Change is Inevitable Tom, Valerie, and Neil discuss why compliance should embrace data and automation. “Data injected into the [compliance] space changes you and makes your team much more strategic,” Neil remarks. “The data allows you the insights to add a whole different level of value to your company.” More automation in the industry will bring more data and more connections to external data sources. Compliance is inevitably heading in that direction, Neil predicts, so leaders need to plan and hire for the change. Tom comments that compliance officers should see data as an opportunity to add value, “rather than being Dr. No from the Land of No.” Neil agrees that it’s an opportunity to change how compliance is perceived and elevate the profession. Getting a Better Answer “Can you tell us a little bit about how your experience working in marketing technology has helped you ... be a leader of how to utilize data in compliance?” Valerie asks Neil. “It's actually about just getting a better answer,” he replies. People want to buy outcomes, such as lower risk and higher profitability; technology happens to be the path to those outcomes. As such, Neil advocates starting with the outcome you desire and then choosing the technology that would get you those results. He explains why GAN Integrity is poised to deliver results to the compliance industry through their innovative platform, and a grand vision “to build out this platform to have process automation for every compliance process in the modern enterprise.”  Into The Future Companies should be proactive about injecting automation into all their processes, Neil advises. Automation generates data, and that’s what the next few years will be about. He predicts that there will also be interoperability: companies will have access to and swap data with external data sources. “We as an industry have to tackle making it easier to get the world of data into a place where it can be seamlessly integrated into a workflow [or] a process,” he comments. Leaders need to start recruiting teams in preparation for “the intersection of law and data and technology.” For GAN Integrity the opportunity is in simplifying compliance so that it becomes a valued partner to businesses. Resources GAN Integrity Neil Lustig on LinkedIn
    続きを読む 一部表示
    20 分
  • Getting the Data to Work for You with Jonathon Kellerman
    2021/04/05
    Jonathon Kellerman, now a partner at StoneTurn, loves data analytics. He spent 20 years at PWC, his last post there being Chief Compliance Officer. His role as CCO focused on compliance and risk management and corporate governance. He joins Valerie Charles and Tom Fox to share how he “built out the industry's leading consulting practice focused on helping those global companies with their most complex compliance challenges... where I got to focus on things like data and technology and leveraging technology to have a much more productive and value-added compliance program.” Jonathon describes the role of data analytics in becoming more predictive about risk, and how it is changing the compliance industry for the better. A New Vision of Compliance “We have access to this tremendous amount of data; how do we get that data to work for us?” Jonathon asks. His vision for a new kind of compliance program was “using data and data analytics to help us be more predictive about risk and to give us more real-time insights ...that would help us ...prevent incidents from occurring as opposed to always putting out fires.” With his team of talented experts, he was able to realize his vision. The cutting-edge platform they developed pulled data from across the organization into a centralized hub. They could then analyze the data to discover outliers and trends. “The beauty of it is we could pull the levers that would allow us to look at risk in many different ways,” he tells Valerie and Tom.  Compliance Demonstrating its Value Valerie asks Jonathon how a company could get started. There’s no one size fits all solution, he responds. First, understand the data that’s available to you, your risk profile, and what you want to achieve. Then, figure out what risk factors you want to apply across the data. Keep your framework simple, he advises compliance leaders. Next, assemble a team to build your platform. Valerie comments that a benefit of this approach “is being able to demonstrate the value of the work that we do... [It] allows you to... become noted because of the ways that you can show that you've kept the train on the track... It elevates our profession.” Jonathon agrees and explains how compliance contributes to the overall effectiveness and efficiency of the business. Assuring Data Quality Worldwide Tom asks Jonathon how he assures data quality across the globe in multinational companies. Jonathon responds that it starts with cataloging all your data sources and systems and then standardizing the data. “If you can standardize the data that you're bringing in from different systems or different sources, then you're able to significantly increase the data quality and your confidence in the completeness and accuracy of that data,” he points out.  The Future of Compliance He joined StoneTurn because he wants to “leave a mark on the compliance profession going forward and… advance the compliance profession…”, Jonathon tells Valerie. StoneTurn offers just that as they’re focused on innovation and advancing compliance as a profession. He and Valerie agree that the next few years will be game-changing for the compliance industry. “There is a window of opportunity for compliance to redefine itself and its value,” Jonathan argues. Using data analytics to provide real-time business insights and to improve operational efficiency are the keys to the future of compliance, he predicts. “If they can do those two things well,” Jonathon concludes, “they're going to add a tremendous amount of value into their businesses and really help those businesses achieve their objectives.” Resources Jonathon Kellerman at StoneTurn | LinkedIn StoneTurn.com
    続きを読む 一部表示
    23 分
  • How Health and Safety Informs Compliance - A Conversation with Jamie Spataro
    2021/03/22
    Jamie Spataro says that he loves a challenge and learning new things. In his private life, he is a member of a rock band (which he accidentally named) and a licensed pilot. He left his position at a prominent law firm, where he did litigation and product liability work, to join the FedEx Ground legal department 12 years ago. Today, he is Lead Counsel at FedEx Ground, handling regulatory affairs, including workplace safety and the company’s COVID response. He joins Tom Fox and Valerie Charles to talk about the intersection of health and safety and compliance, and how focusing on the first leads to a better compliance program overall. Protecting Customers and Employees During COVID “We had to be nimble and adapt our practices to keep our workforce and our customers safe [during the pandemic],” Jamie says. The legal department is responsible for protecting the brand, as well as ensuring that the workforce and customers are kept safe, and that the company is complying with the laws and regulations. Their corporation-wide pandemic protection program incorporates common federal, state, and municipal COVID regulations into a comprehensive policy that they apply across the board. This ensures that they’re staying compliant as well as keeping everyone safe. Jamie explains that their safety protocols evolve as the science around COVID is evolving. “We feel that our program could accommodate any similar type of pandemic that might come across in the future,” he proudly comments. Integrating Technology into Health & Safety Tom asks how FedEx has been able to integrate technology to promote health and safety in the company. OSHA compliance has become increasingly data-driven, Jamie responds. “Being able to manage, receive, manipulate, query data has been at the forefront of how we're able to stay compliant, and continue to comply with... increasing data demands on our business.” He illustrates how they use injury and illness data to look for patterns and root cause. “I think that the biggest change I have seen is how data is used and leveraged to ensure compliance and also to maybe spot areas within a business that may need some help,” he continues. Tom comments that their approach effectively covers the three major areas of a compliance program - prevent, detect and remediate. Jamie explains why FedEx is focusing a lot of effort on the bottom of the hierarchy of controls pyramid since it can address the root cause and hopefully eliminate the hazard as much as possible. “We’re trying to flip that pyramid on its head, trying to really focus on behavioral science and predicting behaviors, so that we can prevent them from happening in the future,” he remarks. The Future of Compliance Valerie says, “I think health and safety professionals and OSHA experts are probably going to lead the way for other compliance professionals in the use of behavioral psychology in compliance programs.” Though still a relatively new trend, Jamie feels that it will continue to gain traction in the coming years. It’s a veritable goldmine if you can find a way to manipulate the data you may already have, he tells listeners. Focus on trends, particularly employee behavior before an accident or injury. You may uncover patterns that you can take steps to prevent. The need for data is only going to grow, and more agencies are going to require data from companies. Take the opportunity to choose a technology solution now so that you’re ahead of the curve and prepared for what will inevitably come, Jamie advises. “You’re going to find that solution may be helpful for you in other areas.” He and Tom discuss the importance of making safety the first priority and how easily a brand can be damaged by neglecting safety. “Safety needs to be at the forefront of everyone's list of priorities,” Jamie comments. Resources Jamie Spataro on LinkedIn
    続きを読む 一部表示
    28 分
  • Philip Winterburn on Using Data to Drive Ethics to the Heart of Business
    2021/03/08
    In this episode, Valerie Charles and Tom Fox visit with Philip Winterburn, Chief Strategy Officer at Convercent. They take a dive into the use of data and data analytics in a compliance program. Philip has a mathematics academic background and we discuss how that has helped him see the use of data in a different way in his professional career. Highlights include:  Professional and academic background of Winterburn. How does his academic background help inform how you look at compliance solutions? Why he has been one of the most consistent advocates of bring data and more importantly data analytics into the compliance process? How do the 2 concepts of behavioral psy and data tie together? What led you to co-found Convercent? What makes the Convercent approach different? How have you worked with clients to take their inputs to continually improve your products? How data can be used in a variety of ways by the compliance professional. How, if any has the Coronavirus health crisis over this year changed your approach? What do companies need to be thinking about into 2025 and beyond using data in compliance programs? Resources Philip Winterburn LinkedIn Profile Convercent Converge Community
    続きを読む 一部表示
    32 分
  • Where is Your Data? - with Christian Perez Font
    2021/03/01
    Thinkeen Legal is not your typical law firm, and on this week’s episode of ComTech, Valerie Charles and Tom Fox are talking to founder Christian Perez Font about exactly why that is, and what makes the firm so unique in the industry. Christian started his career in more traditional, transactional law, but found compliance practices to be uniquely interesting and satisfying, so he built a law practice to provide businesses with the type of information they need to confidently make decisions. He says that Thinkeen Legal “[doesn’t] provide legal advice, we provide business advice with legal confidence.” Understanding the Data Lifecycle Valerie points out that it’s great when you can buy data off the shelf – it’s cheaper than creating your own, and is reliable – but there are always going to be situations where industry and company-specific situations mean you need to generate your own. Whether you source data externally or internally, you need to understand what data is and what it means to make good business decisions based on it. Critical to this process is understanding the lifecycle of data – where it resides in an organization and the different systems it goes through. Data analysis is an evolution and Tom believes that companies should be looking at finding and extracting the data as a business process. Christian points out that the first, most foundational thing you need to do is understand what data is, and what data you need to inform your business decisions and compliance programs. Looking Towards the Future Valerie asks what companies need to begin thinking about to prepare for 2025 and beyond, and Christian shares what he thinks: that we need to understand data better – the lifecycle, where it resides, extracting and applying it, and investing in the resources that will be required to do all of it. Further, he believes that compliance teams are going to need to be truly cross-functional to be effective. This isn’t restricted to just compliance but applies to the whole business sector. More teamwork is needed.   Resources Christian Perez Font on LinkedIn ThinkeenLegal.com
    続きを読む 一部表示
    24 分