cybersecurity risk

Meet our Guest

Siddharth 'Sid' Bose

Sid Bose is a Partner at Ice Miller and the chair of Ice Miller’s Technology, Privacy and Cyber Risk Practice. As an attorney with an information systems and security background, Sid counsels clients on various cybersecurity, privacy, and compliance issues, that range from building up foundational programs, to data breach and incident response counseling, to handling complex legal and regulatory matters. Sid is also an adjunct professor at the Indiana University, Maurer School of Law. Sid teaches at the IU Cybersecurity Clinic on risk management and preparedness in pressing local, national, and global initiatives.

Reading Resources

1. Federal Bureau of Investigation [Public Service Announcement] - Malicious Actors Manipulating Photos and Videos to Create Explicit Content and Sextortion Schemes - LINK
2. Reuters - Tech experts see rising threat of GenAI deepfakes, FBI warns of "generative adversarial networks" - LINK
3. Fintech - Ai in the crosshairs: FBI's stark warning of emerging threats from hackers - LINK

-

Generative Artificial Intelligence has allowed users to quickly create content that is helping them complete tasks more quickly and efficiently. But it doesn’t take too deep a dive to determine that AI can also be used in ways that could harm a company or an executive. In this edition of “Can You Hear Me?”, co-hosts Rob Johnson and Eileen Rochford welcome tech and cyber risk attorney Sid Bose from Ice Miller to discuss “Generative AI Threats to Brands and Leaders.”

Thank you for listening to "Can You Hear Me?". If you enjoyed our show, please consider subscribing and leaving a review on your favorite podcast platform.

Stay connected with us:

• Follow us on LinkedIn!
• Follow our co-host Eileen Rochford on Linkedin!
• Follow our co-host Rob Johnson on Linkedin!

In popular discourse, the terms "dependence" and "vulnerability" are often used interchangeably. You might be dependent on an adversary but does that make you vulnerable? It is essential to recognise that not all forms of dependence can be considered vulnerabilities, and not all vulnerabilities hold the same significance level. To shed light on this issue, Bharath Reddy engages in a conversation with Amit Kumar and Anushka Saxena to explore a framework for classifying various vulnerabilities and how states respond to them.

Read the discussion document here: Takshashila Discussion Document – Defining Dependence-induced Vulnerabilities in Asymmetrical Trade Interdependence: A Conceptual Framework

Do follow IVM Podcasts on social media.

We are @‌IVMPodcasts on Facebook, Twitter, & Instagram.

https://twitter.com/IVMPodcasts

https://www.instagram.com/ivmpodcasts/?hl=en

https://www.facebook.com/ivmpodcasts/

You can check out our website at https://shows.ivmpodcasts.com/featured

Follow the show across platforms:

Spotify, Google Podcasts, Apple Podcasts, JioSaavn, Gaana, Amazon Music

Do share the word with your folks!

See omnystudio.com/listener for privacy information.

Cybersecurity risk is evolving in novel ways, with increasing potential to cause significant economic disruption and financial losses for attack victims as hackers become more sophisticated. Which sectors are most vulnerable? What types of entities have the best and worst cyber defenses? And how are organizations managing cyber risks?  

Guests: Jim Hempstead, Managing Director – Utilities, Moody’s Investors Service; Sarah Hibler, Associate Managing Director – Financial Institutions Group, Moody’s Investors Service.

Host: William Foster, Vice President – Senior Credit Officer, Sovereign Risk Group, Moody’s Investors Service.

To read more on this topic, visit 

The Big Picture

 page on Moodys.com (some content only available to registered users or subscribers).

Business today is a complex web of third-party relationships, and risks of disruption from these third parties are increasing in frequency and severity.
 
Problem: Most enterprises follow a siloed approach with assessments of a few risks

•  Data collected at a point in time is quickly stale – fails to present a current view of risk
•  Usually limited to financial and cyber (often lagging indicators of trouble) – fails to present a comprehensive view of risk
•  Siloed approach – fails to provide an enterprise-wide view of risk

All of which leaves organizations unable to prevent third-party and supply chain disruptions.

Solution: Real-time full-spectrum third-party risk intelligence

• Real-time intelligence provides an early warning – to enable effective proactive risk mitigation actions
• Full-spectrum coverage brings any leading indicators to your attention – to enable focus on most today’s most critical risks

In this CRO Wisdom discussion, risk leaders Atul Vashistha, CEO, Supply Wisdom, and Debra Zoppy-Hendershott, Head of TPRM & Op Risk Business Resiliency, Guardian Life and Mike Rasmussen, GRC Pundit & Analyst, GRC 20/20 Research talk about the integration of continuous, full-spectrum risk intelligence into existing third-party risk/GRC architecture  can deliver the continuous 360° situational awareness enterprise resilience requires today.

 This episode of CRO Wisdom features Linda Tuck Chapman, CEO, Third Party Risk Institute. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Linda speaks about her career trajectory from procurement to third party risk at Scotia Bank and how the function was all about compliance and regulatory reporting in the 2000s. 

Linda discusses her entrepreneurial journey and raising awareness about the importance of third party risk in the board at banks. She talks about her two books on the subject and why one of them is written for auditors. Listen to her on why she believes the Covid pandemic has fundamentally changed the landscape for third party risk and its role in resilience and why continuous monitoring needs solutions that can prevent risk teams from being bombarded with negative news alerts. 

This episode of CRO Wisdom features Paul Milkman, CISO, Operational and Technology Risk Leader, CIT.  In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Paul speaks about how he landed into risk from his time at Xerox in the 90s and later in Fannie Mae. 

Paul discusses the importance of operational risk and why it is particularly relevant when every financial institution works with technology and operational partners who handle data and money. He shares his thinking around what is important in third-party risk isn't  very different from the risk within the enterprise and why there is more to risk than just cyber risk and ransomware.

This episode of CRO Wisdom features Yakut Akman, Risk Leader. Yakut Akman was Chief Third Party Management Officer at Citi till 2019, following long stints at Deutsche Bank and Citi across the world. In this episode hosted by John Bree, Chief Evangelist & Chief Risk Officer, Supply Wisdom, Yakut talks about her long career in internal audit and risk management.  

Yakut discusses the importance of a risk culture within organizations and why it's essential for risk management to not be reactive. She shares her views on best practices for incorporating continuous monitoring and why the business must be part of the solution for risk.

This episode of CRO Wisdom features Victor Meyer, COO, Supply Wisdom. In this episode hosted by John Bree, Chief Risk Officer and Chief Evangelist, Supply Wisdom, Victor talks about his long career in the Navy as a SEAL and how he naturally transitioned into Non-Financial Risk from there. 

Victor talks about his extensive risk experience at Deutsche Bank and the risk component in recent issues such as the Archegos fallout. Victor points out why third-party non-financial risk is the new cybersecurity risk and why risk practitioners must apply the same rigor to monitoring third parties in their supply chains as they would to internal governance and controls. He makes a case for monitoring risk across a wide risk aperture to ensure resilience.

This episode of CRO Wisdom features Renee Forney, Senior Director, Azure Hardware Systems & Infrastructure Security, Microsoft. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Renee talks about her career trajectory from programming and network administration to her current leadership role in cybersecurity and risk management. 

Renee discusses why a multi-layered approach to risk management that goes beyond one-time risk assessments is essential to effectively build resilience. She shares the importance of continuous monitoring and OSINT to enterprise risk programs and her own lessons incorporating experts from government and military services to build effective risk programs. Don't miss her insight into why ethics in the workforce is one of the least understood areas of risk, especially in a world where engineers wield enormous influence. 

This episode of CRO Wisdom features Jenna Wells, Director of TPRM, Iron Mountain. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Jenna talks about her current role implementing and managing risk programs at Iron Mountain and how she transitioned into risk from a Signals career in the Marines. 

Jenna discusses her priorities for risk and why being agile and dynamic will be key to managing supply chain risk and increasing regulatory pressures. She shares her views on continuous monitoring and the importance of automation and AI to identify risk at scale and mitigate them.

This episode of CRO Wisdom features Shamla Naidoo, Managing Partner, IBM Security. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Shamla talks about the challenges of risk management at a time when digital risks are rising. She talks about why she expects continuous monitoring will lead to a cultural shift towards self-regulating organizations.

Shamla discusses what she sees as the problems of silo-isation and fragmentation of data and why an integrated view of risk will lead to exponential new benefits. Don't miss her advise to CISOs on the need to look outside to get a truly complete picture of risk to their organizations.

This episode of CRO Wisdom features Jim Routh, Former Risk Leader, Mass Mutual and Aetna. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Jim talks about the challenges of risk management at a time when third-party risk events are rising in frequency and severity. He shares his views on the limitations of periodic assessments and why they are insufficient for today's world.

Jim, an independent director at Supply Wisdom, discusses what he sees as the new frontier in supply chain risk management, based on data-science and automation as innovation catalysts. He talks about the critical importance of continuous risk monitoring across a wide risk aperture and the use of automation in enabling risk actions.

This episode of CRO Wisdom features Avani Desai, President, Schellman & Company. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Avani talks about why she believes adopting technology is the only way to avoid obsolescence and which technologies have the potential to change risk management.

Listen to this episode of CRO Wisdom for Avani Desai's views on continuous risk monitoring, constantly rising cybersecurity threats, and reputational risk. She discusses how the pandemic has brought risk management to the board's attention and why the Chief Risk Officer must be analytical.

This episode of CRO Wisdom features Bob Maley, Chief Security Officer, Black Kite. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Bob talks about about his current role (Chief Risk Officer + Chief Privacy Officer + Chief Security Officer) at one of the hottest tech start-ups in town and why the vulnerability of third parties and vendors keeps him awake at night.

Listen to this episode of CRO Wisdom as Bob talks about how he entered risk from the time he began his career in law enforcement and then in software and information security. He touches upon malware, bad actors, Solar Winds, and why the ability to quantify risk and make risk intelligence actionable changes everything.

This episode of CRO Wisdom features Phil Bennett, Manager - Information Security, Navy Federal Credit Union. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Phil talks about his experience in third-party risk management and oversight and the importance of practical implementation of aspirational practices.

Listen to this episode of CRO Wisdom for Phil's views on why companies must think about matters such as ESG for themselves and their supply chains and break down silos across the organization for risk management effectiveness. 

This episode of CRO Wisdom features Catherine A Allen, Founder and Chairman, Shared Assessments. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Cathy shares her risk journey, how 9/11 brought focus into issues like cybersecurity risk, and the role Shared Assessments plays in risk.

Listen to this episode of CRO Wisdom for Cathy's views on what will be the big concerns for 2021 and beyond, how virtual assessments and continuous monitoring will change how risk is managed, and the role of risk committees and corporate boards in risk.