Episoder
-
In a quick solo episode, host Kevin Szczepanski offerspractical information that can help when you or someone you know suffers from the modern malady known as identity theft. It’s common and serious, affecting millions of people and costing billions of dollars every year. Most of us know that identity theft happens through various means, such as clicking on malicious links, downloading malware, or being a victim of a data breach, but knowing what to do, says Kevin, can provide a measure of comfort. Steps Kevin recommendsinclude reporting the theft to the FTC, placing a fraud alert, correcting your credit report, and considering identity theft protection. Listen in for the details.
-
Kevin Szczepanski and guest Laura Zaroski, managing director of Gallagher's law firms practice, discuss law firms’ varied responses regarding the use of generative AI: some embrace it while others prohibit it. They also explore benefits and risks of using AI, including the importance of checking work, avoiding sanctions, and client disclosures. They then touch on the potential impact on insurance coverage and underwriting. Firms should consider their risk tolerance and their cases’ value when determining coverage limits. Another best practice is to establish and regularly revisit guidelines or policies for AI use. Kevin and Laura emphasize the need for law firms to understand and strategically use AI while also being aware of the potential dangers.
-
Manglende episoder?
-
Kevin Szczepanski welcomes Jessica Copeland of Bond,Schoeneck & King back for a lively discussion on why (and whether) attorneys and firms of all sizes should use artificial intelligence. As a refresher, they remind listeners of the definition of AI and some of its uses. As with many things lawyer related, the answers come down to “it depends.” Lawfirms need to look at their priorities, capabilities, and needs. Other areas to consider are policies, compliance, indemnification, employee training, security, and clients’ expectations. Kevin and Jessica also discuss AI tools’ wide availability, noting that familiar companies like Lexis, Westlaw, and Microsoft Office have all rolled out internal AI features. Listen in for more.
-
In this conversation, Kevin Szczepanski and Jessica Copeland of Bond, Schoeneck & King define generative AI as basically the use of large language models to create natural language responses. They note that AI has been used for decades—examples of it in everyday life include personalized recommendations on Amazon and Netflix. They then move on to the use of generative AI and AI governance. Generative AI has both benefits (efficiency and time savings) and risks (including accuracy, bias, confidentiality). Governance is crucial, and listeners will hear some recommendations for developing a robust AI governance plan, including selecting the right tools, identifying decision-makers, assessing security features, andimplementing policies and training.
-
Kevin and his guest, Jodi Daniels, founder and CEO of Red Clover Advisors, discuss the importance of privacy as a fundamental human right, noting that building trust is a two-way street. Jodi explains that a privacy consultancy helps companies comply with data privacy laws and build trust with their customers. Jodi emphasizes that privacy is both a legal compliance issue and a market opportunity. By prioritizing privacy and being transparent about data use, businesses can differentiate themselves and gain a competitive advantage. They also discuss the book Jodi coauthored with her husband, Data Reimagined: Building Trust One Byte at a Time, which provides a story-driven approach to help professionals understand the importance of privacy and navigate privacy regulations.
-
Kevin and guest Ziming Zhao, assistant professor in the Department of Computer Science and Engineering at the University at Buffalo, discuss Ziming’s work in systems and software security. They focus on ethical hacking and its goal of responsibly disclosing vulnerabilities to vendors. Ziming says that hacking can be fun and doing it ethically serves a purpose, though he emphasizes that ethical hacking is not a guarantee of absolute security. Companies still need to have a security in design mindset. Ethical hackers can help raise the security bar for companies and organizations. Ziming also discusses the relationship between academia and industry in the field of ethical hacking.
-
In this episode, host Kevin Szczepanski and his guest, BillHaber of TEKRiSQ, discuss tips to prevent phishing attacks, which, they remind listeners, are “fraudulent attempts to obtain personal information through electronic messages.” Kevin and Bill highlight the prevalence and success ofphishing attacks, emphasizing the need for vigilance from both individuals and organizations. Covering examples and types of phishing attacks—spear phishing, smishing,man-in-the-middle attacks—they offer takeaways including slowing down, being cautious of urgency, verifying suspicious emails, conducting trainings, andimplementing tools like VPN and DNS filtering. These practices can both enhance cybersecurity and improve the chances of obtaining cyber liability insurance.
-
Kevin Szczepanski and Arun Vishwanath, chief technologist of Avant Research Group, discuss the urgent need for cyber-hygiene education for children, including about security and privacy. They highlight frequent cyberattacks targeting schools and other education systems, which often have outdated technology and may lack sophisticated IT security skills and resources. The conversation also touches on the role of the private sector in providing cyber-literacy education. Kevin and Arun embrace reforming credit monitoring for children and expanding its scope to include reputation management, and they agree about the importance of protecting the next generation from cyber threats and the need for systemic changes.
-
Kevin Szczepanski and Kyle Cavalieri, president of Avalon Cyber, discuss the increasing risks of funds transfer fraud, covering topics such as understanding this type of fraud, how it works (including fake invoicing and “vishing” attacks), red flags, and how to respond. Red flags can include unexpected calls or emails, and it’s important to be prepared for when these contacts occur. Kevin and Kyle emphasize the growing threat of such attacks, which can result in significant financial losses. They discuss the importance of immediate action, including updating credentials, notifying the bank, involving an attorney, and reporting the incident to law enforcement. Listen in to learn more.
-
More than ever, cybersecurity risk assessments areessential for businesses of all sizes to understand and mitigate their risks. Doneappropriately, assessments can provide help with remediation and a plan formoving forward and can even assist with pursuing insurance coverage. Thisepisode, which features Bill Haber, co-founder of the cybersecurity company TEKRiSQ,emphasizes the need for actionable steps and justifying recommendations basedon an organization's specific risks and compliance obligations. Even if yourorganization is not subject to specific regulations, conducting a riskassessment is crucial for protecting data, limiting liability, and maintainingcyber insurance coverage. Listen in to learn more.
-
From Barclay Damon’s new podcast studio, Kevin welcomes back University at Buffalo Professor Siwei Lyu. To start this fast-moving conversation, Siwei notes that what sets generative AI apart from analytical AI is that generative AI focuses on creating content rather than just answering questions or sorting through data, and he shedslight on what seemed to be the technology’s “sudden appearance.” Siwei and Kevin also discuss the introduction of ChatGPT, current and future applications of generative AI, and concerns about generative AI’s misuse. Throughout the talk, Siwei emphasizes the importance of responsible use and the need for safeguards.
-
Join Kevin Szczepanski as he explains his five need-to-knowcyber action items for the year. They involve 1) conducting a cyber risk assessment, essential for identifying and prioritizing risks, 2) developing an incident response plan to help respond to and mitigate cyber incidents, 3) conducting tabletop exercises, which give organizations the opportunity to do run-throughs of real incidents, 4) reviewing policies, including determining which ones you need, and 5) considering appointing a virtual chief information security officer (CISO). Kevin also provides a preview of upcoming topics for Season 3 of the podcast, including AI, cybersecurity for kids, risk management, and insurance—all recorded in our new state-of-the-art podcast studio.
-
“Compliance” doesn’t have to be a dirty word. Check out the final episode of Season 2 of Barclay Damon Live: Cyber Sip™ when, for the first time ever, host Kevin Szczepanski welcomes two guests: his Barclay Damon colleague Bridget Steele and the founder and CEO of Opollo Technologies, Ryan Young. Using Ryan’s company as an example, you’ll hear how embracing compliance rather than avoiding it can be just the ticket to securing clients. Especially in the health care and other highly regulated sectors, when businesses successfully integrate compliance into their development, they can be more competitive. Listen in now.
-
In episode 46 of Barclay Damon Live: Cyber Sip™, Justin Daniels, an attorney with Baker Donelson and cohost of the podcast “She Said Privacy/He Said Security,” shares with host Kevin Szczepanski his thinking around the use—and risks—of AI in business. His concern comes with the explosion of tools like ChatGPT and the attitude of many business owners, investors, and software designers that if (or when) something goes wrong, especially regarding data and privacy, they’ll “fix it later.” Justin, also the coauthor of Data Reimagined: Building Trust One Byte at a Time, says that attitude needs to change and suggests following the nonpartisan NationalInstitute on Standards and Technology (NIST) standards when thinking about AI use within your company. (Hint: It’s probably there already.) Listen for details.
-
Episode 45 of Barclay Damon Live: Cyber Sip™ addresses a critically important topic: “Building Trust One Deal at a Time: Due Diligence inM&A Transactions.” Once again, Brian Haugli, CEO of SideChannel, founder of RealCISO, and creator and host of CISO Life Podcast, joins host Kevin Szczepanski. This time, they’re covering cyber due diligence, assessments, and risks related to mergers and acquisitions. Brian notes that, though a deal rarely falls through because of cyber issues, it’s critical for the acquiring organization to know what it’s getting and how any gaps might affect the deal—especially financially. Watch or listen in for more.
-
Welcome to Barclay Damon Live: Cyber Sip™. In episode 44, host Kevin Szczepanski welcomes Brian Haugli, SideChannel CEO, founder of RealCISO, creator and host of CISO Life Podcast, and more, for “Your Cybersecurity Roadmap: Targeting Gaps and Assessing Risks.” Brian and Kevin first address a misconception: If you tick off the common boxes for security controls, you’ve done all you need to do. Not true, says Brian. Using his talent for visual explanations, Brian confirms that there’s a lot more to reducing your organization’s risks and making sure you have a solid program in place. Watch or listen for more.
-
Welcome to Barclay Damon Live: Cyber Sip™ episode 42, “‘California Emissions’: Is the CCPA a Bellwether for the Rest of Us?” Michelle Merola, leader of Hodgson Russ’s Cybersecurity & Privacy Practice, returns to talk with host Kevin Szczepanski about the changing landscape of privacy laws and specifically how California leadsthe way with its recently revised California Consumer Privacy Act (CCPA). Kevin and Michelle review the changes, which make the law even more consumer friendly, and touch on how other states across the country may follow suit (or not). Topics include the new regulatory agency the state has established as well as how even businesses based outside California may need to comply with the law. Listen now for this vital information.
-
Welcome to Barclay Damon Live: Cyber Sip™. In episode 42, “SocialEngineering: The People Problem of Cybersecurity,” host Kevin Szczepanski is joined by Arun Vishwanath, a cybersecurity thought leader, author, and chief technology officer at Avant Research Group. Arun discusses his latest book from MIT Press, The Weakest Link: How to Diagnose, Detect, and Defend Users From Phishing, wrapping it into meaningful information about cybersecurity training and testing. Starting with a definition of “social engineering,” which refers to hackers directly targeting users with technology, Arun and Kevin agree that currently testing and training aren’t solving the problem and discuss potential solutions. Listen in for more.
-
Kevin Szczepanski, host of Barclay Damon Live Presents Cyber Sip™, welcomes Chicago-based Brian Dusek, senior vice president and head of Americas cyber with Mosaic Insurance Company. Brian is a cyber insurance underwriter and frequent speaker in this space, and he shares current ideas on a range of topics regarding the sustainability of the cyber insurance market. It’s a constantly evolving industry. In this episode,you’ll hear about trends over the last year, including an inflection point anda turn toward stability. Ransomware and business email compromise haven’t gone away, but brokers and insurers are working to ask potential insureds the right questions. Listen in for a deeper dive into privacy, security, where biometrics come into play—and how all of this can affect businesses.
-
It’s episode 40 of Barclay Damon Live: Cyber Sip™. Host Kevin Szczepanski is joined for the first time by Michelle Merola of Hodgson Russ, where she is a partner and leader of the law firm’s Cybersecurity & Privacy Practice. Kevin and Michelle start off by defining “privacy” as it’s currently conceived, which includes the right to protect your personal information and data. They then delve into the difference between cybersecurity and privacy and the recent paradigm shift from a focus on security to privacy. Listen in for more on developing privacy laws and how they may affect businesses across the country.
- Vis mere