Episode 66: Cybersecurity vs. GRC


With large data breaches making headline news nearly every week, cybersecurity is a hot topic.

Recently, AT&T discovered the personal information of more than 70 million current and former customers being sold on the Dark Web.

Compounding this is the fact that it takes on average nearly seven months for a corporate security and compliance team to even identity that a data breach occurred in the first place.

With the average cost of a data breach in the United States hitting $10 million per incident, companies are spending more than ever to defend against cyber attacks.
However, despite this, the number of data breaches happening today has never been higher.

In this episode of Privacy Files, we talk to Elvis Moreland, a Virtual Chief Information Security Officer at Blue Cyren. Elvis has an extensive background helping some of the largest companies in the world with their cybersecurity and Governance, Risk and Compliance (GRC) strategies.

We talk a lot about the importance of implementing strong GRC frameworks and how cybersecurity tools alone are not enough to protect people, systems and data.
With the recent AT&T and Change Healthcare data breaches making the news, we analyze what happened and how these can be prevented in the future.

Elvis also talks about the risks of not conducting the proper due diligence during mergers and acquisitions, and how this can significantly increase a company’s exposure to a data breach.

Overall, Elvis provides great insight into how corporations approach cybersecurity and GRC, and how his decades of experience has impacted the way he handles his own personal data.

Links Referenced:

Related Episodes

Episode 72: Reusable Digital Identity

Episode 72: Reusable Digital Identity

In the United States, fraud and identity theft together result in tens of billions of dollars in losses annually. Contributing to this growing problem is the continued use of usernames and passwords stored in giant, centralized databases owned by large companies....

Episode 71: The Practice of Privacy Law

Episode 71: The Practice of Privacy Law

When it comes to data privacy, the legal and regulatory environment is changing faster than ever. While in the United States, no federal privacy law exists, there's a growing sentiment from those who are watching closely that things are about to change. In this...