ESW #285 – Scott Giordano, Jennifer Sosa, Zain Malik
Full Audio
View Show IndexSegments
1. What Cybersecurity Pros Need to Know About New State Data Privacy Laws – Scott Giordano – ESW #285
In 2023, at least five new “rights-based” data privacy laws will become enforceable in the United States at the state level, including the California Privacy Rights Act (CPRA). Common to all of these laws are information security requirements, including the need for risk assessments and the need for authenticating data access requests. In this podcast we’ll speak with an information security legal veteran on what these new laws mean for cybersecurity professionals and their data protection programs.
Security Weekly listeners save 20% on this year’s InfoSec World Conference by visiting https://securityweekly.com/isw and using the discount code ISW22-SECWEEK20
Segment Resources: https://securityweekly.com/wp-content/uploads/2022/08/spirion-data-sheet-enforcable-laws-2023_PRINT.pdf
Announcements
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Guest
Scott M. Giordano is an attorney with more than 25 years of legal, technology, and risk management consulting experience. An IAPP Fellow of Information Privacy, a Certified Information Security Systems Professional (CISSP), and a Certified Cloud Security Professional (CCSP), Scott serves as Spirion’s subject matter expert on multinational data protection.
Hosts
2. It “Keeps on Slipping”: Navigating the SEC’s New Timeline for Incident Reporting – Jennifer Sosa – ESW #285
In March 2022, the SEC proposed new rules governing the reporting of cybersecurity incidents. This session will explore how businesses will be affected by this and similar legislation and provide tips to compliance and technical teams alike.
Security Weekly listeners save 20% on this year’s InfoSec World Conference by visiting https://securityweekly.com/isw and using the discount code ISW22-SECWEEK20
Announcements
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Jennifer J. Sosa, Esq. is an experienced litigator and advisor on issues where technology and the law intersect. Ms. Sosa advises a broad range of clients on issues relating to privacy and information governance. She consults with multinational organizations on how to assess and mitigate the risks associated with the collection, use and disclosure of personal information and assist with the development of comprehensive privacy programs to address the requirements of constantly evolving regulatory schemes in the United States and abroad.
Hosts
3. Identity Innovation: Passwordless & B2C Solutions Gain Momentum – ESW #285
Identity management has become a central pillar of many organizations’ security policies and architecture. In this executive interview, Ping Identity Senior Product Marketing Manager Zain Malik analyzes two heavily trending corners of the identity market: passwordless technology and customer identity and access management (or CIAM). This one-on-one session will address topics such as biometrics and QR code-based authentication, and how to determine which customer identity solution is right for each particular consumer touchpoint.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
Security Weekly listeners save 20% on InfoSec World 2022 passes! InfoSec World will be held September 27th through the 29th at Disney's Coronado Springs Resort in Lake Buena Vista, Florida. Visit securityweekly.com/isw and use the code ISW22-SECWEEK20 to secure your spot now!
Guest
Zain has 8+ years of cybersecurity experience across product, marketing, and sales roles. At Ping, he develops messaging for orchestration, Zero Trust, and passwordless. His prior experience includes application security, network security, and risk & advisory services. He is passionate about breaking down technical concepts and quantifying cyber risk to a business audience. He holds an undergraduate degree from NYU and an MBA from IESE Business School.
