I recently wrote a bit for the folks at Castlebridge, discussing the Department of Commerce’s recent whitepaper of the US' privacy policies in the post-Schrems world. You can read it here: https://castlebridge.ie/2020/10/05/the-department-of-commerces-rosy-view-of-privacy-doesnt-match-reality/
Since data breaches must generally be reported, there's been an explosive rise in the number of notices issued to regulators. But does it matter?
Do SAs care about data breaches? I'm pouring over the data, and it doesn't look great. Read about it here.
A Few Questions, Post Schrems II
2 min read
The European Court of Justice issued their ruling on the #SchremsII case. And I have lots of questions!
Sharing the Love – My slides from Facing Cyber threats and Security Risks in Banking & Finance
1 min read
Just thought I’d share the slides I presented @ Techfindr’s recent webinar on Emerging Threats & Best Practices in the Banking and Finance Sector. It was great fun, and I learned a lot.
// Note: This was first published in August 2019 on LinkedIn A few months ago, my mother recommended that I pick up David Epstein’s Range: Why Generalists Triumph in a Specialized World. It took me awhile to get around to it, but boy, am I glad I did. This book has fundamentally changed not only how I view myself, but also how I can best frame my diverse range of experiences. If you look at my LinkedIn profile, you’ll notice a trend. In the 20 or so years I’ve been a working adult (God, that makes me sound old), I’ve had 12 jobs, across 5 different industries. I started out in tech support, was a researcher (including patent prior art research, general legal research and competitive intelligence at various times in my life), a journalist, a lawyer, an information security consultant, and twice, a business owner. And now, I’m straddling the fence again, working on honing my skills in two radically disparate career paths — threat intelligence and being a professional beer snob (aka, a beer sommelier). While the latter might remain more of an avocation, rather than a vocation, on paper, I look like a mess. But here’s the thing: In this economy, my range is a good thing, not a liability. Every Job Interview I’ve Ever Had is Story Time Since I’ve taken on so many different roles, that necessitates job interviews, and I always get asked some version of the same question: Why have you jumped around so much? Although sometimes the answer is a question of company fit (e.g., I’ve learned that I truly do better at small- to midsize firms, rather than larger institutions), the truth is that my interests are wide, and have changed and adapted over the years. It’s not that I get bored, per se, but rather, that my passions get redirected as I find new experiences, explore novel problems (both within an organization, and external to it), and identify opportunities where I can make a real difference. I’m also a bit of a new junkie — I thrive on parachuting into a situation where I’m aware of a given problem–but by no means a specialist–and offering an outside perspective that bridges the knowledge I’ve acquired across many different industries. In Range, Epstein talks about kind versus wicked learning environments, a concept coined by Robin M. Hogarth, Tomás Lejarraga, and Emre Soyer in their 2015 paper “The Two Settings of Kind and Wicked Learning Environments.” In kind learning environments, skills can be learned through experience, and future decisions can be guided by patterns and past results. Epstein uses chess as a frequent example here. The rules of chess are finite, and the sum total of effective strategies is learnable. Playing enough chess can help you reach mastery by learning the patterns of successful chess games (this is frequently referred to as the 10,000 hours rule). By contrast, wicked learning environments, there’s a mismatch between outcomes and information. For example, Hogarth et al cite the case of an early 20th century physician who was amazingly...
The recent pandemic has thrown a wrench in the progress made around the world in strengthening privacy rights.