The Cyber5 Podcast

Managing Cyber Risk Through Data Flow Accountability with JMBM Partner Michael Gold

Episode 16 of the podcast covers actionable advice for companies around risk management especially third-party due diligence, privacy, network security, and vulnerabilities with Michael Gold, Partner at Jeffer Mangles Butler & Mitchell.

  • (00:08) Intro
  • (00:55) Question 1: What advice would you give to companies in how to think about cyber risk – whether through data management, compliance or processes themselves? Can and should this risk even be quantified?
  • (05:15) Question 2: M&A issues around data mapping: How should companies think about integration issues when acquiring legacy data of a target company? For example, should companies ask for reps and warranties around that data? Can companies be advised to properly determine indemnification amounts?
  • (12:02) Question 3: How should organizations be building teams to work through these issues – whether internal or external? What are the characteristics of teams and vendors that are effectively addressing cyber risk on behalf of organizations? What do you look for in a vendor for clients?
  • (19:14) Question 4: We think about regulations including CCPA, GDPR, and requirements pushed down through various industries – how should companies be thinking about compliance? How do third parties play into this?
  • (22:40) Question 5: How are you seeing the work from home movement affecting cyber risk and how should companies be evaluating their security stances and policies in light of the remote workforce reality we find ourselves in?

Episode 16 | July 24, 2020

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights℠ Retainer
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks