The Cyber5 Podcast

Governance and Risk in the Board Room with Reed Smith Partner Gerard Stegmaier

Episode 28 of the podcast covers a director’s and officer’s view of mission-critical privacy and cyber security issues with Reed Smith LLP Partner Gerard Stegmaier.

Outline:

  • Question 1 (03:13): What are the NACD’s guiding principles for effective cyber-risk oversight? Do boards actually follow these principles?
  • Question 2 (08:50): With regard to governance and cyber risk management frameworks, when a cyber incident occurs, what are companies doing right and wrong in addressing this interplay?
  • Question 3 (12:57): What role do these principles play with D&O insurance?
  • Question 4 (16:16): How detailed have you seen board rooms get on how to classify risks.
  • Question 5 (21:13): Understanding that security incidents are inevitable, how do you advise clients to work with outside experts? Should everything be under privilege that relates to a potential vulnerability that may result in a future breach?

Episode 28 | October 15, 2020

Adversary Research
Discovering the methods, motives and identity of threat actors to disrupt attacks 
Reputation Defense
Technical guidance for countering disinformation and slanderous attacks 
Trust & Safety
Intelligence to secure business operations and defend against fraud, abuse and e-crime 
TPRM Exposure
Adversary-centric intelligence to address supplier, M&A and investment risks 
Outside Intel
Research for defending outside the firewall that leverages tier 3 intelligence programs 
Executive Shield
Assessment of threats to key personnel with attribution and PII takedown  
Adversary Insights Retainer℠
Annual retainers for client-driven inquiries and rapid-response research 
Intelligence Team as a Service
Collaborative engagement providing robust intelligence and tier 3 cyber analysts  
Event-Driven Intel Investigations
Multidimensional security fact-finding that delivers insights into adversary behavior 
On Demand Threat Research
Proactive and preventative investigations that reveal threat actor context and risk correlations 
Investment Zero Touch Diligence℠
Project-based discovery to assess risk for investments, IPO, Mergers and Acquisitions 
TPRM Zero Touch Diligence℠
Subscription assessment of external network hygiene, key personnel, and non-traditional business risks