Anjali Hansen: Cross team collaboration works best. [Privacy Counsel] [Career Notes]

A

You're listening to the Cyberwire Network powered by N2K.

B

When it comes to mobile application security, good enough is a risk. A recent Survey shows that 72% of organizations reported at least one mobile application security incident last year and 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance, time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com.

A

Hello, my name is Anjali Hansen. I'm Senior Privacy Counsel at no Name Security. I was pretty sure that I wanted to do something international. I had traveled a bit and my parents both came from other countries and I had family all over the world and I just like different cultures. So I knew I wanted to do something international, but I wasn't sure what. And I think because the expectation was that I do something, you know, at a higher education level, I settled on law fairly early on in my undergraduate career and I became pretty dedicated to pursuing that path. All I knew was that I wanted to do international law, and I was somewhat naive as to what that entailed. But once I got to law school, I saw the different types of fields that were available in international. I went to Georgetown because it's pretty well known for international law, had a pretty good curriculum for international law, and I took all sorts of different classes. So I started to see that that would be a good area where there's a fair amount of legal work in international trade. So that's where I ended up. Right out of law. I did a lot of work at the International Trade Commission, which is a US Independent agency out of law school, and as a young attorney in the government, you're afforded a lot of responsibility that you wouldn't get. One of my favorite cases was roses from Colombia and Ecuador. There were a lot of imports coming in that was flooding the market at the time, and the US Industries were being injured by the lower prices of those roses. So we really investigated the impact of imports on the industries that were being affected by different types of products coming in. I learned so much. I learned a lot about steel because there was a lot of steel cases. But I went to a different agency which was the US Trade Representative's office, which is the arm of the Office of the President that handles trade violations. And I got into more intellectual property infringement. When I was there, there were a lot of different counterfeiters, pirators of U.S. goods and other intellectual property There was more work than could ever be done. We were working long, long hours there. But. And then I got to be more involved on the more criminal side of things. When I was at USTR with the intellectual property violations, like one of my most interesting projects while I was there was working with the recording industry of America and the Motion Picture Association. There was a lot of pirating occurring internationally. And there was this one big operation occurring in Bulgaria, and we did it. We had a delegation go there because we were getting nowhere trying to negotiate with the government. There's so, so much crime happening on the Internet. Just as we couldn't really catch all these pirators back then because they would just pop up in new locations now, you know, in the virtual realm, it's like that, that there's so much fraud and crime happening and copying of trademarks and copyrighted works on the Internet. I think my experience working with all the online fraud and abuse really made me just concerned with the fact that it felt like governments couldn't really protect organizations from all the threats that are occurring. And I was very interested in cybercrime because when I was at the business association, there was so much online abuse occurring against that organization's trademarks and domains and websites. They were the target of one of the largest phishing campaigns at the time. Thousands and thousands of emails spoofing the brand went out. And I even was able to work with the FBI and Department of Homeland Security to try to combat the incessant barrage that was happening against this one organization. It just really felt, you know, like probably so many people out there just powerless against all of the crime that's occurring, that each organization has to be their own fortress, have their own security army, and to protect themselves because the government is just not able to keep up. So I really became interested in helping organizations with this issue because I just feel like we don't have anywhere else to turn to. The government's a little bit impotent in this regard. They do great work, but they cannot keep up with everything. And so a company like no Name Security developed this really good cybersecurity product that I think is really beneficial to organizations. They're being used en masse by many organizations. I just was really impressed with the product. And it's a startup, and there was an opportunity to work with the compliance team at no Name. And I thought it was a really worthwhile company to work for. It's very collaborative. I think being in compliance, you're maybe somewhat of a threat to other departments, possibly because you might uncover something, but I try to do it more in an educational way like here's resources. Training is really important. We have to help other departments protect the data because the data is throughout an organization. It's in hr, it's in sales and marketing, it's in it, it's in finance. So you have to be able to work with all these teams across your organization. And I think the best way to do that is to go in there and say this is the law, this is what we need to accomplish. And you have to find. This is kind of corny and it's oversaid, but you know, you have to find your privacy champions throughout the organization. I found them at no name that people in sales and marketing, for example, that, that understand, you know, that we have to do this properly. And so you just work as collaboratively as possible and you tell them the risks and then they're grown ups, they understand. I think I'd like to be remembered as somebody who didn't get stuck. I didn't get stuck at one company or in one field. I was able to evolve with the changing times. So I feel like I was able to sort of roll with the times and you know, I hope to be looked at as a good lawyer. Whatever field you're in, you know, you have to put in the hard work.

B

Most environments trust far more than they should, and attackers know it. ThreatLocker solves that by enforcing default deny at the point of execution. With Threat Locker allowlisting, you stop unknown executables cold. With ring fencing, you control how trusted applications behave. And with Threat Locker DAC defense against configurations, you get real assurance that your environment is free of misconfigurations and clear visibility into whether you meet compliance standards. ThreatLocker is the simplest way to enforce zero trust principles without the operational pain. It's powerful protection that gives CISOs real visibility, real control and real peace of mind. ThreatLocker makes zero trust attainable even for small security teams. See why thousands of organizations choose Threat Locker? To minimize alert fatigue, stop ransomware at the source and regain control over their environments. Schedule your demo@threatlocker.com N2K today.