
Hosted by David Finz · EN

INSURANCE INDUSTRY, HEAL THYSELF: Thousands of insurance agents and brokers across the country need to consider their own cybersecurity and data privacy practices. In this episode, David sits down with John Snyder of Net Friends to discuss the threat landscape and how Managed Service Providers can help clients better manage risk and enhance their insurability.

IT'S GO TIME! The President's recent Executive Order "Securing the Nation Against Cryptographic Attacks" makes clear that quantum computing is a threat for which businesses need to start planning today. In this episode, David discusses how the EO will impact federal contractors, and why businesses of all types need to start planning for this next phase of Cyber risk.

BOLD LEADERSHIP, OR "LEGISLATING BY ANECDOTE?" Connecticut just became the latest state to pass legislation intended to regulate the use of AI by businesses. In this episode, David discusses the reasons some states are moving forward without waiting for Washington to act, and explains why some legal experts advising the business community are sceptical of this approach. He also offers a way for businesses to begin improving their AI governance and putting best practices in place.

THE OPPOSITE OF ALLYSHIP IS COMPLACENCY! In this episode, Violet Sullivan, head of risk solutions at Crum and Forester, shares her insights on enterprise risk management, diversity in the industry, and her journey as a trailblazer for women in cyber insurance.

FEELING 22? Vermont is on the verge of becoming the 22nd state to enact comprehensive data privacy legislation. While the bill enjoys broad bipartisan support, consumer advocates are crying foul, saying that the law's measures are insufficient. In this episode, David discusses the controversy surrounding this legislation, and what businesses should be doing to ensure compliance with the increasingly complex array of state data privacy laws.

REGULATORS OFFER "GUIDANCE" TO FINANCIAL INSTITUTIONS ON THE USE OF AI. The New York State Department of Financial Services has cautioned banks and other regulated entities that deployment of AI can increase their vulnerability to a cyberattack, and is recommending heightened cybersecurity measures to combat this risk. This guidance comes against the backdrop of chatter from underwriters that coverage for such incidents may be sub-limited or excluded altogether. In this episode, David breaks down the DFS' recommendations, and provides resources to help firms put the right governance mechanisms in place.

THE EDUCATION SECTOR DODGED A BULLET! A recent cyber attack on an educational technology provider whose software is used by thousands of school districts and universities put the data of millions of students at risk. The company was able to resolve the threat, but this incident underscores the vulnerability organizations face when they entrust their SaaS providers with confidential data. In this episode, David discusses some of the technical and contractual steps that can be taken to reduce your exposure to these Single-Point-of Failure incidents.

ON A GLASSWING AND A PRAYER! Following the discovery by Claude Mythos of thousands of vulnerabilities in operating systems and web browsers, the company that created it delayed its release, instead opting to form a consortium of tech companies that could patch these vulnerabilities before they are exploited by hackers. In this episode, David explains why he believes this was the right move for the industry, and offers a solution to businesses looking to establish their own AI governance framework. (Note: the opinions expressed here are solely my own and not necessarily those of my employer).

HOW NOT TO HANDLE A CYBER INCIDENT: Well-intentioned small business owners often make missteps in the hours and days following a cyber attack that can have a detrimental impact on the availability of coverage under their Cyber Insurance policy. In this episode, David discusses his observations from working with clients and offers some practical suggestions around integrating insurance into your incident response plan.

THE RISE OF AI LIABILITY: Three states have already passed laws holding the creators of chatbots liable for harm that users allegedly sustain through the use of such technology, and another 27 are considering similar legislation. In this episode, David discusses the rationale for these laws, how they clash with the White House's move toward a national framework, and some best practices that businesses can institute to stay ahead of the oncoming legislative onslaught.