InfoSec Pros On the Road: Brenda Bernal, VP, Product Security and Compliance at Digicert

I hope you’ve already had a risk definition conversation- get in front of the board or in front of your CIO or in front of your CFO, whoever is going to ultimately pay the bill. And then for anything where you know you can’t afford it because you’ve seen a reduction in your budget as a consequence of the pandemic- have that conversation early with your cyber insurance broker.

“Organizations that don’t have cybersecurity as a core business differentiator, or as a core business function, are often struggling to adapt modern cybersecurity practices,” says Kayne McGladrey, Director of Security and IT at Pensar Development.

In this very entertaining episode of The Other Side of the Firewall podcast, we’ll learn Kayne’s amazing cybersecurity “origin story” and discuss the need for more diversity of culture and thought within cybersecurity. We’ll also go into upcoming Federal and State policy and how he and his team have developed the tools necessary to keep up with the future of Governance, Risk, and Compliance. Don’t miss out!

Besides working nights, I learned in my fifteen-minute conversation that Rosa volunteers at an elementary school. She’d met no one who worked in cyber security, and the kids she worked with hadn’t considered it as a career option. They wanted to be rappers, they wanted to be marine biologists; they didn’t know there was a high-paying position called “security operations center analyst.”

Based on the Consent Order, firms in this space should be prepared to demonstrate to NYDFS how their compliance programs meet the standards outlined in DFS regulations, particularly the Virtual Currency Regulation, the Money Transmitter Regulation, the Cybersecurity Regulation, and the Transactions Monitoring Regulation. Firms should also ensure that they have documented policies and procedures required by the Cybersecurity Regulation.