New website: RiskCommentary.ca We see a contradiction: increased need for Enterprise Risk Management, while risk managers report low perceived value of their processes. High Quality Risk Assessment addresses uncertainty and helps solve chronic business problems. Join Edward Robertson, successful ERM practitioner, to discover a simple process that delivers clear value.
…
continue reading
CyberSecurity Sense is LBMC Information Security's podcast that provides insight and updates on such information security topics as: IPS Monitoring and Managed IDS Services, Security Information Event Management, Digital Forensic Analysis, Electronic Discovery and Litigation Support, Computer Security Incident Response, Penetration Testing, Risk Assessments, Security Program Planning, Web Application Security Assessments, ACAB LADMF Certification Assessments, CMS Information Security, FedRAM ...
…
continue reading
Multi-Hazards . . . all about protecting communities. Climate change, extreme weather, (un)natural disasters, pandemics, systemic racism, neocolonialism, neoliberalism, poisonous political trends, etc. These pose a threat to human societies and the natural world. This is a podcast about disasters suffered or averted, with issues facing experts in climate change adaptation, disaster risk reduction, anti-racism and many other important topics. It's for anyone interested in protecting your comm ...
…
continue reading
If you are looking to identify and develop your strengths and talents, take calculated risks and make decisions, The Strengths Revolution with Steve Morgan will help your personal development, as well as helping you support your clients, employees, teams and wider organisations. Knowing your strengths will also support positive risk-taking and decision making as part of good risk management.
…
continue reading
“Follow the Money” with Kevin Sullivan, CAMS, CCI retired State & Federal Money Laundering Investigator. C-Notes podcasts provide listeners with Anti Money Laundering (AML) / Bank Secrecy Act (BSA) training & advisory tips. Topics span the fundamentals of the 5 pillars of a quality AML program through to best practices for AML compliance, risk mitigation, terrorist activity prevention, and financial crime investigation methods & tools available within various industries and to law enforcemen ...
…
continue reading
Join us for the latest episode of our PCI Monthly Update podcast, where we explore the latest developments in the world of payment card industry security. We begin with a news segment covering the impact of PCI v4.0 and how organizations are adjusting. In case you missed it - Andy Kerr joined PCI Practice Partner Stewart Fey for an interactive Q&A …
…
continue reading
Join us for the latest episode of our PCI Monthly Update podcast, where we explore the latest developments in the world of payment card industry security. We begin with a news segment covering the launch of PCI v4.0 and the ins and outs of the new INFI (Items Noted For Improvement) Worksheet. Next up, we'll cover Requirement 11 - Test security of s…
…
continue reading
In this edition of the PCI Monthly Update, we’re counting down to the launch of PCI 4.0! We start this month's podcast with a reminder that v4.0 goes into full effect on March 31. Our focus then shifts to Requirement 10 covering logging and monitoring all access to system components and card holder data and what is changing with v4.0. This podcast …
…
continue reading
In this January edition of the PCI Monthly Update, we’re on the brink of exciting changes with version 4.0 just around the corner! We start with a spotlight on the ongoing Request for Comments (RFC) period for PCI DSS v4.0, inviting insights from industry experts. Plus, we discuss the Global Content Library, showcasing insights from the 2023 Commun…
…
continue reading
Join us for the latest episode of our PCI Monthly Update podcast, where we explore the latest developments in the world of payment card industry security. We begin with a news segment highlighting the PCI SSC's TRA Guidance. Next, we delve into Requirement 8 of the PCI DSS, dedicated to identifying users and authenticating access to system componen…
…
continue reading
1
PCI Monthly Update: October - New SAQ Review, Focused Look at Requirement 7, and Expert QSA Insights
29:07
Dive into the latest in the PCI landscape with our October update. We kick off with a news segment spotlighting the new SAQ SPOC (Software PIN Entry on COTS) which includes portions of PCI DSS Requirements 3, 8, 9, and 12. Transitioning to Requirement 7, we discuss restricting access to system components and cardholder data based on business necess…
…
continue reading
Catch the latest news in our September "PCI Monthly Update" from Tuesday, September 26, 2023. We kick things off with key insights from the recent PCI Community Meeting. Next, we dive into Requirement 6, discussing the essence of secure software development, from processes to security vulnerabilities, web application protection, and change manageme…
…
continue reading
Tune in to the August edition of our PCI Monthly Update. We kick off with a sneak peek into the upcoming PCI North America Community Meeting in Portland and introduce the newly launched PCI Community Job Board—a dedicated platform for security talent and job postings in the payment industry. Next, we delve into Requirement 5, shedding light on anti…
…
continue reading
Dive into the latest PCI news in our July PCI Update. This episode covers key PCI developments, an in-depth exploration of Requirement 4, and a helpful QSA Q&A. We kick off this episode by previewing the upcoming PCI Community Meeting in Portland and discuss our hosts' presentation on "Generative AI: Your New Secret Weapon or an Insider Threat?" We…
…
continue reading
Do you know the average payout organizations are hit with for every attack? William Parks and Bill Dean discuss a service dedicated to helping your organization (big or small) withstand a ransomware attack. Bill and his team are ready to help you and your organization obtain peace of mind when it comes to these advanced threats. Questions for Bill?…
…
continue reading
LBMC Shareholder Bill Dean and William Parks spend today’s episode discussing Advance Guard, a new service offering from LBMC's Security Technical Team. Learn how Advance Guard may help protect your organization's most valuable assets, save time on compliance audits, and give peace of mind about your current security stance. Want to see Bill’s “Pre…
…
continue reading
Stay up to date with the latest in PCI compliance. In this episode, William Parks, Andy Kerr, and Kyle Hinterberg discuss the latest in PCI news, new restrictions around PAN data, and how to master Requirement 3 while preparing for PCI 4.0. Don't miss our upcoming webinar: "How to Reduce Your PCI Scope: Tips & Technology Your Organization Needs to …
…
continue reading
ChatGPT is making headlines worldwide and its impact is making a lot of business owners uncomfortable. What is ChatGPT? How will this tool change how you do business? Is ChatGPT a security risk? What to expect from ChatGPT4? William Parks interviews LBMC's Data Insights team members to discuss this controversial topic, dive into facts your organiza…
…
continue reading
William Parks takes this podcast to introduce a key member of LBMC Information Security’s Technical Services team, Daniel Nguyen. Daniel is a manager on the team with quite the insightful background. William and Daniel spend time discussing current steps to keep your organization successful in their journey to a healthier security posture. Question…
…
continue reading
Stay up to date with the latest in PCI compliance. In this episode, William Parks, Andy Kerr, and Kyle Hinterberg discuss the latest in PCI news and how to master Requirement 1 while preparing for PCI 4.0. For any questions, feel free to reach out to us here: Kyle Hinterberg: kyle.hinterberg@lbmc.com Andy Kerr: andy.kerr@lbmc.com William Parks: wil…
…
continue reading
William Parks, Andy Kerr, and Kyle Hinterberg discuss the latest PCI news, share how to create and what should be covered in an executive summary for a PCI assessment, and answer a few questions from our listeners. If you’d like us to answer and address questions on our next episode, reach out to us here: Andy Kerr – andy.kerr@lbmc.com Kyle Hinterb…
…
continue reading
In this podcast, Host William Parks discusses with LBMC Information Security Senior Managers Andy Kerr and Kyle Hinterberg some of the top takeaways at this year’s PCI SSC Community Meeting. Topics discussed during this episode include changes to the “In-Place with Remediation” reporting option which was added in PCI DSS v4.0, what to do if you mis…
…
continue reading
The Internet provides access to lots of good data, useful websites, social media options, and entertainment, but unfortunately, it also poses some risks to the security and privacy of individuals. In this episode, William Parks and Mark Burnette will share some practical tips for how you can keep yourself and your family safe and secure online. You…
…
continue reading
In this episode, Host William Parks interviews LBMC Shareholder Robyn Barton about HITRUST, what it is, the relationship between HITRUST and HIPAA, and the new HITRUST i1, r2, and bC Assessments.William Parks
…
continue reading
In this episode, Host William Parks shares the latest on the new cyber mercenary group, Atlas Intelligence Group or AIG.William Parks
…
continue reading
In this episode, Host William Parks shares ransomware awareness tips and cybersecurity best practices to keep your company safe from attacks.William Parks
…
continue reading
As both a practitioner and researcher in emergency management, Kesley Richardson is a looking to be a game changer. Bringing youthful energy and the mind of a multidisplinary scholar to the field, he is ensuring that best practices are not just talked about but integrated. Join us today on this episode of the Multi-Hazards podcast as Kesley Richard…
…
continue reading
To celebrate Women's History Month, LBMC interviews a panel of our women cybersecurity experts on their unique career journeys, what advice they would give to women looking to work in the field, and goals for the future.
…
continue reading
To really protect communities, Ginny Katz and her team at HazAdapt Inc. are designing technology that pays attention to communities and truly addresses their needs. Ginny is part of a new wave of entrepreneurs who believe equity and diversity should be at the forefront of innovation and not an afterthought. Join us today on this episode of Multi-Ha…
…
continue reading
1
Finding Certainty in the New Year (Remix with Margaret Heffernan)
1:00:41
1:00:41
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:00:41
Another year rolls by and certainty seems just as hard to find. Dr. Margaret Heffernan's recent book Uncharted: How to Navigate the Future has a message: Tomorrow may be uncharted territory, but we can learn to handle uncertainty and move forward with confidence and agility. Join Dr. Heffernan and Multi-Hazards podcast host Vin Nelsen in this remix…
…
continue reading
What does climate change have to do with disasters? Experts on The Multi-Hazards Podcast weigh in on how climate change is affecting the planet and human society, and how it plays a role in increasing disasters. Join us for this exciting podcast! Study Guide here (click on PDF, top left): https://multi-hazards.libsyn.com/climate-change-and-disaster…
…
continue reading
Earthquakes and volcanoes are among the various disasters dealt with on The Multi-Hazards Podcast. Here we revisit earlier interviews with Dr. Burçak Başbuğ Erkan and Dr. Gio Roberti. What should we all know about earthquakes and volcanoes, and, most of all, what is the human element? How have we mitigated, prepared for, responded to and recovered …
…
continue reading
New website = RiskCommentary.ca What are the key questions of senior executive in considering the adoption or remediation of enterprise risk management? Answers to these questions form an overview to guide the successful roll-out of ERM. Key questions entertained by the C-suite with regard to ERM likely include these three: a. What exactly is ERM? …
…
continue reading
1
Environmental Racism with Dr. Ingrid Waldron
1:06:34
1:06:34
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:06:34
Can the environment be racist? No, but those with power can use it to further marginalise racialised communities. Industries, landfills and other large and small-scale projects are seldom put into affluent White neighbourhoods by the government and corporations, but more often where Indigenous, Black and Brown people live. Today the Multi-Hazards P…
…
continue reading
New website = RiskCommentary.ca What is the “upside” of risk? Does ERM manage opportunity meaningfully? It leads to a structured innovation program that risk managers can lead with confidence. 1. Opportunity - origin of the idea in ERM 2. Opportunity - how can we make sense of the idea? 3. Opportunity - as innovation 4. Innovation a. an established…
…
continue reading
New website = riskcommentary.ca [Re-edited for clarity.] Due diligence is not the same as risk assessment; they are complementary. Due Diligence and High Quality Risk Assessment: how could they be used? 1. Quote: the hope for a less quantified, more qualified and thoughtful approach. 2. Due diligence definition vs risk assessment. 3. Order of opera…
…
continue reading
New website = riskcommentary.ca ERM, for some, consists solely of Financial Risk Management. Is this sound? We offer commentary on quantitative modelling and its place in Enterprise Risk Management. Quantitative methods examples Chief limitations of quantitative models Proprietary internal risk rating systems Forecasts and probability estimates 200…
…
continue reading
New website = RiskCommentary.ca ERM mid-life crisis: how to rejuvenate and validate the program. The curious juxtaposition of need vs poor take-up. Steps in analyzing and fixing poor take-up in ERM programs. Several specific fixes for improving the compelling nature of risk information. What about “opportunity”? Ref: Innovation. What about other ri…
…
continue reading
New website = riskcommentary.ca How to implement an Enterprise Risk Management regime that is readily accepted and endures? Answer: by mastering the principles of program success, which will set you apart as an administrator. Edited for length. Employ proven success factors for program implementation shown in studies. 1. clear goals and objectives …
…
continue reading
1
Empire 2.0 - How Racism & Colonialism Still Rule the World with Dr. Kehinde Andrews
1:07:00
1:07:00
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:07:00
To change the world first requires us to understand the nature of society, to look seriously at the way that it is structured. Racism, white supremacy, is the most important feature of this global system and Black and Brown people suffer the most worldwide. The reality of it all is that capitalism continues its ruthless quest to dominate, accumulat…
…
continue reading
New website = riskcommentary.ca How can we roll out Enterprise Risk Management with a minimal footprint? Edited for length What is ERM in relation to your entire management practise? Principles-based approach value proposition and cost-benefit analysis - principle: self-proven execution - principle: organic growth working methods - principle: rigou…
…
continue reading
1
Are We Adapting to Climate Change Yet? with Dr. Stewart J. Cohen
1:02:51
1:02:51
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:02:51
What's happening with climate change these days? How is our adaptation going? What are the gloomy and bright spots? Join Dr. Stewart J. Cohen, climate change adaptation scientist, as he discusses the latest science and societal discussions about humanity adapting to a rapidly changing climate. Have a listen! Direct download: https://traffic.libsyn.…
…
continue reading
New website = riskcommentary.ca Enterprise risk management implementation: Who is the champion? Edited for length. Significance of the Enterprise Risk Management champion Who actually is leading this work? What are the requisite qualifications and background? Is any special training needed? Background and qualities Functions Principles of program s…
…
continue reading
Why are conspiracy theories so popular these days? Is it social media? Are we just more gullible nowadays? Join Dr. Ghayda Hassan, a clinical psychologist and professor at L'Université du Québec à Montréal (UQÀM), as she discusses how conspiracy theories are affecting society and how we can overcome their influence. Have a listen! Study Guide here …
…
continue reading
In this episode, we discuss networking and mentoring, specifically in Emergency Management (EM), with concepts that can apply to any field. Here EM specialist Brandi Hunter gives her advice, based upon her experiences in recent years, especially as founder of Aspiring Emergency Managers Online (AEMO). Join us! Topics include: * Brandi's passion for…
…
continue reading
New website = riskcommentary.ca High Quality Risk Assessment: What is the true significance of the risk register you’ve built so carefully? How does it lead to dramatic, breakthrough risk mitigation? Facilitating risk assessment Risk register - the full significance What have we accomplished so far? Quality infused at each step Result: revelations …
…
continue reading
1
Multi-Hazard Early Warning Systems with Dr. Bapon Fakhruddin
1:04:53
1:04:53
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:04:53
Multi-Hazard early warning systems for potential disasters can mean the difference between life and death for local residents. Dr. Bapon Fakhruddin, an expert who has been involved with implementing these early warning systems in more than 25 countries, is on the Multi-Hazards podcast today to tell us all about it. This is an essential part of redu…
…
continue reading
New website = RiskCommentary.ca High Quality Risk Assessment implies comprehensive risk identification and a sensible assessment using four key criteria. I share a generic methodology developed and refined over years with clients. Review of the advantages of round table method Risk identification - finer points of risk formulation Facilitation - fi…
…
continue reading
1
Multi-Hazards Podcast Season 4 Summary, Season 5 Intro
1:06:34
1:06:34
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:06:34
Wow, another season of Multi-Hazards is over, a new one is beginning! Join podcast host Vin Nelsen as he shares the stories and glories of this wonderful season covering March to July 2021. Have a listen! Study Guide here, on left where it says "PDF": https://multi-hazards.libsyn.com/multi-hazards-podcast-season-4-summary-season-5-intro Vin Nelsen’…
…
continue reading
1
Unnatural Disasters with Dr. Gonzalo Lizarralde
1:13:11
1:13:11
Відтворити пізніше
Відтворити пізніше
Списки
Подобається
Подобається
1:13:11
Can our response to disasters make things worse? How is it that our attempts to reduce risk or “build back better” mostly exacerbate social inequalities? And what can we do about it? Join Dr. Gonzalo Lizarralde as he shares his new book, Unnatural Disasters: Why Most Responses to Risk and Climate Change Fail but Some Succeed. Have a listen! Study G…
…
continue reading
New website = RiskCommentary.ca The process of risk identification itself. We can do so with confidence, because all of the procedural and conceptual elements we need are finally in place. Recap High Quality Risk Assessment: Preferred method: round-table of experts Prepared session: agenda, context paper and facilitation aids Risk formulation rules…
…
continue reading
1
The Health Costs of Climate Change with Dylan Clark, The Canadian Institute for Climate Choices
32:52
As the climate changes for the worse, how can we protect our communities? Join Dylan Clark, Senior Research Associate The Canadian Institute for Climate Choices, the network of experts producing independent research to bring clarity to the climate policy choices ahead for Canada, and Multi-Hazards podcast host Vin Nelsen as they discuss the challen…
…
continue reading
New website = riskcommentary.ca Looking carefully at conventional advice, we discover why risk ID can be ineffectual. Confusion entrained by the supposed risk ID methods set out in conventional literature. · interviews and surveys, questionnaires · audits, physical inspection · brainstorming · networking with peers, industry groups · judgemental - …
…
continue reading
Wildfire smoke is no joke. How can we protect our communities from its harm, even as the climate changes and wildfires increase? Join Dr. Sarah Henderson, renowned scientist in environmental public health, and Multi-Hazards podcast host Vin Nelsen as they discuss how we can adapt to the polluted skies as more wildfires engulf our forests and living…
…
continue reading
New website = RiskCommentary.ca Context for risk assessment could mean projects, contracts, administrative workflows, technical processes, etc. Summary of the series to date. High Quality Risk Assessment. Establish the Context. Context Paper - The purpose is twofold: - to create a highly useful aid to facilitation; and - to create a testament to du…
…
continue reading