The Securities Compliance Podcast Season 2 Episode 12 - Cybersecurity and Teleworking Part II 

Securities Compliance Podcast: Compliance in Context

On Episode 12 of Season 2 of the Securities Compliance Podcast: Compliance in Context, host Patrick D. Hayes welcomes former NSCP Board Chair and all-around compliance expert, Craig Watanabe, to analyze some recent comments from SEC Chair Gensler around cybersecurity, and reveal some practical tips firms can use to enhance the cybersecurity measures inside their own firms. In our Headlines section, Patrick looks at the new NSCP Firm and CCO Liability Framework and its broader application to the industry. And finally, he wraps up today’s show with another installment of What’s On My Mind where we examine what an 80s classic song from Mike and the Mechanics and the life of John Madden can teach us about being the best compliance officer and CCO for your respective firms.

Season 2, Episode 12 Topics:

Headlines 

• NSCP Firm and CCO Liability Framework

Interview

• Reaction to SEC Chair Gensler’s Speech at Northwestern Pritzker School of Law’s Annual Securities Regulation Institute

• Reviewing “Twelve Tips for Teleworking Cybersecurity” in May 2020 edition of Currents

• What is the Windows 11 upgrade?

• Usability vs. Security

• What is the Trusted Platform Module?

• What are the best tips for cybersecurity and user awareness training?

• What is cyber hygiene?

• What are some other best practices you’ve seen in cybersecurity lately?

• How best to leverage cyber insurance and related expertise?

What's on my Mind

• “Living Years” by Mike + The Mechanics

• The Life of John Madden

• Fastidious preparation as compliance coach

• Living with a sense of appreciation

Quotes

 “Cybersecurity is almost always at the top or near the top of the list in terms of risks and I think that’s going to be the case for some time for this foreseeable future so it’s going to be a big risk for everyone, a big risk for the industry.” – Craig Watanabe  

10:12 - “I think Regulation SP is somewhat of a misnomer because the S stands for safeguarding and the P stands for privacy. But if you ask most people, ‘Reg SP?’ ‘Oh, yeah! Privacy.’ We kinda forget Section 30, which is the safeguarding part of the rule. And that’s where all cybersecurity regulation basically resides.” – Craig Watanabe

“In the Fortress Model, the idea is you create this fortress. Everything on the inside of the fortress, all the interior is safe and you try to keep all the unknowns (all the bad stuff) out. That model works really well when you have a centralized work environment and you have a centralized IP. It’s a perfectly reasonable, very usable, and a very functional model. That model, however, doesn’t work as well in a remote or hybrid work environment.” – Craig Watanabe 

“I think there has been a paradigm shift at Microsoft and other big vendors, with an emphasis on security. That’s clear to me. I don’t think Microsoft would have done these things prior.” – Craig Watanabe  

---

About the Securities Compliance Podcast: Compliance in Context

Introducing the Securities Compliance Podcast: Compliance in Context presented by Calfee, Halter & Griswold and the National Society of Compliance Professionals and hosted by Patrick D. Hayes, Senior Counsel and leader of Calfee's Investment Management practice.

Designed as a personal master class for the securities legal and compliance professional, this podcast embodies Patrick’s passion to help you put Compliance In Context™ by combining the technical expertise of industry thought leaders and innovators with the practical experience of doers and key decision makers.

Listeners will find the podcast on Apple Podcast, Google Podcast, Spotify and Stitcher.

---

The opinions expressed by guest speakers and panelists during Securities Compliance Podcasts may not necessarily reflect the viewpoints of the attorneys and professionals of Calfee, Halter & Griswold LLP or its subsidiaries or affiliates. Calfee’s educational content is intended to inform and educate readers about legal developments and is not intended as legal advice for any specific individual or specific situation. Please consult with your attorney regarding any legal questions you may have. With regard to all content including case studies or descriptions, past outcomes do not predict future results.