top of page
Writer's pictureDaniel Lawlor

[PODCAST] Sextortion and Cybersecurity Risks in the time of #COVID19

Updated: Apr 29, 2020


Public Service Announcement [PSA] - I have recently welcomed Shannon Eastman to the Aquest podcast as a standing co-host with me from here on in.



She will be bringing a dynamic to our conversations that invite us to explore the human behaviour aspects of our Regulated Financial Services topics.

 

This episode with Sam Glynn was fascinating.


The conversation took us to topics such as: the risks from working from home, sextortion, what the CBI might think of lightning speed actions before we double-check the lightning speed, and all that before we then document the lightning speed efforts.


He typically works with CFOs and COOs who are accountable for IT even though IT is not their primary area of expertise.

They are under pressure to deliver secure, flexible, modern IT capabilities while ensuring alignment to:


  • The risk tolerance of the firm

  • The needs of Risk & Compliance teams, CEO, and Board

  • The expectations of regulators




And If you are keen to access that 12 step roadmap Sam mentioned in the podcast - you can do that over here.


Cybersecurity has been a recurring issue for many regulated firms, and a concern of the Central Bank, even before Covid-19 hit our shores.

In this Cybersecurity episode, we discuss the possible risks that may have been introduced when firms had to move fast and provide working-from-home capabilities, in response to the measures imposed as a result of Covid-19.

We are joined by our standing co-host, Shannon Eastman, and by Code in Motion's Sam Glynn, an IT advisor to regulated firms who helps CFOs and COOs go from unsure to secure.

We discuss how new and smaller firms may have been ready to work remotely, but how older, risk-averse, and bigger organisations may not be prepared for such a setup given their more traditional approach of securing everything in a secure location.

Depending on the size of their employee base and the complexity of their IT systems, we also discussed other factors to consider, including:


  • How firms struggled to quickly provisioning laptops to all employees as part of their response

  • How many may have been forced to enable staff to access corporate systems and data from non-corporate devices – e.g. email from personal phones

  • The 3 states a firm can be in when thinking about cybersecurity – Hopeful, Comfortable, Provable

  • The 3 Phases a firm have to go through in their business continuity response, and the importance of doing the third phase

  • How a firm should focus on what has changed in their IT setup as a result of their Covid-19 response, and ensure new risks are identified, monitored, managed and mitigated










93 views0 comments

Comments


bottom of page