Innovation in Compliance with Tom Fox

Abbas Kudrati is the Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group and is Tom Fox’s second guest on Microsoft Week. Abbas has spent the duration of his career providing thought leadership, strategic direction, and deep customer and partner engagement through Microsoft’s initiatives and operations. On this episode, he and Tom are talking about a range of topics surrounding info security and Abbas’ role at Microsoft.The Evolution of Cybersecurity & Its ChallengesWhen security was first introduced, it was called IT Security, and its primary focus was securing everything within a network behind a firewall. Society has since moved from a firewall to the cloud. The focus on complaints within an organization has also shifted from local to multinational. End-to-End SecurityEnd-to-end security’s focus is people, process, and technology. Abbas says that focusing on end-to-end security means turning your attention to 14 different domains of policy. It means ensuring that the right people are on your teams and managing the security surrounding that. It means managing data access, business communication security, product security, and supply relationship security. Risk Appetite & Risk Management“You cannot implement security without having conducted a detailed risk assessment and understanding what is your current risk appetite,” Abbas tells Tom. When starting the risk management process, Abbas stresses the importance of having a threat model. “Define what are the various threats, and then embed those threats into your risk management,” he emphasizes. What’s NextIn the near future, the citizens of the emerging South Asian economy will be using the internet much more, and that there will be higher demand for cybersecurity professionals. The demand will be impossible to meet, so there will be more automation. Tom asks him to elaborate on what’s next for Microsoft’s cybersecurity group. Abbas explains that the group is continuously improving its product to be more inclusive, and also that security and privacy are being built into their products by design and not an afterthought.Listen here to Microsoft Week episode 1, featuring Alan Gibson, Director of Legal and Compliance Innovation.Tune in tomorrow for episode 3 featuring Joseph Davis.ResourcesAbbas Kudrati | LinkedIn | TwitterAbbas Kudrati book, Threat Hunting in the Cloud

Alan Gibson is the current Director of Legal and Compliance Innovation at Microsoft and is Tom Fox’s first guest on Microsoft Week at the Innovation in Compliance podcast. Alan has worked in various fields - from legal to compliance to business. He’s a thought leader and currently involved in helping companies manage compliance risks and measure program effectiveness. He and Tom discuss his role at Microsoft and what companies need to be thinking about in the future with respect to legal compliance.Data Analytics in MicrosoftTom asks Alan to explain how Microsoft implements its data analytics program for compliance. Alan responds that the focus was on first identifying which sales agreements and channel partners posed the most corruption risk to Microsoft. “Our compliance team partnered closely with our finance internal audit and our business team to figure out how we could use the data that we were collecting in our sales contracts and from our third parties to create this early warning and monitoring system to identify which contracts needed to be routed for additional compliance oversight,” Alan tells Tom. The business unit and frontline salespeople were then able to use this data to prove to the business leaders at Microsoft that they were identifying risky sales contracts, and this program was built into the business process to manage risky sales.Challenges in Legal Compliance InnovationOne of the big challenges surrounding legal compliance innovation is helping individuals understand its ecosystem, Alan remarks. Another challenge is that delivering compliance solutions requires stakeholders. “It goes to working with law firms, working with compliance consultants, alternative legal service providers, legal tech vendors, and really helping people understand how all of this ecosystem works together to address these challenges,” he tells Tom. There is also the cultural challenge in that legal services have lagged behind finance and HR and their digital transformations. What’s NextCompanies have to think about the direction they want their legal departments to go and what steps they have to take to get them there. “They need the greatest contract lifecycle management system,” Alan tells Tom. Companies have to consider whether the decisions they make will allow them to have the capabilities they want in the coming years. “...It's people, process, and technology; you have to think about your solutions or where you want to go on your digital transformation across all three of those dimensions,” Alan says.Tomorrow’s guest on Microsoft Week is Abbas Kudrati, Chief Cybersecurity Advisor for Microsoft Asia’s Enterprise Cybersecurity Group. Abbas and Tom will be talking about innovating cybersecurity. ResourcesAlan Gibson | LinkedIn

Jedidiah Yueh is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Jedidiah is a data innovator, a best-selling author, and the founder and CEO of Delphix. He has spent the last two decades decoding innovation and collecting and testing frameworks that motivate many successful entrepreneurs in technology. Jedidiah has invented software products worth more than $4 billion in sales. He joins Tom Fox to discuss digital transformation and digital disruption, and what companies need to know and do about both.Technology, Creativity & Evolution“What's interesting about technology today is it's an incredibly broad white canvas,” Jed begins. Creativity is applied to the development of technology as much as it is to the liberal arts, he tells Tom. “If you think about some of the things that you do as an English major where you're really looking for these themes and these tropes within works of literature… You have to do that for the world of technology as well.” Tech evolves on so many levels that you have to see and analyze, similar to what’s done in literary analysis.Digital DisruptionWhen Jed first ventured into tech, his main objective was finding a concept or product that would give him a competitive advantage. He had the idea of taking the backup data from MP3 players and transitioning that into the technology enterprise. Jed says that he knew that the concept would be disruptive and that it would change the industry. “That's exactly what happened over the course of a decade,” he tells Tom.DelphixTom asks Jed why he founded Delphix. In Jed’s previous company, a lot of customers had issues where they had to be restoring data to other locations to be able to use it. The demands for data efficiency had risen. Jed created Delphix to answer this market need. “The idea was we wanted to build a new architecture that was focused on enabling the multi-use of data for all of these strategic and valuable use cases that drive innovation and differentiation for companies,” he remarks.COVID-19 & BeyondThe pandemic and the relocation to remote work was a profitable opportunity for Jed’s company. There was an acceleration of digital transformation. Tom asks Jed what companies need to focus on in the coming years. “I think companies really need to focus on what is real digital transformation and what is not,” Jed remarks. Real digital transformation changes the way your business operates. The overall ecosystem of the business has to be transformative. “If a company doesn't engage in a digital transformation and make its own data available to itself to make their business processes more efficient, frankly they're going to be left in the dust by their competitors who do so.”ResourcesJedidiah Yueh | LinkedIn | TwitterDelphix

Dan Zitting is the CEO of Galvanize and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Dan was the Chief Product Officer of Galvanize before taking up the CEO role. Galvanize is a software company that helps its clients achieve their goals and objectives. Dan and Tom discuss GRC software, the role of GRC professionals, and why data is so important to a company’s operations.The Evolving Role of GRCGRC refers to a company's governance, risk management, and compliance capabilities in achieving its objectives. The pandemic has proven that GRC is a valued and impactful asset. As a result, the scope and demand for GRC professionals and their services have accelerated. “We had the ability to work through one of the most pervasive risk issues to come along in decades, and it demonstrated the value of risk management and the value of strong governance,” Dan tells Tom. “Our role is to think about how we can demonstrate that same level of value in all of the other areas of risk that were already on the radar.”The Cost of Reputational Risk Tom asks Dan to explain why reputational risk may be more costly than a fine. Dan explains that though reputational risks may be harder to quantify, the time it takes to undo the damage done is significant and tends to have a more lasting impact. “A significant loss of talent or employees and having to go rebuild that reputation and re-recruit...are real costs, and they are often much bigger,” Dan says. Preventing NonCompliant ConductPreventing noncompliant conduct is just as important, even more so, than detecting it. “There are two key things,” Dan begins, “[The first being] the very nature of building strong governance programs in and of itself creates prevention.” As culture shifts, what was previously introduced as a detection mechanism becomes a prevention mechanism. In addition, advancement in technology is helping organizations prevent corrupt activities. Dan gives the example of data analytics and its machine learning model.GRC in The FutureGRC is going to have a much larger and broader impact on the world because it's a more efficient and impactful way to bring governance into organizations. Dan tells Tom that compliance professionals need to embrace technology more: trying to evaluate governance programs and controls manually is ineffective and time-consuming. ResourcesDan Zitting | LinkedIn | Twitter Galvanize

Chenthil Eswaran is the Practice Head of Enterprise Solutions at Aspire Systems and is Tom Fox’s guest this week on the Innovation in Compliance Podcast. Chenthil leads go-to market strategy, implementation, and is a thought leader in CX Transformation. Prior to his current role at Aspire, he held application development, application maintenance, and managerial positions. On this week’s show, he and Tom are talking about cloud and data storage, data security, and how compliance professionals can create a digitally fluid future for their companies.Cloud AdoptionThe pandemic caused businesses that were initially hesitant to engage in digital transformation to upgrade their operations. Chenthil tells Tom it’s a perfect time to take stock of the impact of cloud power on business applications. “We need a collaborative tech ecosystem that allows both systems and cloud applications to work in unison,” he remarks. “That way you get the ability to shift certain workloads to the cloud-based on the evolving demands. Basically, you should be able to prepare for the future without complicating the present.”Best of Breed, All in OneThere are two approaches to SAAS-based solutions: best of breed, and all-in-one. Best of breed describes a solution that is specific to certain types of work processes. Best of breed helps solutions establish a digital transformation strategy that’s decentralized, and for enterprises with multiple locations and time zones. All-in-one means looking for comprehensive solutions which cover the requirements pertaining to a specific industry. It is preferred by highly centralized enterprises, and the solutions are fully integrated.Digitally Fluid FutureChenthil tells Tom that the pandemic changed his company’s approach to business by essentially forcing them to change their mindset. Their focus became more on remote agility, scalability, and innovation. “We are now very keen on being prepared for a digitally fluid future which may call for 100% remote working efficiency anytime,” he says. Unless companies are aggressively going digital, they will be unable to meet the aggressive demands of their customers. What’s Next Tom asks Chenthil what compliance officers and executives need to think about as digital businesses evolve in the coming years. “They need to be more agile and tuned in to modern user demands,” Chenthil says. Autonomous business applications will play a big part in this as well, as this will be the future. “The decentralization of security controls will take prominence, and it will help enterprises keep remote issues undercurrent,” Chenthil tells Tom.ResourcesChenthil Eswaran | LinkedIn Aspire Systems

Zach Moreno and Rockwell Felder are the co-founders of SquadCast. Their company’s mission is to make it easier for their clients and their clients’ guests to have meaningful conversations while offering the best quality in remote locations. Zach is a podcaster, an author, a developer, a designer, and an artist. Rockwell is a CPA and an entrepreneur.  Zach and Rockwell join Tom Fox on this week’s episode to talk about collaboration, the podcast industry, and the ways Squadcast helps its clients.Origins of SquadcastSquadcast was founded to fix the problem of poor quality technology within the podcast community. Zach and Rockwell tell Tom how they started the company: “When [Zach] approached me with this idea...I was really ready and the fact that it was rooted at this intersection of podcasting and remote collaboration, which he and I think we're very fortunate to be exposed to early on in our career,” Rockwell says. Building a product that helps creators collaborate in a high-quality manner just made sense to him and Zach.Growth & Viral Cycle TimeTom asks how Squadcast has grown. In response, Zach brings up the concept of “viral cycle time.” This metric looks at the technology a podcaster uses, and how quickly they invite someone to collaborate with them on that platform or technology. “For Squadcast, the magic really comes from inviting a guest, connecting with them and recording together and having a flowing dialogue where the technology just kind of fades into the background,” Zach says. The biggest element of Squadcast’s growth comes from other people collaborating and experiencing the platform for themselves. The Podcast CommunityThe podcast community is beautiful and welcoming, Zach emphasizes. He tells Tom that when he and Rockwell first launched, they were welcomed with open arms. “The community was so open and welcoming to Squadcast and us as new individuals and that is something that was magical that first time… and also something that we've continued to experience,” he says. It is a community of support, and where the creators of podcast shows are all collaborating with each other. “Amongst the content side of things, it's very open and very collaborative, and I think that's something that's pretty unique to podcasting.” What’s NextZach tells Tom that he’s most excited about expanding Squadcast’s team. Hiring different team members and establishing a larger organization is a big focus for this year, he remarks. Maximizing their opportunities in software engineering, marketing, and sales is another venture as well, Zach says. Squadcast will also be launching a new product category called Remote Content Production, which is a foundation that applications will be built on. Another major release from Squadcast also on the way will be its collaboration with Dolby.ResourcesZach Moreno | LinkedIn | Twitter Rockwell Felder | LinkedIn | TwitterSquadcast

In this special episode of K2's Integrity Matters podcast series, I visit with Gabe Hidalgo. Hidalgo is a Managing Director at K2 Integrity. He has 20 years of legal, regulatory compliance, and Anti-Money Laundering (AML) experience working with wholesale and retail banks, FinTech companies, broker/dealers, and money services business entities. Hidalgo is a recognized subject-matter expert in the cryptocurrency and digital assets market and is able to help clients navigate and mitigate Bank Secrecy Act and Anti-Money Laundering (BSA/AML) compliance risks. In this podcast, we take a deep dive into the current issues around cryptocurrency regulation and where they may be headed down the road. Some of the highlights include:The Current Landscape Consumer and institutional push into crypto. NFTs are growing in popularity. What is the significance? Heavy institutional hitters buying in of late. Is the little guy now cut out? Current Regulatory Climate Alternative currency has gone from to an asset class being bought and sold for investing. What are the views of Gary Gensler and where might the SEC go in terms of regulation and enforcement? IRS and taxation issues. What are the benefits of a strong regulatory environment for both the financial system as well as the companies in it? Into the Future Inevitability that there will be more regulatory guidance and rules; you have more and more mainstream institutions ready to buy or invest. Whenever you have that much interest, the government has to get involved from a risk mitigation standpoint, and consumer protection standpoint. Who is going to oversee it? Why types of products? Who falls in those product classes? For more on K2 Integrity, check out their website, here.

Jeffrey Hayzlett is a global business celebrity, the CEO of The Hayzlett Group and the founder of The C Suite Network. He is a primetime television and podcast show host, author, and a keynote speaker. As a leading business expert, Jeffrey has shared his insight and expertise through various television networks and around the world via his travels. Tom Fox welcomes him to this week’s episode as they discuss the C-Suite Network, diversity, and the effects of COVID-19 on executives.Pivoting in The PandemicThe pandemic made Jeffrey and his team consider what they could do differently about their network conferences. “It really got down to the fundamental piece . . . we really don't have to be together, meaning face-to-face to do the work that we need to do,” Jeffrey tells Tom. Tom remarks that this approach transformed the C-Suite Network as its membership grew exponentially. The key element, Jeffrey stresses, is that everyone wants to come together to do something together, and to learn and share each other’s expertise. Having the Hard ConversationsAs executives, we need to have the difficult discussions surrounding diversity no matter how uncomfortable they may make us. “I think we all think we know what we know, and we all think we know what other people go through; and we don't,” Jeffrey says. We need to have frank and open discussions around diversity, and stop trying to coach our language, and just address these topics and issues. We should approach these conversations with the understanding that we don’t intend to hurt anyone.The New NormalJeffrey tells Tom that the way we usually conduct our errands and our business will change post-pandemic. “I don't think you're going to have certain things go back to the way what people would say is normal, we're going to have whatever normal is.” Business events will also be smaller in capacity, Jeffrey states. “There's gonna be a real hybrid,” he comments: events will be partly face-to-face and partly online.ResourcesJeffrey Hayzlett | LinkedIn | Twitter        The Hayzlett GroupThe C-Suite Network

Welcome to a special five-part podcast series sponsored by K2 Integrity. In this series, we have considered the intersection of compliance, diligence and mergers & acquisitions (M&A). I have been joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this concluding episode, I visit with Tom about integration issues after deal closure.  I hope you have enjoyed this special K2 Integrity sponsored series on compliance, diligence and M&A. For more on K2 Integrity, check out their website, here. 

Welcome to a special five-part podcast series sponsored by K2 Integrity. This month we consider the intersection of compliance, diligence and mergers & acquisitions (M&A). I am joined by Hannah Coleman, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. She specializes in fast-moving, complex, and specialized research assignments in a variety of areas including investigative due diligence, corporate contests, intellectual property investigations, media transparency assessments, and litigation support. Also joining this week’s series is Tom Pannell, Managing Director in K2 Integrity’s Investigations and Risk Advisory practice. With a focus on financial investigations, Tom leads multi-disciplinary teams working with corporate clients and their legal advisors responding to crisis events, including multi-jurisdictional white-collar crime, misconduct, financial statement fraud, anti-bribery and corruption incidents, and compliance risk advisory work. In this episode, I visit with Tom about deals through a global lens.  Join us tomorrow for our final episode as we consider some post-closing integration issues. For more on K2 Integrity, check out their website, here.