Info

Bill Murphy's RedZone Podcast | Innovation, Strategy, Leadership, 10X Thinking, Mindset and More.....

CIO and Business IT Leader Innovation, Leadership, Strategy, 10X Thinking, Mindset and more..
RSS Feed Subscribe in Apple Podcasts
Bill Murphy's RedZone Podcast | Innovation, Strategy, Leadership, 10X Thinking, Mindset and More.....
2023
January


2022
December
November
October
September
August
July
May


2021
October
July
June
May
April
March
February
January


2020
December
November
October
August
May
April
February
January


2019
December
November
October
September
August
July
June
January


2018
December
October
September
August
July
May
April
March
February
January


2017
August
July
June
February
January


2016
December
November
October
September
August
July
June
May
April
March
February
January


2015
December
November
October
September
August
July
June
May
April
March
February
January


Categories

All Episodes
Archives
Categories
Now displaying: November, 2022
Nov 15, 2022

On today’s episode I am joined by Brad Miller, Chief Regulatory Counsel for Digital Affairs and Privacy at NADA, and James Crifasi, CTO at RedZone Technologies.  Brad and James are presently working together with car dealerships and other businesses to translate the recently revised FTC Safeguard regulations about data security and privacy into practical action plans. 

Here are the 9 key areas that were discussed in the conversation about what car dealerships must comply with prior to December 9th 2022. 

  1. “Determine the right person to implement and oversee company’s information security program.”
  2. “Conduct a risk assessment.”
  3. “Design and implement safeguards to control the risks identified through your risk assessment.”
  4. “Regularly monitor and test the effectiveness of your safeguards.”
  5. “Train, educate, and test your staff.”
  6. “Monitor your service providers.”
  7. “Keep your information security program current.”
  8. “Create a written incident response plan.”
  9. “Require your Qualified individual to report to your Board of Directors.” 

As a CIO and Business IT Leader here are some wins you will get by listening:

(3:52) Brad Miller: “The type of data financial institutions is so sensitive that they have to have special obligations with respect to this information.” 

(3:55) Brad Miller: “One side is the privacy rule...you have to tell the consumers what you’re gathering and what you’re going to do with it. The other half is the Safeguards Rule where you have to take steps to protect this information.” 

(6:45) Brad Miller: “What resulted was a rule that came out about a year ago, it’s a mix of technical steps, contracts, policies, and training that companies have to do just as a minimum to meet your obligations.” 

(7:35) Brad Miller: “The FTCs looking for a way to move the market forward, to really push data security across the board.” 

(9:05) Brad Miller: “If you don’t think data security is part of your core competency, you have to make it one.” 

(10:25) James Crifasi: “In the Safeguards, there’s a lot of room for what’s called the qualified individual or whoever is in charge of the IT security program.” 

(12:57) Brad Miller: “Dealers are buttoning up their internal systems but need to make sure those third parties are doing the things they can.” 

(16:20) James Crifasi: “This DMS provider just won’t budge. What do I do?” 

(17:46) Brad Miller: “Dealers shouldn’t assume that just because you’re dealing with someone larger means they’re probably further along.” 

(21:15) Brad Miller: “What makes it particularly difficult for dealers?” 

(29:33) James Crifasi: “We want to keep the business side progress going as much as the security side.” 

(31:36) Brad Miller: “We’re living in an age where the FTC is very, very activist.” 

(31:53) Brad Miller: “We want people to do as much as they can as far as they can by the deadline, then continue plowing forward.” 

(39:42) James Crifasi: “Advances in cars are going to start making security more important.” 

(41:35) Bill Murphy: “The most inexpensive way to raise your security profile is to educate and train your employees.”

(43:15) Bill Murphy: “What does a written response plan look like?”

(44:42) Brad Miller: “Think beforehand what you’re going to do in the event of an issue and then practice.” 

(48:34) James Crifasi: “When it comes to incident response plan and training, more attention to not assuming people know what the right thing to do is because naturally people don’t know the right thing to do.”

 

Key Resources: 

RedZone Technologies 

National Automobile Dealers Association (NADA) 

“Data Security and Privacy: What Dealers Need to Know” 

“FTC Issues Guidance on the Revised Safeguards Rule: The Time for Dealers to Act is Now” 

“A Dealer Guide to the FTC Safeguards Rule” 

“Drive Down Your Cyber Risk and Stop Breaches” 

“FTC Safeguards Rule: What Your Business Needs to Know”

Nov 1, 2022

Welcome back to Bill Murphy’s 10x Podcast. Our guest in this episode is Kartik Sakthivel, Vice President & Chief Information Officer at LIMRA/LOMA, LL Global, author of "Find Your Red Cape" and comic book enthusiast.  

From Mumbai, India to New Hampshire, Kartik is an eternal optimist and believes in the value, strength, and compounding force that is leadership and why it is so important. Kartik opens up about his book and encourages listeners to seek and understand who they are as leaders, enabling them to unlock their leadership legacy for the world to see.  

In addition, learn how digital transformation, blockchain, and cybersecurity in the insurance industry is advancing and what this means for the new generation of consumers as we approach the 4th industrial revolution. 

Join us today on a quest to discover your superpowers so that we can understand what drives our potential as leaders and in turn encourage others to unlock their leadership potential as well.

For the full show notes and resources, visit our blog: Unlock Your Leadership Legacy...What Are Your Superpowers? - RedZone 10X

1