No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Leadership and Career

Facing Critical Risks and Threats to Compliance

by Corporate Compliance Insights
December 8, 2016
in Leadership and Career
Facing Critical Risks and Threats to Compliance

Today we bring you an interview between Maurice Gilbert, CCI’s CEO, and Galina Datskovsky, CEO of Vaporstream, a leading provider of secure and compliant messaging offering best-in-class infrastructure enabling companies to meet complex bring your own device (BYOD) and information governance requirements.

Maurice Gilbert: How did you get started on a career in compliance?

Galina Datskovsky: At my first software company, we were writing a record management application that required in-depth information governance knowledge, and I decided to learn everything I possibly could about it in order to produce a better product. Then I got involved in various associations including ARMA, and I decided to join the board of ARMA International. Over time, I’ve developed more and more expertise in compliance policies, compliance monitoring and compliance software.

MG: Who helped shape your views?

GD: The associations, particularly ARMA, were extremely helpful for me in terms of shaping my views. As has been the analyst community. I’ve worked very closely with Gartner, Forrester and 451 Group, and that’s been tremendous from my perspective. I also work a lot with various legal authorities including the Sedona Conference, which has been pretty instrumental – particularly former judge Ron Hedges, who I’ve worked very closely with on various papers. He has been very influential.

MG: How do you stay current on ethics and compliance issues?

GD: Staying current means keeping up with current publications. I do this through ARMA, the Sedona Conference, analyst research and by reading the various relevant publications including Corporate Compliance Insights. I also organize and attend events that relevant organizations put on. One such organization is the Executive Women’s Forum (EWF), of which I am a part. I am also a member of the EWF Advisory Board.

MG: What are some of the significant issues facing CCOs, Risk Managers, etc.?

GD: There are many issues, and it all depends on the organization and industry you’re in. There are always changing regulations one has to consider, as well as the changing landscape of an organization – for example, if it’s acquiring another organization or becoming global.

One issue that is particularly significant is the changing nature of technology. What I find is that it’s very hard for CCOs to keep up with the advances in technology. This includes the official technology that’s brought into the organization, as well as what’s called the shadow IT – technology that’s brought in by individual people behind the organization’s back. What employees are using outside the workplace is often very different than what’s deployed within the office. When it’s so easy to provision applications and have shadow IT, it makes ensuring compliance (both industry and ethical) and following security standards very difficult. Even if you have official systems in place and don’t have shadow IT, making sure that all your considerations are taken into account when those are used, rolled out, etc., is a really challenging situation.

MG: What do you believe is the optimal reporting structure for the CCO and why?

GD: I generally favor the CCO being in the legal department because I think that compliance and legal really go hand in glove. Oftentimes laws and regulations drive compliance, so I think the legal department is a natural fit for the CCO.

MG: How do you effect change within your client’s environment?

GD: To effect change, you need to understand the culture of your client’s organization. You need to understand the needs and technology being used and who actually regulates the client. Once that is understood, you have to put that all together and make a reasonable road map that’s divided into manageable pieces. The only way you can effect anything and not paralyze an organization into inactivity because of the scope and breadth of things is to say, “let’s attack a critical problem with a good ROI that we could affect, show benefit, show better compliance, ensure outcome and go from there.” If you create a big road map and attack small chunks, that’s the best way to effect an environment.

MG: How do you see the CCO role evolving within the next three years?

GD: I see the CCO role as almost a bridge between IT, security, legal and the business. I think organizations would benefit if the CCO role evolved into a mediator between all of those units. Making sure there’s compliance, but also understanding where the business is coming from and being able to manage the risk vs. reward based on the corporate culture.

MG: What do you see as the greatest business risks facing companies today?

GD: There are many business risks facing companies today. If we talk about risks in light of compliance specifically, I think the greatest risk is the wild field of communication. Communication is still taking place with old technology, like email. We saw from this year’s election how easy it is to hack email and leak it, especially when the email is not under your control anymore. I think one of the biggest threats in terms of compliance is the proliferation of content and inability to secure content, especially when it leaves an organization’s perimeter.

MG: What do you see as the greatest regulatory risks facing companies today?

GD: It all depends on the business you’re in. Some companies are really not regulated and other companies are supremely regulated, and thus their regulatory risks would be completely different. In general I think companies need to know what their culture, landscape and requirements are and tailor their regulatory program to the actual needs. The risk comes by not understanding these elements and creating regulatory programs based on some ideal standard or a total lack thereof.

MG: How might Chief Compliance Officers, Chief Audit Officers and Chief Risk Officers prepare to face these risks?

GD: Executives in the Chief Compliance Officer, Chief Audit Officer and Chief Risk Officer roles need to understand the various pillars – like business need, risk, landscape, corporate culture – and make sure they take all of it into account. They need to make sure that all of the stakeholders are represented and have buy-in and that there’s some agreement between the stakeholders as to what the priorities are. If they can accomplish that, they would be very prepared to face those risks. It’s also important to note that this is a continual process rather than a one-time deal – this is something you do and revisit and improve all the time. That’s really key to preparing for risks.

MG: How does your company help its clients mitigate risk?

GD: Vaporstream provides secure, ephemeral and compliant mobile messaging. We address that key problem of untethered content proliferation while also addressing the idea of a new technology being used for business – particularly texting for business.

In today’s mobile world, almost every person communicates instantly. The reality is that many companies outlaw texting, yet people still do it. It’s very important to not fall into the trap of “I have a policy, therefore I’m protected.” Having a policy which might say “we do not allow texting,” won’t protect an organization from the fact that everyone in the company texts anyway. Since texting is the next wave of communication, having mobile messaging that is secure and controlled by the sender, and that can disappear from devices but be recorded for corporate compliance, is extremely important. Rather than saying “no” to texting in general, organizations can say “yes” and, with the appropriate product, mitigate the risk of unmanaged communication and someone hacking into communication. That’s where Vaporstream comes in.

MG: What new service offerings do you have in the queue?

GD: We’re constantly revising our key offering. Our key offering is very simple, but when you talk about simple, there’s a lot of complexity behind it. We already allow many different types of attachments, but we’re looking to enable sending videos and other forms of media securely and mitigating risk in that regard. You’ll also see more from us becoming an integral part of the corporate landscape since secure storage is a big deal for many organizations and is key to the success of compliance programs.

MG: Compliance departments are often asked to accomplish their work with limited resources… do you see this situation changing any time soon?

GD: I don’t see that changing. The state of the business world today means that everyone needs to do more with less.

 

nov-4-galina-d-headshotDr. Galina Datskovsky is CEO of Vaporstream®. She has also served on the board of multiple startups, assisting with strategy, and was formerly Senior Vice President of Information Governance at Autonomy, an HP Company.  She served as Chair, President, President Elect and Director of ARMA International (2007-2013) and as a Fellow in 2014. Galina also served as Senior Vice President of Architecture at CA Technologies, where she was responsible for corporate-wide architecture and design initiatives; General Manager of the Information Governance Business Unit; and a Distinguished Engineer. Galina joined CA in 2006 with the acquisition of MDY Group International, where she served as Founder and CEO. Prior to founding MDY, Galina consulted for IBM and Bell Labs and taught at the Fordham University Graduate School of Business and the Graduate School of Arts and Sciences at Columbia University.

Galina is a Certified Records Manager (CRM) and is recognized around the world as an expert in information governance and associated technologies. She received her CRM certification in 2004 and earned doctoral and master’s and bachelor’s degrees in Computer Science from Columbia University. She is the recipient of the prestigious Leahy award and a Fellow of ARMA International.  She has been widely published in academic journals and speaks frequently for industry organizations such as AIIM, ARMA International, ILTA, IQPC and Cohasset Associates/MER. She received the NJBIZ: Best 50 Women in Business Award in April 2010.

 


Previous Post

Cyber Crime is Professional

Next Post

SEC Amends Rules Affecting Intrastate and Small Exempt Offerings

Corporate Compliance Insights

Corporate Compliance Insights

Corporate Compliance Insights

Related Posts

launch visual lease esg steward

Visual Lease Launches ESG Tool for Asset Portfolios

by Corporate Compliance Insights
March 31, 2023

Lease software provider Visual Lease announced it has launched a new product, VL ESG Steward,  designed to help organizations track...

PW FCPA Enforcement and Anticorruption 2022 Review_f

FCPA Enforcement & Anti-Corruption Developments

by Corporate Compliance Insights
March 30, 2023

The year that was in FCPA & anti-corruption efforts 2022: A Year in Review FCPA Enforcement & Anti-Corruption Developments What’s...

JTC ESG and Impact Investing_f

The Evolution of ESG & Impact Investing: Are You Ready?

by Corporate Compliance Insights
March 30, 2023

Making money *and* doing the right thing Survey Report The Evolution of ESG & Impact Investing: Are You Ready? What’s...

Regology 2023 State of Regulatory Compliance_f

2023 State of Regulatory Compliance

by Corporate Compliance Insights
March 30, 2023

Understanding the impact of regulatory challenges Survey Report 2023 State of Regulatory Compliance What’s in this report from Regology:As the...

Next Post
SEC introduces regulatory changes

SEC Amends Rules Affecting Intrastate and Small Exempt Offerings

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT