March 27, 2024
3
minutes

Clea Ostendorf: Workplace Surveillance & Data Protection

Securing Privacy: Insights on Workplace Surveillance & Data Protection

Watch the episode here:

In episode 4 of “In Security” podcast, Clea Ostendorf, Field CISO at Code42, shares how she approaches the intersection of data security and privacy. Clea, along with our host and GTM leader Mike Cataffo, discuss the implications of workplace surveillance on employee privacy and how to strike a balance between security objectives, legal considerations, and individual liberties. Clea advocates for clear policies and a human-centric approach that respects individual freedoms while safeguarding sensitive data.

Key Takeaways

  • Security, Privacy, and Risk Mitigation: Workplace data protection, GDPR compliance, and defining roles for employee monitoring.
  • Legal Concerns and Response: Organizations setting risk tolerance and managing risks for data sharing versus employee departures.
  • Data Security Policies and Training: Transparency, clear policies, access controls, and human-centric training via video modules.
  • Tech Industry Data Privacy and Security: Concerns over Apple's data collection, security risks for tech workers, and the role of partnerships.
  • AI Adoption and Security Measures: Understanding triggers, building playbooks, AI for IP theft prevention, and new AI-related features.
  • Insights on AI and Machine Learning: Preventing IP theft and the importance of audience communication.

About Our Guest, Clea Ostendorf

Clea brings a diverse background in application security, product management, and sales to her current role as Field CISO at Code42. She is a thought leader on the complexities of data protection and employee privacy, especially with regulations such as GDPR and CCPA.

Challenges of Data Security in a Remote Workforce

As Field CISO at Code42, Clea assesses an organization's business drivers for insider risk initiatives and develops solutions that align security measures with business outcomes. She compares two approaches to data security and privacy: strict enforcement vs. transparent collaboration. Transparency builds trust, educates employees, and fosters a more robust security culture.

Shadow IT refers to using personal devices, unapproved software, or external vendors without proper procurement, posing risks like security breaches and compliance issues. Code42's solutions, including the Instructor Module, provide empathetic video training to guide users in following data protection policies and best practices. The solutions also detect and mitigate risks associated with shadow IT.

Clea shares practical examples and real-world anecdotes to illustrate the challenges of detecting insider threats and mitigating shadow IT risks. She advocates for collaboration between security vendors and customers to develop holistic security strategies that leverage cutting-edge technologies such as AI and machine learning.

Explore workplace data protection, legal risk management, transparent policies, and AI's role in preventing IP theft with Clea Ostendorf. Discover the significance of collaboration, transparency, and human-centric approaches in data security alongside insights on shadow IT challenges and Code42's solutions.

-

The “In Security” podcast brings you conversations and thoughts on the shifting landscape of security, Governance, Risk, and Compliance (GRC), technology, and beyond. Featuring insights from industry executives and leaders in cybersecurity and GRC, we explore the crucial strategies, trends, and stories shaping our ever-evolving digital world.

Subscribe to our newsletter for the latest in Security, GRC and GTM:

No items found.
No items found.
No items found.
Nirvana Karkee
Content Writer

Managing AI Security Threats

Explore the advancements in AI, ML, and large language models (LLMs) and their impact on cybersecurity and GRC organizations. Learn about the potential risks posed by LLMs in generating realistic threats like phishing emails and deepfakes. Discover recommendations for cybersecurity organizations to defend against these evolving threats, including investing in research, partnering for information sharing, and enhancing training programs. Find out how to update risk assessments to address the challenges from AI and LLMs effectively. Download a sample AI security review to stay ahead of emerging threats.z

Matt Sharp: A CISO’s approach to creating AI governance framework

Join Matt Sharp as he discusses Xactly’s approach to shaping an AI governance framework in GRC in our latest podcast.

Security Questionnaires: A Guide for Information Security Teams

Naming the person responsible for security questionnaires at an organization feels like getting thrown into the opening scene of a murder mystery. Everyone is pointing at someone else in what feels like an endless stalemate. In the end, something or someone gives, but the results are usually ugly, to say the least. Organizations are usually quick to charge information security ...
Resources
eBooks & Whitepapers
Case Studies
Events & Webinars
FAQs
Blog
SecurityPal Council
Company
Vision & Values
Leadership Team
SOCC
Silicon Peaks
Careers
Newsroom
Connect
Contact us
Call us: +1 650-503-9216
Legal & Compliance
Terms of Use
Terms of Service
Privacy Policy
DPA
Security & Assurance