Navigating the Complex Landscape of Compliance with Howard Holton

In the premiere episode of our Continuous Compliance series, Danielle Sheer , Chief Trust Officer at Commvault, and Howard Holton , Chief Operating Officer at GigaOm , delve into the evolving landscape of compliance and its critical importance in today’s digital age.

Key Takeaways:

1. Evolution of compliance: Danielle highlights the shift from viewing compliance as a mere checkbox exercise to recognizing its vital role in safeguarding critical infrastructure. She emphasizes the need for robust compliance frameworks to provide safety and security in various sectors, including software.
2. Impact of data breaches: Howard draws a stark comparison between the repercussions of food safety violations and data breaches. He points out the disproportionate lack of penalties for data breaches, despite their severe impact on personal information security.
3. Regulatory landscape: The discussion touches on the effectiveness of regulations like GDPR in Europe, which have enforced compliance through significant fines. Howard contrasts this with the fragmented regulatory environment in the U.S., where state-by-state regulations create a complex compliance landscape.
4. Responsibility and accountability: Both stress the importance of clear accountability within organizations. Howard says that CEOs and board members should face stringent penalties for compliance failures, rather than placing the burden solely on CISOs.
5. Future of compliance: Looking ahead, Danielle and Howard discuss the potential for federal involvement in establishing cybersecurity standards and providing resources for businesses. They also highlight the need for a cultural shift within organizations to prioritize cybersecurity and compliance at the highest levels.
6. Personal insights: On a lighter note, Howard shares his passion for whiskey, a hobby he developed during the COVID-19 pandemic. He offers recommendations for his favorite whiskeys and invites listeners to join him in exploring this interest.

This insightful conversation underscores the urgent need for a proactive approach to compliance and cybersecurity, advocating for stronger regulations and greater accountability to protect our digital infrastructure.