In this episode of CHATTINN CYBER, host Marc Schein is joined by Matthew Pachman, the Vice President, Chief Risk and Compliance Officer at FTI Consulting. Matthew has an extensive background in Compliance and Risk Management.
Originally hailing from New Jersey, Matthew Pachman has a degree in Law from the University of Virginia. He has been awarded Compliance Week’s Top Minds Award. He was named “Top Ethics and Compliance Officer” by the Ethisphere Institute for three consecutive years. He is a recognized and decorated professional speaker in the corporate compliance space.
Welcome Matthew Pachman! Matthew kicks it off with an explanation of the differences between Compliance and Risk Management as they relate to cyber liability. Cyber risk is top priority. It is what every board member, executive and regulator worry about on a day-to-day basis. From the compliance side of cyber security, Matthew stresses that one can implement rules and systems to control these dangerous factors.
We then move into a discussion about the importance of cyber protection within a company and the approaches we can take to make sure the company has a culture of compliance and awareness. What role does Human Resources play in this? Matthew shares his take on cyber protection and employee awareness which rely on HR communication tactics. Anywhere we talk about communication and culture, HR is involved!
Next, we shift gears to the subject of cyber insurance. Matthew shares the qualities and tools he looks for in an insurance program as well as a corporate program. If you are in the risk business, you cannot underestimate the importance of cyber insurance! This especially applies to today’s work environment which is primarily remote due to Covid-19 and thus a higher need for cyber security.
Wrapping up our interview, Matthew leaves us with some of the pros and cons for those looking to start a career in cyber risk. He says “You have to like playing defense. You are trying to protect your goal.”
What You Will Learn
- Compliance or Risk Management; which one is more difficult to approach?
- What is required for better risk management?
- What is HR’s role in cyber risk management?
- What makes a good cyber program for controlling cyber risks?
- Importance of having cyber insurance.
- What are the pros and cons of taking cyber risk management as a career path?