In this episode of CHATTINN CYBER, Marc Schein interviews Michael Bruemmer, VP of Consumer Protection and Global Data Breach at Experian Consumer Services, CA. Marc and Michael discuss the latter’s education, upbringing, unexpected journey into cyberspace, and unique business model and services.
Michael entered the cyber industry fifteen years ago, after quitting working on the tech side for Dell and Lenovo. After returning to Austin, he joined CSIdentity, leading the sales, data breach, and identity theft departments, and hasn’t looked back since.
Michael attributes Experian’s success in insurance cybersecurity with three things — their Program and Events Manager, their family of forensics experts, privacy attorneys, data analysts, and notification vendors (among many others), and the powerful brand and community they’ve created within the organization. Their notification industry work includes fraud resolution, offline enrollment, and identity theft protection.
Michael explains that the foundation of his work hasn’t altered in the past three years and continues to focus on consistently delivering incident notification services, meeting deadlines, and ensuring customer satisfaction. He discusses Experian’s unique business model that provides an ongoing fraud resolution, using which clients can get a year’s worth of credit monitoring. Michael also touches on Experian’s plans of rolling out crisis management response services soon.
The best practice to mitigate cyber risks at any company is to consult with cybersecurity experts before a potentially harmful incident has already occurred. Even if you haven’t had an event, Michael explains that you should always have a private attorney and a cyber insurance provider at the ready. In the event of a suspected breach, you need to reach out to them quickly.
Towards the close of the episode, Michael also talks about ransomware attacks and the percentage of companies giving in to such threats today. Tune in to this episode to learn in better detail about thriving in the cybersecurity industry.
“We value our relationships with people that refer us, that don’t refer us, because it’s such a small community. If your reputation is good in that community, it goes a long way but it only takes one bad event, one dissatisfied customer and then things don’t go so well after that.”
“What I suggest is that you have a privacy attorney, you’re also able to operate under privilege as you if you so choose to. And we’re always encouraging that with any client.”
“The survey that ZD net said was that, in actuality, 83% (of companies) paid the ransomware, which I found was really interesting, despite the FBI, despite the other regulatory agencies, they don’t pay, you’re probably going to get it dumped on the dark web, let alone your brand is going to be exposed. Let alone you’ll never get the encryption key.”
“About 50% of the events that we get contacted in become never notifiable. So in other words, we don’t even go into action, but we still get a heads up so that we can prepare.”
[00:43] – Michael talks about his upbringing
[04:38] – About the cybersecurity services provided at Experian
[05:58] – The notification practice at Experian
[10:21] – Why you need legal counsel before a potential cybersecurity breach/ threat
Connect with Michael: