ByteWise

In this episode, Daniela welcomes Treena Reilkoff, an expert in conflict management and resilient risk mitigation, to discuss the human side of risk management. Treena shares her insights on how trauma and stress can manifest in the workplace, the importance of creating a psychologically safe environment, and practical strategies for leaders and employees to navigate challenging situations.
Treena emphasizes the need for trauma-informed practices in organizations, highlighting the importance of recognizing the signs of trauma and stress, and having systems in place to support employees who have experienced a critical incident. She also discusses the concept of resilient leadership, which involves not only bouncing back from adversity but also learning from it and preparing for future challenges.
The conversation touches on the cost of conflict, both in terms of financial impact and the toll it takes on employees' well-being. Treena provides practical communication strategies that can be used to de-escalate conflict and support employees in need.
Finally, Treena encourages listeners to educate themselves about implicit bias and its potential impact on decision-making and workplace culture.
Resources:
TLR Solutions for Conflict: https://tlrsolutions4conflict.ca/
Implicit Bias Test - Harvard University: https://implicit.harvard.edu/implicit/takeatestv2.html
Connect with Treena Reilkoff:
LinkedIn:https://www.linkedin.com/in/treenareilkoff-tlr-solutions4conflict/
Website: https://tlrsolutions4conflict.ca/
Key Topics:
Trauma-informed conflict management
The impact of trauma and stress on the workplace
The importance of psychological safety
Resilient leadership
The cost of conflict
Practical communication strategies
Implicit bias

Daniela and Brian tackle the topic of disaster recovery (DR). They define DR, discuss its importance, and explore how it relates to business continuity. They also delve into the role of cloud computing, the importance of backups, and the challenges of testing and budgeting for DR.
Key Takeaways:
DR is a subset of business continuity: It focuses on the technology component of recovery.
DR is not just for major disasters: It applies to any disruptive event that impacts your technology and data.
Every business needs a DR plan: No matter how small, every organization relies on technology and needs a plan to recover it.
Cloud computing can help, but it's not foolproof: While cloud services can transfer some risk, organizations still need to consider their own DR needs.
Backups are essential: Having copies of your data and systems is crucial for recovery.
Testing is key: Regularly testing your DR plan is the only way to ensure it will work when you need it.
Budgeting for DR can be challenging: But it's a critical investment in your organization's resilience.
Connect with Us! 
Brian Tallon
Daniela Parker
Glen Sorensen
 

This episode of ByteWise Podcast features Mark Carroll, a senior business executive and founder of the Masters of Science in Enterprise Risk Management program at Boston University. Mark discusses the evolution of risk management, the importance of understanding operational risk, and the critical skills needed for success in the field. He also shares insights into the unique aspects of the BU Risk Management Program and offers advice for those considering a career in risk management.
Key Takeaways:
The Genesis and Evolution of Risk Management:Mark Carroll discusses the inspiration behind BU's Enterprise Risk Management program, addressing the gap in comprehensive risk education, and how the field has evolved from an insurance focus to a holistic, enterprise-wide approach incorporating security, business continuity, and supply chain resilience.
Navigating the "Resilience" Buzzword and Emerging Risks:Mark shares his perspective on the overuse of "resilience" and the need for tangible changes in practice. He also emphasizes understanding the root causes of emerging risks, even as they manifest differently, and the importance of critically evaluating and debunking perceived risks.
Key Skills and Career Paths in Risk Management:Mark identifies curiosity, challenging assumptions, and deep business understanding as crucial skills for risk managers. He also describes the diverse career paths BU graduates pursue, leveraging their rounded business education and risk expertise in roles across supply chain, finance, and operations.
The BU Risk Management Program: A Unique Approach:Mark highlights the program's focus on operational risk (differentiated from market/credit risk), its field-based approach drawing on instructors' practical experience, and its emphasis on harmonizing various risk disciplines within an organization.
Advice for Aspiring Risk Managers:Mark emphasizes continuous learning, adaptability, and understanding business operations to effectively identify and manage risks, offering valuable guidance for those entering the field.
Resources:
Connect with Mark on LinkedIn
Boston University MS Enterprise Risk Management
 

In this episode of ByteWise, we welcome our first international guest, Klaus Agnoletti, a security professional with 20 years of experience and a passion for improving security policies. Klaus discusses why security policies are often overlooked, the importance of clear and concise language, and how AI can be used to create more effective policies. He also shares his insights on the cultural differences in approaching security policies and the importance of open communication.
Key Takeaways:
Readability is crucial: Security policies should be written in simple, easy-to-understand language to ensure that everyone in the organization can comprehend and follow them.
Inclusivity fosters a security culture: Using inclusive language in policies helps to create a sense of shared responsibility for security across the organization.
AI can be a valuable tool: AI tools can assist in writing, analyzing, and maintaining consistency across security documents.  
 
Don't be afraid to challenge the status quo: If a policy doesn't make sense, speak up! Open communication is essential for creating effective security practices.
Cultural differences matter: Different cultures may have varying approaches to following and enforcing policies. Understanding these differences can improve communication and compliance.
Resources:
Connect with Klaus! 
Website
LinkedIn
Klaus Agnoletti's LinkedIn Articles:
Can AI make security policies more human?
Simplicity is your best security tool
Security Policies: when did we decide they had to be boring and written by lawyers?
LIX Score
Connect with your Hosts:
Daniela
Glen
Brian
Call to Action:
Review your organization's security policies and consider how they can be improved for readability and inclusivity.
Experiment with AI tools to help with policy writing and analysis.
Foster a culture of open communication around security policies.
Subscribe to ByteWise

In this episode of ByteWise, Daniela Parker connects with Margaret J. Millett, winner of the 2023 BCI Lifetime Achievement Award, to discuss her remarkable journey in business continuity management. Margaret shares valuable insights on navigating the ever-changing landscape of risk, emphasizing the need for adaptability, continuous learning, and strong leadership support. They delve into the challenges of securing executive buy-in and board engagement, highlighting the importance of clear communication and demonstrating the value of business continuity in mitigating a wide range of disruptions. This insightful conversation explores the evolving nature of risk, from cybersecurity and supply chain disruptions to the growing impact of climate change, and underscores the need for integrated, holistic approaches to resilience.
Margaret and Daniela also discuss the importance of breaking down silos between disciplines like cybersecurity and business continuity, recognizing that these areas are interconnected and require collaborative efforts. They touch on the unique challenges faced by women in the field and offer advice for those entering this dynamic profession, emphasizing the value of mentorship and continuous self-advocacy. Throughout the episode, Margaret shares her perspectives on common misconceptions about business continuity and encourages listeners to embrace a proactive approach to risk management and live each day to the fullest.
Key Takeaways:
Adaptability is key: The business continuity landscape is constantly evolving, requiring professionals to stay informed and embrace new challenges.
Leadership buy-in is crucial: Securing support from executives and boards is essential for building and maintaining strong resilience programs.
Break down the silos: Cybersecurity, business continuity, and other disciplines must work together to create a holistic approach to risk management.
Embrace mentorship: Guidance from experienced professionals can be invaluable for navigating the challenges and opportunities in this field.
Live with intention: Don't take any day for granted and approach your work with passion and purpose.
Connect with Margaret! 
For the video, head on over to our YouTube account!
 

It's the last episode of 2024 and the ByteWise crew is taking a look back at the year that was! Join Daniela, Brian, and Glen for a casual conversation about their biggest takeaways from the past year, including the rise of AI, the evolving Agile landscape, and the importance of collaboration and communication in organizations.
Key Takeaways:
AI is here to stay. While the initial hype may be fading, AI tools like ChatGPT and Gemini are proving to be valuable assets. The team discusses the importance of understanding AI's capabilities and limitations, as well as the need for organizational guardrails to mitigate potential risks.
Agile is more than just speed. Brian emphasizes the need for a reset in the Agile community, focusing on the holistic benefits of Agile methodologies beyond just faster delivery. The team highlights the importance of customer centricity, continuous improvement, and realistic expectations when implementing Agile.
Collaboration is key. The hosts reflect on the unique synergy they experienced while working together, emphasizing the importance of cross-functional collaboration between risk, InfoSec, and IT teams. They stress the need for open communication, understanding different perspectives, and breaking down silos within organizations.
Cybersecurity is everyone's responsibility. The team discusses the persistent misconception that smaller organizations are not targets for cyberattacks. They stress the importance of understanding and quantifying risk, and using effective communication strategies to engage employees and promote a security-conscious culture.
Looking Ahead to 2025:
The ByteWise team is excited for what 2025 holds, with plans for new guests, engaging topics, and continued exploration of the ever-evolving world of cybersecurity, risk management, and technology.

Join us as we chat with Eddie Miro, a cybersecurity expert with an unconventional path into the field. From dial-up tech support to teaching at community colleges and creating games for DefCon, Eddie shares his unique journey and insights.
We delve into the world of Capture the Flag competitions, discuss the challenges of breaking into cybersecurity, and get Eddie's advice for aspiring professionals. Plus, we explore the importance of community and mentorship in the cybersecurity world.
Key Takeaways:
Multiple Paths to Cybersecurity: Eddie emphasizes that there's no single "right" way to enter cybersecurity. College, certifications, home labs, and community involvement all offer valuable avenues.
The Power of Community: Active participation in the cybersecurity community, including attending conferences, volunteering, and networking, can open doors and provide essential support.
CTFs as Learning Tools: Capture the Flag competitions offer a fun and engaging way to develop cybersecurity skills and gain practical experience.
Overcoming Hiring Hurdles: Eddie provides tips for navigating the cybersecurity job market, including tailoring resumes, networking, and seeking referrals.
Cybersecurity for Everyone: Even those in non-technical roles can benefit from a basic understanding of cybersecurity concepts. Eddie offers up some helpful tips. 
 
Resources:
Antisyphon Training: https://www.antisyphontraining.com/
Octopus Game: https://defcon.social/@OctopusGame
DEF CON: https://defcon.org/
Cyber Skyline: https://cyberskyline.com/
National Cyber League: https://nationalcyberleague.org/
CTFtime: https://ctftime.org/
 
Connect with Eddie Miro:
LinkedIn: https://www.linkedin.com/in/theedmiroshow/

In this episode of ByteWise, Daniela, Brian, and Glen tackle the ever-present challenge of prioritization, especially as the year ends and new goals loom. They discuss the difficulties of prioritizing in a shared organizational structure, where everyone believes their work is the most important. The conversation explores the importance of saying "no," managing expectations, and aligning projects with strategic goals. They also delve into practical strategies for staying focused and productive, including minimizing distractions, using planning poker for prioritization, and taking time for self-care.
Key Takeaways:
Prioritization is tough: Everyone thinks their work is the most critical, making objective prioritization difficult.
Saying "no" is crucial: Learn to decline projects that don't align with strategic goals or are consistently low priority.
Focus on a few things: Trying to do everything often leads to doing nothing well.
Context switching kills productivity: Minimize distractions and interruptions to maintain focus.
Use planning poker: This tool helps teams collaboratively prioritize tasks and projects.
Align with strategic goals: Connect your work to the organization's overall objectives to increase its perceived value.
Document everything: Keep records of decisions and recommendations, especially when your advice is overruled.
Take care of yourself: Prioritize your well-being to avoid burnout and maintain productivity.
Resources Mentioned:
Planning Poker
Related Episodes:
The Agile Secret Sauce
Call to Action:
How do you prioritize your work? Share your tips and strategies in the comments!
Connect with ByteWise:
Website
Follow us on LinkedIn

Guest: Bill Peters, Chief Experience Officer at TAPCO Credit Union
Episode Summary:
In this episode of ByteWise, we're joined by Bill Peters, Chief Experience Officer at TAPCO Credit Union. Bill shares his insights on how to effectively manage technology, risk, privacy, and security while prioritizing the member experience. He emphasizes the importance of:
Collaboration: Breaking down silos and partnering with stakeholders across the organization, including the board, IT, and risk management.
Early Evaluation: Incorporating privacy and security considerations from the very beginning when evaluating new technologies and vendors.
Member Focus: Using data to understand member behavior and needs, but always prioritizing member privacy and security.
Continuous Learning: Investing in board and staff education to stay ahead of emerging technologies and threats.
AI for Efficiency: Leveraging AI to increase efficiency and free up staff for more complex tasks and relationship building.
Bill also provides valuable advice for new CXOs, emphasizing the importance of asking questions, being curious, and building trust and vulnerability within teams.
Key Takeaways:
CXOs need to be well-versed in technology, risk, privacy, and security to effectively lead their organizations.
Collaboration is essential for successful technology implementation and risk management.
Data can be a powerful tool for understanding member needs, but privacy and security must be prioritized.
AI can be a game-changer for efficiency, but it's important to manage employee concerns and expectations.
Continuous learning and development are crucial for both board members and staff.
Connect:
Bill Peters
TAPCO Credit Union

Unlocking Influence
In this episode of ByteWise, Daniela and Glen dive into the often-overlooked importance of sales skills in risk management. They go beyond the spreadsheets and data analysis to reveal why understanding client needs, building trust, and nurturing long-term relationships are crucial for success in this field.
Daniela and Glen explore the dynamics of vendor relationships, the role of technology in business decisions, and the essential need for clear communication between internal teams and external consultants. This insightful conversation highlights the power of translating risk assessments into strategic benefits and fostering genuine resilience within organizations.
Key Takeaways:
Sales skills are not just for salespeople: Risk managers need to be persuasive communicators to effectively convey their message and influence decision-making.
Empathy is key: Understanding client pain points and perspectives is crucial for developing tailored risk solutions.
Trust is the foundation: Building strong relationships with stakeholders, both internal and external, requires trust and transparency.
Think long-term: Risk management is not a one-off activity; it requires a long-term perspective and ongoing relationship management.
Vendor engagement is crucial: Vendors need to engage with all stakeholders, not just the IT department, to understand the broader business context.
Empower your internal team: Equipping internal employees with sales skills and processes can improve communication and collaboration.
Leverage external expertise: External consultants can bring valuable credibility and insights to enhance risk management efforts.
Relationships matter: Cultivating and maintaining relationships is essential for long-term success in risk management.
Ask the right questions: Effective communication starts with asking insightful questions to truly understand client needs and concerns.
Translate assessments into action: Risk assessments should be translated into tangible strategic benefits to drive meaningful change within organizations.
What to do next:
Subscribe to Bytewise Podcast on your favorite platform.
Share this episode with colleagues and friends in the risk management and technology fields.
Leave a review and tell us what you think of the show!
We hope you enjoyed this episode of Bytewise! Tune in next time for more insightful discussions on the intersection of technology and risk management.