Community//

“Random act of kindness each day”, With Jason Remillard Jodi Daniels

Training. All employees need privacy and security training that is continuous. Best practices on passwords, access management, what each employee’s role in data protection is, and an overview of the various privacy and security laws. It should be no less than annually and ideally throughout the year. Privacy by design. As new products are developed, marketing […]

The Thrive Global Community welcomes voices from many spheres on our open platform. We publish pieces as written by outside contributors with a wide range of opinions, which don’t necessarily reflect our own. Community stories are not commissioned by our editorial team and must meet our guidelines prior to being published.

Training. All employees need privacy and security training that is continuous. Best practices on passwords, access management, what each employee’s role in data protection is, and an overview of the various privacy and security laws. It should be no less than annually and ideally throughout the year.

Privacy by design. As new products are developed, marketing campaigns are executed and feature are upgraded, privacy by design should be a fundamental part of the business lifecycle. This will ensure compliance with privacy laws and security is appropriately incorporated.


As a part of our series about “5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity”, I had the pleasure of interviewing Jodi Daniels, Founder and CEO of Red Clover Advisors, a privacy consultancy, helping companies create privacy programs, build customer trust and achieve GDPR, CCPA, and US privacy law compliance. Jodi helps companies with the daily operations such as data mapping, individual rights, training, policies, etc. and also serves as a fractional chief privacy officer.

Jodi is a Certified Informational Privacy Professional (CIPP/US) and national keynote speaker with more than 22 years of corporate experience at Deloitte, The Home Depot, Cox Enterprises, Bank of America where she most recently served as the privacy partner for Digital Banking and Digital Marketing. Ms. Daniels started her privacy career by creating the comprehensive privacy program at Cox Automotive.

Jodi holds a Masters of Business Administration and a Bachelor of Business Administration with a concentration in Accounting from Emory University’s Goizueta Business School. She lives in Atlanta, GA with her husband, two girls, and a big fluffy dog named Basil.


Thank you so much for joining us in this interview series! Before we dig in, our readers would like to get to know you. Can you tell us a bit about how you grew up?

I grew up in a small town on the shoreline of Connecticut and in high school moved with my parents to South Florida.

Is there a particular story that inspired you to pursue a career in cybersecurity? We’d love to hear it.

Nearly a decade ago, I could tell as companies struggled to have a centralized awareness of the data in their possession that with the proliferation of data online and via new technologies, privacy and security were going to be a significant functions in the data economy.

Can you share the most interesting story that happened to you since you began this fascinating career?

There are so many, it’s hard to choose! Probably that small companies don’t think an issue will happen to them. I had shared best practices on how to protect data when a small business owner called me to say they had been hacked. I asked did they do any of the precautions I told them and they said no. It’s a common story that I’m too small to be a target. Actually the smaller the company, the easier a target it is for cyber criminals.

None of us are able to achieve success without some help along the way. Is there a particular person to whom you are grateful who helped get you to where you are? Can you share a story about that?

My husband has always been my greatest supporter and an amazing sounding board. He encouraged me to create my first privacy role in a corporation and to also create my own consultancy years ago.

Are you working on any exciting new projects now? How do you think that will help people?

I’m on a mission to simplify privacy and help as many people and companies as I can. Understanding how to comply with privacy laws and how to protect data is an overwhelming task. I’ve been said I translate complex concepts into easy to understand and plain English and can help interpret between legal, IT and the business into actionable steps for a company to take. I’m taking all that knowledge and creating step by step privacy courses for a small business.

What advice would you give to your colleagues to help them to thrive and not “burn out”?

Find something fun and just for you every day. Our brains need rest too not just when we’re sleeping. It’s during those times that the best ideas often come.

Ok super. Thank you for all that. Let’s now shift to the main focus of our interview. The Cybersecurity industry, as it is today, is such an exciting arena. What are the 3 things that most excite you about the Cybersecurity industry? Can you explain?

Looking ahead to the near future, are there critical threats on the horizon that you think companies need to start preparing for?

The implementation of AI, integrated blockchain solutions, IOT devices and autonomous vehicles all present security and privacy challenges that need to be addressed in product design not addressed when a problem arises.

Do you have a story from your experience about a cybersecurity breach that you helped fix or stop? What were the main takeaways from that story?

Proactively having relationship with Federal law enforcement. They have resources to recover fraudulently wired funds that no one else has. Many companies are skeptical or do not form relationships until the breach occurs.

What are the main cybersecurity tools that you use on a frequent basis? For the benefit of our readers can you briefly explain what they do?

Multifactor authentication like VIP access where you get a quickly refreshing code as your second method of authentication. Last pass which is a good method to store and protect complicated passwords.

How does someone who doesn’t have a large team deal with this? How would you articulate when a company can suffice with “over the counter”software, and when they need to move to a contract with a cybersecurity agency, or hire their own Chief Information Security Officer?

A company without a large team will want to rely on third party security providers. The transition depends on the assets and revenue that needs to be protected. It can also depend on certain customer security and privacy requirements to do business.

As you know, breaches or hacks can occur even for those who are best prepared, and no one will be aware of it for a while. Are there 3 or 4 signs that a lay person can see or look for that might indicate that something might be “amiss”?

For the layman they have to protect the email inbox. That is where the mischief starts. They need to be skeptical of emails and closely scrutinize them. Any email asking for a wire or to change instructions or has a sense of urgency from a sender should immediately be assumed fake until proven otherwise by means other than email.

After a company is made aware of a data or security breach, what are the most important things they should do to protect themselves further, as well as protect their customers?

They need to have and practice a good incident response plan. If your favorite NFL team decided not to design and implement their defensive game plan and just show up instead the coach would be immediately fired. However, with cyber companies do this all the time.

How have recent privacy measures like The California Consumer Privacy Act (CCPA), CPRA GDPR and other related laws affected your business? How do you think they might affect business in general?

These are sweeping laws causing businesses to take full stock in understanding the data they collect, use, share and store. With the individual private right of action under CCPA, a data breach can have an even bigger impact on a company. CPRA will move privacy law obligations for companies closer to GDPR which is considered the strictest among global privacy laws. Especially in the B2B space, companies are holding each other accountable and requiring contracts and vendor assessments to ensure compliance is being maintained. This is increasing the pressure for companies to take privacy and security seriously. These laws are putting privacy as a critical function and is now a competitive differentiator.

What are the most common data security and cybersecurity mistakes you have seen companies make?

From a cyber perspective, no interest from the board and c-suite, no understanding of the risk, no employee training for phishing and no policies and procedures when it comes to wiring funds.

Since the COVID19 Pandemic began and companies have become more dispersed, have you seen an uptick in cybersecurity or privacy errors? Can you explain?

Phishing is much harder to stop with people working at home with children home schooled. The charged political environment makes putting together inflammatory phishing emails easier. New COVID tracing technologies rushed to market without a real conversation of long term privacy consequences.

Ok, thank you. Here is the main question of our interview. What are the “5 Things Every Company Needs To Know To Tighten Up Its Approach to Data Privacy and Cybersecurity” and why? (Please share a story or example for each.)

Understanding what assets are on your network and how data flows through it. On almost every M&A deal the seller cannot provide accurate information about these two questions.

Defense in depth. Training alone will not stop phishing. It requires good tech, policies and procedures and an incident response plan with insurance that actually addresses your cyber risk. Companies are too often the victims of millions of dollars of fraud schemes because they have at best one or two defense layers.

Training. All employees need privacy and security training that is continuous. Best practices on passwords, access management, what each employee’s role in data protection is, and an overview of the various privacy and security laws. It should be no less than annually and ideally throughout the year.

Data inventory. Companies cannot begin to comply with a privacy law, write a privacy notice, honor an individual rights request, or even protect data without knowing what data it has. A full and complete data inventory needs to be performed.

Privacy by design. As new products are developed, marketing campaigns are executed and feature are upgraded, privacy by design should be a fundamental part of the business lifecycle. This will ensure compliance with privacy laws and security is appropriately incorporated.

You are a person of enormous influence. If you could inspire a movement that would bring the most amount of good to the most amount of people, what would that be? You never know what your idea can trigger. 🙂 Think, simple, fast, effective and something everyone can do!

Random act of kindness each day. What one thing can you do to make someone’s day better and make them smile?

How can our readers further follow your work online?

[email protected], www.redcloveradvisors.com and on LinkedIN.

This was very inspiring and informative. Thank you so much for the time you spent with this interview!


Share your comments below. Please read our commenting guidelines before posting. If you have a concern about a comment, report it here.

You might also like...

Community//

“Don’t be afraid to take a personal day to just do things that you enjoy”, with Jason Remilard and Donata Kalnenaite

by Jason Remillard
Community//

“Accept that mistakes will be made ”, With Jason Remilard and Paul Breitbarth

by Jason Remillard
Community//

“Establish an audit trail.” With Jason Remillard & Noah Johnson

by Jason Remillard

Sign up for the Thrive Global newsletter

Will be used in accordance with our privacy policy.

Thrive Global
People look for retreats for themselves, in the country, by the coast, or in the hills . . . There is nowhere that a person can find a more peaceful and trouble-free retreat than in his own mind. . . . So constantly give yourself this retreat, and renew yourself.

- MARCUS AURELIUS

We use cookies on our site to give you the best experience possible. By continuing to browse the site, you agree to this use. For more information on how we use cookies, see our Privacy Policy.