Скачать или смотреть Simplify Compliance, Third-Party Risk & AI | Orange Cyber Defense | Goldphish x Orange Cyberdefence

In this Go Phish episode, Dan Thornton sits down with Mathew Caplan, Head of International Consulting Experts & Professional Services at Orange Cyber Defense, to unpack a pragmatic security playbook for multinationals and SMEs. We cover why “keep it simple” beats checkbox sprawl, how to tailor programmes across regions, the rise of third-party risk & data sovereignty, and why AI is a double-edged enabler—not a replacement for people. We dive into culture, training, and the uncomfortable truth that resilience (detect, contain, recover, learn) matters more than shiny tools.

🔗Guest & Resources
Connect with Mathew Caplan:   / mathewcaplan  
Learn more about Orange Cyberdefense: https://www.orangecyberdefense.com/

🤝Connect with Me
My LinkedIn:   / dan-thornton-1927429  
Goldphish: https://www.goldphish.com/

Want to be on the podcast? Send an email to [email protected]

What you’ll learn:
1. How to make compliance workable across countries and business units

2. Turning security into a business conversation (risk, evidence, outcomes)

3. Third-party & supply-chain risk: contracts, oversight, and continuous monitoring

4. People & culture: fixing processes so staff can work safely under pressure

5. Building resilience: threat intel, layered controls, and incident response that actually runs

Hashtags
#Cybersecurity #Compliance #ThirdPartyRisk #AI #RiskManagement #SecurityAwareness #Resilience #SupplyChainSecurity #OrangeCyberDefense #GoPhish #Goldphish

📌Chapters

00:00 – Guest introduction
01:12 – Mission: “building a safer digital society” & where consulting fits
02:13 – Who they serve: multinationals and SMEs; why smaller firms get outsized value
03:58 – Strategy: simplify compliance; avoid “more words, more controls” traps
05:21 – Consulting ethos: solve the pain, get out quicker, build trust
06:35 – Hot topics: AI, compliance pressure, third-party risk & data sovereignty
08:52 – AI in practice: enabler vs fear; benefits and accuracy limits
10:47 – The human element: why programmes fail without people on board
12:26 – Are large enterprises truly training everyone? Siloes & gaps remain
12:50 – Human error stats & why process complexity trips people up
14:27 – Regional differences vs common patterns across sectors
16:29 – Skills gap: when to build in-house vs bring external expertise
20:29 – Must-haves: simplification, threat intel, resilience & defence-in-depth
21:54 – Risk management → spend where it actually reduces risk; IR loop
23:09 – Cyber insurance as a driver; frameworks that help you qualify
26:34 – Audits are point-in-time; culture keeps you compliant tomorrow
27:23 – Looking ahead: expanding into new regions; EU regs ramping up
30:19 – Is there an umbrella framework? Getting 80% there with standards, then adapt
31:45 – Identity & data lifecycle: knowing who has access to what
32:34 – Where to find Orange Cyber Defense & Mathew; wrap-up

____________________________________________
🌍 Our sites:
Website: https://www.goldphish.com/
Free training: https://www.goldphish.com/free-training
Free resources: https://www.goldphish.com/public-portal
Pricing: https://www.goldphish.com/pricing
Become a Partner: https://www.goldphish.com/msp-partners
____________________________________________

👀Our newsletter:
Beehivv: https://goldphish.beehiiv.com/
____________________________________________

🔔 Our socials:
LinkedIn:   / goldphish  
____________________________________________

🥳 Client Reviews:
G2: https://www.g2.com/products/goldphish...
____________________________________________