Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.

 

In this episode, Justin interviews Gwenn Cujdik, the Incident Response and Cyber Services Lead for North America at AXA XL. Justin and Gwenn cover various cybersecurity topics, and how her 15 years as an Assistant District Attorney prepared her for her current role of responding to cyber attacks. Listen for tips on securing your organization, large or small, from cyber attacks and responding when, not if, they come. Gwenn shares her experiences and some advice.

 

Listen for Gwenn's insights to help you be vigilant and prepared against cybercrime.

 

Key Takeaways:

[:01] About RIMS and RIMScast.

[:14] With great sadness, the RIMS family lost a true leader in September. Susan Meltzer was an exceptional risk professional and passionate volunteer with RIMS. She served as the Society's President in 1999 and 2000.

[:29] RIMS has established a scholarship fund in her name. You can donate to that fund through RIMS, The Foundation for Risk Management®, at RIMS.org/FRM.

[:46] About this episode of RIMScast. This is our National Cybersecurity Awareness Month episode. Here to lend her insight on all things cyber is Gwenn Cujdik. She is the Incident Response and Cyber Services Lead for North America at AXA XL.

[1:19 ] We're also going to talk about her fascinating career that antedates her time in cyber.

[1:24 ] RIMS-CRMP Prep Workshops! The next RIMS CRMP Prep Workshops will be held on October 29th and 30th and led by John Button.

[1:36 ] The next RIMS-CRMP-FED Virtual Workshop will be held on November 11th and 12th and led by Joseph Mayo. Links to these courses can be found through the Certifications page of RIMS.org and through this episode's show notes.

[1:53 ] RIMS Virtual Workshops! RIMS has launched a new course, "Intro to ERM for Senior Leaders." It will be held again on November 4th and 5th and will be led by Elise Farnham.

[2:07 ] On November 11th and 12th, Chris Hansen will lead "Fundamentals of Insurance". It features everything you've always wanted to know about insurance but were afraid to ask. Fear not; ask Chris Hansen! RIMS members always enjoy deep discounts on virtual workshops!

[2:26 ] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode's notes.

[2:37 ] Several RIMS Webinars are being hosted this Fall. On October 9th, Global Risk Consultants returns to deliver "Natural Hazards: A Data-Driven Guide to Improving Resilience and Risk Financing Outcomes".

[2:51 ] On October 16th, Zurich returns to deliver "Jury Dynamics: How Juries Shape Today's Legal Landscape". On October 30th, Swiss Re will present "Parametric Insurance: Providing Financial Certainty in Uncertain Times".

[3:08 ] On November 6th, HUB will present "Geopolitical Whiplash — Building Resilient Global Risk Programs in an Unstable World". Register at RIMS.org/Webinars.

[3:20 ] On with the show! It's National Cybersecurity Awareness Month here in the U.S. and in many places around the world. Cyber continues to be a top risk among organizations of all sizes in the public and private sectors.

[3:35 ] Joining me today to discuss cybersecurity awareness is Gwenn Cujdik. You may remember her from the RIMS AXA XL webinar on September 4th, "Lock Down & Level Up."

[3:52 ] During that webinar, we had a brief, fascinating discussion about her time as an Assistant District Attorney in Pennsylvania.

[4:01 ] I wanted to learn more about how someone transitions from a colorful career to cybersecurity and eventually becomes the Incident Response and Cyber Services Lead for North America at AXA XL.

[4:15 ]  She's got a lot on her plate. She's got a huge risk radar. We're going to talk all about it and help all the risk managers out there use her insight and perspective to protect their organizations. Let's get to it!

[4:28 ] Interview! Gwenn Cujdik, welcome to RIMScast!

[5:09 ] Gwenn is Incident Response and Cyber Services Lead for North America at AXA XL. When a client has a cyber breach, they call AXA XL and work with Gwenn's teams.

[5:42 ] Gwenn works on training her teams to be able to respond, setting up procedures and processes to make the response seamless and collaborative, and making sure the clients get consistent service, whoever handles the call.

[6:16 ] Gwen's team has 18. Four are in leadership with 14 more team members. Two managers directly supervise the teams to help them with answers to questions about unusual situations.

[6:50 ] Gwenn helps the teams understand massive events and how they might affect AXA XL and their clients, how to interact with brokers, and technical matters. She helps the team understand coverages when it comes to something unique. "It's all hands on deck for us!"

[7:55 ] Gwenn says, Fighting crime is a part of who I am. She is driven by helping others get through some terrible times. She has seen the worst of the worst. Sometimes it takes just one helping hand to get people through tough times. She has seen how impactful that can be.

[8:44 ] Sometimes, in a crisis, how people interact with the victim could be the recipe for them to recover fully from that event. Gwenn has seen people recover, take back their lives, move forward, and be survivors. She has seen corporations and companies do so and become better.

[9:39 ] Justin repeats that Gwenn has seen the worst of the worst: homicides, murders, abuses of women and children, arson, and more. She has seen it all, including things that she wishes she hadn't seen.

[10:27 ] Gwenn compares cyber incident response to her ADA work. A prosecutor has to be able to handle things under pressure. The best prosecutors are looking to do the right thing. Gwenn has met many people who, absent the crime, would have been friends.

[11:06 ] You have to be able to see there's a human on the other side, and there are humans that they hurt. You do right by understanding that there are a lot of players involved, who are humans.

[11:26 ] It helps you understand where somebody might be coming from. It helps you understand why they might be screaming at you. "I'm just the messenger, but let's talk about why you're so upset."

[11:39 ] Gwenn says one of the cool things about being a prosecutor is that every case you have presents a different set of facts and circumstances. There's a law that's intertwined with it, and that's interesting for Gwenn.

[11:54 ] The first time Gwenn had an arson case, she had to work with the Fire Marshals to understand how they knew the fire started here. How did they know it was a chemical? She started with the Fire Marshals and then went to the crime scene to talk to Forensic Chemists.

[12:11 ] The Forensic Investigators explained the chemistry behind the Molotov Cocktail that was thrown through the window. This was how the fire started, and then it enveloped the room.

[12:22 ] When Gwenn first worked with DNA, she found it to be incredibly complicated. She had to learn it to be able to explain it. Her job was to explain to 12 people why DNA mattered, why it's this guy, and not anybody else, that committed this crime; the numbers are insane.

[12:44 ] It could be one in a hundred quadrillion that it's another person. Those numbers are insane, and it's really hard to understand.

[12:56 ] Gwenn was in the DA's office when cell site analysis came around; being able to triangulate where someone is, using cell towers. The Philadelphia Field Office had one of the pioneers in that science. Gwenn learned from him.

[13:13 ] One of Gwenn's matters was a homicide. They tracked the defendant from the scene of the crime, through public transportation, back to his house, using cell site triangulation. While they were mapping, the actor Joe Piscopo came by, touring the building. Gwenn was an SNL fan.

[14:23 ] Gwenn's prosecutorial experience translates to cy