Cherry Bekaert: Risk & Cybersecurity

Hosted by Cherry Bekaert

BusinessInterviews guests

Website RSS feed

Episodes

Latest episode

Dec 2025

Language

About the show

Cherry Bekaert’s podcast for risk & cybersecurity where we discuss developing trends and market dynamics as well as tips that could impact your business.

Listen to episodes

28 recent

December 3, 202531 min

Key Governance Risks in AI Deployments

In the third episode of the Risk and Cybersecurity podcast’s AI Compliance series, host Lauren Ross is joined by Steve Ursillo, Partner in Cybersecurity at Cherry Bekaert, and Morgan Hague, Senior Manager at Meditology Services. Together, they dive into the unique governance and risk management challenges organizations face when deploying internal AI versus leveraging third-party artificial intelligence (AI) solutions. This episode covers practical approaches to data and model governance, the role of frameworks like ISO 42001 and SOC 2 in supporting responsible AI development, and the essentials of effective vendor due diligence. Our guests also explore how organizations can strengthen contractual safeguards and monitor for model drift and ethical concerns in vendor AI tools. Tune in to learn more about:Key governance and risk management considerations for internal and vendor AIHow ISO 42001 and SOC 2 frameworks support responsible AI Vendor due diligence and contractual safeguards in AI partnershipsStrategies for monitoring model drift, bias, and ethical risks in third-party AI toolsPractical steps organizations can take today to strengthen AI compliance and data protectionView All Podcasts from this Series

November 18, 202528 min

Understanding the Drivers of AI Compliance

In the second episode of the AI Compliance series, host Lauren Ross is joined by Steve Ursillo, Partner in Cybersecurity at Cherry Bekaert, and Morgan Hague, Senior Manager at Meditology Services. Listen in as they explore the evolving landscape of artificial intelligence (AI) regulations, including the impact of the European Union (EU) AI Act and U.S. executive orders, and how organizations can proactively prepare for regulatory uncertainty. The episode also covers what enterprises should look for when evaluating AI vendors, the changing role of procurement in assessing AI risk, and the most overlooked risks in AI systems today. Finally, they examine how compliance frameworks can help organizations mitigate reputational harm in the event of AI failures. Tune in to learn more about:The impact of emerging regulations on global AI strategiesHow organizations can prepare for regulatory uncertainty and evolving compliance requirementsKey compliance criteria and certifications enterprises should look for from AI vendorsOverlooked risks in AI systems, from bias and privacy to shadow AI and automation biasHow compliance frameworks and due diligence can help mitigate reputational damage from AI failuresView All Podcasts from this Series

October 30, 202530 min

Building Trust with AI Compliance Frameworks

In the kickoff episode of the Risk and Cybersecurity podcast’s AI Compliance series, host Lauren Ross welcomes Steve Ursillo, Partner in Cybersecurity at Cherry Bekaert, and Morgan Hague, Senior Manager at Meditology Services, for a deep dive into the frameworks shaping responsible artificial intelligence (AI). The conversation unpacks how standards like SOC 2, ISO 42001, and the National Insititue of Standards and Technology’s (NIST) AI Risk Management Framework are evolving to address the unique risks and governance challenges of artificial intelligence. They discuss the intersection of AI with privacy regulations like the General Data Protection Regulation (GDPR) and Health Insurance Portability and Accountability Act (HIPAA), as well as practical strategies for harmonizing multiple frameworks in complex environments. Whether you’re just starting your AI journey or looking to strengthen your compliance posture, this episode offers foundational insights to help you build trust and resilience in your AI initiatives.Tune in to learn more about:The role of SOC 2, ISO 42001, and NIST in AI governance and risk managementHow ethical principles are operationalized in AI development and deploymentAligning AI compliance with privacy regulations such as GDPR and HIPAAThe importance of model registries, bias monitoring and continuous oversightStrategies for harmonizing multiple frameworks and reducing audit fatigueView All Podcasts from this Series

May 30, 202526 min

Auditing AI: Internal Audit's Expanding Role

In this episode of our Internal Audit podcast series, John Heagy, Senior Manager, and Scott Peyton, Partner in our Risk Advisory practice, discuss the evolving role of internal audit in artificial intelligence (AI) oversight. They unpack the differences between traditional and generative AI, explore how internal audit function is leveraging these technologies, and examine the risks that come with AI adoption—while providing risk mitigation and identification strategies.This is the final episode in our four-part internal audit series. Catch up on the first three episodes The Evolving Role of Internal Audit: Unpacking IIA’s Vision 2035 Report, Top 3 Critical Skills for the IA Profession and The Client's Guide to Data Analytics in Internal Audit.Tune in to learn more about:A breakdown of AI types andhow traditional AI differs from generative AIHow internal audit teams are leveraging AI for tasks like fraud detection, control documentation and data analysisThe risks of AI, including bias, hallucinations, outdated data and ethical concernsKey elements of a strong AI governance framework, including transparency, accountability and responsible use policiesWhat to include in an AI audit scope, from understanding training data to evaluating cybersecurity and user behaviorRelated Insights:Podcast: https://www.cbh.com/insights/podcasts/a-guide-to-iias-vision-2035-for-audit-teams/ Article: 2025 Internal Audit Risks and Hot Topics Podcast: https://www.cbh.com/insights/podcasts/top-3-skills-for-internal-audit-profession/ Podcast: The Client's Guide to Data Analytics in Internal AuditView All Podcasts from this Series

May 20, 20259 min

Guide to Data Analytics in Internal Audit

Explore the transformative impact of data analytics on internal audit processes with Yani Diaz, Director and Ann-Blair Jamison, Senior Manager from our Risk Advisory practice. Throughout the episode, they discuss the key benefits of using data analytics, such as enhanced risk assessment, improved efficiency and predictive analysis. Additionally, they offer insights into how organizations can effectively implement data analytics solutions.This is the third episode in our four-part internal audit series. Be sure to listen to the first two episodes, The Evolving Role of Internal Audit: Unpacking IIA’s Vision 2035 Report and Top 3 Critical Skills for the IA Profession. Stay connected for the final episode in this series, where we cover how to audit AI. Tune in to learn more about:Data analytics’ role in decision making.The benefits of using data analytics in internal audit, including enhanced risk assessment, improved efficiency and the ability to perform predictive analysis.How data analytics can be used effectively in Information Technology General Controls (ITGC) testing to identify potential control weaknesses and ensure compliance with regulatory requirements.Important considerations when implementing data analytics solutions to understand factors such as data quality and analytics tools. Related Insights:Podcast: The Evolving Role of Internal Audit: Unpacking IIA’s Vision 2035 Report Article: 2025 Internal Audit Risks and Hot Topics Podcast: Top 3 Critical Skills for the IA ProfessionView All Podcasts from this Series

May 7, 202515 min

Top 3 Critical Skills for the IA Profession

The Institute of Internal Audit’s (IIA) Vision 2035 report highlights the pivotal role that soft skills will play in shaping the future of internal audit. Join Jodi Lewis, Manager, and Andy Jameson, Director, from our Risk Advisory practice as they discuss the top three critical skills that internal auditors must cultivate to excel in the evolving internal audit landscape. Additionally, they will share insights on how auditors can effectively develop these essential skills. This is the second in our four-part internal audit series. Listen to the first episode, The Evolving Role of Internal Audit: Unpacking IIA’s Vision 2035 Report, and stay connected for upcoming episodes.Tune in to learn more about:The importance of effective communication in internal auditPractical ways to enhance communication skillsStrategies to enhance critical thinking in internal auditThe role that adaptability plays in keeping auditors relevant and effectiveRelated Insights:Podcast: https://www.cbh.com/insights/podcasts/a-guide-to-iias-vision-2035-for-audit-teams/ Article: 2025 Internal Audit Risks and Hot Topics View All Podcasts from this Series

April 30, 202522 min

A Guide to IIA's Vision 2035 for Audit Teams

The Institute of Internal Audit (IIA)’s Vision 2035 report highlights the need for internal auditors to embrace technological advancements and expand their advisory roles to remain relevant and effective. In the IIA’s comprehensive vision, internal auditors will evolve into strategic advisors by 2035 and utilize cutting-edge technology to provide robust, evidence-based assurance and navigate emerging risks with confidence.In the latest episode of the Risk Advisory Podcast, James Eldridge, Senior Manager, is joined by Scott Peyton, Partner and Risk Advisory Leader, to discuss the shifting role of internal audit. They delve into the IIA’s Vision 2035 report, which outlines significant changes and opportunities for the future of internal audit. This is the first in a four-part series celebrating Internal Audit Awareness Month.Tune in to learn more about:The key elements of the IIA’s 2035 visionThe evolving role of internal audit Key technology trends impacting internal auditTips to train, develop and source talent and subject matter expertiseHow to prepare the next generation of auditorsRelated Guidance:Article – The Evolving Role of Internal AuditView All Podcasts from this Series

November 8, 202426 min

HITRUST CSF Framework: Understanding the Basics

In the latest episode of our Risk & Accounting Advisory podcast, National Technology Business Development Leader Marc Montoro, Leader is joined by Information Assurance & Cybersecurity Senior Managers Keith Jackson and Brian Kirk. Together, they discuss the basics of the HITRUST Framework, exploring its evolution from a healthcare focus to an industry-agnostic standard. Their conversation is packed with insights. From the foundational elements of High Trust to its benefits and strategic advantages, discover how this robust framework can set your business apart. Tune in to learn why HITRUST certification might be your next step in safeguarding sensitive information and achieving compliance across various sectors. Listeners will learn:What is HITRUST CSF?The benefits of being HITRUST CertifiedThe different types of HITRUST Certification and the pros and cons of eachHow to become HITRUST CertifiedRelated InsightsCPE Webinar: HITRUST CSF: A Comprehensive OverviewView All Podcasts from this Series

March 15, 202427 min

An Introduction to SOC 2 Reports

In the latest episode of Cherry Bekaert’s Risk & Accounting Advisory podcast series, Neal Beggan, is joined by Steven Ursillo and Dan Sembler, both partners in our Information Assurance & Cybersecurity practice. During this episode they discuss the many benefits of Service Organization Control (SOC) 2 reports, such as security insights, gaining customer trust and risk management, and how those benefits bring value to a company. Listeners will also discover how to prepare for SOC 2 and what to expect during a SOC 2 report, as well as the different types of SOC 2 reports.Tune in to learn more about:The value of SOC 2 and potential benefitsHow a SOC 2 report differs from a SOC 1 examinationThe components of a SOC 2 report and how to prepareOther Relevant GuidanceA Comprehensive Guide to SOC 2 Reporting: Webinar RecordingThe Impact of a SOC 2 Report on Your Organization Value and Customer RelationsA Guide to Understanding Service Organization Control (SOC) ReportsQuestions? Contact UsView All Podcasts from this Series

January 16, 202423 min

Anti-Money Laundering – Part 2 Testing & Monitoring

In the latest episode of our Risk & Accounting Advisory podcast, the second of a two-part series, Nate Regimbal, Digital Advisory New Practices & Solutions Leader, joins Sam Halaby, Senior Manager in Risk Advisory, and Dan Gallagher, from the Firm’s Information Assurance & Cybersecurity practice, to discuss Anti-Money Laundering Model (AML) Testing & Monitoring best practices. Their conversation provides insight into conducting model testing, the importance of ongoing monitoring and how to perform ongoing monitoring. This episode provides an outline of the AML Validation components a financial institution should review to ensure the accuracy of the AML data and alerts, and compliance with regulatory requirements.Listeners will learn about:What to focus on during set-up and validation of model-testing and the aspects of each testing areaWhy ongoing testing is important and how to perform periodic testingThe key limitations of Anti-Money Laundering Models Related Resources Anti-Money Laundering (AML) Model – Part 1Podcast: Data Management Best Practices for Financial InstitutionsRegulatory Compliance Digest | September 2023 Questions? Contact Us View All Podcasts from this Series