Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society.
In this episode, Justin interviews Gwenn Cujdik, the Incident Response and Cyber Services Lead for North America at AXA XL. Justin and Gwenn cover various cybersecurity topics, and how her 15 years as an Assistant District Attorney prepared her for her current role of responding to cyber attacks. Listen for tips on securing your organization, large or small, from cyber attacks and responding when, not if, they come. Gwenn shares her experiences and some advice.
Listen for Gwenn’s insights to help you be vigilant and prepared against cybercrime.
Key Takeaways:
[:01] About RIMS and RIMScast.
[:14] With great sadness, the RIMS family lost a true leader in September. Susan Meltzer was an exceptional risk professional and passionate volunteer with RIMS. She served as the Society’s President in 1999 and 2000.
[:29] RIMS has established a scholarship fund in her name. You can donate to that fund through RIMS, The Foundation for Risk Management®, at RIMS.org/FRM.
[:46] About this episode of RIMScast. This is our National Cybersecurity Awareness Month episode. Here to lend her insight on all things cyber is Gwenn Cujdik. She is the Incident Response and Cyber Services Lead for North America at AXA XL.
[1:19] We’re also going to talk about her fascinating career that antedates her time in cyber.
[1:24] RIMS-CRMP Prep Workshops! The next RIMS CRMP Prep Workshops will be held on October 29th and 30th and led by John Button.
[1:36] The next RIMS-CRMP-FED Virtual Workshop will be held on November 11th and 12th and led by Joseph Mayo. Links to these courses can be found through the Certifications page of RIMS.org and through this episode’s show notes.
[1:53] RIMS Virtual Workshops! RIMS has launched a new course, “Intro to ERM for Senior Leaders.” It will be held again on November 4th and 5th and will be led by Elise Farnham.
[2:07] On November 11th and 12th, Chris Hansen will lead “Fundamentals of Insurance”. It features everything you’ve always wanted to know about insurance but were afraid to ask. Fear not; ask Chris Hansen! RIMS members always enjoy deep discounts on virtual workshops!
[2:26] The full schedule of virtual workshops can be found on the RIMS.org/education and RIMS.org/education/online-learning pages. A link is also in this episode’s notes.
[2:37] Several RIMS Webinars are being hosted this Fall. On October 9th, Global Risk Consultants returns to deliver “Natural Hazards: A Data-Driven Guide to Improving Resilience and Risk Financing Outcomes”.
[2:51] On October 16th, Zurich returns to deliver “Jury Dynamics: How Juries Shape Today's Legal Landscape”. On October 30th, Swiss Re will present “Parametric Insurance: Providing Financial Certainty in Uncertain Times”.
[3:08] On November 6th, HUB will present “Geopolitical Whiplash — Building Resilient Global Risk Programs in an Unstable World”. Register at RIMS.org/Webinars.
[3:20] On with the show! It’s National Cybersecurity Awareness Month here in the U.S. and in many places around the world. Cyber continues to be a top risk among organizations of all sizes in the public and private sectors.
[3:35] Joining me today to discuss cybersecurity awareness is Gwenn Cujdik. You may remember her from the RIMS AXA XL webinar on September 4th, “Lock Down & Level Up.”
[3:52] During that webinar, we had a brief, fascinating discussion about her time as an Assistant District Attorney in Pennsylvania.
[4:01] I wanted to learn more about how someone transitions from a colorful career to cybersecurity and eventually becomes the Incident Response and Cyber Services Lead for North America at AXA XL.
[4:15] She’s got a lot on her plate. She’s got a huge risk radar. We’re going to talk all about it and help all the risk managers out there use her insight and perspective to protect their organizations. Let’s get to it!
[4:28] Interview! Gwenn Cujdik, welcome to RIMScast!
[5:09] Gwenn is Incident Response and Cyber Services Lead for North America at AXA XL. When a client has a cyber breach, they call AXA XL and work with Gwenn’s teams.
[5:42] Gwenn works on training her teams to be able to respond, setting up procedures and processes to make the response seamless and collaborative, and making sure the clients get consistent service, whoever handles the call.
[6:16] Gwen’s team has 18. Four are in leadership with 14 more team members. Two managers directly supervise the teams to help them with answers to questions about unusual situations.
[6:50] Gwenn helps the teams understand massive events and how they might affect AXA XL and their clients, how to interact with brokers, and technical matters. She helps the team understand coverages when it comes to something unique. “It’s all hands on deck for us!”
[7:55] Gwenn says, Fighting crime is a part of who I am. She is driven by helping others get through some terrible times. She has seen the worst of the worst. Sometimes it takes just one helping hand to get people through tough times. She has seen how impactful that can be.
[8:44] Sometimes, in a crisis, how people interact with the victim could be the recipe for them to recover fully from that event. Gwenn has seen people recover, take back their lives, move forward, and be survivors. She has seen corporations and companies do so and become better.
[9:39] Justin repeats that Gwenn has seen the worst of the worst: homicides, murders, abuses of women and children, arson, and more. She has seen it all, including things that she wishes she hadn’t seen.
[10:27] Gwenn compares cyber incident response to her ADA work. A prosecutor has to be able to handle things under pressure. The best prosecutors are looking to do the right thing. Gwenn has met many people who, absent the crime, would have been friends.
[11:06] You have to be able to see there’s a human on the other side, and there are humans that they hurt. You do right by understanding that there are a lot of players involved, who are humans.
[11:26] It helps you understand where somebody might be coming from. It helps you understand why they might be screaming at you. “I’m just the messenger, but let’s talk about why you’re so upset.”
[11:39] Gwenn says one of the cool things about being a prosecutor is that every case you have presents a different set of facts and circumstances. There’s a law that’s intertwined with it, and that’s interesting for Gwenn.
[11:54] The first time Gwenn had an arson case, she had to work with the Fire Marshals to understand how they knew the fire started here. How did they know it was a chemical? She started with the Fire Marshals and then went to the crime scene to talk to Forensic Chemists.
[12:11] The Forensic Investigators explained the chemistry behind the Molotov Cocktail that was thrown through the window. This was how the fire started, and then it enveloped the room.
[12:22] When Gwenn first worked with DNA, she found it to be incredibly complicated. She had to learn it to be able to explain it. Her job was to explain to 12 people why DNA mattered, why it’s this guy, and not anybody else, that committed this crime; the numbers are insane.
[12:44] It could be one in a hundred quadrillion that it’s another person. Those numbers are insane, and it’s really hard to understand.
[12:56] Gwenn was in the DA’s office when cell site analysis came around; being able to triangulate where someone is, using cell towers. The Philadelphia Field Office had one of the pioneers in that science. Gwenn learned from him.
[13:13] One of Gwenn’s matters was a homicide. They tracked the defendant from the scene of the crime, through public transportation, back to his house, using cell site triangulation. While they were mapping, the actor Joe Piscopo came by, touring the building. Gwenn was an SNL fan.
[14:23] Gwenn’s prosecutorial experience translates to cyber in that each matter is a little different. There’s a bad guy at the other end. Gwenn is not sympathetic to the bad guys because they are anonymous. Nobody sees them or knows them. It’s usually a criminal enterprise.
[14:59] It’s a group of people working together, motivated by money and wreaking havoc on people who are trying to make a living and support their families. The bad guys want to extort millions of dollars and put businesses and livelihoods in danger.
[15:42] In Philadelphia, the elite of the elite prosecutors worked in homicide. Some spend 20 or 30 years there. Gwenn was an ADA for 15 years, but couldn’t see herself doing it for 20 or 30 years. She wanted to stay positive and be a force for good when she was dealing with bad.
[16:34] She wondered where she could go to have a similar impact for good, investigating, and helping people get through an awful time.
[16:45] Gwenn had a friend who worked with her in the Family Violence and Sexual Assault Unit. She had left the office to work for a new law firm doing cyber incident response. She called Gwenn and said she would be really good at it. She explained it to Gwenn.
[17:50] Gwenn interviewed with the firm and got an offer the day she interviewed. She realized that was what she wanted to do. Some former prosecutors were doing it. There were some amazing people, and she wanted to be a part of that, something new, interesting, and growing.
[18:15] Gwenn wanted to be challenged and get to help people. Once she discovered it, she couldn’t think of a better transition for people who are in law enforcement than going into cybersecurity.
[18:39] RIMS Events! On November 17th and 18th, join us in Seattle, Washington, for the RIMS ERM Conference 2025. The agenda is live. Check out Episode 357 for Justin’s dialogue with ERM Conference Keynote Presenter Dan Chuparkoff on AI and the future of risk.
[18:59] Visit the Events page of RIMS.org to register.
[19:02] RISKWORLD 2026 will be in Philadelphia, Pennsylvania, from May 3rd through May 6th. RIMS members can now lock in the 2025 rate for a full conference pass to RISKWORLD 2026 when you register by October 30th!
[19:16] This also lets you enjoy earlier access to the RISKWORLD hotel block. Register by October 30th, and you will also be entered to win a $500 raffle! Do not miss out on this chance to plan and score some of these extra perks!
[19:30] The members-only registration link is in this episode’s show notes. If you are not yet a member, this is the time to join us! Visit RIMS.org/Membership and build your network with us here at RIMS!
[19:42] Let’s return to our interview with Gwenn Cujdik!
[20:14] Gwenn says cybersecurity takes a village. What she learned in criminal prosecution is that as long as there have been humans, there has been crime. We’re fortunate as a society to have laws, law enforcement, governing bodies, and organizations to keep crime down.
[20:54] It’s not dissimilar to cybersecurity. If Gwenn were talking to a board, she would say, It takes everybody in your community, in your organization, to build resilience, protect yourself from cybercrime, and react to it.
[21:12] Gwenn says a big mistake people often make is thinking incident response is a job for just their tech team. The IT team is not trained in all the various fields you need to be an expert in to get through a cyber incident.
[21:41] Your IT team will be able to get you up and running, collaborate, and be a good foundation for the incident response, working with outside experts. It takes people who understand the law and who understand communications.
[21:54] It takes people who understand the brand, who are the heart of the organization, to be able to respond. Your CISO may say, Here’s how I think that we should respond, but your CEO may say, This isn’t how I think we would respond to an event like this. Keep in mind who we are.
[22:32] Your legal team is there to say, Here’s why we can’t do that, the risk is too great; It will be worse if you do X, Y, Z; You shouldn’t do that because you need to be compliant with the law.
[23:11] Gwenn says good leaders lead best when they model. If you expect people to be open-minded and collaborative, you need to be the same. For the most part, organization leadership is very aware that cybersecurity is an important part of who they are and will be.
[23:55] Gwenn has met a ton of CEOs who admit they don’t know what they don’t know and ask for help to understand cybersecurity so they can help their organizations in the best way possible. Some CEOs are thinking ahead and putting teams together that understand their role.
[24:20] Gwenn has encountered CEOs who are just messing up the process. One wanted to invite his wife, not an employee, to the conversation because she would like to hear about it. From a legal and business perspective, it’s very risky for the company.
[25:04] One Final Break! The Spencer Educational Foundation’s goal to help build a talent pipeline of risk management and insurance professionals is achieved, in part, by its collaboration with risk management and insurance educators across the U.S. and Canada.
[25:23] Since 1999, Spencer has awarded over $2.9 million to create more than 570 Risk Management Internships. The Internship Grants application process is now open through October 15th, 2025.
[25:39] To be eligible, risk managers must be based in the U.S., Canada, or Bermuda. A link to the Internship Grants page is in this episode’s show notes. You can always visit SpencerEd.org, as well.
[25:53] Let’s Conclude Our National Cybersecurity Awareness Month Interview with Gwenn Cujdik!
[26:05] It’s National Cybersecurity Awareness Month 2025, here in the U.S. It’s a big month for everyone in Gwenn’s house; they have to pull their own weight a little more because she’s traveling a lot, she’s out a lot, and there are a lot of conferences and meetings going on!
[26:29] Gwenn tries not to shove everything cyber just into October. October is busy, and she loves it.
[26:56] On October 29th, at the Sheraton New York Times Square Hotel in Manhattan, Gwenn will be the Conference Co-Chair for the Zywave Cyber Risk Insights New York event. It’s a full day with a lot of very knowledgeable individuals from a range of companies.
[27:50] It is one of Gwenn’s favorite events. It’s a day packed with good information. She would love to see more risk managers and CISOs join it. The amount of information you can get in one day is almost unbelievable. The content is pretty diverse.
[28:21] It covers claims, the state of the market, the different ways threat actors are attacking, how to prepare better for attacks and for business continuity, and how to organize invoices and costs as you’re going through an incident response.
[29:01] Gwenn says, Get the small things right so you can deal with the big things. While you tackle the small things, you can talk about whether or not the law requires you to file notifications to seven million people and how to get through that as a company.
[29:22] Gwen says it’s a great event. Gwenn will be there, giving opening remarks. Justin will be there, after attending a heavy metal concert the night before. The link is in this episode’s show notes.
[30:52] When Gwenn entered the cybersecurity field, she was surprised at the female presence. One of the managing partners who interviewed her was a female. There are also savvy female hackers out there.
[31:35] Gwenn says that in criminal law, people have trouble understanding that women can commit crimes, the same way that men can. Gwenn points out Elizabeth Holmes and the book Bad Blood, about Theranos.
[32:23] Gwenn mentions a woman in government who embezzled $22 million from her community to show horses.
[32:42] Gwenn says, in terms of cybersecurity being a male-dominated field, we’re all learning together; anybody who tries and is committed to it can do it. Because it’s new, people come from different backgrounds with diverse experiences.
[33:11] Gwenn says, We’re seeing value in people coming from different careers and different industries and seeing their skillsets translate to cybersecurity. In this field, you need great diversity with people from all different backgrounds to be able to tackle this.
[33:38] It’s not one-size-fits-all. There are personalities involved. There are different businesses involved, from small to large, public to government. You have to be able to understand a huge variety of people and businesses. You have to understand a huge amount of technology.
[34:00] Gwenn talks about the differences between cybersecurity and other industries. eDiscovery for cyber is not the same as eDiscovery for litigation. You need special people and tooling, and you have to understand what the tooling is, which helps you figure out timing.
[34:43] Technology is always developing. Gwenn compares it to cat and mouse. We’re constantly chasing the bad guys to figure out what they’re doing. Sometimes it’s reactive. They’ll think of something new, and we’ve never seen it before. This is how we get through it.
[35:04] The tools and a skillset you’ve used dealing with everything before help you tackle what’s coming. Even the way we investigate and respond to things has changed.
[35:16] Gwenn says when we came on the scene, we would grab images of all the computers. If there were 50 computers, you would have 50 images, which would mean people going through a massive amount of data, taking a really long time.
[35:30] We don’t do that now. We have tools and technology that can get through a system programmatically, to pull the evidence we need to do these investigations without having to go into a shop and take copies of laptops or servers to get through that.
[35:49] That makes a potential difference of millions of dollars in responding. It’s the difference between months and a month to respond.
[36:15] Gwenn has not seen a malicious actor with technology or an algorithm that is beyond what she has seen before. She says, We have the technology they have. You’d be surprised how much private industry gives to our community in terms of intelligence and technology.
[36:35] Gwenn adds, We work with the government to find out solutions. The industry is armed pretty well. Gwenn has seen some things that have impressed her. One attacker was pulling searches from a legal hold, getting into sensitive information.
[37:16] Their searches looked legitimate, like what an attorney would look for, so it didn’t set off bells and whistles. Gwenn wonders how they knew to look in a legal hold. Were they lawyered? That was something small but ingenious to Gwenn.
[37:46] Seeing a smart attack invigorates Gwenn to use her brain and try to be as smart or smarter. She says that’s what is great about this job. It’s constantly changing. You’re constantly moving. It’s not for weak minds.
[38:11] To excel, you have to be smart, tenacious, and love learning. You have to love that you may be an expert in this, but you may become obsolete. You’ve got to keep your game up. Gwenn says she is just a big nerd for it.
[38:33] Attackers are using AI more. Gwenn recalls two incidents recently where two different groups, for two different reasons, were attacking Salesforce. That’s the rub of being popular. One group used AI to search quickly for sensitive information to leverage attacks on companies.
[39:27] Unfortunately, people are reusing passwords, and the bad guys know that. Gwenn says you’d better not!
[39:57] Justin comments that AI being used for a cyber attack should be on companies’ risk radars. How can they adjust defense strategies to stay ahead of something like that?
[40:08] Gwenn is dealing with that at this moment. If you are a big company with subsidiaries and locations around the country or the world, segregate the networks. If an attack hits your facility in Oklahoma, they won’t have access to your facility in Belgium.
[40:38] If your locations are networked, it’s a domino effect. If one goes down, they all go down. In terms of business resilience, that is the one factor that can tumble everything with the press of a button.
[40:55] The tools that bad guys are using are meant to get them through fast. They get in, use AI to conduct reconnaissance, and get terabytes of data out quickly. It’s important to take every effort to reduce the severity of an attack in its spread and the amount of data stolen.
[41:40] Can they move laterally within a company or elevate privileges by getting to the admin, who has access to everything? It’s great to focus on how to prevent it, but the reality is, they’re going to find a way. It’s not if, it’s when.
[42:09] While you have to prevent the attack from happening, and be vigilant. If you get an attack, you have to make sure it’s small, you respond quickly, and it’s not going to hit every facet of your company. Attacks that hit every facet of the company are the most devastating.
[42:39] Justin says you’ve been wonderful. You’ve given us so much to think about when it comes to National Cybersecurity Awareness Month. You do great work! I look forward to seeing you in more AXA XL RIMS collaborative webinars!
[42:55] We’ll see you in the city for the Zywave Cyber Risk Insights New York, on
October 29th, delivering the opening address and mingling with attendees.
[43:04] Gwenn says, I’ll be there all day, attending sessions, supporting my friends on panels, my cyber family, and for folks who want to meet me. I’m always happy to talk cyber!
[43:24] Justin says, Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals.
[43:30] You’ve been such a wonderful guest, and I appreciate all your time and insight today. Thank you, Gwenn!
[43:43] Special thanks to Gwenn Cujdik of AXA XL for joining us here to discuss all things cyber. The AXA XL RIMS webinar, “Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals,” is now available on demand through the RIMS.org/Webinars page.
[44:05] A link is also in this episode’s show notes.
[44:07] Gwenn will deliver the opening address at the Zywave Cyber Risks Insights New York Conference on October 29th in Manhattan. A link is in this episode’s show notes.
[44:19] Plug Time! You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in the show notes.
[44:47] RIMScast has a global audience of risk and insurance professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let’s collaborate and help you reach them! Contact pd@rims.org for more information.
[45:05] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information.
[45:23] Risk Knowledge is the RIMS searchable content library that provides relevant information for today’s risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more.
[45:39] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com. It is written and published by the best minds in risk management.
[45:54] Justin Smulison is the Business Content Manager at RIMS. Please remember to subscribe to RIMScast on your favorite podcasting app. You can email us at Content@RIMS.org.
[46:06] Practice good risk management, stay safe, and thank you again for your continuous support!
Links:
RIMS ERM Conference 2025 — Nov. 17‒18
Spencer Internship Program — Registration Open Through Oct. 15.
RISKWORLD 2026 — Members-only early registration through Oct 30!
RIMS-Certified Risk Management Professional (RIMS-CRMP)
The Strategic and Enterprise Risk Center
RIMS Diversity Equity Inclusion Council
RISK PAC | RIMS Advocacy | RIMS Legislative Summit SAVE THE DATE — March 18‒19, 2026
RIMS Risk Management magazine | Contribute
Zywave's 2025 Cyber Risk Insights Conference — Oct. 29, 2025 | New York City
Upcoming RIMS Webinars:
Natural Hazards: A Data-Driven Guide to Improving Resilience and Risk Financing Outcomes | Oct. 9 | Sponsored by Global Risk Consultants
Jury Dynamics: How Juries Shape Today's Legal Landscape | Oct. 16, 2025 | Sponsored by Zurich
Parametric Insurance: Providing Financial Certainty in Uncertain Times | Oct. 30, 2025 | Sponsored by Swiss Re
Geopolitical Whiplash — Building Resilient Global Risk Programs in an Unstable World | Nov. 6 | Sponsored by Hub
“Lock Down & Level Up: Turn Up Your Cybersecurity Game Against Creative Cyber Criminals”
Upcoming RIMS-CRMP Prep Virtual Workshops:
RIMS-CRMP Virtual Exam Prep — Oct. 29‒30, 2025
RIMS-CRMP-FED Exam Prep Virtual Workshop — November 11‒12
Full RIMS-CRMP Prep Course Schedule
“Risk Appetite Management” | Oct 22‒23 | Instructor: Ken Baker
“Intro to ERM for Senior Leaders” | Nov. 4‒5 | Instructor: Elise Farnham
“Fundamentals of Insurance” | Nov. 11‒12 | Instructor: Chris Hansen
“Leveraging Data and Analytics for Continuous Risk Management (Part I)” | Dec 4.
See the full calendar of RIMS Virtual Workshops
Related RIMScast Episodes about Cyber:
“AI Risks and Compliance with Chris Maguire”
“Data Privacy and Protection with CISA Chief Privacy Officer James Burd”
“Cyberrisk Trends in 2025 with Tod Eberle of Shadowserver”
Sponsored RIMScast Episodes:
“The New Reality of Risk Engineering: From Code Compliance to Resilience” | Sponsored by AXA XL (New!)
“Change Management: AI's Role in Loss Control and Property Insurance” | Sponsored by Global Risk Consultants, a TÜV SÜD Company
“Demystifying Multinational Fronting Insurance Programs” | Sponsored by Zurich
“Understanding Third-Party Litigation Funding” | Sponsored by Zurich
“What Risk Managers Can Learn From School Shootings” | Sponsored by Merrill Herzog
“Simplifying the Challenges of OSHA Recordkeeping” | Sponsored by Medcor
“Risk Management in a Changing World: A Deep Dive into AXA's 2024 Future Risks Report” | Sponsored by AXA XL
“How Insurance Builds Resilience Against An Active Assailant Attack” | Sponsored by Merrill Herzog
“Third-Party and Cyber Risk Management Tips” | Sponsored by Alliant
“RMIS Innovation with Archer” | Sponsored by Archer
“Navigating Commercial Property Risks with Captives” | Sponsored by Zurich
“Breaking Down Silos: AXA XL’s New Approach to Casualty Insurance” | Sponsored by AXA XL
“Weathering Today’s Property Claims Management Challenges” | Sponsored by AXA XL
“Storm Prep 2024: The Growing Impact of Convective Storms and Hail” | Sponsored by Global Risk Consultants, a TÜV SÜD Company
“Partnering Against Cyberrisk” | Sponsored by AXA XL
“Harnessing the Power of Data and Analytics for Effective Risk Management” | Sponsored by Marsh
“Accident Prevention — The Winning Formula For Construction and Insurance” | Sponsored by Otoos
“Platinum Protection: Underwriting and Risk Engineering's Role in Protecting Commercial Properties” | Sponsored by AXA XL
“Elevating RMIS — The Archer Way” | Sponsored by Archer
RIMS Publications, Content, and Links:
RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community!
RIMS-Certified Risk Management Professional (RIMS-CRMP)
RIMS Strategic & Enterprise Risk Center
RIMS-CRMP Stories — Featuring RIMS President Kristen Peed!
RIMS Events, Education, and Services:
Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information.
Want to Learn More?
Keep up with the podcast on RIMS.org, and listen on Spotify and Apple Podcasts.
Have a question or suggestion? Email: Content@rims.org.
Join the Conversation!
Follow @RIMSorg on Facebook, Twitter, and LinkedIn.
About our guest:
Gwenn Cujdik, Incident Response and Cyber Services Lead for North America at AXA XL
Production and engineering provided by Podfly.