Skip to content
Exterro for Law Enforcement
Get a Demo

August 11, 2025 | Data Exposure

Inside Data Xposure: Meet Your Hosts and Learn the Mission

Hosts: Jenny Hamilton, Fahad Diwan, Justin Tolman

Before we dive into data breaches, compliance crackdowns, and regulatory chaos—get to know the voices behind Data Xposure.

In this special pre-release episode, you’ll meet the trio guiding this podcast for legal, privacy, and security professionals: Jenny Hamilton, General Counsel for Exterro and legal visionary; Fahad Diwan, privacy and compliance strategist; and Justin Tolman, a digital forensics expert with boots-on-the-ground experience. Together, they bring diverse perspectives to one shared mission: helping you stay ahead of the risks hiding in your data.

In this episode, you’ll learn:

  • Why this podcast exists—and why now is the moment to talk about data risk differently.
  • How each host’s career has shaped their view of data’s value and its vulnerabilities.
  • What types of stories, headlines, and expert guests you can expect in the episodes ahead.

If you’re leading data decisions or responding when they go wrong, Data Xposure is your new essential listen. Start here.

Subscribe on Your Preferred Podcast Platform

Apple Podcasts | Spotify | YouTube

Episode Transcript

Jenny Hamilton (00:08)

Welcome to Data Xposure, the podcast for data risk leaders. I'm Jenny Hamilton, the general counsel for Extero.

Fahad Diwan (00:17)

And I'm Fahad Diwan. I focus on data privacy, security and governance, and making sure good intentions survive legal scrutiny.

Justin Tolman (00:25)

I'm Justin Tolman because when things go very wrong, you're going to need a forensic investigation to determine who exposed your data.

Jenny Hamilton (00:34)

So before we dive into Trends and Insights, we want to give you a moment to meet us, your hosts, and share why we launched the show.

Fahad Diwan (00:41)

Because in every corner of enterprise data, there's value, and well, there's risk. And for legal, privacy, security and data governance leaders, that's a daily balancing act.

Justin Tolman (00:55)

If you're the one responsible for keeping data protected, preserved, and provable, we see you. This podcast is for you.

Jenny Hamilton (01:02)

So in today's episode, we're going to break down why Data Xposure exists and why now is the critical time for this conversation. We're also going to talk about some of our perspectives and what shaped them and then what you can expect from the stories and the experts ahead. So let's get into it.

So first, Fahad, why don't you share, since you've worked in the thick of compliance programs, what's changed in the last few years that makes this moment so critical?

Fahad Diwan (01:34)

Well, Jenny, we're really in the fourth industrial revolution. AI is touching everyone and everything. Every department in an organization wants to leverage their data and put it in AI to make their roles more efficient, to make themselves more effective. Now with this comes a lot of data risk. And this data risk is no longer just localized to the information security department or the privacy compliance department. It has sprawled across the organization.

So what makes this moment so critical is that we're seeing everyone generating using data throughout an organization that's generating a massive amount of risk, and it’s requiring different stakeholders from different departments to work together to mitigate the risks associated with this processing.

Jenny, as a GC, you’ve seen how legal teams are being pulled into everything from breach response to vendor audits. What made you want to launch a podcast like this?

Jenny Hamilton (02:34)

A couple of reasons. First, legal is often the last line of defense. And that requires us to try to stay abreast of what are the current risk trends and insights that are unfolding. And we're also trained executors. We have to stop that ball from reaching the goal when it comes to the risk exposure of our clients. I think that tech makes this really difficult, because there's no blueprint.

There's no checklist of issues that we've been trained on to spot in law school or early stages of our practice. And so we have to keep paying attention and we also have to leverage the power of community. The power of community in this world, starting when I went in the house almost 20 years ago, has been absolutely in the number one ways that attorneys who advise in this area have been able to manage risk. 

It's what the trends are, whether you're a heavily regulated company or you're unregulated, what different attorneys and clients have tried that works and what doesn't work, where to spend money, where not to spend money. So, I think that's where we're trying to leverage the power of community and our participation in industry thought leadership and bring that to the audience.

Justin Tolman (04:04)

Jenny and Fahad, you both mentioned this convergence of roles from legal, security, IT, all these things. I see that every day in forensics as well. And this plays into information governance, which is the biggest influence when it comes to executing in all three of these disciplines. If you aren't retaining the data, you can't lose the data and that data can't hurt you. So in digital forensics, it's the process of finding and building the timeline related to the movement of that data that shouldn't be moving.

Jenny Hamilton (04:35)

Justin, you have a deep experience in law enforcement and digital forensics. So what does that teach you about real world risks?

Justin Tolman (04:43)

Thanks. That has shown me the very real world consequences to those risks. Having investigated the fallout of mistakes and or just the daily run of data risk, I've seen very real consequences of that information getting out and the damage that it can cause. It's not a good thing.

Fahad Diwan (05:05)

Jenny, you've been inside corporate walls. What's the biggest misconception companies have about data that legal teams need to navigate?

Jenny Hamilton (05:14)

The biggest misconception that I've seen over the last nearly 20 years inside, you know, mostly in-house walls is that the business will have time to catch up to the risk. If they'll monetize the data or they'll collect the data for future monetization. And then at some point, it's like a line graph, the curves going up, the volume of data, the volume of products they're selling, that the risk is just following that curve.

And the reality is right at the inception of going into business, you have risk that you may not be able to catch up to later on and need to design in guardrails, design in compliance. It's almost like your favorite subject, privacy by design. And that puts them behind, but not, like almost puts them behind exponentially.

There's a second misconception that goes the other way, which is once you've gotten too far behind on managing your data risk, that you can never catch up. And you might as well punt it to next year when you can get like a big budget or a lot more head count. And the reality is that actually never happens. And there are practical ways you can get your arms around it. You can manage data risk without doing those things.

Justin Tolman (06:38)

Fahad, you practiced law and then did consulting and now you're at Exterro and Product. How do you keep data governance and privacy programs relevant as tech threats evolve so fast?

Fahad Diwan (06:50)

Well, there are many similarities between my work as a lawyer and the work that I do now. In both roles, I help organizations manage risks to their data, both current risks and also future nebulous risks that are sometimes hard to see and hard to predict. As a lawyer, I did this mainly through drafting foundational documents like privacy policies and keeping the language broad enough to capture future issues.

In my current role, I do that with technology. I help build tech that can address the risks of today, but is robust enough to address the risks of

So let's talk format. We're going to start every episode with an event or timely topic, something our listeners are talking about. Why is that the hook, Jenny?

Jenny Hamilton (07:42)

That's a good question, Fahad. I'm glad you asked because we have such a large customer base that cuts across all industries, whether they're heavily regulated or not yet regulated, that we want to share the trends we're seeing that you may be wanting to know what's happening out there that you don't already, or we just want to support conversations you're already participating in.

We're also bringing in voices across the ecosystem. What kind of guess, Vod, should we expect?

Fahad Diwan (08:16)

Our guests should expect data leaders from across the world. They should expect listing from key insights from chief privacy officers, chief data governance officers, information security leaders, general counsel, you name it. The people that are in the trenches today managing and mitigating data risk as new ones arrive.

Justin Tolman (08:37)

then we'll end each episode with a reset moment so that you can apply the concepts shared by the experts and how to better communicate across the organization to minimize risk.

Jenny Hamilton (08:47)

So that's a wrap on our pre-release episode of Data Exposure. We are excited to bring you into the conversation and the insight.

Fahad Diwan (08:56)

If you're leading data decisions or dealing with the fallout when they go wrong, this podcast is built for you.

Justin Tolman (09:05)

Subscribe now, tell your team, and be ready because what's hiding in your data could cost you

Jenny Hamilton (09:10)

So thanks for listening and welcome to Data Xposure.