Manage episode 308396230 series 2932664
This week, Allan is joined by Frederick Lee aka “Flee”, Chief Security Officer and Head of IT at Gusto, Jeff Man, host of Security & Compliance Weekly, and notorious infosec curmudgeon, and by Kat Valentine, Security and Compliance Weekly co-host. A few weeks ago Allan appeared on their show to discuss “GRC: ‘What?’ and ‘So What?’. In that episode, found here, they take a deep dive into GRC in terms of understanding is purpose and value.
In this crossover episode, the group continues the conversation to talk about “GRC: ‘Now what?’ (The cultural impact and implementation, risk register, achieving actionable results and much more).
Join Allan and the Security & Compliance Weekly team as they dive into overcoming cultural barriers, a continued conversation on the order of priority (“RGC” vs. “GRC”, for example), and enlisting allies in the business.
2:20 Implementing GRC culturally – Flee's take
4:13 Jeff’s take
6:16 Kat’s take
10:43 The CISO – Turning compliance data into actionable results – Jeff’s take as an assessor
13:56 Kat’s take as an assessor
15:41 Flee’s take as a CISO
21:13 Understanding perspectives from all parties
28:10 Sharing problems upstream/Audits vs. Assessments
34:48 Flee’s take on “governance vs. doctrine”
37:43 Risk register – training for self sufficiency
42:40 Get in touch!
Check out Security and Compliance Weekly!
Follow Kat Valentine on LinkedIn
Purchase a Cyber Ranch Podcast T-Shirt at the Hacker Valley Store
Sponsored by our good friends at AttackIQ