GRC: ”Now What?” w/ Security & Compliance Weekly

This week, Allan is joined by Frederick Lee aka “Flee”, Chief Security Officer and Head of IT at Gusto, Jeff Man, host of Security & Compliance Weekly, and notorious infosec curmudgeon, and by Kat Valentine, Security and Compliance Weekly co-host.  A few weeks ago Allan appeared on their show to discuss “GRC: ‘What?’ and ‘So What?’.  In that episode, found here, they take a deep dive into GRC in terms of understanding is purpose and value. In this crossover episode, the group continues the conversation to talk about “GRC: ‘Now what?’ (The cultural impact and implementation, risk register, achieving actionable results and much more). Join Allan and the Security & Compliance Weekly team as they dive into overcoming cultural barriers, a continued conversation on the order of priority (“RGC” vs. “GRC”, for example), and enlisting allies in the business.   Key Takeaways: 2:20 Implementing GRC culturally – Flee's take 4:13 Jeff’s take 6:16 Kat’s take 10:43 The CISO – Turning compliance data into actionable results – Jeff’s take as an assessor 13:56 Kat’s take as an assessor 15:41 Flee’s take as a CISO 21:13 Understanding perspectives from all parties 28:10 Sharing problems upstream/Audits vs. Assessments 34:48 Flee’s take on “governance vs. doctrine” 37:43 Risk register – training for self sufficiency 42:40 Get in touch!   Links: Check out Security and Compliance Weekly! Follow Flee on LinkedIn and Twitter Follow Jeff Man on LinkedIn and Twitter Follow Kat Valentine on LinkedIn Follow Allan Alford on LinkedIn and Twitter Purchase a Cyber Ranch Podcast T-Shirt at the Hacker Valley Store Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at AttackIQ