Auditor Meets Security Pt. 2 – SCW #35 – Brian Tremblay – SCW #35
We continue the discussion with Brian Tremblay, a former auditor who "got religion" when he began to understand the complexities of security and how compliance could help or hinder security program efforts in organizations. We'll also talk about what Brian is doing at Onapsis, and how Onapsis is trying to help solve the problem.
To learn more about Onapsis, visit: https://securityweekly.com/onapsis
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Brian leads the Compliance Practice at Onapsis where he is responsible for helping customers understand and navigate the challenges and opportunities created by the increasing overlap of compliance, cybersecurity and business continuity related to IT General Controls and regulatory & compliance matters such as Sarbanes Oxley (SOX) and the General Data Protection Regulation (GDPR). Prior to Onapsis, he was the CAE for high-tech semiconductor company Acacia Communications. In addition to founding and leading all activities of the internal audit function, he helped prepare the organization to go public (including implementing SOX) and facilitated its implementation of enterprise risk management (ERM). Previously, Tremblay was the director of internal audit at Iron Mountain, overseeing all audits and projects within North America as well as liaising with global quality managers. Prior, as a senior manager at Houghton Mifflin Harcourt, he built out an internal audit department and executed a SOX implementation. Earlier in his career, he worked at Raytheon and Deloitte.