Careers, Compliance

Governance, Risk, & Compliance…so What? – Part 1 – Allan Alford – SCW #94

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well.

Full episode and show notes

Announcements

  • Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!

  • Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.

Guest

Allan Alford
Allan Alford
CISO/CTO @ TrustMAPP at TrustMAPP

With 20+ years in information security, Allan Alford has served as CISO four times in three industries. Alford parlayed an IT career into a product security career and then ultimately fused the two disciplines. Allan has worked in companies from 5 employees to 50,000 and executes a risk-based approach to security, as well as compliance with NIST CSF, CIS CSC 20, GDPR, ISO 27001, DFARS and others.

Hosts

Jeff Man
Jeff Man
#HackingisNotaCrime Advocate, Sr. InfoSec Consultant at Online Business Systems
Fredrick "Flee" Lee
Fredrick "Flee" Lee
CSO at Gusto
Kat Valentine
Kat Valentine
Compliance Free Agent (Consultant) at Osmosis Security
Priya Chaudhry
Priya Chaudhry
Jedi Warrior Princess at ChaudhryLaw PLLC
prestitial ad