Governance, Risk, & Compliance…so What? – Part 1 – Allan Alford – SCW #94
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well.
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
Join us June 29th for a webcast with Tyler Robinson and Beau Bullock to learn how to pivot into the world of Crypto security. Visit https://securityweekly.com/webcasts to register with only your name and email! Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
With 20+ years in information security, Allan Alford has served as CISO four times in three industries. Alford parlayed an IT career into a product security career and then ultimately fused the two disciplines. Allan has worked in companies from 5 employees to 50,000 and executes a risk-based approach to security, as well as compliance with NIST CSF, CIS CSC 20, GDPR, ISO 27001, DFARS and others.