Careers, Compliance

Governance, Risk, & Compliance…so What? – Part 2 – Allan Alford – SCW #94

Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well.

Full episode and show notes

Announcements

  • In an overabundance of caution, we have decided to flip this year’s SW Unlocked to a virtual format. The safety of our listeners and hosts is our number one priority. We will miss seeing you all in person, but we hope you can still join us at Security Weekly Unlocked Virtual! The event will now take place on Thursday, Dec 16 from 9am-6pm ET. You can still register for free at https://securityweekly.com/unlocked.

Guest

Allan Alford
Allan Alford
CISO/CTO @ TrustMAPP at TrustMAPP

With 20+ years in information security, Allan Alford has served as CISO four times in three industries. Alford parlayed an IT career into a product security career and then ultimately fused the two disciplines. Allan has worked in companies from 5 employees to 50,000 and executes a risk-based approach to security, as well as compliance with NIST CSF, CIS CSC 20, GDPR, ISO 27001, DFARS and others.

Hosts

Jeff Man
Jeff Man
Information Security Evangelist at Online Business Systems
Fredrick "Flee" Lee
Fredrick "Flee" Lee
CSO at Gusto
Kat Valentine
Kat Valentine
Compliance Free Agent (Consultant) at Osmosis Security
Priya Chaudhry
Priya Chaudhry
Jedi Warrior Princess at ChaudhryLaw PLLC
prestitial ad