Time To Move Away From “G – little R – Big C” (GRC) – John Wheeler, Padraic O’Reilly – BSW #250
How to move from legacy GRC processes and systems to a more automated approach that promotes visibility, agility, and alignment from assessment to Boardroom.
This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them!
Don't miss any of your favorite Security Weekly content! Visit https://securityweekly.com/subscribe to subscribe to any of our podcast feeds and have all new episodes downloaded right to your phone! You can also join our mailing list, Discord server, and follow us on social media & our streaming platforms!
Do you have a specific guest or topic that you want us to cover on one of the shows? Submit your suggestions for guests by visiting https://securityweekly.com/guests and completing the form! We review suggestions monthly and will reach out to you once reviewed!
John A. Wheeler is Strategic Advisor to CyberSaint and the founder and CEO of Wheelhouse Advisors, a global risk management strategy and technology advisory firm. John has over 30+ years of industry experience is a recognized expert, frequent speaker and author on the effective use of risk management practices and technology in large and midsize businesses. Prior to joining CyberSaint, John was Senior Director, Analyst for risk management technology solutions and services at Gartner, a leading research and advisory organization. Wheeler spent over ten years at Gartner advising thousands of CISO and CIO buyers, CEOs, Boards of Directors, as well as technology product and services companies within the $9 billion Integrated Risk Management market. Prior to his time at Gartner, Wheeler led teams at Truist (formerly known as SunTrust), transforming and modernizing the organization’s risk management, Sarbanes-Oxley (SOX), and audit programs. He had leadership positions at Turner Broadcasting and Emory Healthcare, and also held positions in IT and risk consulting at Big Four firm EY in addition to Accenture.
Padraic O’Reilly is Chief Product Officer and Co-Founder at CyberSaint, where he leads product innovation and development. His experience as a Harvard-trained economist, IT risk and compliance consultant, and his rapid exposure to Cybersecurity led him to seek out CISOs, CIOs, and Boards of Directors at global organizations to pursue the answer to the question – how can cyber be managed, measured, and understood like any other business function? Padraic’s current activity spans working directly with organizations from public agencies to private companies across the globe to understand how to measure cyber risk, especially amidst the global pandemic which is fueling massive digital transformation projects around the world. Padraic was a key member of the group providing feedback on the NIST Cybersecurity Framework during its development, and is an expert in regulatory standards both in security and privacy, including the NIST Risk Management and NIST Privacy Frameworks. An expert in Artificial Intelligence (AI) and economic modeling, Padraic works with members of the Global 500 to research and deploy risk quantification, risk intelligence gathering, and risk reporting and communication strategies. Padraic also holds a patent entitled, “System And Method for Monitoring And Grading A Cybersecurity Framework” which has inspired much of his work on cohesive IT and cyber risk management approaches.