Deep Dive in GRC: Know Your Sources – Jonathan Ruf – CSP #182
Full Audio
View Show IndexSegments
1. Deep Dive in GRC: Know Your Sources – Jonathan Ruf – CSP #182
As organizations grow, there comes a time when managing by excel spreadsheets is not longer feasible and accurate data sources, regulations, and risk need to be accurately reflected within Governance, Risk and Compliance (GRC) tools. Reporting to the board must be based upon accurate information. Join us as we discuss the important aspects of forming a GRC program.
Segment Resources:
Webcast: https://www.scworld.com/cybercast/the-regulatory-landscape-in-2030-what-you-need-to-know
Podcast (Enterprise Security Weekly): https://www.scworld.com/podcast-segment/11416-the-rise-of-regops-the-need-for-compliance-automation-travis-howerton-esw-313
News/interview: https://www.scworld.com/news/generative-ai-not-just-revolutionary-but-evolutionary
This segment is sponsored by RegScale. Visit https://cisostoriespodcast.com/regscale to learn more about them!
Guest
Jonathan Ruf is a seasoned Cybersecurity Executive with over two decades of experience in the Financial Services industry. As a leader in the field, he has a proven track record of developing and implementing robust cybersecurity GRC strategies to safeguard organizations against evolving cyber threats. Jonathan’s expertise extends across various domains, including information protection, privacy, contract negotiation and review, incident response, and compliance.
In his current role as the Head of Cyber and Information Risk at Apple Bank, Jonathan is responsible for overseeing the organization’s cybersecurity risk posture. Regularly reporting to the Board, Jonathan provides comprehensive updates on the current threat landscape, potential vulnerabilities, and the effectiveness of existing cybersecurity measures. Jonathan’s ability to articulate complex technical concepts in a clear and concise manner enables the Board and executive senior management to make informed decisions regarding cybersecurity investments and risk mitigation strategies.
Jonathan’s technical knowledge and policy implementation is a cornerstone of his success. With a background in computer science and extensive hands-on experience, he possesses a deep understanding of cutting-edge cybersecurity technologies and methodologies. His proficiency extends to areas such as Information Security policy writing, defining procedure, and creating security standards. This technical acumen allows Jonathan to collaborate effectively with the organization’s IT teams, ensuring that security measures are seamlessly integrated into all facets of the business.