Governance, Risk, & Compliance…so What? – Part 1 – Allan Alford – SCW #94
Join us on this episode of SCW for a general discussion about how to do this whole security/compliance thing better; how compliance really needs to come first; how it's all risk-based or should be RGC not GRC; legal and privacy issues/focus - and how they help or hinder the cause; other factors like burnout/gatekeeping/etc. that all contribute to our industry being overly focused/reliant on technology and don't handle the people/process part very well.
Announcements
Don't forget to check out our library of on-demand webcasts & technical trainings at securityweekly.com/ondemand.
We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!
Guest
Allan Alford has worked in cybersecurity for 20+ years and technology for 25+. He started in IT, pivoted to Engineering and product security, and brought it all back around to a CISO role that oversaw both enterprise and product. After 5 stints as a CISO in various industries in companies ranging from 18 to 50,000 employees, Allan launched a consulting practice with a partner that provides fractional CISO, strategic cybersecurity consulting services, risk assessments, maturity assessments, and other services. Allan gives back to the community by way of The Cyber Ranch Podcast and by his prolific writing on LinkedIn and in articles for various publications.
Hosts
