概要規約プライバシー連絡先
 
更新中
Security & GRC Decoded

Security & GRC Decoded

リリース: 2026-02-11
© 2026 Security & GRC Decoded
Security & GRC Decoded - QRコードは
29 エピソード
オーディオ
Apple Podcastで聴く
29 エピソード
オーディオ
Apple Podcastで聴く
リリース: 2026-02-11
© 2026 Security & GRC Decoded
最新のエピソード
Does GRC Belongs Outside Security? The Case for an Independent Second Line ft Charles Nwatu - GRC Engineering Leader

Does GRC Belongs Outside Security? The Case for an Independent Second Line ft Charles Nwatu - GRC Engineering Leader

What if GRC shouldn’t sit inside Security at all—and what if the bigger problem isn’t automation, but what you do after you automate? In this episode, Raj Krishnamurthy sits down with Charles Nwatu (former Security GRC Engineering & Assurance lead
時間が: 1:00:59
What if GRC shouldn’t sit inside Security at all—and what if the bigger problem isn’t automation, but what you do after you automate? In this episode, Raj Krishnamurthy sits down with Charles Nwatu (former Security GRC Engineering & Assurance leader at Netflix) for a candid, systems-level conversation about why “annual audit rituals” fail modern engineering, how GRC can produce high-fidelity signals that strengthen security decision-making, and why the next wave of GRC engineering is about analytics, specifications, and business impact—not just speeding up evidence collection.
Key Takeaways:
GRC is a continuous discipline—point-in-time compliance can help, but it can’t be the end state.Automation is necessary but not sufficient: the real value is in turning collected evidence into actionable insights.Specifications enable measurement—without clear expected behaviors, security metrics become inconsistent and hard to compare.GRC can feed security with high-fidelity signals (like identity/access review metadata) that improve posture beyond audit readiness.Third-party risk doesn’t “finish”—the goal is visibility, data lineage awareness, and making the mess less messy. 
What You’ll Learn:
Where Charles believes GRC should sit org-wise—and why Security should be a “customer” of GRCWhat “shift-left GRC” looks like in practice (beyond annual audits)Why “efficiency savings” don’t automatically equal “security value”How to think about metrics, specifications, and risk in a shared languageWhy third-party risk management is “unsolvable,” and how to build guardrails anyway
This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence.
Learn more: https://www.compliancecow.com
Watch more episodes: https://www.compliancecow.com/podcast
Connect With Our Guest:
Charles Nwatu | GRC Engineering Leader
Connect on LinkedIn: https://www.linkedin.com/in/cnwatu/
Rate, review, and share if you enjoyed the show!
Subscribe to Security & GRC Decoded wherever you get your podcasts:
Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr?si=416b82ab5c474683
Apple Podcasts: https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450
エピソードID: 1000749110118
GUID: Buzzsprout-18645514
リリース日: 2026/2/11 2:00:00

説明

How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC). Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy. It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates. Security & GRC Decoded brings you: Actionable strategies, expert insights, and real-world stories to elevate your Security GRC programs. Each episode explores frameworks, risk management strategies, and innovations shaping the future of GRC – from practitioners in the trenches. Subscribe now to unlock the tools and knowledge you need to succeed!

Apple Podcasts: カスタマーレビュー

入力なし