CISO Tradecraft®

#288 - How to Break Into Cybersecurity Through GRC (with Steve McMichael)


Listen Later

In this CISO Tradecraft episode, host G Mark Hardy interviews Steve McMichael, author of "How to Break into GRC: Mindset, Methods, and Skills," about entering cybersecurity through governance, risk, and compliance. McMichael shares his transition from accounting and explains GRC’s role as decision support and the interface between business and technical teams, breaking down governance, risk management, and compliance (including audits and third-party/supply-chain assurance). They discuss misconceptions that GRC is “just paperwork,” barriers like imposter syndrome, and strategies such as building T-shaped skills, targeting about 20% technical depth across domains, and developing credibility through a deep specialty. McMichael also describes an immersion mindset driven by emotional engagement, and showcases an open-source NIST Cybersecurity Framework Profile Assessment Database project on GitHub to help newcomers build skills and portfolio contributions.

...more
View all episodesView all episodes
Download on the App Store

CISO Tradecraft®By G Mark Hardy & Ross Young

  • 4.8
  • 4.8
  • 4.8
  • 4.8
  • 4.8

4.8

48 ratings


More shows like CISO Tradecraft®

View all
Hacked by Hacked

Hacked

188 Listeners

Security Now (Audio) by TWiT

Security Now (Audio)

2,010 Listeners

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec by Jerry Bell and Andrew Kalat

Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec

369 Listeners

Risky Business by Risky Business Media

Risky Business

376 Listeners

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) by Johannes B. Ullrich

SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)

648 Listeners

CyberWire Daily by N2K Networks

CyberWire Daily

1,030 Listeners

Smashing Security by Graham Cluley

Smashing Security

316 Listeners

Darknet Diaries by Jack Rhysider

Darknet Diaries

8,059 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

178 Listeners

Hacking Humans by N2K Networks

Hacking Humans

313 Listeners

CISO Series Podcast by David Spark, Mike Johnson, and Andy Ellis

CISO Series Podcast

192 Listeners

Defense in Depth by CISO Series

Defense in Depth

73 Listeners

The New CISO by Steve Moore

The New CISO

41 Listeners

Cybersecurity Headlines by CISO Series

Cybersecurity Headlines

136 Listeners

Risky Bulletin by Risky Business Media

Risky Bulletin

45 Listeners