Sign up to save your podcasts
Or
Share The Compliance Playbook to Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Compliance Playbook to Cybersecurity
"Compliance is the security referee - frameworks are the playbooks."
In this episode, I’m joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.
Tim shares what he’s learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.
Here are some highlights from the episode:
- What GRC actually means - and why governance is the most misunderstood part
- Why people who say "compliance isn't security" are missing the point
- How explaining the "why" of cybersecurity controls aids in acceptance
- Why data retention policies can protect you from major legal headaches
- And yes… a story about how Tim accidentally ransomwared himself 🙃
This is a must-listen for anyone navigating compliance, cybersecurity, or just trying to understand how it all fits together!
I really enjoyed this conversation! What were your biggest takeaways? Let me know in the comments.
Follow Tim on LinkedIn: https://www.linkedin.com/in/timothygolden/
Compliance Scorecard Website: https://compliancescorecard.com/
-----------
Thanks to our sponsor Vanta!
Get back time to focus on strengthening security and scaling your business.
Discover the new way to GRC here: https://vanta.com/grcacademy
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e9&utm_campaign=courses
#cybersecurity
View all episodes
By Jacob Hill
5
44 ratings
"Compliance is the security referee - frameworks are the playbooks."
In this episode, I’m joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.
Tim shares what he’s learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.
Here are some highlights from the episode:
- What GRC actually means - and why governance is the most misunderstood part
- Why people who say "compliance isn't security" are missing the point
- How explaining the "why" of cybersecurity controls aids in acceptance
- Why data retention policies can protect you from major legal headaches
- And yes… a story about how Tim accidentally ransomwared himself 🙃
This is a must-listen for anyone navigating compliance, cybersecurity, or just trying to understand how it all fits together!
I really enjoyed this conversation! What were your biggest takeaways? Let me know in the comments.
Follow Tim on LinkedIn: https://www.linkedin.com/in/timothygolden/
Compliance Scorecard Website: https://compliancescorecard.com/
-----------
Thanks to our sponsor Vanta!
Get back time to focus on strengthening security and scaling your business.
Discover the new way to GRC here: https://vanta.com/grcacademy
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e9&utm_campaign=courses
#cybersecurity
More shows like GRC Academy
View all
This Week in Tech (Audio)
3,019 Listeners
Smashing Security
318 Listeners
The Daily
111,102 Listeners
Darknet Diaries
7,949 Listeners
CISO Series Podcast
190 Listeners
Defense in Depth
77 Listeners
Cyber Security Headlines
129 Listeners
Sum IT Up: CMMC News Roundup
14 Listeners
Climbing Mount CMMC
2 Listeners