Sign up to save your podcasts
Or
Share The Compliance Playbook to Cybersecurity
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The Compliance Playbook to Cybersecurity
"Compliance is the security referee - frameworks are the playbooks."
In this episode, I’m joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.
Tim shares what he’s learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.
Here are some highlights from the episode:
- What GRC actually means - and why governance is the most misunderstood part
- Why people who say "compliance isn't security" are missing the point
- How explaining the "why" of cybersecurity controls aids in acceptance
- Why data retention policies can protect you from major legal headaches
- And yes… a story about how Tim accidentally ransomwared himself 🙃
This is a must-listen for anyone navigating compliance, cybersecurity, or just trying to understand how it all fits together!
I really enjoyed this conversation! What were your biggest takeaways? Let me know in the comments.
Follow Tim on LinkedIn: https://www.linkedin.com/in/timothygolden/
Compliance Scorecard Website: https://compliancescorecard.com/
-----------
Thanks to our sponsor Vanta!
Get back time to focus on strengthening security and scaling your business.
Discover the new way to GRC here: https://vanta.com/grcacademy
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e9&utm_campaign=courses
#cybersecurity
View all episodes
By Jacob Hill
5
33 ratings
"Compliance is the security referee - frameworks are the playbooks."
In this episode, I’m joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.
Tim shares what he’s learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.
Here are some highlights from the episode:
- What GRC actually means - and why governance is the most misunderstood part
- Why people who say "compliance isn't security" are missing the point
- How explaining the "why" of cybersecurity controls aids in acceptance
- Why data retention policies can protect you from major legal headaches
- And yes… a story about how Tim accidentally ransomwared himself 🙃
This is a must-listen for anyone navigating compliance, cybersecurity, or just trying to understand how it all fits together!
I really enjoyed this conversation! What were your biggest takeaways? Let me know in the comments.
Follow Tim on LinkedIn: https://www.linkedin.com/in/timothygolden/
Compliance Scorecard Website: https://compliancescorecard.com/
-----------
Thanks to our sponsor Vanta!
Get back time to focus on strengthening security and scaling your business.
Discover the new way to GRC here: https://vanta.com/grcacademy
-----------
Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!
Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s2-e9&utm_campaign=courses
#cybersecurity
More shows like GRC Academy
View all
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
371 Listeners
The Daily
112,572 Listeners
Cyberspin
2 Listeners
Jeff Lewis Has Issues
4,329 Listeners
The Weekly Show with Jon Stewart
10,777 Listeners
Sum IT Up: CMMC News Roundup
13 Listeners
Climbing Mount CMMC
2 Listeners
CMMC Compliance Guide
0 Listeners