Sign up to save your podcasts
Or
Share Why SOC 2 May Not Prove Security Anymore
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Why SOC 2 May Not Prove Security Anymore
SOC 2 might be everywhere, but is it actually working?
In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.
Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/
Meet Jeremy: https://www.linkedin.com/in/jeremyhuval
Meet AJ: https://www.linkedin.com/in/ajyawn/
Read AJ’s Book: https://www.amazon.com/GRC-ENGINEERING-AWS-Hands-Engineering/dp/B0FDLZX4BP
View all episodes
By HITRUST Alliance
5
22 ratings
SOC 2 might be everywhere, but is it actually working?
In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.
Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/
Meet Jeremy: https://www.linkedin.com/in/jeremyhuval
Meet AJ: https://www.linkedin.com/in/ajyawn/
Read AJ’s Book: https://www.amazon.com/GRC-ENGINEERING-AWS-Hands-Engineering/dp/B0FDLZX4BP