Download - 2021-034-Khalilah Scott, good GRC tool practices - part1 | Podbean

Discover

Podcast Features
Your all-in-one podcasting solution.

Blog to Podcast
Turn your blog into an engaging podcast.
Livestream
High-performing audio live, without limits.

Podcast Studio
Easy-to-use audio recorder app.
Podbean AI
AI-Enhanced Audio Quality and Content Generation.

Podcast App
The best podcast player & podcast app.

Ads Marketplace
Join Ads Marketplace to earn money
through sponsorship on your podcast.

PodAds
Manage your ads with dynamic ad insertion capability.
Apple Podcasts Subscriptions Integration
Effortlessly publish and manage exclusive episodes for your
Apple Podcasts subscribers directly from Podbean.
Live Streaming
Receive livestream rewards from your audience and earn
recurring income from your Fan Club membership.

All Arts Business Comedy Education
Fiction Government Health & Fitness History Kids & Family
Leisure Music News Religion & Spirituality Science
Society & Culture Sports Technology True Crime TV & Film
Live

How to Start a Podcast
How to Start a Live Podcast
How to Monetize a podcast
How to Promote Your Podcast
How to Use Group Recording

Log in
Start your podcast for free

Podcasting
Monetization
Advertisers
Enterprise
Pricing
Discover

Log in

Sign up free

BrakeSec Education Podcast

News:Tech News

2021-034-Khalilah Scott, good GRC tool practices - part1

2021-09-29

Download Right click and do "save link as"

GRC tools (Governance Risk and Compliance)

@ki_twyce_

@TechSecChix

INfosec unplugged

Security Happy Hour

Eric’s cyberpoppa show

Cyber Insight show - cohost

Blumira is hiring

https://www.blumira.com/careers/

https://www.cio.com/article/3206607/what-is-grc-and-why-do-you-need-it.html

https://www.pwc.ch/en/insights/fs/10-pitfalls-when-implementing-grc-technology-and-how-to-avoid-them.html

https://www.oxial.com/all/how-to-go-about-choosing-your-grc-solution/

Why do we need a GRC tool?

https://resilience.acoss.org.au/the-six-steps/managing-your-risks/risk-register

What are our business goals? (to make money... :D )

Are we mature enough to be measuring ourselves?

How can we use this to be more efficient?

https://www.standardfusion.com/blog/the-future-of-grc-7-things-to-look-out-for/

Centralized Controls. ...
Support for Future Standards. ...
Automation
Integrations (my add… helpdesk integrations, 3rd party)
Scalability. ...
Customizable Reporting. ...
Flexibility. ...
Task Delegation

GRC tool use in other areas

IT - makes more informed budget decisions, determines directions in business goals, asset mgmt

Finance - Make better financial decisions, profitability

Infosec- vuln mgmt,

Compliance

HR - determine hiring requirements

Legal - ensures ethical management of the organization, reduces breach,

How do you implement GRC?

https://www.crowe.com/insights/6-steps-for-a-successful-grc-implementation

Step 0: everyone’s input and use cases
Determine the total value gained by using a centralized GRC platform
1. Missing data
2. Duplicate processes
3. Duplicate data
4. Manual steps that can be removed or automated
5. Workflows to assist heavily manual areas such as communications, emails, approvals, and reporting
Identify operational gaps to prioritize the areas you need to improve.
Get your team on board with an effectively communicated plan.
Build a strong foundation to support your GRC program
Deploy a standardized GRC implementation across the board.
Let the GRC framework evolve and grow after it's implemented.

view more

More Episodes

2017-013-Multi-factor Auth implementations, gotchas, and solutions with Matt

2017-04-13

2017-012-UK Gov Apprenticeship infosec programs with Liam Graves

2017-04-05

2017-011-Software Defined Perimeter with Jason Garbis

2017-03-29

2017-010-Authors Amanda Berlin and Lee Brotherston of the "Defensive Security Handbook"

2017-03-22

2017-009-Dave Kennedy talks about CIAs 'Vault7', ISC2, and Derbycon updates!

2017-03-14

2017-008-AWS S3 outage, how it should color your IR scenarios, and killing the 'whiteboard' interview

2017-03-06

2017-007- Audio from Bsides Seattle 2017

2017-03-01

2017-006- Joel Scambray, infosec advice, staying out from in front of the train, and hacking exposed

2017-02-19

2017-005-mick douglas, avoid bad sales people, blue team defense tools

2017-02-14

2017-004-sandboxes, jails, chrooting, protecting applications, and analyzing malware

2017-02-06

2017-003-Amanda Berlin at ShmooCon

2017-01-29

2017-002: Threat Lists, IDS/IPS rules, and mentoring

2017-01-21

2017-001: A New Year, malware legislation, and a new cast member!

2017-01-12

2016-051: Steps to fixing risks you found, and the State of the Podcast

2016-12-25

2016-050: Holiday Spectacular with a little help from our friends!

2016-12-21

2016-049-Amanda Berlin, the art of the sale, and Decision making trees

2016-12-15

2016-048: Dr. Gary McGraw, Building Security into your SDLC, w/ Special guest host Joe Gray!

2016-12-03

2016-047: Inserting Security into the SDLC, finding Privilege Escalation in poorly configured Linux systems

2016-11-28

2016-046: BlackNurse, Buenoware, ICMP, Atombombing, and PDF converter fails

2016-11-21

2016-044: Chain of Custody, data and evidence integrity

2016-11-07

←
10
11
12
13
14
15
16
17
18
19
→

012345678910111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store

Download Podbean app on Google Play

Create your
podcast in
minutes

Full-featured podcast site
Unlimited storage and bandwidth
Comprehensive podcast stats
Distribute to Apple Podcasts, Spotify, and more
Make money with your podcast

Get started

It is Free

Podcast Services
MONETIZATION & MORE
KNOWLEDGE BASE
Support
Podbean

Privacy Policy
Cookie Policy
Terms of Use
Consent Preferences
Copyright © 2015-2024 Podbean.com