GRC & Me

In this episode, host Meghan Maneval is joined by LogicGate’s Chief Customer Officer, Jen Renna, to discuss the evolution of customer success at LogicGate. They dive into what success looks like from both a customer and internal perspective, and why people are at the heart of it all. The discussion also covers key considerations when selecting a GRC platform, what customers can expect from LogicGate moving forward, proving that GRC is not a cost center with value realization, and how the company drives value internally to foster success.

Join us in this episode as host Meghan Maneval and Michael Rasmussen - GRC Analyst & Pundit at GRC 20/20 Research, LLC - discuss vendor risk management and the differences between third, fourth, and fifth-party risks. They discuss essential regulations and standards in the financial and banking sectors, highlighting how they vary by organization maturity. As well as best practices for effectively building and managing a comprehensive vendor risk management program and staying current with risk management standards. Michael touches on the role of automation and AI in enhancing vendor risk programs, as well as their limitations. And he shares his 2025 regulatory predictions and their potential impact on vendor risk strategies in the financial services.

In this episode, we’re excited to explore the ever-changing landscape of banking compliance. We’ll cover best practices for staying audit-ready amidst constantly evolving regulations. The discussion will address compliance requirements, from NCUA mandates to state-specific privacy laws, PCI 4.0, and more. We’ll also talk about AI in banking along with third-party and vendor risks. This insightful conversation will highlight both the challenges and best practices in navigating compliance complexities across the industry.

Matt Kunkel, CEO of LogicGate, and CISO Nick Kathmann explore how governance, risk, and compliance (GRC) has evolved from a mere budget line into a pivotal business enabler. They share insights on leveraging technology for data integration to make informed risk decisions. The discussion includes strategies for bridging communication between security metrics and business goals, emphasizing a collaborative, security-centric culture. They also address burnout in cybersecurity, advocating for tech-driven solutions to enhance efficiency and work-life balance.

Netflix's Tony Martin-Vegue joins LogicGate's Chris Clarke to discuss the paradigm shift in risk analysis methods, networking in career advancement, risk quantification and decision-making, models of risk quantification, measuring risk and managing change, addressing risks and a risky scenario in Black Mirror, choosing between The Great British Bake-Off and Nailed It based on risk factors, and examining the likelihood of cyber risk origination.

They say it takes a thief to catch a thief, so why not a hacker to catch a hacker? That was the premise behind Ted Harrington’s Independent Security Evaluators, a company dedicated to poking holes into other companies’ cyber defenses — for the right reasons, of course. On this episode of GRC & Me, Ted takes LogicGate’s Chris Clarke on a journey down the benevolent hacker’s rabbit hole, where they discuss:The difference between white box and black box testing (and which is better.)Why carrying these exercises out can build trust and become a competitive advantage in third-party risk assessment.Why it’s important to shift your mindset from one that views security as an obstacle to one that views it as an opportunity.Uncovering the unknown unknowns in cybersecurity.How “defense in depth” strategies can put security teams a step ahead of threat actors.The four traits that lead hackers to be successful, and why thinking like one can be an effective way to bolster your cyber defenses.

Ginger Kerrick, Chief Strategy Officer at Barrios Technology and former NASA expert, shares her thrilling journey of managing risks in space missions. She discusses how NASA employees are trained to think logically during crises and the importance of strong leadership in risk management. Ginger also highlights the lessons learned from past disasters that inform future planning, and she dives into the challenges of managing space debris while fostering a culture of safety and innovation. Her insights offer a fascinating glimpse into the complexities of space exploration.

Allstate Canada's Chief Risk Officer, Jason Wang, discusses the importance of holistic risk assessment and strategic risk management in the financial sector. Topics include building a comprehensive risk register, positioning risk management as a strategic enabler, and the need for chief risk officers on the executive team.

When doing business with the federal government and its myriad agencies, organizations are bound to run into plenty of mandates, regulations, and other requirements. Navigating them all can cause a headache for even the most detail-oriented compliance managers.On this episode of GRC & Me, Chris Clarke is joined by Intel Federal’s Compliance Program Manager, John Griffin. Griffin draws on his decades of experience in federal contracting and working with government agencies at companies like Honeywell and Boeing to explore methods for better managing product development and performing diligence on third-party vendor relationships while operating under strict and stringent government standards and requirements. Plus, learn a few of Griffin’s more creative methods for determining how risky a particular organization might be to work with.

Oftentimes, cyber risk teams are viewed as reactive “audit police,” swooping into projects to flag risks and forcing changes at key points. This approach can generate a resentful — even toxic — risk culture. There’s a better way to build healthier risk cultures: Taking a more collaborative, embedded approach to cyber risk management by positioning cyber risk leaders as advisors and partners, working side-by-side with project teams from the start.On this episode of GRC & Me, Chris Clarke is joined by Cyberpink’s Founder & Owner, Praj Prayag-Deb, to discuss how to shift your organization’s risk culture toward this new approach, her formula for building successful cyber risk programs from scratch, how leveraging the right technology makes it all possible, and why adopting a growth mindset is critical for every cyber risk leader.