GRC & Me
LogicGate
When Governance, Risk, and Compliance (GRC) issues are in the headlines, it’s usually a bad thing. It’s only when a major data breach happens, or a company runs afoul of some regulation, that these important responsibilities get their time in the limelight. GRC & Me is here to shine a light on those individuals tasked with safeguarding their employers’ information and integrity, day in and day out. Tune in monthly as host Jane Totaro, LogicGate Podcast Host, and her guests explore the issues and ideas that give shape to these interconnected functions. Just as GRC touches many parts of a business, so too will the podcast delve into a wide array of topics, trends and concerns—from current events and modern methodologies to cultural nuances and game-changing developments. Join us and learn why GRC is so critical to the future of any organization, where the industry has been—and where it’s going.
Episodes
Mentioned books
Jul 26, 2023 • 58min
Using Cyber Risk Quantification to Make the Right Risk Decisions
This podcast episode discusses the importance of cyber risk quantification in cybersecurity programs. The speakers explore how risk quantification leads to better risk decision-making, reducing reactivity and improving communication across organizations. They also discuss the use of risk quantification for positive business incentives and strategic decisions, equipping leaders for operational resilience, the risks and benefits of AI in organizations, and the interplay between cybercrime and emerging technologies in GRC.
Jun 28, 2023 • 34min
Preparing for DORA, NIS2, and the new European push for cybersecurity
With information and cybersecurity incidents growing in frequency and severity, regulators in the European Union are hard at work devising new rules designed to incentivize organizations to harden their cyber defenses.On this episode of GRC & Me, Megan Brown sits down with Wizz Air’s Andras Szabolcs, Cyber Risk Expert, and Peter Szigetvari, Operational Risk Expert, to break down the similarities and differences between two of these new European Union regulations — the Digital Operational Resilience Act, or DORA, and Network and Information Security Directive 2, or NIS2 — how they could affect nearly every company despite their official scope, and how organizations can prepare to comply with them using modern GRC technology.
May 31, 2023 • 1h 11min
The Risks and Rewards of AI in Business Automation
Dorian Cougias, CEO of United Compliance Framework, and host Chris Clarke discuss the risks and rewards of AI in business automation, including the importance of double-checking generative AI output, knowledge levels in compliance tasks, AI terminology, ethics in AI, and the use of AI in compliance processes.
4 snips
Feb 2, 2023 • 14min
Positioning GRC as an Enabler with Integrated Data
Former Regulatory Data Manager at Honeywell, Mike Curl, and Andy Ruse discuss building dashboards, organizational buy-in for change management, integrating GRC into daily operations, bridging communication gaps between executives, using employee feedback to improve work balance and mental health, and effective executive reporting with personal endeavors like charity events.
Jan 19, 2023 • 24min
Breaking Down Organizational Silos With a Common Risk Language
Dimitrios Stergiou from Wayflyer discusses breaking down organizational silos with a common risk language, emphasizing risk quantification, standard frameworks, and global standards. Topics include navigating standards for compliance, developing business cases for projects, and optimizing digital strategies in traditional industries.
Jan 4, 2023 • 25min
The Five Layers of a Mature GRC Program
Mike Santos, Director of Security and Information Governance at Cooley, discusses his five-layer maturity model for GRC programs, the challenges of obtaining ISO 27001 certification, the evolution of risk management programs, the benefits of automating GRC processes, and the vision for advanced automation and integration in GRC programs.
Dec 21, 2022 • 10min
Measurement as a Foundation for Communicating Risk
Anthony Riley, OKTA's risk measurement expert, discusses best practices for measuring and communicating risk. Topics include the importance of risk culture, the impact of regulations on risk management, effective risk measurement strategies, tailoring communication to different audiences, and the benefits of measuring and reporting risks for prioritization and control insights.
Dec 7, 2022 • 22min
Building the Business Case for Getting the Right GRC Technology
This episode takes a deep dive into creating a business case for investing in GRC technology by proving its cost-saving impact. LogicGate CEO Matt Kunkel spoke with Michael Rasmussen, a renowned GRC expert, to discuss the past, present, and future of GRC spending. Listen to discover how to build a business case for upgrading to the latest and greatest in GRC.
Nov 23, 2022 • 10min
The Risks We Cannot See
Howard Mannella, Senior Staff of Global Business Continuity and Security at Udemy, discusses proactive crisis management, impact-focused resilience, and the benefits of a risk cloud platform for business continuity. The conversation emphasizes staying ahead of risks and prioritizing recovery efforts based on impact rather than cause.
Nov 9, 2022 • 17min
How to Build a Risk Practice
This episode tackles the essential topic of how to build and mature a risk program aligned with business objectives. Andy Ruse, LogicGate’s president of field operations, recently caught up with James Bundy, practice director at cybersecurity consulting firm Optiv, to explore how businesses across all industries can create a holistic GRC program that contributes to real business growth. How can compliance requirements become business enablers? Listen to find out.
