The Compliance Playbook to Cybersecurity

"Compliance is the security referee - frameworks are the playbooks."

In this episode, I’m joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.

Tim shares what he’s learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.

Here are some highlights from the episode:

• What GRC actually means - and why governance is the most misunderstood part
• Why people who say "compliance isn't security" are missing the point
• How explaining the "why" of cybersecurity controls aids in acceptance
• Why data retention policies can protect you from major legal headaches
• And yes… a story about how Ti ...