InformacjeRegulaminPrywatnośćKontakt
 
Aktualizowanie
Security & GRC Decoded

Security & GRC Decoded

Opublikowany: 2025-10-16
© 2025 Security & GRC Decoded
Security & GRC Decoded - QR Code
21 Episodes
Audio
Posłuchaj w Apple Podcasts
21 Episodes
Audio
Posłuchaj w Apple Podcasts
Opublikowany: 2025-10-16
© 2025 Security & GRC Decoded
Najnowszy odcinek
Rethinking Risk: Data-Driven Decisions for Modern CISOs ft Tony Martin-Vegue

Rethinking Risk: Data-Driven Decisions for Modern CISOs ft Tony Martin-Vegue

In this episode, Raj Krishnamurthy speaks with Tony Martin-Vegue, seasoned risk practitioner, speaker, and co-chair of the FAIR Institute San Francisco chapter. Tony shares decades of lessons learned from leading cyber risk management at Netflix, Gap, a
Czas: 1:00:29
In this episode, Raj Krishnamurthy speaks with Tony Martin-Vegue, seasoned risk practitioner, speaker, and co-chair of the FAIR Institute San Francisco chapter. Tony shares decades of lessons learned from leading cyber risk management at Netflix, Gap, and other major enterprises—showing how to move from qualitative heat maps to quantitative insights that drive smarter business decisions.
He breaks down Monte Carlo simulations, risk modeling, and the six levers that influence risk—all through a practical, approachable lens. Tony also explores how generative AI is transforming risk quantification and what every CISO, analyst, and engineer can do today to make risk measurable, actionable, and business-aligned.
Key Takeaways
CRQ doesn’t require perfection—start with what you have and refine over time.The most effective risk programs focus on directionally correct data, not precision.Good risk scenarios clearly define asset, threat, and effect to avoid misalignment.Generative AI accelerates scenario development, data research, and model creation.CISOs should demand more from risk teams—move beyond “pick a color” heat maps.
Topics Covered
Cyber risk quantification (CRQ)Monte Carlo simulations and modelingRisk scenario design and measurementGRC and compliance integrationGenerative AI in risk managementMoving from qualitative to quantitative riskImproving risk hygiene and maturityCISO leadership and risk culture
What You’ll Learn
The difference between qualitative and quantitative risk methodsHow to conduct your first risk quantification in ExcelWhy Monte Carlo simulations are simpler than most thinkHow GRC, compliance, and security teams can collaborate effectivelyThe six levers that influence risk magnitude and frequencyThis podcast is brought to you by ComplianceCow:
ComplianceCow helps enterprises automate GRC, shift compliance left, and continuously monitor controls across the business. 
Learn more at ComplianceCow.com
Connect with our guest: Tony Martin-Vegue on LinkedIn
Co-Chair, FAIR Institute San Francisco ChapterFormer Risk Leader at Netflix and Gap Inc.Author, From Heat Maps to Histograms (coming 2026)Subscribe to Security & GRC Decoded on your favorite platform:
SpotifyApple PodcastsExplore all episodes: ComplianceCow.com/podcast
Kod odcinka: 1000732178221
GUID: Buzzsprout-18018493
Data wydania: 16.10.2025, 19:00:00

Opis

How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC).Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy.It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates.Security & GRC Decoded brings you:+ Actionable strategies.+ Expert insights.+ Real-world stories to elevate your Security GRC programs.Each episode explores frameworks, risk management strategies, and innovations shaping the future of GRC – from practitioners in the trenches.Subscribe now to unlock the tools and knowledge you need to succeed.

Apple Podcasts: Opinie

Brak wpisu