Security & GRC Decoded
How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC). Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy. It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates. Security & GRC Decoded brings you: Actionable strategies, expert insights, and real-world stories to elevate your Security GRC programs. Each episode explores frameworks, risk management strategies, and innovations shaping the future of GRC – from practitioners in the trenches. Subscribe now to unlock the tools and knowledge you need to succeed!
Episodes
37 episodes
The Trust Gap in AI: Why Agents Need a New Certification Model ft Rajiv Dattani & David Meyer @ AIUC
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Rajiv Dattani and David Meyer from Artificial Intelligence Underwriting Company (AIUC) to explore one of the biggest unanswered questions in AI security:Can ...
Beyond Checkbox Compliance: Why GRC Must Become an Engineering Discipline ft Sheron Chakalakal, Head of GRC @ UiPath
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Sheron Chakalakal, Head of GRC at UiPath, to explore why the future of ...
From Compliance Theater to GRC Infrastructure: Why AI Breaks Traditional GRC ft Jasmine Kaur, Principal of Security & Assurance Engineering @ CoreWeave
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Jasmine Kaur, Principal of Security & Assurance Engineering at CoreWeave<...
The GRC Illusion: Why Third-Party Risk Is Still Broken ft Val Dobrushkin, Director of GRC @ Tricentis
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Val Dobrushkin, Director of GRC at
GRC Is Broken... And Nobody Wants to Admit It ft Dylan O’Dell, AVP Information Risk Officer @ Manulife
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Dylan O’Dell, AVP Information Ri...
Security Is a Human Problem, Not a Tool Problem ft Steven Asifo, Director of Security & GRC @ Yahoo
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Steven Asifo, Director of Security & GRC at Yahoo, for one of the most refreshing conversations the show has had on communication, influence, and the human s...
The 3 Year GRC Reckoning: Customer Trust, Real-Time Assurance, and the Future of Risk ft Bryan Culp, Senior Director of Customer Trust @ Box
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Bryan Culp, Senior Director of Customer Trust at Box
When GRC Stops Watching and Starts Working ft Ryan Schoeller, Director of Security & GRC @ Treasure Data
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Ryan Schoeller, Director of Sec...
Does GRC Belongs Outside Security? The Case for an Independent Second Line ft Charles Nwatu - GRC Engineering Leader
What if GRC shouldn’t sit inside Security at all—and what if the bigger problem isn’t automation, but what you do after you automate? In this episode, Raj Krishnamurthy...
GRC Is an Engineering Discipline. Not a Checklist. ft Akhila Chitiprolu, Head of Security & GRC @ Sierra
GRC has long been seen as abstract, manual, and disconnected from how modern engineering teams actually work, but that narrative is breaking down. In this episode of Security & GRC Decoded,
GRC as a Growth Engine: From Checklists to Continuous Assurance ft Vivek Madan - Director of Security, Risk, and Compliance @ Fortinet
In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Vivek Madan to unpack what it really means to run a modern GRC program inside a global cybersecurity company. Drawing from his journey...
Audit ≠ Security: Building Auditable Controls in a High-Velocity World ft Varun Prasad, Cloud Security & Privacy Assurance @ BDO
Audits are often misunderstood, frequently disliked, and almost always viewed as a necessary evil — but what if that mindset is holding security teams back? In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Varun P...
Scaling GRC Without the Chaos: How to Build Programs That Don’t Break ft Tom Scuderi, Senior Manager of Security & GRC @ LTK
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Tom Scuderi, Senior Manager of Security & GRC at
Controls Are Promises: Rethinking GRC for Modern Security ft Sergio Alonso @ Rapid7
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Sergio Alonso, a ...
How Pragmatic Controls Build Trust Between GRC, Security, and Engineering ft Mukund Sarma, Deputy CISO @ Chime
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mukund Sarma, ...
How to Build Trust Between GRC and Engineering ft Tristan Ingold, Security GRC Program Manager at Meta
How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes
Rethinking Risk: Data-Driven Decisions for Modern CISOs ft Tony Martin-Vegue
In this episode, Raj Krishnamurthy speaks with Tony Martin-Vegue, seasoned risk practitioner, speaker, and co-chair of the FAIR Institute San Francisco chapter. Tony shares decades of lessons learned from leading cyber r...
Why GRC Is More Than Compliance with Kenneth Moras | Head of Security GRC | Plaid
In this episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Kenneth Moras, Head of Security GRC at Plaid. Kenneth share...
“This GRC Space is Hot!” with Varun Gurnaney, Staff Security Engineer at Apple
How does a software engineer become a GRC leader? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Varun Gurnaney, Staff Security Engineer at...
Risk in Dollars: The Future of GRC Measurement ft Ramya Subramanian, Director of GRC @ Freshworks
How does a network engineer become a GRC leader? Ramya Subramanian’s journey spans nearly two decades across IT, security, and governance...
Compliance ≠ Security: It Sets the Foundation ft Evan Millman, Security GRC Manager @ Abnormal AI
What’s the true relationship between compliance and security? According to Evan Millman, compliance may not be security—but it’s the necessary starting point for buil...
Cyber Economics and Keeping Up with Innovation ft Trupti Shiralkar (Cybersecurity Leader & Advisor)
What trade-offs are you willing to make in cybersecurity? In this episode of Security & GRC Decoded, host Raj Krishnamurthy is joined by Trupti Shir...
Why Security And GRC Teams Must Act Like Service Teams ft Jiphun Satapathy from Medallia
Jiphun Satapathy has built and scaled security organizations at AWS, Snowflake, and now Medallia. In this episode, he ...