From Risk-Based To Trust-Based: Evolving GRC With Netflix’s Mosi Platt Security & GRC Decoded podcast

From Risk-Based to Trust-Based: Evolving GRC with Netflix’s Mosi Platt

8M ago 1:03:46

שתפו

תוכן מסופק על ידי Raj Krishnamurthy. כל תוכן הפודקאסטים כולל פרקים, גרפיקה ותיאורי פודקאסטים מועלים ומסופקים ישירות על ידי Raj Krishnamurthy או שותף פלטפורמת הפודקאסט שלהם. אם אתה מאמין שמישהו משתמש ביצירה שלך המוגנת בזכויות יוצרים ללא רשותך, אתה יכול לעקוב אחר התהליך המתואר כאן https://he.player.fm/legal.

In the premiere episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mosi Platt, Senior Security Compliance Engineer at Netflix, to explore his unconventional journey into security and governance, risk, and compliance (GRC). From his first exposure to computers in his aunt’s home lab to becoming a leader in IT audits and compliance, Mosi shares the pivotal moments that shaped his career.

Together, they unpack the realities vs. myths of security governance, why risk quantification is still an unresolved debate, and how security and GRC teams can move from reactive compliance to proactive trust-building. They also dive into the SEC’s cybersecurity materiality rules, digital transformation in compliance, and the shift from risk-based to trust-based security models.

This episode is packed with insights for security leaders, compliance professionals, and anyone looking to understand the evolving landscape of security and GRC. Tune in to learn how leading with truth, adapting to change, and embracing value creation can transform the way organizations approach compliance and security assurance.

🎧 Listen now and decode the future of Security & GRC!

Learn more about ComplianceCow and how we can help your GRC teams!

🎤 Guest Contact Information:

Mosi Platt
Senior Security Compliance Engineer at Netflix
🔗 LinkedIn: https://www.linkedin.com/in/mosi-k-platt/

⏱ Timestamps:

0:00 Introduction & Host
0:38 Mosi’s Journey (IT Training to Security Consulting)
6:50 Early Career in Compliance (IT Audits)
10:44 Defining Security & GRC (3 Pillars)
12:38 Myth of Security Governance (CISO Oversight)
14:48 State of GRC Today (Risk Quantification & SEC Regs)
19:30 SEC Cybersecurity Materiality Rules
24:12 Adapting GRC Strategies (People, Process, Tech)
30:10 Building a Security GRC Program (ISO 27001 Steps)
35:00 Risk-Based vs. Trust-Based Security
41:55 Getting Executive Buy-In (Truth vs. Fear)
45:28 Inheriting a GRC Program (Evaluate & Optimize)
49:17 Future of GRC & Digital Transformation
52:37 The Perfect GRC Solution (Automated Compliance)
56:00 Recommended Books & Podcasts
58:30 Final Thoughts & Key Takeaways

🔗 Additional Resources:

📚 Books:

Investments Unlimited by IT Revolution: https://itrevolution.com/product/investments-unlimited/
Emergency Skin by N.K. Jemisin (Audiobook): https://www.audible.com/pd/Emergency-Skin-Audiobook/1978650841

🎧

20 פרקים