))
From Risk-Based to Trust-Based: Evolving GRC with Netflix’s Mosi Platt
Manage episode 478479487 series 3660899
Raj Krishnamurthy에서 제공하는 콘텐츠입니다. 에피소드, 그래픽, 팟캐스트 설명을 포함한 모든 팟캐스트 콘텐츠는 Raj Krishnamurthy 또는 해당 팟캐스트 플랫폼 파트너가 직접 업로드하고 제공합니다. 누군가가 귀하의 허락 없이 귀하의 저작물을 사용하고 있다고 생각되는 경우 여기에 설명된 절차를 따르실 수 있습니다 https://ko.player.fm/legal.
In the premiere episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mosi Platt, Senior Security Compliance Engineer at Netflix, to explore his unconventional journey into security and governance, risk, and compliance (GRC). From his first exposure to computers in his aunt’s home lab to becoming a leader in IT audits and compliance, Mosi shares the pivotal moments that shaped his career.
Together, they unpack the realities vs. myths of security governance, why risk quantification is still an unresolved debate, and how security and GRC teams can move from reactive compliance to proactive trust-building. They also dive into the SEC’s cybersecurity materiality rules, digital transformation in compliance, and the shift from risk-based to trust-based security models.
This episode is packed with insights for security leaders, compliance professionals, and anyone looking to understand the evolving landscape of security and GRC. Tune in to learn how leading with truth, adapting to change, and embracing value creation can transform the way organizations approach compliance and security assurance.
🎧 Listen now and decode the future of Security & GRC!
Learn more about ComplianceCow and how we can help your GRC teams!
🎤 Guest Contact Information:
Mosi Platt
Senior Security Compliance Engineer at Netflix
🔗 LinkedIn: https://www.linkedin.com/in/mosi-k-platt/
⏱ Timestamps:
0:00 Introduction & Host
0:38 Mosi’s Journey (IT Training to Security Consulting)
6:50 Early Career in Compliance (IT Audits)
10:44 Defining Security & GRC (3 Pillars)
12:38 Myth of Security Governance (CISO Oversight)
14:48 State of GRC Today (Risk Quantification & SEC Regs)
19:30 SEC Cybersecurity Materiality Rules
24:12 Adapting GRC Strategies (People, Process, Tech)
30:10 Building a Security GRC Program (ISO 27001 Steps)
35:00 Risk-Based vs. Trust-Based Security
41:55 Getting Executive Buy-In (Truth vs. Fear)
45:28 Inheriting a GRC Program (Evaluate & Optimize)
49:17 Future of GRC & Digital Transformation
52:37 The Perfect GRC Solution (Automated Compliance)
56:00 Recommended Books & Podcasts
58:30 Final Thoughts & Key Takeaways
🔗 Additional Resources:
📚 Books:
- Investments Unlimited by IT Revolution: https://itrevolution.com/product/investments-unlimited/
- Emergency Skin by N.K. Jemisin (Audiobook): https://www.audible.com/pd/Emergency-Skin-Audiobook/1978650841
🎧
24 에피소드
공유
