Podcasts, Interview, Webinars, Articles, and More!

"Compliance Leader Burnout -- 3 Causes and 3 Fixes"
 

I wrote this article for anecdotes' blog to explore a problem I've seen many GRC leaders face: How to deliver business value without burning out. Having worked in Security, Engineering, and Compliance, I have a great deal of sympathy for the plight of Compliance leaders--and I offer some solutions for sanity.

"Cost to Audit vs. Cost to Comply"
 

Trent Russell and I had a fun time chatting about the intersection of audit and compliance. I probably threw Trent a few curveballs, but he took it in stride and it made for a really interesting discussion.

"Top Compliance Trends in 2022"
 

I spoke with Yair Kuznitsov and Prabhath Karanth about the top trends Compliance leaders need to know about in 2022. This was a lively discussion and covered a host of topics from the intersection of security and compliance to how to use risk effectively for better decision making by leadership.

"IPO Prep & SOX compliance - Instacart & Armanino Share Hard Earned Knowledge"
 

I co-presented with Todd Bishop and Aidan Collins at Compliance Week on the topic of IPO Prep & SOX Compliance readiness. How do you wrangle that rocketship/unicorn momentum into the challenging control environment that will pass a SOX audit? Have a listen and learn from our collective experience in helping multiple companies on the journey to public-company readiness!

 I had a great time chatting with Kyle Polich at the Software Engineering Daily podcast recently. We discussed how Risk & Compliance functions can support strategic decision-making at technology companies, and why it's important to translate the regulatory needs of the business into engineering-friendly frameworks that leverage automation and instrumentation to succeed at scale. I'd love to hear what you think!

"Controls Are Not the Enemy"

I wrote this article to provide some basic guidance on how to approach security controls and make them work for you (not against you).