This is GRC

This Is GRC | Real Skills for Future GRC Leaders

All Our Latest Posts

Why Access control is security's most critical battlefield

Why Access control is security's most critical battlefield

Originally published 2023-12-06 on thisisgrc.com. When my manager summoned me to his cubicle, he looked like a washed-out pug. I had my degree in security and a couple of years of experience by then. I was advising on over 20 projects, ...

3 minute read
You don’t go into cybersecurity to make friends

You don’t go into cybersecurity to make friends

Originally published 2023-11-29 on thisisgrc.com. “If I wanted to make friends I wouldn’t work in security”, he yelled, smashing the phone on his desk. He put his jacket back on and stormed off while I looked toward my other colleague, ...

4 minute read
How to convince developers to fix their security vulnerabilities?

How to convince developers to fix their security vulnerabilities?

Originally published 2023-11-22 on thisisgrc.com. Ask any security specialist about their biggest frustration. Most of them will bring up their cynicism about finding the same vulnerabilities every year while developers ignore them (the...

5 minute read
How to incorporate security into your branding strategy?

How to incorporate security into your branding strategy?

Originally published 2023-11-15 on thisisgrc.com. The most unexpected benefit I got from this newsletter is the content marketing skills I've built along the way. Speaking the "brand" language brought me closer to my employer's marketin...

2 minute read
What you need to know before you start your bug bounty program

What you need to know before you start your bug bounty program

Originally published 2023-11-08 on thisisgrc.com. Organizations use bug bounty programs to pay hackers who discover website vulnerabilities. The idea is to incentivize the bug researchers to disclose the vulnerabilities for payment inst...

5 minute read
What Ted Lasso can teach us about cybersecurity leadership

What Ted Lasso can teach us about cybersecurity leadership

Originally published 2023-11-01 on thisisgrc.com. The show Ted Lasso took Apple TV by storm, winning Emmies and the population's hearts. I recently discovered this tale of an American football coach hired to coach European football (soc...

4 minute read
How to handle conflicts in information security

How to handle conflicts in information security

Originally published 2023-10-25 on thisisgrc.com. If you dislike conflicts, don't work in information security. As a mentor once told me: "I'm not in security to make friends." Don't get me wrong. The vast majority of InfoSec profession...

5 minute read
The GRC Career Advice Nobody Talks About (But Everyone Needs)

The GRC Career Advice Nobody Talks About (But Everyone Needs)

Originally published 2023-10-18 on thisisgrc.com. If you're reading this, you're probably a cybersecurity professional who's frustrated with the gap between what the industry preaches and what actually works in practice. I've been there...

4 minute read
The importance of cybersecurity: Who are we protecting?

The importance of cybersecurity: Who are we protecting?

Originally published 2023-10-11 on thisisgrc.com. A few weeks ago, a friend was caught in a hospitality cyber-fraud. The threat actors infiltrated the hotel's booking.com accounts. Using this valid account, they sent fraudulent emails a...

3 minute read
Breaking Into Cybersecurity: A Story About Overcoming Professional Anxiety

Breaking Into Cybersecurity: A Story About Overcoming Professional Anxiety

Originally published 2023-10-04 on thisisgrc.com. “Any advice for an aspiring cybersecurity professional to break in?” This is the question I get the most. I always answer by telling my story. I don’t see my path as a model of anything....

5 minute read
‹ Prev | Next ›