This is GRC
This Is GRC | Real Skills for Future GRC Leaders
All Our Latest Posts
Why Access control is security's most critical battlefield
Originally published 2023-12-06 on thisisgrc.com. When my manager summoned me to his cubicle, he looked like a washed-out pug. I had my degree in security and a couple of years of experience by then. I was advising on over 20 projects, ...
3 minute read
You don’t go into cybersecurity to make friends
Originally published 2023-11-29 on thisisgrc.com. “If I wanted to make friends I wouldn’t work in security”, he yelled, smashing the phone on his desk. He put his jacket back on and stormed off while I looked toward my other colleague, ...
4 minute read
How to convince developers to fix their security vulnerabilities?
Originally published 2023-11-22 on thisisgrc.com. Ask any security specialist about their biggest frustration. Most of them will bring up their cynicism about finding the same vulnerabilities every year while developers ignore them (the...
5 minute read
How to incorporate security into your branding strategy?
Originally published 2023-11-15 on thisisgrc.com. The most unexpected benefit I got from this newsletter is the content marketing skills I've built along the way. Speaking the "brand" language brought me closer to my employer's marketin...
2 minute read
What you need to know before you start your bug bounty program
Originally published 2023-11-08 on thisisgrc.com. Organizations use bug bounty programs to pay hackers who discover website vulnerabilities. The idea is to incentivize the bug researchers to disclose the vulnerabilities for payment inst...
5 minute read
What Ted Lasso can teach us about cybersecurity leadership
Originally published 2023-11-01 on thisisgrc.com. The show Ted Lasso took Apple TV by storm, winning Emmies and the population's hearts. I recently discovered this tale of an American football coach hired to coach European football (soc...
4 minute read
How to handle conflicts in information security
Originally published 2023-10-25 on thisisgrc.com. If you dislike conflicts, don't work in information security. As a mentor once told me: "I'm not in security to make friends." Don't get me wrong. The vast majority of InfoSec profession...
5 minute read
The GRC Career Advice Nobody Talks About (But Everyone Needs)
Originally published 2023-10-18 on thisisgrc.com. If you're reading this, you're probably a cybersecurity professional who's frustrated with the gap between what the industry preaches and what actually works in practice. I've been there...
4 minute read
The importance of cybersecurity: Who are we protecting?
Originally published 2023-10-11 on thisisgrc.com. A few weeks ago, a friend was caught in a hospitality cyber-fraud. The threat actors infiltrated the hotel's booking.com accounts. Using this valid account, they sent fraudulent emails a...
3 minute read
Breaking Into Cybersecurity: A Story About Overcoming Professional Anxiety
Originally published 2023-10-04 on thisisgrc.com. “Any advice for an aspiring cybersecurity professional to break in?” This is the question I get the most. I always answer by telling my story. I don’t see my path as a model of anything....
5 minute read