Security & GRC Decoded

In this episode, Raj Krishnamurthy sits down with , GRC & Security at , and a former security, risk and compliance leader at Cruise and Dropbox, to explore fresh perspectives on Security & GRC. Kieran opens with a bold stance: data breaches, while critical, aren't the top threat they used to be. Instead, he argues, maintaining availability and service uptime is now paramount. Drawing from his unique experience building the foundational GRC program at Cruise, a pioneering self-driving car company, Kieran reveals how managing cybersecurity risks took on profound urgency—literally...

Security & GRC Decoded

Ever wondered if your GRC team should be writing code? (Spoiler alert: Jeevan thinks they probably should.) In this eye-opening episode of Security & GRC Decoded, Jeevan Singh, Director of Security Engineering at Rippling, joins Raj to challenge traditional views of Governance, Risk, and Compliance (GRC). Jeevan passionately argues why GRC teams must become more technical, automated, and deeply integrated into engineering processes to truly protect and enable businesses. Drawing from his experience at Segment and Rippling, he provides actionable insights and real-world examples to...

Security & GRC Decoded

In this episode, Raj Krishnamurthy interviews , Director of Security and Compliance at , to uncover valuable insights into the evolving world of Governance, Risk, and Compliance (GRC). Shobhit shares his controversial perspective on GRC teams overburdening themselves, emphasizing the need for GRC professionals to expand their technical expertise and embrace a product management mindset. The conversation dives into proactive strategies for GRC success, the importance of integrating privacy into compliance frameworks, and actionable tips for achieving High Trust certification on a budget....

Security & GRC Decoded

In this episode of Security & GRC Decoded, host Raj Krishnamurthy (CEO of ComplianceCow) sits down with , a Staff Security Assurance Engineer at GitLab and co-author of the GRC Engineering Manifesto, for a deep dive into the evolution of GRC through an engineering lens. Ayoub shares how his background in consulting and cloud-native startups led him to question the traditional, checklist-heavy approach to GRC—and why embracing real-time data, automation, and developer-friendly processes is the key to building stronger security and compliance programs. He also reveals his controversial...

Security & GRC Decoded

In this episode of Security & GRC Decoded, host Raj Krishnamurthy, CEO of ComplianceCow, sits down with —former CISO and AWS Security Engineering Leader—to explore the evolving landscape of security, governance, and risk management. Carlos shares his journey from leading security in highly regulated industries like banking and energy to championing large-scale security engineering at AWS. Together, they discuss how effective GRC programs can move beyond “checkbox” compliance to become true business enablers—accelerating growth, deepening customer trust, and supporting innovation...

Security & GRC Decoded

In this episode of Security & GRC Decoded, host Raj Krishnamurthy, CEO of ComplianceCow, sits down with Abhay Kshirsagar, Director of Security Services and Tools at Salesforce, to explore the evolving landscape of security, compliance, and customer assurance. Abhay shares his journey from IT audit and risk advisory to leading compliance automation, continuous monitoring, and customer assurance at industry giants like Cisco and now Salesforce. They discuss how compliance programs can move beyond checkboxes to become strategic enablers of business growth, unlocking new markets,...

Security & GRC Decoded

In this episode of Security & GRC Decoded, Raj Krishnamurthy, CEO of ComplianceCow, sits down with Walter Haydock, CEO of StackAware, to discuss the evolving landscape of AI security, governance, risk, and compliance (GRC). Walter shares insights on emerging AI threats, the importance of ISO 42001 certification, and the challenges organizations face when integrating AI into their security and compliance programs. Key topics include: DeepSeek and AI Privacy Risks Regulatory Challenges in AI Security & Compliance The Intersection of AI Governance and GRC Building a Business Case for AI...

Security & GRC Decoded

In the premiere episode of Security & GRC Decoded, host Raj Krishnamurthy sits down with Mosi Platt, Senior Security Compliance Engineer at Netflix, to explore his unconventional journey into security and governance, risk, and compliance (GRC). From his first exposure to computers in his aunt’s home lab to becoming a leader in IT audits and compliance, Mosi shares the pivotal moments that shaped his career. Together, they unpack the realities vs. myths of security governance, why risk quantification is still an unresolved debate, and how security and GRC teams can move from reactive...