CISO Insights: Navigating the GRC Landscape
A robust GRC program fosters the ability to manage key risks and protect sensitive data, aligning security initiatives with organizational objectives; and ultimately allows the CISO to establish trust and confidence with key stakeholders. However, the constantly evolving regulatory landscape is resource intensive to manage and requires striking a delicate balance of security controls that won’t stifle productivity or innovation. In this panel discussion, CISOs from diverse industries share insights on:
- Determining and implementing appropriate policies and security controls
- Addressing challenges to integrate GRC practices into organizational operations
- Securing adequate resources to implement and maintain a GRC program
Speakers
Steven Fox directs the GRC strategy for Educational Testing Services, the world’s largest private educational testing and assessment organization. He brings a cross-disciplinary, international perspective to the practice of information security; combining his experience as a Deputy CISO, security consultant, an IT Auditor and a systems engineer with principles from behavioral/organizational psychology to address security challenges.
Dale is a seasoned cybersecurity and technical operations leader with a distinguished career in the U.S. Navy, where he designed secure, mission-critical systems. Currently the Director of Information Security at RegScale, Dale built RegScale’s security program from the ground up, enhancing compliance, risk management, and operational effectiveness. Recognized for his excellence in building Security Operations Centers and Threat Intelligence programs, Dale’s tactical leadership has led to significant achievements, including disaster recovery and business continuity planning for the DoD, rapid deployment of communication packages for Navy Seal Teams, and the creation of training programs for system administrators. His hands-on approach and commitment to efficiency have made regulatory compliance faster and more accessible.
Dr. Dustin Sachs is the Chief Technologist and Sr. Director of Programs at CyberRisk Collaborative. He is a highly accomplished cybersecurity professional with a proven track record in risk management, compliance, incident response, and threat mitigation. He is CISSP-certified and holds a Doctor of Computer Science (DCS) degree in Cybersecurity and Information Assurance. Dr. Sachs has worked in various industries, including public utilities, food distribution, and oil and gas. He is a respected thought leader in the cybersecurity community.