In this episode, Sarah Tenisi speaks with Nicholas Muy, Head of Partnerships at Scrut Automation for North America and the EU.
Nick has held a variety of high-impact roles at SaaS companies, many of which are familiar household names. Through his passion for cybersecurity and compliance, he helps companies manage risk and earn trust with their clients by helping them understand and implement great security and compliance practices.
Listen in as Nick discusses the challenges of balancing security and compliance while managing risk and building trust with clients in the IT space. He shares his insights on the importance of storytelling to communicate the complexities of security and compliance to stakeholders, as well as making tough investment decisions.
Nick talks about today’s career opportunities in cybersecurity, and how he solves governance, risk, compliance (GRC) for clients. He also discusses essential cybersecurity practices such as multifactor authentication and strong password management, while sharing horror stories of IT security and compliance to emphasize that solving this ongoing issue is ultimately a collective effort.
What You’ll Learn in This Episode:
● [02:31] Why IT security and compliance continues to be an issue
● [08:22] The difference between security and compliance
● [11:14] Defining “GRC”
● [17:09] Balancing security and compliance with risk management
● [20:31] Nick’s journey in the cybersecurity space
● [31:46] Must-do security requirements today
● [39:10] How to convince company owners to take these measures seriously
● [47:49] Security and compliance as a collective effort
Key quotes:
● “Security is the set of things you do to manage risks to your company that come from being insecure. Compliance is what you do to manage the practices that you need to have in place to maintain your security posture.”
● "Governance versus compliance is something that's been around the financial industry, banks and huge companies the world over for a long, long time."