Think in Systems w/ Simon Goldsmith from OVO

https://is1-ssl.mzstatic.com/image/thumb/Podcasts221/v4/6e/41/d8/6e41d8e8-60a1-2cfa-dbe0-4fe8872a8f1d/mza_11900190343883545400.jpg/600x600bb.jpg

GRC Engineer

Ayoub Fandi

17 episodes

4 days ago

The podcast for practitioners applying systems thinking and engineering principles to GRC. We speak with GRC leaders, security engineers and practitioners transforming legacy GRC through automation, orchestration, and architectural thinking. Learn how to design scalable systems, build better workflows and solve coordination challenges. GRC Engineering works everywhere: from spreadsheets to enterprise platforms, AI startups to Fortune 500s. It also works for you! Hosted by Ayoub Fandi, founder of GRC Engineer, co-author of the GRC Engineering manifesto and leading GRC Engineering at GitLab.

Technology

RSS

All content for GRC Engineer is the property of Ayoub Fandi and is served directly from their servers with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.

Technology

https://d3t3ozftmdmh3i.cloudfront.net/staging/podcast_uploaded_episode/39449802/39449802-1733758014495-a455e41695889.jpg

Think in Systems w/ Simon Goldsmith from OVO | S1E3

GRC Engineer

56 minutes 40 seconds

1 year ago

Think in Systems w/ Simon Goldsmith from OVO | S1E3

Episode Summary

In this episode, I welcome Simon Goldsmith, the Head of Information Security at OVO and a seasoned security leader with over 20 years of experience across industries like defence, financial services, and retail.

Simon shares his journey from working on helicopter survivability for the Ministry of Defence to leading security efforts at OVO, focusing on systems thinking and the evolving role of GRC in fast-paced environments.

The discussion dives deep into the challenges of balancing speed and security, the importance of collaboration in regulatory compliance, and how personal responsibility for CISOs is shaping the future of security leadership.

Key Topics Discussed

💼 Career Journey: Simon reflects on his career path, starting in the defense sector with the Ministry of Defense, moving through financial services and retail, and eventually taking on his current role at OVO.
🌀 Systems Thinking in Security: Insights into how Simon applied systems engineering concepts like "the survivability onion" to improve security outcomes across different industries.
📹 Balancing Speed and Security: A discussion on how fast-moving environments like defense and private sectors can integrate security assurance early in development to achieve better outcomes.
📃 Regulatory Challenges Across Jurisdictions: Simon shares his experiences navigating complex regulatory landscapes in Asia-Pacific and Europe, including personal liability challenges for CISOs.
💼 Leadership and Collaboration: Emphasizing the importance of strong teams and relationships to manage stress and uncertainty in high-stakes environments.
🚅 Forward-Looking Reflections: Simon discusses his current mission at OVO, supporting zero-carbon living through tech-enabled energy retail while addressing broader societal challenges.

Notable Quotes

"The time horizon of the board is radically different from that of an engineer in a sprint."

"Balancing prevention with a positive attitude towards detection and discovery is key to building effective systems."

"Bringing assurance teams into the development lifecycle early can lead to better security outcomes—not just better documentation."

"Personal liability for CISOs is a growing challenge; it requires courage to take on such roles."

Useful links

Guest Bio

Simon Goldsmith is an accomplished information security leader with over two decades of experience across defense, financial services, retail, and energy sectors. Currently serving as Head of Information Security at OVO, Simon has a passion for systems thinking and collaborative leadership to drive impactful security outcomes.

Call to Action

If you enjoyed this episode, please subscribe to our podcast for more insights into GRC Engineering and cybersecurity leadership. Don’t forget to leave a review if you found value in this conversation!

For questions, guest ideas, or feedback, reach out to me on LinkedIn.