How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
All content for Security & GRC Decoded is the property of Raj Krishnamurthy and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
Compliance ≠ Security: It Sets the Foundation ft Evan Millman, Security GRC Manager @ Abnormal AI
Security & GRC Decoded
1 hour 13 minutes
2 months ago
Compliance ≠ Security: It Sets the Foundation ft Evan Millman, Security GRC Manager @ Abnormal AI
What’s the true relationship between compliance and security? According to Evan Millman, compliance may not be security—but it’s the necessary starting point for building it. In this episode, Raj sits down with Evan to explore how organizations can shift their GRC approach from reactive checkbox checking to a proactive and risk-informed security practice. Evan shares stories from his work at Abnormal.AI, lessons from scaling GRC in fast-moving environments, and practical advice for anyone try...
Security & GRC Decoded
How do you build real trust between GRC and engineering? In this episode of Security & GRC Decoded, host Raj Krishnamurthy welcomes Tristan Ingold, Security GRC Program Manager at Meta. Tristan shares how consulting shaped his approach, why “policing” doesn’t work, and how GRC earns influence by acting as a partner to engineering -- not a blocker. He discusses the cultural friction between audit, security, and product teams, how to communicate in the language of engineering, and why the r...
