Contrarisk Security Podcast #0046: Governance and compliance
Information security is often an afterthought in an organisation’s planning and spending. And as a subset of that, Governance, Risk and Compliance (GRC) struggles to get the high-level attention it needs. In part this stems from the fact that GRC activities have traditionally been spread around various departments and functions within the organisation, with no overall control or strategy. There… Read more »