Exploring AI Governance & Security: Insights with Walter Haydock of Stack AwareWelcome to our AI and Security Podcast! In this episode, we sit down with Walter Haydock, founder of Stack Aware. Walter discusses Stack Aware's journey from a vulnerability management company to a leader in AI cybersecurity compliance and privacy risk management. We dive deep into the nuances of ISO 40 2001 and how it compares to ISO 27001, the importance of AI governance, and the challenges and opportunities in the AI regulatory landscape in the US and EU. This episode is packed with insights on how companies can build effective AI governance frameworks to meet evolving regulatory requirements and ensure data integrity and privacy.00:00 Introduction and Guest Introduction00:44 Founding of Stack Aware01:58 ISO 40 2001 and AI Governance02:57 Comparing ISO 40 2001 and ISO 27,00106:09 US AI Regulations and State-Level Approaches08:28 Global AI Governance and Standards18:09 Building AI Governance Programs22:42 Tools and Approaches for AI Governance28:28 Future of AI Governance30:36 Conclusion and Closing Thoughts

Join us for the latest episode in our AI and security series as we sit down with David Marsyla, VP of Engineering at Trustero, who discusses the company's innovations in AI-driven multi-agent workflows. David provides insights into the development and functionality of Trustero new multi-agent agency framework, policy design assessment tools, and the complexities of harnessing AI for Governance, Risk, and Compliance (GRC). He delves into the architecture behind Trustero's solutions, focusing on the integration with AWS, development practices, and the strategic use of AI to streamline processes. Discover how Trustero is leveraging AI to enhance security, compliance, and operational efficiency for their clients.00:00 Introduction and Guest Introduction00:40 Understanding Agentic AI02:17 Multi-Agent Workflows Explained04:05 Benefits of Multi-Agent Systems06:08 Developing and Iterating Agents09:14 Technical Architecture Overview10:16 Data Management and Indexing14:48 Development Practices and Security17:10 AI-Driven Data Modeling and Analysis17:25 AWS Receptor and Evidence Collection18:12 Open SDK and Custom Integrations19:02 AI Team and Development Process19:53 Backend Technologies and Databases20:29 Automated Release and Testing Processes21:23 Security and Vulnerability Management24:28 Customer Onboarding and Environment Setup27:55 AI in Development and Future Plans29:11 Challenges and Best Practices with AI31:19 Conclusion and Final Thoughts

Dive into an insightful discussion with Josh McKibben, Head of Compliance, Risk, and Trust at Snowflake, on the AI Security Vanguard Podcast, Hosted by George from Trustero.

This episode explores how security leaders are tackling evolving AI risks and governance. Josh shares his experience in setting up scalable AI policies, using AI models for efficient business processes at Snowflake, and addressing the new challenges posed by agent AI and shadow IT. Learn about AI-driven automation, compliance strategies, and the importance of staying ahead in this rapidly changing field.

Future of Cybersecurity: AI, GRC, and the Evolving Role of the CISO

In this enlightening fireside chat, George and Paolo are joined by Steve Zelensky, a seasoned cybersecurity expert with over 25 years of experience and former CISO of Levi Strauss. Discussing the cutting-edge implications of AI on security, the conversation spans from the practical applications of AI in GRC (Governance, Risk, and Compliance) and SOC (Security Operations Center) to the philosophical and strategic shifts in the role of the CISO. They delve into how AI can alleviate repetitive tasks, augment analysts, and even change how we approach business risk and security. With an analogy-rich dialogue comparing cybersecurity to emergency trauma care and other professions, this episode provides thought-provoking insights into the future of cybersecurity and the evolving responsibilities and challenges of CISOs in an AI-driven world. Don't miss the deep dive into third and fourth-party risks and the intriguing concept of 'AI labor.'

Join George, CISO at Trustero, as he hosts a riveting fireside chat with Bil Harmer, CEO and founder of Kill Switch Advisory, and Paolo Marquez, a solutions engineer at Trustero. In this episode, Bil shares his extensive experience from over three decades in the cybersecurity industry, shedding light on the transformative impact of AI and quantum computing on security strategies, organizational structures, and risk management. The conversation dives deep into the evolving landscape of compliance, the critical role of AI in maintaining risk posture, the future of identity management, and the indispensable need for advanced encryption in the quantum age. Tune in for invaluable insights and forward-thinking perspectives from leading minds in cybersecurity.

SOC 2 is a joke! Or maybe not... George is joined by Henry Stanley, co-founder and Chief Product Officer of Fabrik. Discover Henry's journey in the GRC space, his background in securing infrastructures at companies like Spotify and Clear, and his insights into the complexities and challenges of SOC 2 compliance. The discussion dives into a provocative LinkedIn post about the efficacy of SOC 2, the perceived devaluation of this standard, and the role of continuous compliance and AI in enhancing trust and security in enterprises. Learn how Fabrik aims to revolutionize the enterprise trust ecosystem with real-time data connectivity and automated assurance processes.

In this conversation, Michael Eggerling interviews Justin Dooley from Chassi about the importance of compliance and security in their organization. They discuss how Trustero AI has helped them streamline their compliance efforts and reduce audit costs. The use of AI has also improved the speed and accuracy of their audits, saving them time and allowing for more meaningful conversations with auditors. They believe that AI tools like Trustero will continue to play a significant role in the future of compliance and security.

Join us in this insightful episode as we talk with Paul Starrett, an expert in AI governance and law. Paul shares his perspectives on the integration of AI in the legal profession, the implications for security, and the importance of compliance. We explore the complexities of AI and legal liability, discuss innovative uses of generative AI for compliance checks, and consider the broader implications of AI governance frameworks like the EU AI Act. This episode is packed with valuable insights for anyone interested in the intersection of AI, security, and legal governance.

In this episode, Bob Zynga, a seasoned security expert with over 20 years of experience including roles in the US Navy and Silicon Valley, discusses critical topics in security, AI, and leadership. Bob delves into the imminent threats posed by quantum computing, often referred to as the 'quantum apocalypse,' and the imperative of ethical AI in both civilian and military applications. He shares his insights on the evolution of AI, its potential impact on jobs, and the importance of leadership in navigating technological change. Tune in for an insightful conversation that bridges the civilian and military perspectives on security and technology.#GRC #ai #aicompliance #cyberwarfare

At RSAC 2025, we sat down with Richard Marcus, Chief Information Security Officer at AuditBoard, to explore the evolving challenges in the GRC landscape and the critical role of technology in modern risk management. In this insightful conversation, Richard shares strategies for closing the risk resiliency gap, integrating AI into security workflows, and fostering cross-functional collaboration in complex organizations.Topics covered include:Emerging risks and the limits of traditional GRC approachesHow AI is reshaping control testing, vendor risk, and operational efficiencyBuilding a culture of security collaboration across business unitsWhy community and teamwork are essential to managing modern riskWhether you're a GRC leader, security professional, or tech executive, this conversation offers valuable takeaways on preparing your organization for the future of risk.🔔 Subscribe for more GRC and cybersecurity insights💬 Let us know your thoughts in the comments!#RSAC2025 #GRC #Cybersecurity #AIinSecurity #RiskManagement #AuditBoard #CISO #Compliance #Infosec #DigitalTransformation