What is GRC Destroyer?

Dissection of the governance, risk, and compliance space within the cybersecurity industry.

Weekly posts giving my two cents on:

Cyber Risk Management

External Audit: SOC 2, ISO27000 Family

GDPR and US Privacy

Control Development and Framework Mapping

Vulnerability Management

SecOps

Security Automation

Security Awareness Training

Trust Centers

FedRAMP

Vendor Risk Management

Tools

Jobs, Salaries, Skills

Zero Trust

GRC Budgeting

Winners

Losers

Leaders

Everything else in between

Who is GRC Destroyer?

I’m a GRC leader with an auditor background and 7+ years of finding my niche in the cyber assurance space.

I want to talk about the bullsh*t nuances of compliance. The importance of SecOps and how to form a cohesive team. Creative ways to audit —-> improve to save time and your sanity. Where the money is at (roles, companies, salaries, skills, getting ahead).

Who should read GRC Destroyer?

You should read my newsletter if:

You want to learn GRC and pivot into an industry role

You want to become a more informed GRC leader or non-robot SME

You like money and want to earn more money in cyber

You want to get takes from real people in the industry

You want this essential information in 2 - 5 minutes

Disclaimer:*

While information written in this blog is intended to inform the GRC position, none of my takes are intended as direct career, security and/or compliance consulting advice. Every company and every GRC team is going to look different. Some things may work in one situation and not in the other based on many factors. Part of this is entertainment as well!