Podcasts about GRC

Chris Hackett hosts a dynamic conversation on governance, risk, and compliance with Alexander Zeitlberger, Head of Recoveries and Collections at Klarna; Joakim Lundberg, Director of Security Consulting at Kyndryl; Luis Martinez, Global AI Compliance Manager at ASSA ABLOY; and Nithya Prabakaran, IS and GRC Team Lead at EasyPark Group. The episode explores effective GRC strategies, AI compliance, and evolving cybersecurity governance practices. Tune in to hear how industry leaders are navigating complex risk landscapes with innovation, agility, and secure infrastructure.

Get hands-on with RSA Archer, one of the most powerful platforms in Governance, Risk, and Compliance (GRC). In this session, we walk you through a practical demo of RSA Archer's key modules—from risk management and audit workflows to policy automation and compliance tracking.Whether you're just starting in GRC or upskilling for the next role, this episode will help you understand how RSA Archer is used in real-world scenarios and why it's a must-have skill in the cybersecurity and risk management domain.We also cover career pathways, certifications, and job roles related to RSA Archer, along with expert tips to boost your growth in this high-demand field.

FIFA's Club World Cup CircusFor credits and this episode's transcript, visit globalreportingcentre.org/state-of-play/bonus-episode-2-fifas-club-world-cup-circus/State of Play is produced by the Global Reporting Centre (GRC) and distributed by PRX. The GRC is an editorially independent journalism organization based at the UBC School of Journalism, Writing, and Media. Founded in 2016, we are leaders in doing global journalism differently. We innovate industry practice, educate the next generation, and promote greater equity in journalism.Learn more about the GRC: globalreportingcentre.org | Make a tax-deductible donation: globalreportingcentre.org/donate

In this episode, we sit down with Jim Manico, a longtime industry AppSec Leader, Educator, and Innovator, to discuss enhancing software security in the era of AI.This includes covering recent talks Jim has given about using AI as a force multiplier for software development, the importance of security-centric prompting, and the overall impact of AI on the field of AppSec.We discussed:A recent talk Jim gave where he discussed transforming secure software creation with AI, doing the work of teams of people on his own, and what used to take tens of thousands of hours through the use of agents and various frontier models and offerings.The importance of security-centric prompting and guidance for models to produce secure code and the impact on vulnerability velocity by doing so.The risks of the broader developer community leaning into these tools without adding security-centric prompts and guidance, but the opportunity for prompt libraries and enterprise controls to lead to systemic secure software development within the enterprise.The workforce implications of AI-driven development and the need to upskill to stay relevant (and employable).Where Jim sees opportunity beyond just AppSec when it comes to AI and Cybersecurity, in other areas such as GRC and SecOps as well.

Look Out! Another Outlook Outage Iranian APTs increased activity against U.S. industries in late spring Russian basketball player arrested in France over alleged ransomware ties Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jim Bowie, vp, CISO, Tampa General Hospital Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com  

Des tarifs de 35% dès le 1er août pour le Canada : c’est reparti. Un policier de la GRC sous enquête criminelle pour des menaces visant Trump durant le G7. Parlant de la GRC : une enquête serait ouverte de leur part concernant… Lion Électrique! Droit de grève : le ministre Boulet n’exclut pas de devancer l’entrée en vigueur de son projet de loi. Le NPD déclenchera sa course à la chefferie cet automne. Crues soudaines dans Bellechasse et en Beauce. Prix Polaris : six des dix finalistes sont Québécois ! Tout savoir en quelques minutes avec Alexandre Dubé, Marianne Bessette et Alexandre Moranville-Ouellet. Regardez aussi cette discussion en vidéo via https://www.qub.ca/videos ou en vous abonnant à QUB télé : https://www.tvaplus.ca/qub ou sur la chaîne YouTube QUB https://www.youtube.com/@qub_radioPour de l'information concernant l'utilisation de vos données personnelles - https://omnystudio.com/policies/listener/fr

AMD warns of new Meltdown, Spectre-like bugs affecting CPUs Multiple vulnerabilities in Mozilla Thunderbird could allow for arbitrary code execution Bitcoin Depot breach exposes data of nearly 27,000 crypto users, More than $40 million stolen from GMX crypto platform Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

Four members of President Trump's cabinet impersonated Is this some kind of a game? Batavia attacks Russian industrial companies Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Anthony Candeias, CISO, Weight Watchers. In this episode: AI agents require structured supervision, not autonomy Hiring for potential over credentials in cybersecurity AppSec training effectiveness depends on organizational relevance AI oversight requires purpose-built models, not general solutions A huge thanks to our sponsor, Vanta Vanta's Trust Management Platform helps 10k+ companies—like Atlassian, Quora, and Chili Piper—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. Get started at Vanta.com/CISO

Call of Duty game pulled from PC store after reported exploit U.S. military gets cybersecurity boost Bank employee helped hackers steal $100M Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines  

Ingram Micro suffers ransomware attack Hacker leaks Telefónica data allegedly from new breach ChatGPT prone to recommending wrong URLs, creating a new phishing opportunity Huge thanks to our sponsor, Vanta Do you know the status of your compliance controls right now? Like...right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines Find the stories behind the headlines at CISOseries.com.    

Send us a textWhy fear compliance when it can fuel your growth? In this rich and revealing episode from IT Nation Secure 2025, Joey Pinz sits down with Ozzie Saeed, founder of IntelliGRC, to unpack why MSPs should stop dreading cybersecurity frameworks like CMMC—and start seeing them as strategic advantages.

Is Los Angeles Ready? For credits and this episode's transcript, visit globalreportingcentre.org/state-of-play/s01be01-losangeles/State of Play is produced by the Global Reporting Centre (GRC) and distributed by PRX. The GRC is an editorially independent journalism organization based at the UBC School of Journalism, Writing, and Media. Founded in 2016, we are leaders in doing global journalism differently. We innovate industry practice, educate the next generation, and promote greater equity in journalism.Learn more about the GRC: globalreportingcentre.org | Make a tax-deductible donation: globalreportingcentre.org/donate

In this masterclass, we deliver a complete, step-by-step walkthrough of RSA Archer, the leading Governance, Risk, and Compliance (GRC) platform. From initial configuration and system setup to advanced modules for risk management, compliance, and incident response — this session covers everything you need to optimize your Archer deployment. Packed with practical tips, real-world examples, and expert insights, you'll learn how to streamline GRC workflows, support better decision-making, and strengthen your organization's security posture using Archer's robust framework.

In this episode, we sat down with AJ Yawn, Author of the upcoming book GRC Engineering for AWS and Director of GRC Engineering at Aquia, to discuss how GRC engineering can transform compliance.We discussed the current pain points and challenges in Governance, Risk, and Compliance (GRC), how GRC has failed to keep up with software development and the threat landscape, and how to leverage cloud-native services, AI, and automation to bring GRC into the digital era.We dove into:What the phrase “GRC Engineering” means and how it differs from traditional Governance, Risk and ComplianceWhat some of the major issues are with traditional compliance in the age of DevSecOps, Cloud, API's, Automation and now AISpecific examples of GRC Engineering, including the use of automation, API's and cloud-native services to streamline security control implementation, assessment and reportingThe promise and potential of AI in GRC, and how AJ is using various models for control assessments, artifact creation and more, and how GRC practitioners should be leveraging AI as a force multiplierAJ's new book “GRC Engineering For AWS: A Hands-On Guide to Governance, Risk and Compliance Engineering”

Seja bem-vindo(a) a mais um episódio do nosso canal!A Quanta tem grandes planos, um planejamento estratégico audacioso e metas exponenciais. Como é possível manter os pés no chão e alcançar metas tão audaciosas num mundo tão instável, com constantes riscos emergentes e mudanças rápidas?A resposta está em uma governança que se ancora estrategicamente na gestão de riscos e compliance. Neste episódio batemos um papo com três especialistas no assunto:Luiz Henrique Lobo: Membro Independente de Conselhos. Comitê de Riscos da Caixa e de Auditoria da BRPartners. Consultor e Palestrante.Marcos Assi: Mestre em Ciências Contábeis e Atuariais pela PUC-SP. Membro do Conselho Fiscal do CDP Latin América. Curador e professor da Pós-graduação em GRC da SUSTENTARE – Escola de Negócios de Joinville-SC. Membro da Comissão de Riscos Corporativos do IBGC.Soraia Buzzo Cancella: Graduada em Administração de Empresas. Graduada em Ciências Contábeis com MBA em Gestão de Negócios. Especialização em Administração Financeira. Certificação em controles internos pela SUSEP.Mediação: Wagner Oliveira - Especialista em Educação Corporativa da Quanta Previdência. Saiba mais:www.quantaprevidencia.com.brwww.acquaeducacao.com.br

When I last spoke with Gaurav Kapoor five years ago, we were in the thick of a global pandemic. Remote work was still a novelty for many, AI was a distant concept for most businesses, and regulatory frameworks were trying to keep pace with the speed of technological change. Fast forward to today, and the conversation around AI and governance, risk, and compliance (GRC) has shifted dramatically. This made it the perfect time for a long-overdue catch-up. In this episode, I welcomed back Gaurav, Vice Chairman and Co-founder of MetricStream, to discuss the changing face of GRC in an AI-driven world. AI has now reached a level of ubiquity that places it alongside electricity and Wi-Fi as a foundational layer of both business and everyday life. But with that integration comes risk, and with risk comes the need for smarter, more adaptive governance. Gaurav shared how AI is no longer just about efficiency gains. It is becoming embedded into the fabric of enterprise risk frameworks, from real-time regulatory monitoring to predictive analytics and risk forecasting. We talked about the impact of the current political climate, including policy shifts following President Trump's return to office and how deregulation narratives are colliding with the complexity of global compliance expectations. This was not just a theoretical discussion. Gaurav broke down real-world use cases that show how large enterprises are navigating everything from redundant compliance testing to emerging threats discovered through AI-driven analysis. He also spoke candidly about the challenges ahead, how companies can fall behind if they wait too long to modernize their frameworks, and what is at stake when they fail to build trust into their AI systems. So how do you evolve GRC in an age where the pace of change is relentless? What role does AI really play in risk leadership today? And how can companies move from reactive to proactive without losing control? Join me as we explore the next chapter of GRC with one of its leading voices.

In this episode, Amir sits down with Brooke Motta, CEO and co-founder of RAD Security, to unpack her career pivot from sales leadership to becoming a founder in the cybersecurity space. Brooke shares how her go-to-market background shaped her approach to building RAD, the challenge of stepping into technical leadership, how she's managing growth through hiring, and what's ahead for security and AI. Whether you're a technical founder or commercial operator, this one's packed with practical insight.

Send us a textIn episode 242 of The Data Diva Talks Privacy Podcast, host Debbie Reynolds, “The Data Diva,” welcomes Karina Klever, CEO and CISO at Klever Compliance. Karina shares her extensive career journey through IT operations, project management, and compliance leadership to demystify what effective governance really means. She challenges the outdated practice of blindly following frameworks and checklists that do not reflect a company's actual business model or operational maturity. Karina introduces her pragmatic “Now, Next, Near, Never” methodology—a practical framework for prioritizing GRC (governance, risk, compliance) efforts based on relevance, applicability, and timing. She and Debbie unpack why so many organizations suffer from “compliance theater,” implementing policies they do not actually follow or understand. Karina explains the risks of orphaned controls, vague role descriptions, and overreliance on vendor templates that are misaligned with internal realities. She also stresses the importance of documentation, clarity in control language, and having a feedback loop for maturing compliance over time. This episode is a must-listen for organizations looking to move beyond checkbox audits and build scalable, operationally aligned governance structures that support real risk mitigation and long-term accountability.Support the show

In this episode, I sit down with SAIC Chief Technology Officer (CTO) and longtime Federal/Defense leader Bob Ritchie to discuss his experience securing public sector digital modernization, including everything from large multi-cloud environments to zero trust, identity, and where things are headed with AI.Bob starts discussing SAIC and his background there. He went from intern to CTO over 20 years with this public sector industry leader, including a brief stint with Capital One on the commercial side.We covered the current state of the federal cloud community across multiple clouds (e.g., Azure, AWS, and GCP) and some of the challenges and opportunities on the security front.We often hear phrases such as “identity is the new perimeter,” but the perimeter is porous and problematic, especially in large, disparate environments such as the Federal/Defense ecosystem. Bob touched on the current state of identity security in this ecosystem, where progress is being made and what challenges still need to be tackled.The government is doing a big push towards Zero Trust, with the Cyber EO 14028, Federal/Defense ZT strategies, and more. But how much progress is being made on ZT, and where can we look for examples of innovation and success?We dove into the rise of excitement and adoption of AI, GenAI, Agentic AI, and protocols such as MCP, A2A, and where the public sector community can lean into Agentic AI for use cases ranging from SecOps, AppSec, GRC, and more.Bob explains how he balances a good business focus while staying deep in the weeds and proficient in relevant emerging technologies and nuances required as a CTO.I've known Bob for several years, and you would be hard pressed to find a more competent technology leader. This is not one to miss!

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy, and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode, Tom Fox is joined by Tom Hardin, a former hedge fund analyst known as Tipper X, who shares his unique journey from insider trading informant to a global speaker on compliance and risk. Hardin previews his upcoming panel on applying behavioral science to design effective GRC programs at the #RiskNYC conference. He discusses topics such as cognitive biases, social norms, and rationalizations in decision-making, emphasizing the enduring nature of human behavior despite technological advancements. The episode highlights Hardin's goal of fostering deeper connections between psychology, technology, and regulation to build more proactive and resilient risk cultures. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Tom Hardin on LinkedIn Visit Tipper X Website Learn more about your ad choices. Visit megaphone.fm/adchoices

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode of the Risk New York podcast series, Tom Fox introduces the upcoming Risk New York Conference, scheduled for July 9-10 at Fordham Law School. The conference, hosted by GRC World Forums, will focus on various aspects of risk management, including AI, tech risk, financial and crypto risk, and GRC frameworks. Tom discusses his keynote based on his book ‘Upping the Game' and highlights key speakers and exhibitors, including Robert Clark from Howard University, Bill Coffin and Erica Alburn from Ecosphere, and Michael Rasmussen, known as the father of GRC. The episode highlights the importance of the conference and provides details on discounted tickets, as well as other information available in the show notes. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Compliance Podcast Network Website Tom Fox Instagram Facebook YouTube Twitter LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

CMMC certification could be the key to surviving DOGE cuts!

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode, Tom Fox is joined by Erica Salmon Byrne, Chief Strategy Officer and Executive Chair at Ethisphere, and Bill Coffin, Editor-in-Chief at Ethisphere. The conversation delves into their roles in the compliance community, focusing on their work with the Ethicast Reacts series. They discuss how they analyze news stories to extract compliance lessons, help organizations understand and mitigate risks, and create storytelling opportunities to advance compliance programs. They also share their excitement for their upcoming presentation at the Risk New York City conference, where they'll engage with professionals from diverse backgrounds. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Erica Salmon Byrne on LinkedIn Bill Coffin on LinkedIn Ethisphere Learn more about your ad choices. Visit megaphone.fm/adchoices

All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alex Hall, CISO, Gensler. In this episode: Evaluating secure messaging beyond the app Reframing compliance as a business enabler Incremental security investment vs. crisis response Why culture, not punishment, drives secure behavior Huge thanks to our sponsor, Vanta Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.  

Join myself and hundreds of other GRC professionals in the city that never sleeps, New York City on July 9 & 10 for one of the top conferences around #Risk New York. current US landscape – shaped by evolving policies, rapid AI advancements, and shifting global dynamics – demands adaptive strategies and cross-functional collaboration. At #RISK New York you will master the New Regulatory Reality by Getting ahead of US regulatory shifts and their impact. Conquer AI & Tech Risk by Safeguarding your organization in an AI-driven world and understand the implications of major tech investments. Navigate Financial & Crypto Volatility by Protecting assets and explore solutions in a dynamic market. Strengthen Your GRC Framework by Leverage governance, risk, and compliance for strategic advantage. Protect Digital Trust by Addressing challenges in cybersecurity, data privacy, and combating misinformation. All while meeting  In this episode, Tom Fox talks with Chris Mason, who recently launched his risk advisory practice, Woodhorn Global, focusing on due diligence investigations. Chris shares insights about his upcoming presentations at the #RiskGRC conference in July, focusing on AI investments and political uncertainty affecting the GRC (Governance, Risk, and Compliance) community. They discuss the significance of AI in the field and the importance of adapting to political changes. Chris also highlights the value of in-person events to understand best practices and navigate the evolving risk landscape. Resources #Risk Conference Series #RiskNYC-Tickets and Information Chris Mason on Linkedin Learn more about your ad choices. Visit megaphone.fm/adchoices

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy, and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode, Tom Fox talks with Gwen Hassan, the Chief Compliance Officer for Unisys Corporation, about her role and the upcoming #RiskNYC conference. Gwen shares insights into Unisys' operations, including the various technologies and services they provide, and highlights her responsibilities in managing global ethics, compliance, and trade compliance risks. She also gives a teaser about her panel presentation on the compliance and ethics risks associated with artificial intelligence, stressing the importance of understanding AI's impact on company culture and regulatory compliance. Gwen expresses her excitement about the conference, emphasizing the value of engaging with fellow risk management experts. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Gwen Hassan on LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Christina Shannon, CIO, KIK Consumer Products Thanks to our show sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines. All links and the video of this episode can be found on CISO Series.com

Hackers attacks target Microsoft Entra ID accounts using pentesting tool Google Cloud and Cloudflare outages reported House Homeland Chairman Mark Green announces his departure Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode, Tom Fox welcomes Michael Rasmussen, a renowned expert in Governance, Risk Management, and Compliance (GRC), often referred to as the ‘father of GRC.' Michael shares insights into his contributions to the field, including his work with the SEG GRC Capability Model. The conversation highlights Michael's anticipated presentation on ‘The Future of GRC' at the upcoming risk conference in New York City. Drawing inspiration from Star Trek (TOS, and how can you not love that?), Michael emphasizes the importance of managing business risks effectively. The discussion also touches on the benefits of face-to-face interactions and networking opportunities at such conferences. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Michael Rasmussen on LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

Zero-click data leak flaw in Copilot Operation Secure targets infostealer operations FIN6 targets recruiters Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

Join Tom Fox and hundreds of other GRC professionals in the city that never sleeps, New York City, on July 9 & 10 for one of the top conferences around, #Risk New York. The current US landscape, shaped by evolving policies, rapid advancements in AI, and shifting global dynamics, demands adaptive strategies and cross-functional collaboration. At #RISK New York, you will master the New Regulatory Reality by getting ahead of US regulatory shifts and their impact. Conquer AI and Tech Risk by Safeguarding Your Organization in an AI-Driven World and Understanding the Implications of Major Tech Investments. Navigate Financial and Crypto Volatility by Protecting Your Assets and Exploring Solutions in a Dynamic Market. Strengthen Your GRC Framework by Leveraging Governance, Risk, and Compliance for Strategic Advantage. Protect Digital Trust by addressing challenges in cybersecurity and data privacy, and combating misinformation. All while meeting with the country's top #Risk management professionals. In this episode, Tom Fox talks with Matt Kelly about his presentation on the importance of understanding how AI can be productively adopted within enterprises, as well as the ethical challenges it presents, including discrimination and data validity. Matt also discusses the importance of AI governance and offers a preview of his upcoming presentation on this topic. Matt expresses his eagerness to engage with other GRC professionals at the forthcoming conference to exchange ideas and discuss emerging risks in third-party and vendor risk management. Resources: #Risk Conference Series #RiskNYC—Tickets and Information Matt Kelly on LinkedIn Learn more about your ad choices. Visit megaphone.fm/adchoices

CISA, Microsoft warn of Windows zero-day used in attack on ‘major' Turkish defense org 40K IoT cameras worldwide stream secrets to anyone with a browser Marks & Spencer begins taking online orders again, out for seven weeks due to cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

Brute forcing phone numbers linked to Google accounts The Guardian launches Secure Messaging service United Natural Foods hit by cyberattack Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta.  With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information.  The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive.  Get back time to focus on strengthening security and scaling your business. Get started at Vanta.com/headlines.

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations. Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/ Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/ Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/  Chapters 01:39 Meet Matt Hillary: CISO of Drata 06:06 The Evolution of GRC and Trust Management 14:48 Continuous Compliance and Automation 19:26 Compliance as Code: The Future of GRC 22:18 The Importance of Getting It Right the First Time 23:15 Customer Compliance Challenges 24:21 Vendor Risk Management and Trust Building 26:26 Leveraging AI for Compliance and Risk Management 31:43 Evaluating Credibility of Third-Party Evidence 41:09 Common Mistakes in GRC Programs 43:56 Final Thoughts and Industry Call to Action

Presidential cyber executive order signed Neuberger warns of U.S. infrastructure's cyberattack weakness Mirai botnet infects TBK DVR devices Huge thanks to our sponsor, Vanta Is your manual GRC program slowing you down? There's something more efficient than spreadsheets, screenshots, and manual processes — Vanta. With Vanta, GRC can be so. much. easier—while also strengthening your security posture and driving revenue for your business. Vanta automates key areas of your GRC program—including compliance, risk, and customer trust—and streamlines the way you manage information. The impact is real: A recent IDC analysis found that compliance teams using Vanta are one hundred and twenty nine percent more productive. Get back time to focus on strengthening security and scaling your business. Get started at  Vanta.com/headlines. Find the stories behind the headlines at CISOseries.com.

"Compliance is the security referee - frameworks are the playbooks."In this episode, I'm joined by Tim Golden, Founder of Compliance Scorecard, to unpack the misunderstood, and mission-critical world of cyber GRC.Tim shares what he's learned from decades of hands-on work - from implementing NIST frameworks before “GRC” was even a term, to helping teams understand why writing policies is just as important as patching vulnerabilities.Here are some highlights from the episode:What GRC actually means - and why governance is the most misunderstood partWhy people who say "compliance isn't security" are missing the pointHow explaining the "why" of cybersecurity controls aids in acceptanceWhy data retention policies can protect you from major legal headachesAnd yes… a story about how Tim accidentally ransomwared himself

All images and links can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX. In this episode: A cybersecurity fast-track? When Ambition Becomes a Liability Giving the CVE Program the Credit It Deserves Elevating human cyber talent with AI Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries   Third-party risk doesn't stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results.   Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

Sponsored by Vanta. Vanta takes the busywork out of GRC so you can focus on what actually matters—improving your security, not chasing compliance. https://ul.live/vanta This isn’t just another AI podcast. It’s about the deeper shift that’s happening in cybersecurity—away from individual tools and dashboards, and toward real-time, comprehensive world models of what we’re trying to protect or attack. I'll walk through how I came to this idea, what it means for security assessments, red teaming, vuln management, and beyond—and why context, not AI, is the actual revolution.

Sitting with Henry Tim of Tech Degenerates and Phantom Technology Solutions to talk about GRC platforms. What makes it a GRC platform? How important is a GRC in my MSP? These questions and several others are tackled, and I think we have found some answers.

Are you protecting your data the right way? Trust is everything—but how do organizations build and maintain it? One way is through ISO 27001, the globally recognized Information Security Management System (ISMS) standard that ensures data security and risk management.  In this insightful episode of the FIT4PRIVACY Podcast, Tania Postil joins Punit Bhatia to discuss the critical role of ISO 27001 in shaping digital trust and securing sensitive data. Whether you're a privacy professional, IT leader, business owner, or someone concerned about cybersecurity, this episode provides valuable insights into why ISO 27001 is essential for securing data and building trust.  KEY CONVERSION POINT 00:02:14 What is digital trust? 00:11:09 Role of auditor plays in making the perception of Digital Trust real? 00:13:55 What is Information Security Standard and how does it help? 00:18:07 ISO 27000 Training 00:21:50 Who would benefit from ISO 27000?  ABOUT GUEST Tania Postil is a GRC and IT risk consultant, automation enthusiast and innovation evangelist. Since 2021 Tania has joined ISACA Belgium Board and is currently a Communication Director and Programme Chair.  Leading information security assignments, Tania combines no-nonsense approach with human attitude.  Recognized for analytical skills combined with efficient communication as well as proven track record in rendering processes more efficient.  Eager to bring value to your team by performing / assisting to audit and consultancy assignments.  ABOUT HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals.  Punit is the author of books “Be Ready for GDPR'' which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts.  As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe.  RESOURCES Websites www.fit4privacy.com, www.punitbhatia.com, https://www.linkedin.com/in/taniapostil/  Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy 

In this post-RSAC 2025 Brand Story, Marco Ciappelli catches up with Steve Schlarman, Senior Director of Product Management at Archer, to discuss the evolving intersection of GRC, AI, and business value. From regulatory overload to AI-enhanced policy generation, this conversation explores how meaningful innovation—grounded in real customer needs—is shaping the future of risk and compliance.Not All AI Is Created Equal: The Archer ApproachRSAC 2025 was buzzing with innovation, but for Steve Schlarman and the Archer team, it wasn't about showing off shiny new toys—it was about proving that AI, when used with purpose and context, can truly enhance the risk and compliance function.Steve, Senior Director of Product Management at Archer, breaks down how Archer Evolve and the recent integration of Compliance.ai are helping organizations address regulatory change in a more holistic, automated, and scalable way. With silos still slowing down many companies, the need for tools that actually do something is more urgent than ever.From Policy Generation to Risk NarrativesOne of the most practical applications discussed? Using AI not just to detect risk, but to help write better risk statements, control documentation, and even policy language that actually communicates clearly. Steve explains how Archer is focused on closing the loop between data and business impact—translating technical risk outputs into narratives the business can actually act on.AI with a Human TouchAs Marco notes, AI in cybersecurity has moved from hype to hesitation to strategy. Steve is candid: some customers are still on the fence. But when AI is delivered in a contextual way, backed by customer-driven innovation, it becomes a bridge—not a wedge—between people and process. The key is not AI for the sake of AI, but for solving real, grounded problems.What's Next in Risk? Better ConversationsLooking ahead, Schlarman sees a shift from “no, we can't” to “yes, and here's how.” With a better grasp on loss exposure and control costs, the business conversation is changing. AI-powered storytelling and smart interfaces might just help risk teams have their most effective conversations yet.From regulatory change to real-time translation of risk data, this is where tech meets trust.⸻Guest: Steve Schlarman, Senior Director, Product Management, Archert | https://www.linkedin.com/in/steveschlarman/ResourcesLearn more and catch more stories from Archer: https://www.itspmagazine.com/directory/archerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:steve schlarman, marco ciappelli, rsac2025, archer evolve, compliance.ai, regulatory change, grc, risk management, ai storytelling, cybersecurity, compliance, brand story, rsa conference, cybersecurity strategy, risk communication, ai in compliance, automation, contextual ai, integrated risk management, business risk narrative, itspmagazine______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

In this week's episode of The Future of Security Operations podcast, Thomas is joined by Travis Howerton, Co-founder and CEO of RegScale. Travis began his security career with roles at government and regulated organizations, including the National Nuclear Security Administration and Oak Ridge National Laboratory, before being inspired by inefficiencies in compliance processes to co-found RegScale. As CEO of RegScale, he oversees their Continuous Controls Monitoring platform, which enables rapid GRC outcomes for organizations like Wiz, Keybank, and the US Department of Energy. In this episode: [02:15] How an interest in computer science led Travis to pursue a career in security [03:20] Working in “the Major Leagues of cyber” at the National Nuclear Security Administration [06:20] Moving fast in highly-regulated environments [07:10] Securing the world's fastest supercomputer at Oak Ridge National Laboratory [10:30] Supporting digital transformation at enormous scale at Bechtel Corp [15:15] How outdated compliance processes inspired Travis to co-found RegScale [18:15] How RegScale acquired its first high-profile clients through "hustle and luck" [19:20] The challenges of building the first version of RegScale [21:15] Taking the pain out of compliance [23:20] The biggest GRC roadblocks teams are facing right now [25:10] Practical advice for moving the needle on your automation program [27:33] Eliminating redundancy and inefficiency in federal compliance programs [32:30] What's next for RegScale [33:45] The best applications of AI (and which decisions should "never" be made AI) [35:45] Navigating regulatory uncertainty when it affects your whole business model [38:40] What SecOps and compliance teams might look like in the future [40:20] What the best compliance teams do to build rapport with security, IT and other business functions [43:30] Why AI adoption is a risk-based conversation every organization should be having with their CISO [46:00] Connect with Travis Where to find Travis Howerton: LinkedIn RegScale Where to find Thomas Kinsella: LinkedIn Tines Resources mentioned: The CISO Society 2025 State of Continuous Control Monitoring Report

We're joined by Jacob Hill, founder of the GRC Academy, a leading provider of training and consulting services in governance, risk, and compliance. In this episode, Jacob dives into the new DOD regulations for CMMC, and why it's essential for contractors to get a head start in implementing these regulations. Jacob shares insights into what the new CMMC regulations entail and the implications for businesses. He discusses how the CMMC framework is designed to ensure that companies comply with cybersecurity best practices and what steps they need to take to become certified. Additionally, Jacob introduces his new course on the GRC Academy, which focuses on helping companies understand these regulations and navigate the certification process. He explains how the course can benefit companies and help them avoid costly mistakes while preparing for CMMC compliance. This podcast is a must-listen for anyone involved in government contracting or cybersecurity, looking to understand the implications of CMMC regulations. Jacob's expertise in this area and the insights he provides will prove invaluable to anyone looking to get a head start in implementing these regulations. Tune in to hear Jacob Hill's take on CMMC regulations and what companies can do to prepare for compliance. Take the course: https://grcacademy.io/courses/cmmc-overview-training-small-medium-businesses-smb/ Understand CMMC: https://grcacademy.io/cmmc/controls/ Contacts Jacob: https://www.linkedin.com/in/jacobrhill/ #CMMC #cybersecurity #governmentcontracting #compliance #GRC #podcast #training #certification #DOD #informationsecurity #smallbusiness #riskmanagement #regulations #ITsecurity #datasecurity #manufacturingunscripted #manufacturing #manufacturingcontracts

GRC (Governance, Risk, and Compliance) and DevSecOps (Development, Security, and Operations) are complementary frameworks that aim to ensure secure and compliant software development. Our guest today is Brandon Karpf, friend of the show, founder of T-Minus Space Daily, and cybersecurity expert. Brandon explains  why integrated GRC and DevSecOps are non-negotiables for space startups.  Remember to leave us a 5-star rating and review in your favorite podcast app. Be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Tired of the same old advice that isn't getting you anywhere in your cybersecurity career?  Everyone says "get more technical skills," but what if that's only part of the story?  If you're aiming for leadership roles like CISO, Security Director, or Head of GRC, or other security leadership roles, this episode is for you. In this episode, we dive into: why technical skills alone won't land you a cybersecurity leadership role, the real skills that executives are desperately seeking (it's not what you think), how to showcase leadership skills even without a leadership title (break the catch-22),  effective communication strategies to influence executives and your team, what it really takes to lead during a cybersecurity crisis (the uncomfortable truth). It's time to stop wasting time on outdated advice and focus on what truly matters. Listen now to unlock the secrets to accelerating your cybersecurity leadership career.Looking to become an influential and effective security leader? Don't know where to start or how to go about it? Follow Monica Verma (LinkedIn) and Monica Talks Cyber (Youtube) for more content on cybersecurity, technology, leadership and innovation, and 10x your career. Subscribe to The Monica Talks Cyber newsletter at https://www.monicatalkscyber.com.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is our sponsored guest, Saket Modi, co-founder and CEO, SAFE Security. In this episode: Elevating AI to table stakes Security for the real world Using dynamic models for TPRM The agentic AI augmentation  Huge thanks to our sponsor, SAFE Security SAFE (#1 platform to unify the management of all cyber risks) has reinvented cyber risk management with Agentic AI. We help CISOs, TPRM, and GRC leaders become strategic business partners by automating the understanding, prioritization and management of cyber risk—accelerating AI adoption and digital transformation.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series, and Andy Ellis, partner of YL Ventures. Their sponsored guest is Jadee Hanson, CISO of Vanta. In this episode: Find a partner to work with Fixing the root of burnout The limitations of human vigilance Balancing openness and control Thanks to our sponsor, Vanta. Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

On April 16, the UK Supreme Court handed down a judgement determining that the terms “man," “woman,” and “sex” in the Equality Act 2010 refer to biological sex (not gender identity). After years of fighting for the return of women's sex-based rights, the group For Women Scotland succeeded in winning their case brought against the Scottish Ministers. Going forward, a man identifying as a “woman” or a “transwoman,” even with a gender recognition certificate (GRC), will not be considered female under UK law, and therefore will not be permitted into women-only spaces such as bathrooms, prisons, change rooms, and shelters.Meghan Murphy speaks with Susan Smith, a founder of For Women Scotland, about the group, their fight, and what this win means for women in the UK.The Same Drugs is on X⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ @thesamedrugs_⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Meghan Murphy is on X ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@meghanemurphy⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ and on Instagram⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ @meghanemilymurphy⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Find The Same Drugs merch at ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Fourthwall⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Use the Code: Murphy20 for 20% off at ⁠⁠⁠⁠TheTruthFits.com⁠⁠⁠⁠.