CISO Sean Atkinson on Moving From ‘GRC Theater’ to Continuous GRC Engineering. As NIST, ISO, SOC 2, NIS2 and DORA expand compliance pressure, many organizations are optimizing for audit success instead of risk reduction. Sean Atkinson warns that “GRC theater” creates false confidence. Adversaries operate continuously and so should GRC engineering, he said.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/your-grc-program-really-reducing-risk-a-30775
