Welcome to our latest podcast episode (Episode 27), where Joshua R. Nicholson (https://www.linkedin.com/in/joshuanicholson/) embarks on an insightful journey through the dynamic world of #cybersecurity. Our distinguished guest, Joshua Copeland, brings his battle-tested expertise and extensive experience to the forefront. As the Director of Cyber at AT&T, Joshua plays a pivotal role in shaping security solutions for State, Local, Tribal, and Territory (SLTT) entities. In this episode, our two Josh's delve into the critical role of Governance, Risk, & Compliance (GRC) in navigating the cyber landscape. Joshua Copeland provides valuable insights into how GRC serves as a compass, guiding organizations to make informed decisions about where to invest their resources. GRC helps identify vulnerabilities, weaknesses, and risks, providing a roadmap for strategic investments in cybersecurity. Youtube video podcast (https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg) As Joshua Copeland aptly puts it, GRC helps quantify and understand the true nature of risks. Without this understanding, organizations may find themselves merely throwing money at the latest cybersecurity tools and gadgets. While cool toys and cutting-edge technology are appealing, they must align with an organization's unique risk profile and vulnerabilities. To effectively mitigate risks, organizations need to intrinsically comprehend their risks, their potential impacts, and the available mitigation strategies. This understanding enables them to select the right cybersecurity solutions tailored to their specific requirements. It's not always about having the most expensive Ferrari; it's about having the right tool for the right job, efficiently addressing the identified risks. But our episode doesn't stop there. Before we delve into Joshua's invaluable insights, we dissect the events of August 2023's Patch Tuesday from Microsoft. This episode explores the two zero-day vulnerabilities and a staggering 87 flaws addressed during that release. As we eagerly anticipate September's Patch Tuesday, we reflect on Microsoft's handling of these vulnerabilities, including the intriguing fact that only six were rated as critical. Our discussion extends to major updates from other industry players, including Adobe's security updates for Microsoft Acrobat Reader, AMD's security enhancements for new hardware, and Cisco's necessary security updates for their VPNs due to ongoing vulnerabilities exploitation. Join us for a thought-provoking discussion with Joshua Copeland, touching on cybersecurity insights, hiring practices, leadership, and pathways into the field. Discover how Joshua, an adjunct professor at Tulane University, teaches cybercrime and cyber leadership. #cybersecurity #grc #informationsecurity