Host Dave Sobel engages in a thought-provoking conversation with Arik Solomon, CEO and co-founder of Cypago, a leading cyber governance, risk, and compliance (GRC) automation platform. The discussion delves into the challenges faced by organizations in the GRC space, particularly the reliance on manual processes despite the abundance of data available. Solomon shares his insights from his experience as CTO at Ernst & Young, where he recognized the need for technology to enhance the efficiency and sophistication of compliance services.
Solomon explains that Cypago operates at the intersection of cybersecurity and GRC, aiming to streamline the alignment of security programs with business requirements and regulatory standards. The technology developed by Cypago automates the collection and analysis of data related to security controls, enabling compliance officers and security leaders to gain meaningful insights into their organizations' security posture. This automation, however, raises concerns about the potential for a "checkbox culture," where organizations may rely too heavily on automated processes without meaningful engagement from human experts.
The conversation also touches on the evolving landscape of cybersecurity regulations, particularly in light of increased scrutiny from governing bodies. Solomon emphasizes the importance of establishing a baseline of minimum security standards while acknowledging the complexities of creating a universal compliance framework. He critiques existing regulations like GDPR, suggesting that a more effective approach would involve providing organizations with best practices and guidelines rather than rigid requirements that may not fit all scenarios.
As the episode concludes, Solomon highlights key trends to watch in the GRC space over the next 18 months, including the need for enhanced visibility into data management and the importance of having robust governance processes in place. He underscores that organizations must prioritize understanding where their data resides and implementing necessary security measures to protect it. This insightful discussion provides valuable perspectives for cybersecurity professionals navigating the complexities of compliance in an ever-changing regulatory environment.
All our Sponsors: https://businessof.tech/sponsors/
Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/
Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/
Support the show on Patreon: https://patreon.com/mspradio/
Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech
Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com
Follow us on:
LinkedIn: https://www.linkedin.com/company/28908079/
YouTube: https://youtube.com/mspradio/
Facebook: https://www.facebook.com/mspradionews/
Instagram: https://www.instagram.com/mspradio/
TikTok: https://www.tiktok.com/@businessoftech
Bluesky: https://bsky.app/profile/businessof.tech
