Security & GRC Decoded
Security & GRC Decoded
Podcast Description
How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC).
Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs.
Hosted by Raj Krishnamurthy.
It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates.
Security & GRC Decoded brings you:
+ Actionable strategies.
+ Expert insights.
+ Real-world stories to elevate your Security GRC programs.
Each episode explores frameworks, risk management strategies, and innovations shaping the future of GRC – from practitioners in the trenches.
Subscribe now to unlock the tools and knowledge you need to succeed.
Podcast Insights
Content Themes
The podcast explores vital topics in security governance, risk management, and compliance, with episodes such as Engineering Better Relationships highlighting the engineering perspective in GRC and navigating AI Risks sharing crucial AI security insights, creating a comprehensive approach to modern security strategies
How today’s top organizations navigate the complex world of governance, risk, and compliance (GRC).Security & GRC Decoded brings you actionable strategies, expert insights, and real-world stories that help professionals elevate their security and compliance programs. Hosted by Raj Krishnamurthy.It’s for security professionals, compliance teams, and business leaders responsible security GRC and ensuring their organizations’ are safe, secure and adhere to regulatory mandates.Security & GRC Decoded brings you:+ Actionable strategies.+ Expert insights.+ Real-world stories to elevate your Security GRC programs.Each episode explores frameworks, risk management strategies, and innovations shaping the future of GRC – from practitioners in the trenches.Subscribe now to unlock the tools and knowledge you need to succeed.
How does a network engineer become a GRC leader? Ramya Subramanian’s journey spans nearly two decades across IT, security, and governance. Now serving as Director of GRC & Privacy Operations at Freshworks, she joins Raj to unpack the evolving role of GRC: from quantifying risk and managing compliance debt to building automation that doesn’t slow engineering down.
Ramya also shares how storytelling, PR-style evangelism, and simplifying policies can shift the perception of GRC from policing to business enabler. This episode is a playbook for anyone trying to modernize risk and compliance in fast-moving environments.
5 Key Takeaways
- Engineer’s edge in GRC: Why Ramya’s technical background makes her approach to governance unique.
- Quantifying risk with dollars: Why risk measurement needs financial context, not just “likelihood x impact.”
- Automation as a path forward: How Freshworks is reducing compliance toil for engineers.
- Simplify policies and awareness: Cutting policy docs by 90% and building bite-sized security training.
- GRC as PR: Storytelling and evangelism can reframe GRC as a business enabler, not a blocker.
What You’ll Learn
- How GRC and security complement each other
- Challenges of risk quantification and continuous measurement
- Why engineers perceive GRC as compliance tax
- How automation and GRC engineering can reduce manual effort
- The cultural perception of GRC and how to change it
⏱️ (Approximate) Timestamps
[00:01:43] From network engineer to GRC leader
[00:03:37] How Ramya defines Governance, Risk, and Compliance
[00:05:28] Quantifying risk: from controls to financial impact
[00:07:41] Why continuous risk measurement is so hard
[00:11:49] How others perceive GRC inside organizations
[00:13:43] Changing the “policing” perception of GRC
[00:17:50] Rewriting policies & security awareness at Freshworks
[00:19:38] Bringing auditors along the journey
[00:21:33] Reducing compliance tax with automation
[00:26:10] Why GRC needs engineering skills
[00:29:58] Technical vs non-technical sides of GRC
[00:31:47] Skills Ramya looks for when hiring
[00:33:53] Generative AI’s impact on GRC
[00:37:49] Dream GRC solution: context-aware automation
[00:39:32] Building a business case for automation
[00:44:00] Who should tell the GRC automation story?
[00:45:54] Challenges with auditors in the AI era
[00:46:49] From city editor to GRC leader — storytelling roots
[00:52:26] Rajinikanth’s influence at Freshworks
This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: compliancecow.com
Connect With Our Guest:
Ramya Subramanian | Director of GRC & Privacy Operations|Freshworks
Connect on LinkedIn
Rate, review, and share if you enjoyed the show!
Subscribe to Security & GRC Decoded wherever you get your podcasts:
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.