TRANSCRIPTION
GRC Foundations Introduction
Hello and welcome to the GRC foundations mini course. I'm your instructor. Two thumbs all smiles. Doctor Gerald Auger. I'm wicked pumped that you decided to take the first steps into really understanding exactly what governance, risk, and compliance is in the modern cybersecurity ecosystem and allowing me, the privileged, in the opportunity of service, to be able to help you understand that.
Now, who's it for? Right. Well, whether you're curious about what GRC actually entails or you're interested in understanding the day to day activities, perhaps you're looking for a career transition and it could be from, you know, IT or even within information security, like a SecOps or something, wanting to switch over to GRC.
Maybe you don't want to work on Christmas Eve, due to an incident or something like that, or maybe your full on career transition, like you're a heavy equipment operator and you just don't want to work construction anymore, right? No matter what, whether you're assembling information about a potential career path or you're just trying to make a decision whether or not it's the one you want.
This class is going to help you. We're going to start by exploring what GRC is, what the components are, and how they all relate together, and how they fit together in a modern information security program. We'll discuss the day to day realities of GRC work, what it actually entails the benefits, and honestly, we're going to talk about some of the challenges, because there are some challenges to working in GRC.
We'll look at some key skills and how to develop them, educational requirements, backgrounds of people who do this work, we'll talk about certifications, and we'll also explore the different GRC career paths. As you're about to find out, there's a lot of variance in how GRC is, it's a whole spectrum of jobs. There's risk analyst and IT auditor. We'll explore all of these, and the various growth paths from each of those entry level positions.
And finally, we'll help you determine if GRC might be a good fit for you. We're going to do a really kind of self assessment, and we'll give you actionable next steps to start building out your expertise. So along the way, like I said, I'm your instructor, Dr. Gerald Auger. You guys know me as Simply Cyber. I've got about 20 years in cybersecurity, mostly government and government contracting.
I've worked in all sides of cybersecurity, I've been a sys admin. I've been in a couple different soc roles. I was a manager for most of the last decade. I have a lot of experience in pen testing and a whole bunch in GRC. I've built and run both public and private sector cybersecurity programs.
I've literally done it all. I'm an experienced instructor, trainer, author, consultant, frequent podcast guest and conference speaker. I publish daily cybersecurity news. I've got a PhD in cybersecurity and an MBA in
business. Yeah, I'm kind of proud of myself. I'm a father of four little security nerds, and I believe cybersecurity is a high calling profession that offers immense value to society.
And I love to help people like you get into this amazing careers, particularly into getting into risk, which is where the money is. So let's go. So I will tell you, I have a Simply Cyber Community on Discord.
This is an invaluable resource. It's free. So as I'm doing my daily cyber threat briefing on YouTube, I'm going to ask you to pop into the Discord. Come here, ask your questions. Like, I have a, I've, I literally have a section there of people who are in GRC.
You can chat with them, you can understand them. You can ask them what it's like. It's a incredible resource. So we're going to get started. We're going to talk about what governance risk and compliance actually is. We'll see you in the next one.
