Agentic GRC, SOC 2, and Why Data Beats Compliance | Jake Bernardes (Anecdotes) скачать в хорошем качестве

Agentic GRC, SOC 2, and Why Data Beats Compliance | Jake Bernardes (Anecdotes)

In this episode of the TPRM Podcast, Threats, Pitfalls & Risk Myths, Nate Lee sits down with Jake Bernardes, Chief Information Security Officer at Anecdotes and former CISO at Whistic. Jake brings deep experience across GRC, TPRM, and security leadership, and is known for his candid perspective on where compliance breaks down and what real security transparency should look like. This conversation goes beyond marketing buzzwords to examine what agentic GRC actually means in practice and why data quality, completeness, and accuracy are the foundation of any meaningful AI-driven security workflow. They explore why SOC 2 has become a procurement shortcut rather than a true security signal, how trust centers and machine-readable evidence change third-party risk assessment, and why GRC should be treated as an engineering problem instead of a checkbox exercise. The discussion also covers the future of audits and certifications, incentives that shape vendor risk programs, and how organizations can assess security posture using real data instead of policies and questionnaires. Jake also shares direct career advice for security and GRC professionals, including why networking matters more than certifications, why CISOs who see themselves as cost centers are missing the point, and what it actually takes to be an effective security executive in today’s environment. This episode is a must-listen for CISOs, security leaders, GRC and TPRM practitioners, and anyone thinking seriously about the future of compliance, risk, and trust. Listen and Subscribe Spotify → https://open.spotify.com/show/7JvPsyM ... Apple Podcasts → https://podcasts.apple.com/us/podcast... ... YouTube → @TPRMPodcast About the Guest Jake Bernardes is the Chief Information Security Officer at Anecdotes and the former CISO at Whistic. He has extensive experience leading GRC, TPRM, and security programs and is a strong advocate for transparency, data-driven risk assessment, and treating GRC as an engineering discipline. About the Host Nate Lee is a B2B scaleup CISO and Founder of Cloudsec.ai, helping SaaS companies build business-aligned security programs that increase developer velocity, strengthen trust, and support rapid growth. About the Show The TPRM Podcast features real-world conversations with security leaders challenging conventional thinking about risk and compliance, unpacking the threats, pitfalls, and myths behind modern cybersecurity programs. Connect with Us Nate’s LinkedIn → /natetrustmind TPRM Podcast LinkedIn → /tprm-podcast Website → https://tprmpodcast.com Instagram → @TPRMPodcast TikTok → @tprmpodcast