TechSpective Podcast Episode 054
Navigating the web of regulatory compliance mandates and mitigating risk from a constantly evolving and expanding threat landscape is challenging. For a company like Adobe–a large enterprise with a global footprint that was also an early adopter of cloud technologies–managing governance, risk, and compliance (GRC) is even more complex. A leader from the Adobe Tech Governance, Risk, and Compliance (TechGRC) team at Adobe joins me on this episode of the TechSpective podcast to talk about the creative and innovative ways Adobe tackles GRC.
Adobe had to develop its own approaches to help ensure security controls are uniformly implemented across its diverse technology stack. They also wanted a system that enables proactive action to mitigate issues quickly if there is any deviation from the preferred state. The technology governance, risk, and compliance (TechGRC) team at Adobe developed the Strategic Technology Iniatives program to help meet these goals. A blog post from Adobe describes some of the key features of STI:
- Driving strategic initiatives across Adobe to better ensure that our assets have the desired security configurations in place per industry best practices
- Efficiently using data collected from our Operations security stack, Application security stack, and technical compliance requirements to create these initiatives to further drive our desired security governance
- Driving the adoption of these initiatives/best practices into Adobe-wide sprints through our corporate standards and policies
- Implementing automated controls around continuous adoption, monitoring, and tracking of potential deviations
Listen to the podcast for more insights about the challenges of GRC and the importance of managing governance, risk, and compliance effectively.
Please ask questions and share your thoughts on the topic in the comments below. I appreciate your help to share the podcast and grow the audience. Also, please subscribe to the TechSpective podcast through your favorite podcast platform, and share the podcast with your peers and friends.
If you enjoy the podcast, I would also be grateful if you could take 2 minutes to rate and review the podcast on iTunes, or wherever you listen.
- Detecting Anomalies with ‘Project Caspian’ - February 19, 2024
- The Strategic Partnership Elevating API and Endpoint Security - February 15, 2024
- Simplifying Cybersecurity from Confusion to Clarity - February 12, 2024