#AuditTuesday GRC Podcast
Episodes
After the BRICKSTORM Hack: An Identity-First Security Strategy for 2026
17 Dec 2025
Contributed by Lukas
A critical discussion on cybersecurity in the wake of the BRICKSTORM attack—a sophisticated Chinese APT campaign targeting critical infrastructure. ...
Zero Day + Sloppy IAM = Catastrophe: Lessons from 2025’s Biggest Breaches w/ Darrick Richardson
02 Dec 2025
Contributed by Lukas
Discussion on how sloppy identity practices made 2025 breaches worse2025 delivered zero-day nightmares: SharePoint RCE, Oracle EBS privilege escalatio...
#AuditTuesday - SOX IT Audit Prep w/ Paul Feather and Craig Guinasso
16 Nov 2025
Contributed by Lukas
Are you an IT leader, auditor, or professional navigating the complexities of Sarbanes-Oxley (SOX) compliance? Join our upcoming webinar, "SOX Pr...
#AuditTuesday GRC Podcast - America's First AI Transparency Law, CA SB 53 w/ Karina Klever
15 Oct 2025
Contributed by Lukas
Join us for an engaging #AuditTuesday session on California’s CA SB 53 - America’s First AI Transparency Law.CS SB 53 was signed into law on Septe...
#AuditTuesday GRC Podcast - After the Hack - Keep SharePoint Secure w/ Greg Kutzbach
08 Oct 2025
Contributed by Lukas
In this dynamic #AuditTuesday webinar, cybersecurity expert Greg Kutzbach, Cybersecurity Expert, will dive into the critical topic of keeping SharePoi...
#AuditTuesday GRC PodCast - AI Hacking featuring Alan Sugano and Shannon Noonan
23 Sep 2025
Contributed by Lukas
In this dynamic #AuditTuesday webinar, cyber security expert Alan Sugano, President of ADS Consulting Group, we’ll dive into the escalating threat o...
Master PCI DSS 4.0 Compliance w/ Truvantis and YouAttest
11 Sep 2025
Contributed by Lukas
Tune in for an engaging #AuditTuesday GRC podcast focused on mastering the complexities of PCI DSS 4.0. This live session, hosted by YouAttest, a prem...
AI Governance - Ignorance is Not Bliss w/ Ashley Robinson and Allgress
11 Sep 2025
Contributed by Lukas
Join us for an engaging #AuditTuesday webinar featuring renowned AI governance expert Ashley Robinson, hosted by YouAttest. This session will explore ...
#AuditTuesday - Who’s Really Inside Your System? w/ #ThatAuditGuy RobertBerry
27 Aug 2025
Contributed by Lukas
Join us for an engaging #AuditTuesday webinar featuring renowned auditor Robert Berry, #ThatAuditGuy, hosted by YouAttest. This session will explore...
CISO’s: Strengthening Supply Chain Security with Identity Governance and InvisiRisk
04 Aug 2025
Contributed by Lukas
#AuditTuesday Presents: The CISO’s Playbook: Strengthening Security with Identity and Supply Chain GovernanceCISOs need robust strategies to secure ...
Starting An AI Project? Where Does GRC Fit In? With MyTech.Network's Robert Hilliker
04 Aug 2025
Contributed by Lukas
As AI transforms industries, ensuring robust governance, risk, and compliance (GRC) is critical to building secure and ethical AI systems. In this dyn...
#AuditTuesday: v-CISOs: Scaling Identity GRC for Security and Compliance w/ YouAttest and Allgress
13 Jun 2025
Contributed by Lukas
With cyber threats escalating and compliance requirements tightening, organizations need flexible, expert-driven solutions to stay secure. Virtual CIS...
#AuditTuesday: Hey MSPs! Time to Get on Board w/ YouAttest Managed UARs!
29 May 2025
Contributed by Lukas
MSPs – it's time to expand your security service offerings with a critical, high-demand compliance function: User Access Reviews (UARs).In this...
#AuditTuesday: CISO Reality Check — Identity Risk w/ Larry Whiteside
27 May 2025
Contributed by Lukas
As identity risk rises across enterprises, CISOs are being called to lead the charge in governance and access oversight. But are they equipped for the...
#AuditTuesday - AI Governance and Model Risk Management w/ James Sayles
30 Apr 2025
Contributed by Lukas
As artificial intelligence reshapes business, compliance, and security landscapes, organizations are under pressure to implement clear governance stra...
MSPs and GRC (Governance Risk and Compliance) w/ Shannon Noonan and Daniel Morrison
25 Mar 2025
Contributed by Lukas
Governance Risk and Compliance is a $45.6B market - a market the Managed Service Providers (MPSs) need to be in they want to grow.But GRC, the concept...
Shared Signals - What They Mean for Authorization
12 Mar 2025
Contributed by Lukas
Shared Signals - for those in the identity know - it’s a subject that time has come.Shared Signals refers to a standardized system where organizatio...
Reviewing Privileged Accounts - with Synoptek MSP
12 Mar 2025
Contributed by Lukas
Privileged users are the source of most enterprise problems: from outsider attacks, insider threads and compliance - the focus usually involves admi...
EU's DORA and Identity Governance - with Ralph Menegatti from concedro
12 Mar 2025
Contributed by Lukas
Huge regulatory changes face the EU nations and the companies that work w/ the EU: Digital Operational Resilience ACT (DORA). The Digital Operationa...
Automating AWS Entitlement Reviews - with CloudArmee
12 Mar 2025
Contributed by Lukas
AWS is the premier cloud vendor - AWS is the basis of most enterprises cloud strategy. To help us understand the importance of AWS and AWS entitle...
CMMC 2.0 Ruling - What Does this Mean? With ShortArm Solutions
12 Mar 2025
Contributed by Lukas
The U.S. Department of Defense (DoD) on October 15th, 2024 published its long-anticipating first part of the final rule (32 CFR) for the Cybersecurity...
The Trump Administration and Cyber Regulations - Karen Klever, Mike Andrewes and Stacey Cameron
17 Jan 2025
Contributed by Lukas
New administration - new attitude, regulations, priorities on cyber governance? No question.But what will it be? What about CISA?What about NIST?W...
Okta “No Password Flaw” - What Is It? How to Secure? - Featuring Greg Kutzbach
16 Jan 2025
Contributed by Lukas
Okta announced that they had a flaw in their authentication - where under “specific circumstances” a user could gain access w/o inputting the pass...
Mentoring the Next-Generation of Cyber Professionals - Featuring Ted Alben
16 Jan 2025
Contributed by Lukas
You can’t talk about cyber security with a professional today without the conversation turning to the topic of the next generation.Namely our youth ...
CMMC 2.0 Final Ruling - What Does This Mean? Featuring Michael Andrewes, Yastis
16 Jan 2025
Contributed by Lukas
The U.S. Department of Defense (DoD) on October 15th, 2024 published its long-anticipating first part of the final rule (the Final Rule) for the Cyber...
GRC Fatigue and What Can Be Done - Featuring Stacey Cameron
16 Jan 2025
Contributed by Lukas
Practically all enterprises are under some sort of IT compliance and regulations. Holding any data that is classified as sensitive - puts the enter...
German Cyber Hacks and EU DORA - Featuring Ralf Mennegatti
16 Jan 2025
Contributed by Lukas
Cyber Attacks are worldwide. Germany is not immune to these attacks. In fact Deutsche Bank in September 2024, stated that “Cyber-attacks alone cos...
MSPs: Automate Your Identity Audits
16 Jan 2025
Contributed by Lukas
This YouAttest podcast highlights the YouAttest offering for Identity security and compliance for managed service providers (MSPs.)Automating and simp...
HR-IAM Variance - Detecting Orphan Users and Privileges w/ YouAttest
10 Dec 2024
Contributed by Lukas
HR systems for many enterprises is the identity store of record (ISoR). This is where identities are created, roles are assigned, and privileges are e...
CMMC 2.0 Final Ruling Update - Yastis, Micahel Andrewes
10 Dec 2024
Contributed by Lukas
The U.S. Department of Defense (DoD) on October 15th, 2024 published its long-anticipating first part of the final rule (the Final Rule) for the Cyber...
The Change Healthcare Hack - A Game Changer in Health Risk Management w/ Greg Kutzbach
10 Dec 2024
Contributed by Lukas
Change Healthcare announced Thursday, Feb 29th that a ransomware group that had claimed responsibility for the attack was at faultHealth care provid...
AWS - In-Depth Entitlement Audit by YouAttest w/ Raj Sawhney (CDW)
10 Dec 2024
Contributed by Lukas
AWS is the premier IAAS vendor - AWS is the basis of most enterprise cloud strategy. To help us understand the important of AWS and AWS entitlemen...
GRC Fatigue and What Can Be Done w/ Stacey Cameron (CyCam Strategies)
10 Dec 2024
Contributed by Lukas
Practically all enterprises are under some sort of IT compliance and regulations. Holding any data that is classified as sensitive - puts the enter...
German Cyber Hack and EU DORA w/ Ralf Mennegatti
10 Dec 2024
Contributed by Lukas
Cyber Attacks are world-wide. Germany is not immune to these attacks. In fact Deutsche Bank in Sept 2024, stated that “Cyber-attacks alone cost...
MSPs: Automate Your Identity Audits w/ YouAttest "User Access Reviews" (UARs)
10 Dec 2024
Contributed by Lukas
Welcome to today’s AuditTuesday - this YouAttest podcast highlights the YouAttest offering for Identity security and compliance for managed service ...
HR-IAM Variance - Cleaning out Orphaned and Mis-Aligned Privileges, w/ Karina Klever
10 Dec 2024
Contributed by Lukas
HR systems for many enterprises is the identity store of record (ISoR). This is where identities are created, roles are assigned, and privileges are e...
CPF Coaching: YouAttest Product of the Week for MSPs - Christophe Foulon
10 Dec 2024
Contributed by Lukas
Lots of products out there for MSPs to review and deploy - that’s why the market appreciates those that review the products for the consultants and ...
Getting Started w/ Your Compliance Project - Karina Klever and Cloud PSO
10 Dec 2024
Contributed by Lukas
Most enterprises are under compliance, be it in healthcare, finance, insurance, government, education or defense.And most of the enterprises have comp...
YouAttest Next-Gen IGA on AWS Marketplace w/ Cloud Armee (Chris Kesik)
10 Dec 2024
Contributed by Lukas
AWS is the predominant cloud service for most enterprises w/ over $90B a year and growing.Which warrant security products that are not only designed t...
NIST Frameworks and CMMC for Federal Contractors - Short Arm Solutions, Jeff Chao and Rick Mischka
10 Dec 2024
Contributed by Lukas
In fiscal year 2023, the federal government spent around $759 billion on contracts with outside companies and organizations. In 2024 there are over 20...
YouAttest ITS (Identity Trust Score) - For Managed Service Providers (MSPs) w/ Eldon Sprickerhoff
10 Dec 2024
Contributed by Lukas
The Managed Service Provider (MSP) space is experiencing significant growth, with the global market currently valued at around $299 billion and projec...
Black Hat 2024 - Mel Reyes and Shaun Walsh
13 Nov 2024
Contributed by Lukas
More than 20,000 professionals will go to Black Hat 2024 this year. The who’s who of cyber security, hacking and prevention. Let’s get two p...
CISA and The Principle of Least Privilege - Identity Governance w/ David Worthington
13 Nov 2024
Contributed by Lukas
The world is finally becoming aware of the danger of excess privileges and unmanaged users. These are the accounts that the attackers love to take ove...
Errors in Cyber Vendor Selection and Vendor Mgmt - w/ David Gilies
13 Nov 2024
Contributed by Lukas
Selecting a new vendor is wrought w/ problems and failed attempts. The decision is crucial - but the input is flawed. Relying on vendor-lead refe...
The CDK Global (Car Dealership) Hack and the IAM/SSO Connection
13 Nov 2024
Contributed by Lukas
One of the largest hacks of 2024 is shaping up as the CDK software hack that has affected over 15,000 US and beyond car dealerships. The impact of the...
Developing AI? Access Controls Matter - w/ GetSmart Cyber Defense
13 Nov 2024
Contributed by Lukas
Artificial Intelligence (AI) has revolutionized various industries, and its application in online security is proving to be a game-changer. But how A...
YouAttest CGEIT Study Session - Summary, Episode 5 - Karina Klever and Kelly Gilmore
13 Nov 2024
Contributed by Lukas
SummaryThis will be the last session in our 5 part CGEIT prep series. We will summarize all that we have discussed in the past 4 sessions and will ans...
YouAttest CGEIT Study Session Domain 4 - Featuring Karina Klever and Kelly Gilmore
13 Nov 2024
Contributed by Lukas
Risk Optimization - This session will help you understand the frameworks that assist in governance, and that help an enterprise identify, analyze, mon...
YouAttest Next-Gen IGA on AWS Marketplace w/ CloudArmee - #AuditTuesday
13 Nov 2024
Contributed by Lukas
AWS is the predominant cloud service for most enterprises w/ over $90B a year and growing.Which warrant security products that are not only designed t...
EU'S DORA and Identity Governance - Special Guest: Ralf Menegatti
26 Jun 2024
Contributed by Lukas
The Digital Operational Resilience Act (Regulation (EU) 2022/2554) solves an important problem in the EU financial regulation. DORA mandates that ente...
YouAttest CGEIT Study Session: Domain 3 - Featuring Karina Klever and Shannon Brewster
20 Jun 2024
Contributed by Lukas
Led by Karina Klever and Shannon Brewster, with assistance from YouAttest CEO Garret Grajek, CEH, CISSP, the sessions will cover Governance of Enterpr...
Cybersecurity 80-20 Rule - Start with Identity w/ Michael Andrewes of Yastis
18 Jun 2024
Contributed by Lukas
The 80/20 rule is crucial to many enterprise and life activities - but what about cybersecurity?Most definitely it is. The 80-20 rule guides us to tak...
CGEIT Training Session - Domain #2 w/ Karina Klever and Kelly Gilmore
18 Jun 2024
Contributed by Lukas
A 5-part series is helping managers become better managers - starting with learning the basis of the CGEIT certification. (Certified in the Governance...
Limiting the Identity Attack Surface - Red Cup IT Starring Dan Le
28 May 2024
Contributed by Lukas
Attack surface is the rage of cyber security today - we hear we have to reduce our attack surface. But how about the biggest vulnerability - our ident...
CGEIT Training Session - Domain 1 w/ Karina Klever and Kelly Gilmore
25 May 2024
Contributed by Lukas
A 5-part series is helping managers become better managers - starting with learning the basis of the CGEIT certification. (Certified in the Governance...
Before the Breach - Strategy on Identity Security
25 May 2024
Contributed by Lukas
Breaches happen - especially for enterprises who hold sensitive data: PHI for healthcare, PII for financial institutions and CUI for defense contracto...
Identity Governance in Healthcare - featuring Steve Taccogna
24 May 2024
Contributed by Lukas
This YouAttest Educational #AuditTuesday podcast highlights YouAttest in healthcare. Healthcare is under attack by ransomware groups and other hac...
Change Healthcare Hack: Update - PoLP Matters featuring Carrie Jabs
23 May 2024
Contributed by Lukas
This YouAttest Educational #AuditTuesday podcast discussed the updates known about the biggest hack in the history of U.S. healthcare- the Change ...
Consequences of a MSP Breach - Financial, Legal and Cyber Implications - Featuring Cynthia Stamer, Peter Gailey and John Allen
04 Apr 2024
Contributed by Lukas
Breaches are not new - they affect every industry from A to Z - Advertising to Zoos. What’s new? Now the hacks of the services that manage the IT in...
Cyber Security and Cyber Law - Identity Governance w/ Stacey Cameron, Shawn Tuma and Justin Corker
01 Mar 2024
Contributed by Lukas
Cases like the SEC claims against SolarWinds and Tim Brown have made the general public aware that IT has governance and a legal responsibility to ide...
Ego and the Start-up Entrepreneur with Professor David Carlson
01 Mar 2024
Contributed by Lukas
Everyone loves the start-up - but no one loves the ego of the start-up entrepreneurs. It’s not a myth, it’s real and it hurts the endeavor.To expl...
The Microsoft Email Hack - Service/User Accounts Used for OAUTH SSO w/ Greg Kutzbach
01 Mar 2024
Contributed by Lukas
Who: Greg Kutzbach, Digital Forensic Expert, Exhibit A Cyber Garret Grajek, CEH, CISSP, CEO of YouAttestMicrosoft just suffered a maj...
Why IGA is Failing Our Enterprises - Stacey Cameron, Mel Reyes, Tom Sabbe
07 Feb 2024
Contributed by Lukas
IGA has been seen as a failure in many enterprises. Why is this? Why are companies getting hacked for faulty governance? Why are companies bein...
Cybersecurity and Change Control, focus Identity - with John Young and Kelly Gilmore
31 Jan 2024
Contributed by Lukas
Cybersecurity is on everyone’s mind - but did you know cybersecurity starts w/ change control?Hackers love sloppy IT and sloppy identity practices? ...
Security Audits - What’s Missing? w/ Dmitriy Sokolovskiy
27 Jan 2024
Contributed by Lukas
Given the amazing rash of hacks and ransomware attacks over the years - many enterprises are now either considering or beefing up their security audit...
YouAttest “Segregation of Duties” for Identity Security and Compliance w/ Shannon Noonan
27 Jan 2024
Contributed by Lukas
Segregation of Duties (S.o.D) is a KEY requirement for identity security and compliance. It is a principal requirement for a secure enterprise to figh...
What is Insider Threat and How Does GRC Address w/ Carrie Jabs
27 Jan 2024
Contributed by Lukas
“Insider Threat” is always a topic - and it became even more of a topic with the recent hacks. Why is it such a problem? What tools can be used to...
Halloween Scary Stories on Identity Hacking w/ Craig Guinasso and Paul Feather
27 Jan 2024
Contributed by Lukas
The past months have brought us more than just the infamous MGM identity hack - unfortunately much more. Identities themselves are no longer the targe...
MSPs - It’s Time to Get Outside of the Box w/ Eldon Sprickerhoff
27 Jan 2024
Contributed by Lukas
Enterprises of all sectors are at the end of their ropes dealing with cyber attacks, ransomware and data breaches. Their only recourse is to hand off ...
Entitlement Audit of AWS for Security and Compliance - Featuring Raj Sawhney
27 Jan 2024
Contributed by Lukas
AWS is the premier IAAS vendor - AWS is the basis of most enterprise cloud strategy. To help us understand the important of AWS and AWS entitlemen...
AI and Search - What’s Next w/ David Novick
26 Jan 2024
Contributed by Lukas
Search has been big business for 30 years - and no one is bigger in the search industry than Google. But with new advances in AI, especially aro...
Data Security and Identity Governance w/ Michael Andrewes
23 Jan 2024
Contributed by Lukas
Data security is foremost on everyone minds w/ ransomware and data attacks occurring daily. But what can be done to secure data? And what role does IG...
CISA and The Principle of Least Privilege w/ CISA Security Advisor: Donald E. Hester
16 Jan 2024
Contributed by Lukas
The world is finally becoming aware of the danger of excess privileges and unmanaged users. These are the accounts that the attackers love to take ove...
How Sloppy Identity Practices are Killing Us with Kevin Moss
11 Jan 2024
Contributed by Lukas
Identities are the #1 cause and mechanisms for hacks - malware insertion, ransomware and data exfiltration.We discuss this w/ Kevin Moss, a Financial ...
AI Data and Sloppy Handling Will Get You Sued w/ Malcolm Harkins
11 Jan 2024
Contributed by Lukas
Everyone is racing to AI. And in the race a lot of data is being collected and not all of it w/ the proper security, controls and governance on thes...
Another Okta Attack, Another IAM Attack - What to Do? (With SHI Security SE Josh Gold)
11 Jan 2024
Contributed by Lukas
First there was the MGM/Caesar’s hacks involving Okta. Then it broke that Okta support session tokens were hacked to break into Cloudflare, BeyondTr...
SEC Charges Against SolarWinds and Tim Brown w/ Peter Schawacker
11 Jan 2024
Contributed by Lukas
A milestone action occurred on October 30th, in the history of cyber and legislation. The U.S. Security Exchange Commission (SEC), moved to prosecute ...
The SEC 10-K and Mandated Cybersecurity Messaging w/ DV Subramanyam
11 Jan 2024
Contributed by Lukas
The “SEC Final Ruling” on cybersecurity and cybersecurity messages in law. The changes include mandatory documentation of cybersecurity practic...
GRC 2024 - What to Hope For - What to Expect w/ Carrie Jabs
03 Jan 2024
Contributed by Lukas
2024 looks to be the year of GRC - w/ multiple forces merging. Companies like SolarWinds being criminally charged for falsifying their identity...