Trust Talks with Thomas Owen, CISO at Grafana

Trust Talks with Thomas Owen, CISO at Grafana

Sravish sits down with Thomas Owen to discuss the latest security and GRC trends.

Here’s what they discuss:
🔍 Thomas’s personal values of transparency and accountability
🔒 The strategy of "first security, then compliance"
📊 Thomas’s approach to sharing metrics with the Board
🤝 Why Thomas and Sravish are big advocates for Kolide


0:43 How have you made GRC more accessible, transparent, and accountable at Grafana Labs?

2:24 How do you translate security and privacy and compliance requirements into product requirements?

3:52 How does GRC at Grafana support the revenue function?

06:27 What metrics should CISO’s share with their Boards to educate them on the business impact of their security, compliance, and privacy programs?

9:30 Will CISO’s ever discuss contractual assurance and how their security and privacy programs align with contractual commitments to the Board?

10:39 Which security and privacy vendors do you admire for promoting transparency, trust, and accountability to improve organizational commitment to trust?

15:38 Who are some security leaders or privacy leaders or CISOs who have inspired you?

18:38 Who are trust champions that you’ve worked with?

21:46 What do you think we’ll be doing differently in security and compliance 3 to 5 years from now?

Stay tuned for more!

Follow Sravish on LinkedIn 👉
Follow Thomas on LinkedIn 👉
Follow TrustCloud on LinkedIn 👉
Want to learn about TrustCloud or Trust Assurance? 👉
Want to find more compliance materials? 👉
Want Free SOC2? 👉

#GRC #TrustCloud #CISO #compliance #cybersecurity