Often times, as I meet new people – usually by means of some new project I’m on – people will ask, “GRC? What does that even mean?” Followed very quickly by “Oh… Well, what does GRC even do?” In this presentation I intend on addressing some of the many areas of focus a GRC team might have, within the realm of information security. As well as speaking to the value such a team brings to a company’s security program. All while hopefully leaving enough time to take questions and provide further answers. If attendees are already familiar with GRC, this talk may not be for them. Or they may be interested to hear how their team stacks up.

Brian Martinez has worked at Michigan State University for over 20 where he also received his Bachelor’s in Telecommunication. He also holds a CISA and CISSP. While presently a security analyst for MSU’s Information Security GRC team, his previous time was spent working as an IT auditor, managing streaming media servers, print servers, upgrading software in public computer labs, and maintaining the primary email system on campus. Information security has been his primary focus for the last three-plus years.

Back to BSides Detroit 2018 video list