Risk Grustlers

Hosted by Scrut Automation

Technology

Website RSS feed

Episodes

Latest episode

Jun 2026

Language

EN-US

About the show

Welcome to 'Risk Grustlers,' where we celebrate the extraordinary journeys of modern-day Risk Leaders who embrace the art of 'Grustle'—a powerful fusion of Grind and Hustle. Our podcast dives into the innovative strategies and bold decisions taken by these risk-takers, shaping the future of cybersecurity and risk management. Join us as we explore their inspiring stories, insightful advice, and cutting-edge technologies that define the alternative GRC landscape.

Listen to episodes

24 recent

June 2, 2026Episode 2418 min

Risk Grustlers | EP 24 | Cyber has a creativity problem ft. Don Jeter

Everyone is AI-powered, AI-native, or agentic. And with generative AI making it easier to produce more campaigns, visuals, and content, the noise is only getting louder.In this episode, Don and Nick unpack what it actually takes to build a cyber brand people remember. They talk about why creative direction matters more when everyone has the same tools, why bold event marketing only works when it creates real customer connection, and why AI can support creative teams without replacing taste, craft, or human judgment.For cybersecurity teams trying to stand out in a crowded market, this is a conversation about the difference between being visible and being memorable.FeaturingDon Jeter, CMO, Torq Nicholas Muy, CISO, Scrut AutomationAbout Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

May 25, 2026Episode 2353 min

Risk Grustlers | EP 23 | The GRC identity crisis ft. Alan Luk

Alan Luk has seen GRC from every angle, from Big 4 audit and consulting, leading GRC teams, and now GRC engineering at Microsoft Azure.In this episode of Risk Grustlers, he joins Nicholas Muy (CISO and VP of Engineering at Scrut Automation) for a candid conversation on the decisions modern GRC teams are being forced to make: what to own, what to enable, when to escalate, and how to work with engineering without turning every audit issue into a fire drill.FeaturingAlan Luk, Principal TPM, Microsoft Nicholas Muy, CISO and VP of Engineering, Scrut Automation About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

March 31, 2026Episode 2234 min

Risk Grustlers | EP 22 | The weight of cyber leadership ft. Larry Whiteside Jr.

This episode gets into the reality behind one of the most visible roles in cybersecurity.Larry Whiteside Jr. shares how the CISO role has evolved into something far broader and harder than many people outside the job realize. What began as a deeply technical function now often comes with executive expectations, growing operational ownership, constant outside pressure, and very little formal preparation for the business side of the role.The conversation also explores how security leaders are expected to make sound decisions in a market flooded with vendors, why smaller and mid-sized companies can no longer treat security as someone else’s problem, and how peer communities have become a practical source of advice, perspective, and relief for people carrying this kind of responsibility.FeaturingLarry Whiteside Jr., Co-Founder & President, Confide Group Nicholas Muy, CISO, Scrut AutomationAbout Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

March 10, 2026Episode 2119 min

Risk Grustlers | EP 21 | Collaborative Kitchen for AI Governance ft. Sandip Wadje

AI is not just another tool rollout. It is forcing companies to revisit assumptions they have lived with for years.In this Risk Grustlers episode, Sandip Wadje joins Nicholas Muy to discuss what happens when leadership wants the upside of AI immediately, while security, risk, IT, legal, and business teams are left dealing with everything underneath it.The conversation explores what tools like Microsoft Copilot can expose inside organizations, from oversharing in SharePoint to the gap between role-based access on paper and the permissions people actually end up with in practice.Sandip also lays out a more grounded approach for smaller teams: be honest about what is truly confidential, avoid writing controls you cannot consistently follow, give employees a safer way to work with AI, and start preparing for scrutiny around how AI is being used across the business.FeaturingSandip Wadje, Managing Director, BNP Paribas Nicholas Muy, CISO, ScrutAbout Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

January 12, 2026Episode 2017 min

Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

In this episode of Risk Grustlers, Wendy Nather joins Nicholas Muy to challenge how we think about compliance, affordability, and security maturity.Wendy introduces the idea of the “security poverty line,” the invisible boundary keeping small organizations from achieving the same security outcomes as large enterprises. She breaks down why frameworks like PCI DSS work only when risks are narrowly defined, and how unclear scoping, hidden vendor pricing, and talent scarcity widen the gap.Tune in as Wendy and Nick dismantle the “back to basics” advice, and explain why fundamentals like asset inventory, change control, and threat prioritization are anything but simple in a cloud-first world. Wendy also shares her practical prioritization pyramid, i.e., where to start when you can’t do everything, and it starts with a step most teams skip.FeaturingWendy Nather, Senior Research Initiatives Director, 1Password Nicholas Muy, CISO, Scrut About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

December 17, 2025Episode 1924 min

Risk Grustlers | EP 19 | Securing agentic AI ecosystems ft. Sounil Yu

In this episode of Risk Grustlers, Aayush Ghosh Choudhury, CEO and Co-Founder of Scrut, sits down with Sounil Yu, Chief AI Officer at Knostic and author of the ‘Cyber Defense Matrix,’ to talk about what it really means to run agentic AI safely, starting from “basic” security hygiene and identity hardening, all the way to drawing hard boundaries around what agents can decide, see, and share.FeaturingSounil Yu, Chief AI Officer, Knostic Aayush Ghosh Choudhury, Co-Founder and CEO, Scrut About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

November 17, 2025Episode 1824 min

Risk Grustlers | EP 18 | Bridging the dev–security divide ft. Siyavash G. Nia (Black Hat Special)

In this episode of Risk Grustlers, Nicholas Muy, CISO at Scrut Automation, sits down with Siyavash G. Nia, CISO at ShyftLabs, to talk about what actually works for smaller teams that care about security but do not have an army of specialists: making vulnerabilities real for developers, using QA as a bridge instead of a shield, using GRC tools for shared visibility, and ignoring the AI noise until the fundamentals of secure code, infra, and data are in place.FeaturingSiyavash G. Nia, CISO, ShyftLabs Nicholas Muy, CISO, Scrut About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

October 10, 202539 min

Risk Grustlers | EP 17 | AI agents for security ft. Edward Wu (Black Hat Special)

In this Black Hat special episode of Risk Grustlers, Edward Wu, Founder and CEO of Dropzone AI, joins our CEO and co-founder, Aayush Ghosh Choudhury, to discuss the future of security operations.From automating tier-one SOC tasks to cutting response times from hours to minutes, Edward shares how AI agents are force-multiplying security teams and reshaping the economics of cybersecurity.The discussion dives deep into trust, dependability, and the real limits of AI in high-stakes environments — a must-watch for CISOs, security engineers, and AI enthusiasts alike.About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

May 21, 2025Episode 1632 min

EP 16 | All about compliance commoditization, GRC 4.0 & AI

Featuring Nicholas Muy, CISO, Scrut AutomationIn this episode, our CEO Aayush Ghosh Choudhury sits down with our CISO Nicholas Muy for a candid conversation on some of the most debated trends in GRC today.With nearly two decades in security—including roles at the Department of Homeland Security, Expedia, and high-growth startups—Nicholas knows what it takes to build programs that go beyond the basics.From AI agents to audit-ready automation, this episode is a playbook for where GRC is headed. A special episode packed with actionable ideas to take back to your team.DescriptionNick doesn't sugarcoat it: compliance is changing—and the shift is bigger than commoditization. It’s convergence.In this episode, he explores how security and compliance are merging into unified, intelligent workflows—with AI agents playing a key role. Drawing on his vast experience in cybersecurity, he breaks down what agentic GRC actually looks like and how early-stage companies can embrace frameworks without being boxed in by them.Whether you're rethinking audits, scaling trust, or experimenting with AI teammates, this episode offers a glimpse into what’s next for GRC.Highlights from the episodeIs compliance becoming a commodity—or something more valuable?How security and compliance are converging faster than you thinkThe rise of agentic AI and what it means for GRC teamsBuilding adaptable, audit-ready programs that don’t drain your teamQuotes“Personally, I see it less as commoditization and more as democratization.”“Compliance gave us the time and structure to gradually build and refine our security posture.”“Cost and effort alone aren’t reliable indicators of audit quality—especially for small to midsize companies.”“Agentic teammates help us scale by reviewing vendors upfront, surfacing risk, and retaining context between assessments.”About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts

February 19, 2025Episode 1530 min

EP 15 | Keep your friends close, but your insiders closer

About the speaker: Srikanth Chavali, Co-Founder and CPO at Kitecyber, dives deep into the growing threat of insider risks and shares approaches to help businesses can stay ahead of the curve. With years of experience tackling complex cybersecurity challenges, Srikanth offers valuable insights and practical advice for organizations of all sizes. Tune in for an insightful conversation packed with actionable strategies you won’t want to miss!Description:In this episode, Srikanth Chavali unpacks the complex terrain of insider threats, highlighting why these risks are growing and how organizations can proactively protect themselves. He emphasizes that even small and mid-sized companies, often without dedicated security teams, can mitigate these threats by setting clear accountabilities and adopting the right technologies.Srikanth discusses how a virtual CISO (vCISO) can help companies build a strong security posture, even with limited resources, and stresses the importance of a dedicated leader driving security efforts. He also delves into the evolving role of AI and automation in cybersecurity, showing how these technologies are transforming threat detection and data classification. With a focus on actionable insights, Srikanth explains how companies can leverage AI to improve security measures while reducing false positives and increasing efficiency.Highlights from the episode:Managing insider threats without a dedicated security teamThe importance of accountability in cybersecurityLeveraging AI for improved data classification and threat detectionPractical steps small and mid-sized companies can take to improve securityQuotes:“Cybersecurity is not just a technical challenge; it's a responsibility that needs to be owned across the organization.”“Insider threats are not always easy to detect, but with the right tools and mindset, organizations can proactively manage risks.”“AI and automation are changing the game for threat detection, offering more precision with fewer false positives.”“You don’t need to start from scratch—leveraging existing models and tools can be a great way for smaller companies to begin their cybersecurity journey.”About Scrut Automation:Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.To watch more of our episodes and learn more about us, visit us at :https://www.scrut.io/podcasts