In this episode of Security & GRC Decoded, Raj Krishnamurthy, CEO of ComplianceCow, sits down with Walter Haydock, CEO of StackAware, to discuss the evolving landscape of AI security, governance, risk, and compliance (GRC). Walter shares insights on emerging AI threats, the importance of ISO 42001 certification, and the challenges organizations face when integrating AI into their security and compliance programs.

Key topics include:

• DeepSeek and AI Privacy Risks
• Regulatory Challenges in AI Security & Compliance
• The Intersection of AI Governance and GRC
• Building a Business Case for AI Security Programs
• How Security & GRC Teams Can Adapt to Rapid AI Developments

This episode is packed with practical insights for security leaders, compliance professionals, and anyone navigating the risks and opportunities of AI-driven security.

🎙️ Security & GRC Decoded is brought to you by ComplianceCow. Subscribe now for expert insights from industry leaders shaping the future of security & compliance.

Learn more about ComplianceCow and how we can help your GRC teams!

💡 Connect with Walter Haydock 💡

For more insights on AI security, governance, and compliance, follow Walter Haydock: 🔗 LinkedIn: Walter Haydock 📖 Blog: Deploy Securely 📷 Instagram: @walter.haydock 🌐 Company Website: StackAware

Stay updated on AI risk management, compliance automation, and emerging security threats by checking out his latest content! 🚀

[00:00] – Introduction

• Host Raj Krishnamurthy welcomes Walter Haydock, CEO of StackAware.
• Overview of today’s discussion: AI security, governance, and compliance trends.

[01:30] – DeepSeek Controversy & AI Security Risks

• What is DeepSeek and why is it concerning for AI security & privacy?
• The risks of AI-generated synthetic data and compliance implications.

[04:15] – The Evolution of AI SaaS & Security Challenges

• The rise of AI-powered SaaS tools and the security risks they introduce.
• AI adoption without security & compliance considerations.

[07:10] – Walter’s Background: From Physical Security to AI Governance

• Transition from defense & physical security to cybersecurity & AI GRC.
• The importance of risk intelligence and automation in modern security.

[10:25] – The Intersection of AI, GRC, & Security Governance

• Who should own AI governance? Security teams, compliance, or legal?
• How AI challenges traditional risk management frameworks.

[13:40] – AI & Compliance: The Role of ISO 42001

• What is ISO 42001 and how does it apply to AI governance?
• How companies can align AI security strategies with compliance.

[17:05] – Building a Business Case for AI Security & Compliance

• How to justify AI governance investments to leadership.
• The real-world impact of AI-driven compliance failures.

[21:15] – AI GRC in Practice: Where Companies Go Wrong

• The biggest mistakes companies make when implementing AI security programs.
• Why compliance automation is essential for scaling AI governance.

[26:10] – AI in Security Operations: SOC Automation & Threat Detection

• How AI is transforming security operations centers (SOCs).
• Automated threat intelligence and its GRC implications.

[30:30] – Advice for Security Leaders Inheriting GRC Programs

• Where to start when taking over a GRC or AI security program.
• Key frameworks & methodologies to adopt early on.

[34:45] – AI Risk Management: How Companies Should Adapt

• The difference between traditional risk assessments vs AI-driven risks.
• The importance of continuous monitoring & real-time compliance checks.

[38:20] – Closing Thoughts & Resources

• Walter’s recommended books, podcasts, and learning resources.
• Where to follow Walter Haydock: 📢 LinkedIn: Walter Haydock 📖 Blog: Deploy Securely

[41:00] – Outro

• Final takeaways from Raj & Walter.
• Why AI governance is becoming a business-critical function.