Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

Risk Grustlers | EP 23 | The GRC identity crisis

Alan Luk has seen GRC from every angle, from Big 4 audit and consulting, leading GRC teams, and now GRC engineering at Microsoft Azure. In this episode of Risk Grustlers, he joins Nicholas Muy (CISO and VP of Engineering at Scrut Automation) for a candid conversation on the decisions modern GRC teams are being forced to make: what to own, what to enable, when to escalate, and how to work with engineering without turning every audit issue into a fire drill. Featuring * Alan Luk, Principal TPM, Microsoft  * Nicholas Muy, CISO and VP of Engineering, Scrut Automation About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

Risk Grustlers | EP 22 | The weight of cyber leadership ft. Larry Whiteside Jr.

This episode gets into the reality behind one of the most visible roles in cybersecurity. Larry Whiteside Jr. shares how the CISO role has evolved into something far broader and harder than many people outside the job realize. What began as a deeply technical function now often comes with executive expectations, growing operational ownership, constant outside pressure, and very little formal preparation for the business side of the role. The conversation also explores how security leaders are expected to make sound decisions in a market flooded with vendors, why smaller and mid-sized companies can no longer treat security as someone else’s problem, and how peer communities have become a practical source of advice, perspective, and relief for people carrying this kind of responsibility. Featuring * Larry Whiteside Jr., Co-Founder & President, Confide Group  * Nicholas Muy, CISO, Scrut Automation About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

Risk Grustlers | EP 21 | Collaborative Kitchen for AI Governance ft. Sandip Wadje

AI is not just another tool rollout. It is forcing companies to revisit assumptions they have lived with for years. In this Risk Grustlers episode, Sandip Wadje joins Nicholas Muy to discuss what happens when leadership wants the upside of AI immediately, while security, risk, IT, legal, and business teams are left dealing with everything underneath it. The conversation explores what tools like Microsoft Copilot can expose inside organizations, from oversharing in SharePoint to the gap between role-based access on paper and the permissions people actually end up with in practice. Sandip also lays out a more grounded approach for smaller teams: be honest about what is truly confidential, avoid writing controls you cannot consistently follow, give employees a safer way to work with AI, and start preparing for scrutiny around how AI is being used across the business. Featuring * Sandip Wadje, Managing Director, BNP Paribas  * Nicholas Muy, CISO, Scrut About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

In this episode of Risk Grustlers, Wendy Nather joins Nicholas Muy to challenge how we think about compliance, affordability, and security maturity. Wendy introduces the idea of the “security poverty line,” the invisible boundary keeping small organizations from achieving the same security outcomes as large enterprises. She breaks down why frameworks like PCI DSS work only when risks are narrowly defined, and how unclear scoping, hidden vendor pricing, and talent scarcity widen the gap. Tune in as Wendy and Nick dismantle the “back to basics” advice, and explain why fundamentals like asset inventory, change control, and threat prioritization are anything but simple in a cloud-first world. Wendy also shares her practical prioritization pyramid, i.e., where to start when you can’t do everything, and it starts with a step most teams skip. Featuring * Wendy Nather, Senior Research Initiatives Director, 1Password  * Nicholas Muy, CISO, Scrut  About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

Risk Grustlers | EP 19 | Securing agentic AI ecosystems ft. Sounil Yu

In this episode of Risk Grustlers, Aayush Ghosh Choudhury, CEO and Co-Founder of Scrut, sits down with Sounil Yu, Chief AI Officer at Knostic and author of the ‘Cyber Defense Matrix,’ to talk about what it really means to run agentic AI safely, starting from “basic” security hygiene and identity hardening, all the way to drawing hard boundaries around what agents can decide, see, and share. Featuring * Sounil Yu, Chief AI Officer, Knostic  * Aayush Ghosh Choudhury, Co-Founder and CEO, Scrut  About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts