All About Risk

C1Risk
  • 5.0 (1)
  • TECHNOLOGY

Dive into the digital deep end with the c1risk podcast, your go-to stream for all things GRC and cybersecurity! Each episode, we unpack the complex world of Governance, Risk Management, and Compliance. Whether you're fortifying a finance fortress or safeguarding a startup, join us as we explore cutting-edge strategies and insider insights tailored for any industry. Tune in, turn up your cybersecurity savvy, and transform risks into rewards with your host Lily Yeoh.

  1. 12/29/2025

    Episode 7: The Real Risks of AI in Legal-Tech

    AI is moving fast, but in legal-tech, accuracy and trust are non-negotiable. In this episode of All About Risk, Lily Yeoh speaks with Dean Sapp, CISO and DPO at Filevine, about what happens when AI is introduced into environments where bad data and false outputs carry real consequences. Dean breaks down why enterprise AI is different from consumer tools, the risks of hallucinations, deepfakes, and AI-driven phishing, and why strong guardrails around data, permissions, and retention matter. They also explore how CISOs are using AI to improve threat detection, automate controls, and translate technical risk into business impact leaders can act on. The result is a practical look at AI, security, and risk as an operational reality, not a trend.

    43 min

  2. 12/15/2025 · BONUS

    Bonus Episode 6: Your First Role in GRC

    In this final episode of this three part bonus series, Lily Yeoh shares clear, practical insight on what it really takes to break into a career in GRC. She talks about where people often start, how different backgrounds can translate into the field, and what helps you stand out early on. She also touches on common missteps, the importance of staying curious, and what to focus on in your first months on the job.

    6 min

  3. 12/08/2025 · BONUS

    Bonus Episode 5: How Do I Get Ready? School, Certs, and Skills

    Lily Yeoh breaks down what you really need to enter GRC, from choosing between a degree or certifications to knowing which starter certs are worth your time. She explains how to get hands-on experience before your first role, the soft skills that actually help you stand out, and the one practical skill that’s shaped her own career. This episode gives you a clear, grounded starting point for building a future in GRC. 1. GRCP — GRC Professional ⁠OCEG⁠-Great intro to governance, risk, compliance, ethics, and audit basics. 2. CCEP — Certified Compliance & Ethics Professional ⁠SCCE⁠-Focuses on compliance, ethics, investigations, and corporate policy. 3. ISO 31000 Risk Management Certification ⁠Various accredited bodies⁠-Covers organizational risk frameworks and is accessible without technical depth. 4. CompTIA Security ⁠CompTIA⁠-Security fundamentals that support GRC roles tied to IT and cybersecurity. 5. CGRC (formerly CAP) ⁠ISC2⁠-Intro to governance, risk and security authorization. Good for early GRC careers. ADVANCED LEVEL CERTIFICATIONS These require experience, deeper security knowledge, or exposure to audit, risk, or governance functions. 6. CISSP — Certified Information Systems Security Professional ⁠ISC2⁠-High-level security governance, risk, architecture, and leadership. 7. CISA — Certified Information Systems Auditor ⁠ISACA⁠-The gold standard for audit, controls, and assessment work inside GRC teams. 8. CRISC — Certified in Risk and Information Systems Control ⁠ISACA⁠-Focused on IT risk, business risk, mitigation, and control design. 9. CISM — Certified Information Security Manager ⁠ISACA⁠-Security governance, program management, and risk management at scale. 10. CGEIT — Certified in the Governance of Enterprise IT ⁠ISACA⁠-Enterprise-level IT governance, strategic alignment, and performance risk.

    7 min

  4. 12/02/2025 · BONUS

    Bonus Episode 4: Careers in GRC - What a Career in GRC Looks Like

    In this bonus episode (1 of 3), we zoom out and unpack what a career in GRC actually looks like. Lily Yeoh explains the field in simple terms, talks through the types of challenges GRC professionals help organizations navigate, and highlights the mix of backgrounds that thrive here. We touch on what early roles focus on, how government and commercial paths differ, and what someone should understand before jumping in. If you’re curious about GRC as a profession, this first of three episode gives you a clear, approachable starting point. 1. GRCP — GRC Professional OCEG-Great intro to governance, risk, compliance, ethics, and audit basics. 2. CCEP — Certified Compliance & Ethics Professional SCCE-Focuses on compliance, ethics, investigations, and corporate policy. 3. ISO 31000 Risk Management Certification Various accredited bodies-Covers organizational risk frameworks and is accessible without technical depth. 4. CompTIA Security CompTIA-Security fundamentals that support GRC roles tied to IT and cybersecurity. 5. CGRC (formerly CAP) ISC2-Intro to governance, risk and security authorization. Good for early GRC careers. ADVANCED LEVEL CERTIFICATIONS These require experience, deeper security knowledge, or exposure to audit, risk, or governance functions. 6. CISSP — Certified Information Systems Security Professional ISC2-High-level security governance, risk, architecture, and leadership. 7. CISA — Certified Information Systems Auditor ISACA-The gold standard for audit, controls, and assessment work inside GRC teams. 8. CRISC — Certified in Risk and Information Systems Control ISACA-Focused on IT risk, business risk, mitigation, and control design. 9. CISM — Certified Information Security Manager ISACA-Security governance, program management, and risk management at scale. 10. CGEIT — Certified in the Governance of Enterprise IT ISACA-Enterprise-level IT governance, strategic alignment, and performance risk.

    12 min

  5. 10/31/2025

    Episode 6: Making Cyber Human. Why Risk Starts with People, Not Technology

    Dr. David Mussington, former member of the White House National Security Council and Professor at the University of Maryland, joins Lily Yeoh on All About Risk to challenge how we think about cybersecurity. He argues that the biggest threat isn’t just in the network, it’s in how we communicate, govern, and make decisions. From national policy to AI’s growing role in cyber defense, this episode explores what real resilience looks like when people, not just systems, are at the center of security.

    48 min

  6. 09/22/2025 · BONUS

    Bonus Episode 3: Understanding GRC - Choosing the Right GRC Tools

    In this final installment of our bonus series Understanding GRC, we explore the practical side of adopting GRC tools. From the limits of spreadsheets to the advantages of integrated platforms, this episode highlights what to look for in a solution, how ROI is measured, and why phasing in processes with a “crawl, walk, run” approach sets organizations up for long-term success.

    15 min

  7. 09/12/2025 · BONUS

    Bonus Episode 2: Understanding GRC - Where to Start

    In our second bonus episode, we dig into the first steps of building a GRC program with our expert Lily Yeoh. We cover why it starts with people, process, and technology, and the importance of documenting what you’re protecting. You’ll hear how to make policies meaningful instead of just templates, when to bring in expert guidance, and how to get leadership buy-in. We also touch on the real risks of skipping GRC, from regulatory fines to reputation loss.

    10 min

  8. 09/03/2025 · BONUS

    Bonus Episode 1: Understanding GRC

    Bonus Episodes: Understanding GRC is a special bonus series designed for anyone who’s new to governance, risk, and compliance. Each episode breaks down core concepts into simple, practical insights, helping you understand not just what GRC is, but why it matters and how it impacts everyday business decisions. Whether you’re starting your career, leading a small team, or just curious about the field, this series will give you a solid foundation to build on. In our first bonus episode, we kick things off with the fundamentals: What does GRC really stand for, and how do governance, risk, and compliance actually work together? We’ll also look at why GRC is a framework every business can benefit from.

    16 min
See All (13)

About

Dive into the digital deep end with the c1risk podcast, your go-to stream for all things GRC and cybersecurity! Each episode, we unpack the complex world of Governance, Risk Management, and Compliance. Whether you're fortifying a finance fortress or safeguarding a startup, join us as we explore cutting-edge strategies and insider insights tailored for any industry. Tune in, turn up your cybersecurity savvy, and transform risks into rewards with your host Lily Yeoh.

Information

  • Creator
    C1Risk
  • Years Active
    2K
  • Episodes
    13
  • Rating
    Clean
  • Copyright
    © C1Risk
  • Show Website
    All About Risk