Risk Grustlers

Scrut Automation
  • 5.0 (1)
  • TECHNOLOGY
  • UPDATED BIWEEKLY

Welcome to 'Risk Grustlers,' where we celebrate the extraordinary journeys of modern-day Risk Leaders who embrace the art of 'Grustle'—a powerful fusion of Grind and Hustle. Our podcast dives into the innovative strategies and bold decisions taken by these risk-takers, shaping the future of cybersecurity and risk management. Join us as we explore their inspiring stories, insightful advice, and cutting-edge technologies that define the alternative GRC landscape. 

  1. Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

    JAN 12

    Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

    In this episode of Risk Grustlers, Wendy Nather joins Nicholas Muy to challenge how we think about compliance, affordability, and security maturity. Wendy introduces the idea of the “security poverty line,” the invisible boundary keeping small organizations from achieving the same security outcomes as large enterprises. She breaks down why frameworks like PCI DSS work only when risks are narrowly defined, and how unclear scoping, hidden vendor pricing, and talent scarcity widen the gap. Tune in as Wendy and Nick dismantle the “back to basics” advice, and explain why fundamentals like asset inventory, change control, and threat prioritization are anything but simple in a cloud-first world. Wendy also shares her practical prioritization pyramid, i.e., where to start when you can’t do everything, and it starts with a step most teams skip. Featuring Wendy Nather, Senior Research Initiatives Director, 1Password Nicholas Muy, CISO, Scrut  About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    18 min
  2. Risk Grustlers | EP 19 | Securing agentic AI ecosystems ft. Sounil Yu

    12/17/2025

    Risk Grustlers | EP 19 | Securing agentic AI ecosystems ft. Sounil Yu

    In this episode of Risk Grustlers, Aayush Ghosh Choudhury, CEO and Co-Founder of Scrut, sits down with Sounil Yu, Chief AI Officer at Knostic and author of the ‘Cyber Defense Matrix,’ to talk about what it really means to run agentic AI safely, starting from “basic” security hygiene and identity hardening, all the way to drawing hard boundaries around what agents can decide, see, and share. Featuring Sounil Yu, Chief AI Officer, Knostic Aayush Ghosh Choudhury, Co-Founder and CEO, Scrut About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    24 min
  3. Risk Grustlers | EP 18 | Bridging the dev–security divide ft. Siyavash G. Nia (Black Hat Special)

    11/17/2025

    Risk Grustlers | EP 18 | Bridging the dev–security divide ft. Siyavash G. Nia (Black Hat Special)

    In this episode of Risk Grustlers, Nicholas Muy, CISO at Scrut Automation, sits down with Siyavash G. Nia, CISO at ShyftLabs, to talk about what actually works for smaller teams that care about security but do not have an army of specialists: making vulnerabilities real for developers, using QA as a bridge instead of a shield, using GRC tools for shared visibility, and ignoring the AI noise until the fundamentals of secure code, infra, and data are in place. Featuring Siyavash G. Nia, CISO, ShyftLabs Nicholas Muy, CISO, Scrut  About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    25 min
  4. Risk Grustlers | EP 17 | AI agents for security ft. Edward Wu (Black Hat Special)

    10/10/2025

    Risk Grustlers | EP 17 | AI agents for security ft. Edward Wu (Black Hat Special)

    In this Black Hat special episode of Risk Grustlers, Edward Wu, Founder and CEO of Dropzone AI, joins our CEO and co-founder, Aayush Ghosh Choudhury, to discuss the future of security operations. From automating tier-one SOC tasks to cutting response times from hours to minutes, Edward shares how AI agents are force-multiplying security teams and reshaping the economics of cybersecurity. The discussion dives deep into trust, dependability, and the real limits of AI in high-stakes environments — a must-watch for CISOs, security engineers, and AI enthusiasts alike. About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    40 min
  5. EP 16 | All about compliance commoditization, GRC 4.0 & AI

    05/21/2025

    EP 16 | All about compliance commoditization, GRC 4.0 & AI

    Featuring Nicholas Muy, CISO, Scrut Automation In this episode, our CEO Aayush Ghosh Choudhury sits down with our CISO Nicholas Muy for a candid conversation on some of the most debated trends in GRC today. With nearly two decades in security—including roles at the Department of Homeland Security, Expedia, and high-growth startups—Nicholas knows what it takes to build programs that go beyond the basics. From AI agents to audit-ready automation, this episode is a playbook for where GRC is headed. A special episode packed with actionable ideas to take back to your team. Description Nick doesn't sugarcoat it: compliance is changing—and the shift is bigger than commoditization. It’s convergence. In this episode, he explores how security and compliance are merging into unified, intelligent workflows—with AI agents playing a key role. Drawing on his vast experience in cybersecurity, he breaks down what agentic GRC actually looks like and how early-stage companies can embrace frameworks without being boxed in by them. Whether you're rethinking audits, scaling trust, or experimenting with AI teammates, this episode offers a glimpse into what’s next for GRC. Highlights from the episode Is compliance becoming a commodity—or something more valuable? How security and compliance are converging faster than you think The rise of agentic AI and what it means for GRC teams Building adaptable, audit-ready programs that don’t drain your team Quotes “Personally, I see it less as commoditization and more as democratization.” “Compliance gave us the time and structure to gradually build and refine our security posture.” “Cost and effort alone aren’t reliable indicators of audit quality—especially for small to midsize companies.” “Agentic teammates help us scale by reviewing vendors upfront, surfacing risk, and retaining context between assessments.” About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    32 min
  6. EP 15 | Keep your friends close, but your insiders closer

    02/19/2025

    EP 15 | Keep your friends close, but your insiders closer

    About the speaker: Srikanth Chavali, Co-Founder and CPO at Kitecyber, dives deep into the growing threat of insider risks and shares approaches to help businesses can stay ahead of the curve. With years of experience tackling complex cybersecurity challenges, Srikanth offers valuable insights and practical advice for organizations of all sizes. Tune in for an insightful conversation packed with actionable strategies you won’t want to miss! Description: In this episode, Srikanth Chavali unpacks the complex terrain of insider threats, highlighting why these risks are growing and how organizations can proactively protect themselves. He emphasizes that even small and mid-sized companies, often without dedicated security teams, can mitigate these threats by setting clear accountabilities and adopting the right technologies. Srikanth discusses how a virtual CISO (vCISO) can help companies build a strong security posture, even with limited resources, and stresses the importance of a dedicated leader driving security efforts.  He also delves into the evolving role of AI and automation in cybersecurity, showing how these technologies are transforming threat detection and data classification. With a focus on actionable insights, Srikanth explains how companies can leverage AI to improve security measures while reducing false positives and increasing efficiency. Highlights from the episode: Managing insider threats without a dedicated security teamThe importance of accountability in cybersecurityLeveraging AI for improved data classification and threat detectionPractical steps small and mid-sized companies can take to improve securityQuotes: “Cybersecurity is not just a technical challenge; it's a responsibility that needs to be owned across the organization.” “Insider threats are not always easy to detect, but with the right tools and mindset, organizations can proactively manage risks.” “AI and automation are changing the game for threat detection, offering more precision with fewer false positives.” “You don’t need to start from scratch—leveraging existing models and tools can be a great way for smaller companies to begin their cybersecurity journey.” About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    30 min
  7. EP 14 | Doing the little things right

    01/13/2025

    EP 14 | Doing the little things right

    About the speaker: Drew Danner, Managing Director at BD Emerson, offers a new take on the old security vs. compliance debate—you cannot have one without the other. With ten years in the US Army and a no-nonsense approach to cybersecurity, he’s been in the trenches (literally and figuratively) and is a go-to professional for all things security. So grab a coffee and a notepad, because this conversation is packed with insights you won’t want to miss. Tune in now! Description: In this episode, Drew uncomplicates GRC and stresses the importance of “keeping it stupid and simple.” Drawing from his experiences in both the army and cybersecurity, he shares easy and practical tips for building a sustainable security program. Drew emphasizes the importance of doing the “little things” in GRC. He highlights how small, consistent actions—like reviewing contracts and integrating compliance into daily operations—can drive meaningful change and prevent last-minute crises. Tune in to hear his insights on bridging the gap between compliance and security, navigating intimidating frameworks, and how early attention to security can help companies win customer trust and build stronger businesses. Highlights from the episode: Pro tips for companies that are getting started with complianceOvercoming intimidation with new frameworks like ISO 27001The simplicity of building effective security controlsThe evolving nature of security audits in the age of AI Quotes: “Security is the operation of achieving compliance.” “Consistency, that’s what it’s all about. Doing the little things right, every single time.” “The easiest security controls can have the biggest impact if you just do them right.” “You don’t need a certificate to do the right thing. Start with the basics.” About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    29 min
  8. Security on a Shoestring Budget

    06/10/2024

    Security on a Shoestring Budget

    Introduction Kevin Qiu, a seasoned Information Security Professional, joins us on the latest episode of Risk Grustlers to share his journey from Big Four consulting to tech startups, offering invaluable insights on building effective security programs on a limited budget. Don't miss Kevin's practical tips for adapting security infrastructure, managing compliance, and tackling challenges unique to small and medium-sized businesses. Tune in for a masterclass on must do’s when building a security strategy! Description In this episode, Kevin offers a unique perspective on the differences in security infrastructure between large enterprises and startups, highlighting the need for adaptability in smaller companies. Kevin delves into the key areas mid-sized companies should focus on when building an effective security program, emphasizing practical steps and strategic planning.  He also addresses the common perception that compliance is merely box-ticking, discussing its true value and importance in maintaining robust security. Tune in to uncover practical tips for building a robust security program in small to medium-sized companies.  Highlights from the episode Kevin’s career transitionChallenges in startups vs. large enterprisesBuilding a security program in mid-sized companiesCompliance vs. real securityQuotes “Don’t just buy any tool off the shelf because you need one specific feature. That is how your budget becomes bloated. If you can develop it in-house, if it makes sense to do so, then do that before you go and spend money on it.” “One common mistake among startups is neglecting to maintain compliance post-certification. Many overlook the continuous monitoring required, leading to frantic efforts to catch up during surveillance audits.” “Startups often rely heavily on third-party tools. Knowing your vendors is crucial. If a vendor is breached and you didn't even know your team used them, you're in big trouble.”About Scrut Automation Scrut Automation is a risk observability and compliance automation platform built to simplify information security monitoring for cloud-native companies. We help early-stage and growth-stage companies worldwide establish enterprise-grade information security processes through an easy-to-use GRC platform. To watch more of our episodes and learn more about us, visit us at https://www.scrut.io/podcasts About Scrut Automation: Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring. Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos. To watch more of our episodes and learn more about us, visit us at : https://www.scrut.io/podcasts

    29 min
See All (20)

About

Welcome to 'Risk Grustlers,' where we celebrate the extraordinary journeys of modern-day Risk Leaders who embrace the art of 'Grustle'—a powerful fusion of Grind and Hustle. Our podcast dives into the innovative strategies and bold decisions taken by these risk-takers, shaping the future of cybersecurity and risk management. Join us as we explore their inspiring stories, insightful advice, and cutting-edge technologies that define the alternative GRC landscape. 

Information

  • Creator
    Scrut Automation
  • Years Active
    2023 - 2026
  • Episodes
    20
  • Rating
    Clean
  • Copyright
    © 2026 Risk Grustlers
  • Show Website
    Risk Grustlers