GRC Engineering Podcast

Ayoub Fandi

The podcast helping Security GRC practitioners getting their career to the next level. We speak with trailblazers, innovators and experts in the GRC realm that champion an engineering-minded GRC practice. Episodes are jam-packed with practical tips, concepts and use cases to help you scale your GRC program and create better relationships with your engineering and product colleagues. read less
TechnologyTechnology

Episodes

Think in Systems w/ Simon Goldsmith from OVO | S1E3
Dec 14 2023
Think in Systems w/ Simon Goldsmith from OVO | S1E3
Episode Summary In this episode, I welcome Simon Goldsmith, the Head of Information Security at OVO and a seasoned security leader with over 20 years of experience across industries like defence, financial services, and retail. Simon shares his journey from working on helicopter survivability for the Ministry of Defence to leading security efforts at OVO, focusing on systems thinking and the evolving role of GRC in fast-paced environments. The discussion dives deep into the challenges of balancing speed and security, the importance of collaboration in regulatory compliance, and how personal responsibility for CISOs is shaping the future of security leadership. Key Topics Discussed 💼 Career Journey: Simon reflects on his career path, starting in the defense sector with the Ministry of Defense, moving through financial services and retail, and eventually taking on his current role at OVO.🌀 Systems Thinking in Security: Insights into how Simon applied systems engineering concepts like "the survivability onion" to improve security outcomes across different industries.📹 Balancing Speed and Security: A discussion on how fast-moving environments like defense and private sectors can integrate security assurance early in development to achieve better outcomes.📃 Regulatory Challenges Across Jurisdictions: Simon shares his experiences navigating complex regulatory landscapes in Asia-Pacific and Europe, including personal liability challenges for CISOs.💼 Leadership and Collaboration: Emphasizing the importance of strong teams and relationships to manage stress and uncertainty in high-stakes environments.🚅 Forward-Looking Reflections: Simon discusses his current mission at OVO, supporting zero-carbon living through tech-enabled energy retail while addressing broader societal challenges. Notable Quotes "The time horizon of the board is radically different from that of an engineer in a sprint." "Balancing prevention with a positive attitude towards detection and discovery is key to building effective systems." "Bringing assurance teams into the development lifecycle early can lead to better security outcomes—not just better documentation." "Personal liability for CISOs is a growing challenge; it requires courage to take on such roles." Useful links Simon Goldsmith’s LinkedInOVO Energy Guest Bio Simon Goldsmith is an accomplished information security leader with over two decades of experience across defense, financial services, retail, and energy sectors. Currently serving as Head of Information Security at OVO, Simon has a passion for systems thinking and collaborative leadership to drive impactful security outcomes. Call to Action If you enjoyed this episode, please subscribe to our podcast for more insights into GRC Engineering and cybersecurity leadership. Don’t forget to leave a review if you found value in this conversation! For questions, guest ideas, or feedback, reach out to me on LinkedIn.