In this episode of Security & GRC Decoded, Raj Krishnamurthy sits down with Vivek Madan to unpack what it really means to run a modern GRC program inside a global cybersecurity company. Drawing from his journey across networking, security engineering, risk, and compliance, Vivek shares how GRC can function as a true business enabler—opening markets, accelerating revenue, and strengthening trust. This conversation stands out for its practical frameworks, real-world stories, and honest discussion about friction between engineering, security, auditors, and compliance teams, giving listeners a grounded view of how GRC works when it’s done right.

Key Takeaways:

• GRC works best when it is positioned as a growth enabler that unlocks new markets, not just a compliance checkbox.
• Strong governance establishes foundational rules that allow security and risk decisions to scale consistently across the business.
• Storytelling is a critical GRC skill—people align with compliance when they understand the “why,” not just the requirement.
• Common controls frameworks reduce complexity when designed intentionally across global, application-specific, and product-specific needs.
• Automation matters, but process automation is just as important as technical automation to reduce compliance friction.

What You’ll Learn:

• How GRC enables business expansion into regulated and global markets
• Why compliance resistance exists—and how to overcome it
• A practical 50–35–15 model for common controls frameworks
• How to balance continuous assurance with annual audits
• What modern GRC leaders look for when hiring talent

This podcast is brought to you by ComplianceCow — the smarter way to manage compliance. Automate evidence collection, eliminate screenshots, and scale your program with confidence. Learn more: https://www.compliancecow.com

Watch more episodes: https://www.compliancecow.com/podcast

Connect With Our Guest:
Vivek Madan | Director of Security, Risk, and Compliance | Fortinet
Connect on LinkedIn: https://www.linkedin.com/in/vivek-madan-cissp-ccsp/

Rate, review, and share if you enjoyed the show!

Subscribe to Security & GRC Decoded wherever you get your podcasts:

Spotify: https://open.spotify.com/show/5pigcMwOrYIA6d9OOOsxqr?si=416b82ab5c474683

Apple Podcasts:https://podcasts.apple.com/us/podcast/security-grc-decoded/id1795144450