Risk Grustlers
Welcome to 'Risk Grustlers,' where we celebrate the extraordinary journeys of modern-day Risk Leaders who embrace the art of 'Grustle'—a powerful fusion of Grind and Hustle. Our podcast dives into the innovative strategies and bold decisions taken by these risk-takers, shaping the future of cybersecurity and risk management. Join us as we explore their inspiring stories, insightful advice, and cutting-edge technologies that define the alternative GRC landscape.
Risk Grustlers
EP 16 | All about compliance commoditization, GRC 4.0 & AI
Featuring Nicholas Muy, CISO, Scrut Automation
In this episode, our CEO Aayush Ghosh Choudhury sits down with our CISO Nicholas Muy for a candid conversation on some of the most debated trends in GRC today.
With nearly two decades in security—including roles at the Department of Homeland Security, Expedia, and high-growth startups—Nicholas knows what it takes to build programs that go beyond the basics.
From AI agents to audit-ready automation, this episode is a playbook for where GRC is headed. A special episode packed with actionable ideas to take back to your team.
Description
Nick doesn't sugarcoat it: compliance is changing—and the shift is bigger than commoditization. It’s convergence.
In this episode, he explores how security and compliance are merging into unified, intelligent workflows—with AI agents playing a key role. Drawing on his vast experience in cybersecurity, he breaks down what agentic GRC actually looks like and how early-stage companies can embrace frameworks without being boxed in by them.
Whether you're rethinking audits, scaling trust, or experimenting with AI teammates, this episode offers a glimpse into what’s next for GRC.
Highlights from the episode
- Is compliance becoming a commodity—or something more valuable?
- How security and compliance are converging faster than you think
- The rise of agentic AI and what it means for GRC teams
- Building adaptable, audit-ready programs that don’t drain your team
Quotes
“Personally, I see it less as commoditization and more as democratization.”
“Compliance gave us the time and structure to gradually build and refine our security posture.”
“Cost and effort alone aren’t reliable indicators of audit quality—especially for small to midsize companies.”
“Agentic teammates help us scale by reviewing vendors upfront, surfacing risk, and retaining context between assessments.”
About Scrut Automation:
Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring.
Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.
To watch more of our episodes and learn more about us, visit us at :
https://www.scrut.io/podcasts