Risk Grustlers | EP 20 | The Security Poverty Line ft. Wendy Nather

Show Notes

In this episode of Risk Grustlers, Wendy Nather joins Nicholas Muy to challenge how we think about compliance, affordability, and security maturity.

Wendy introduces the idea of the “security poverty line,” the invisible boundary keeping small organizations from achieving the same security outcomes as large enterprises. She breaks down why frameworks like PCI DSS work only when risks are narrowly defined, and how unclear scoping, hidden vendor pricing, and talent scarcity widen the gap.

Tune in as Wendy and Nick dismantle the “back to basics” advice, and explain why fundamentals like asset inventory, change control, and threat prioritization are anything but simple in a cloud-first world. Wendy also shares her practical prioritization pyramid, i.e., where to start when you can’t do everything, and it starts with a step most teams skip.

Featuring

• Wendy Nather, Senior Research Initiatives Director, 1Password 
• Nicholas Muy, CISO, Scrut 

About Scrut Automation:
Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring.

Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.

To watch more of our episodes and learn more about us, visit us at :
https://www.scrut.io/podcasts