About the speaker:
Drew Danner, Managing Director at BD Emerson, offers a new take on the old security vs. compliance debate—you cannot have one without the other. With ten years in the US Army and a no-nonsense approach to cybersecurity, he’s been in the trenches (literally and figuratively) and is a go-to professional for all things security. So grab a coffee and a notepad, because this conversation is packed with insights you won’t want to miss. Tune in now!
Description:
In this episode, Drew uncomplicates GRC and stresses the importance of “keeping it stupid and simple.” Drawing from his experiences in both the army and cybersecurity, he shares easy and practical tips for building a sustainable security program.
Drew emphasizes the importance of doing the “little things” in GRC. He highlights how small, consistent actions—like reviewing contracts and integrating compliance into daily operations—can drive meaningful change and prevent last-minute crises.
Tune in to hear his insights on bridging the gap between compliance and security, navigating intimidating frameworks, and how early attention to security can help companies win customer trust and build stronger businesses.
Highlights from the episode:

• Pro tips for companies that are getting started with compliance
• Overcoming intimidation with new frameworks like ISO 27001
• The simplicity of building effective security controls
• The evolving nature of security audits in the age of AI

Quotes:
“Security is the operation of achieving compliance.”
“Consistency, that’s what it’s all about. Doing the little things right, every single time.”
“The easiest security controls can have the biggest impact if you just do them right.”
“You don’t need a certificate to do the right thing. Start with the basics.”
About Scrut Automation:
Scrut Automation empowers scaling companies to move Beyond Compliance, focusing on managing digital risk while reducing the friction of audit preparation, evidence collection, and risk monitoring.
Purpose-built for high-growth startups and mid-market businesses, Scrut simplifies the most tedious parts of compliance and risk management, keeping you audit-ready and risk-aware at all times. With seamless integration into your processes, Scrut delivers real-time insights and continuous monitoring, enabling proactive risk management to support sustainable growth. Focus on scaling your business confidently as Scrut automates compliance and strengthens your digital resilience—no more manual work or compliance chaos.
To watch more of our episodes and learn more about us, visit us at :
https://www.scrut.io/podcasts