Home / 

Podcasts / 

#8 Unpacking Traveling, Technology, and Single Sources of Truths to Tackle Compliance in 2023

Summary of the Podcast

David Cross is the senior Vice President and CISO for Oracle Cloud Security. He has a background in the US Navy and credits buying a cryptography book while in the Navy as sparking his interest in cybersecurity. Traveling the world has helped David understand compliance needs across different regions. While virtual communication has benefits, in-person interactions allow for a deeper understanding through gestures and emotions. 

Continuous communication is critical for distributed teams, which is why David started writing a weekly update email years ago to provide a single source of truth. Audits and reviews help identify risks and issues as long as people feel safe to reveal mistakes. Automation and AI can help with repetitive compliance tasks so humans can focus on more meaningful work. However, humans will always be needed to make final decisions and take accountability. Continuous compliance is preferable as it builds good habits and prepares organizations instead of a fire drill just before audits.

In summary, David emphasizes the importance of communication, a balanced approach combining humans and technology, and building compliance into daily work for optimal results. Travel and in-person interactions also provide valuable cultural insights that aid global compliance efforts.

The SOC 2 Bible

Everything you need to know about compliance