Agentic GRC, SOC 2, and Why Data Beats Compliance with Jake Bernardes episode artwork

EPISODE · Feb 2, 2026 · 46 MIN

Agentic GRC, SOC 2, and Why Data Beats Compliance with Jake Bernardes

from The TPRM Podcast

In this episode of the TPRM Podcast, Threats, Pitfalls & Risk Myths, Nate Lee talks with Jake Bernardes, Chief Information Security Officer at Anecdotes and former CISO at Whistic, known for his candid, data-first approach to GRC and third-party risk. Jake brings deep experience across GRC, TPRM, and security leadership, and is an outspoken voice on why traditional compliance frameworks like SOC 2 have become procurement shortcuts rather than meaningful security signals. He shares a pragmatic view on what is broken in modern GRC and what it will take to fix it. They explore what agentic GRC actually means beyond the marketing hype, why data quality and completeness are foundational for AI-driven security workflows, and how treating GRC as an engineering problem can fundamentally change how risk is assessed. The conversation also covers trust centers, machine-readable evidence, the future of audits and certifications, and how real security data could replace checkbox-based assessments. Jake also shares direct career advice for security and GRC professionals, including why networking matters more than certifications, what it really means to be an effective CISO, and why security leaders should be driving business outcomes rather than positioning themselves as cost centers. This episode is packed with insight for CISOs, security leaders, GRC and TPRM practitioners, and anyone thinking seriously about the future of compliance, trust, and risk. Listen and Subscribe- Spotify → https://open.spotify.com/show/7JvPsyMJPgVLOKuJhkKfxA?si=bf17a655fc0049f9 - Apple Podcasts → https://podcasts.apple.com/us/podcast/the-tprm-podcast/id1848217699- YouTube → @TPRMPodcast About the GuestJake Bernardes is the Chief Information Security Officer at Anecdotes and former CISO at Whistic. He has extensive experience leading GRC, TPRM, and security programs and is a strong advocate for transparency, data-driven risk assessment, and treating GRC as an engineering discipline. About the HostNate Lee is a B2B Scaleup CISO and Founder of Cloudsec.ai, helping SaaS companies build business-aligned security programs that increase developer velocity, strengthen trust, and support rapid growth. About the ShowThe TPRM Podcast explores real-world conversations with security leaders reshaping how we think about risk, uncovering the threats, pitfalls, and myths behind today’s cybersecurity challenges. Nate’s LinkedIn → /natetrustmindTPRM Podcast LinkedIn → /tprm-podcastWebsite → https://tprmpodcast.comInstagram → @TPRMPodcastTikTok → @tprmpodcast

NOW PLAYING

Agentic GRC, SOC 2, and Why Data Beats Compliance with Jake Bernardes

0:00 46:15

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

No similar episodes found.

No similar podcasts found.

Frequently Asked Questions

How long is this episode of The TPRM Podcast?

This episode is 46 minutes long.

When was this The TPRM Podcast episode published?

This episode was published on February 2, 2026.

What is this episode about?

In this episode of the TPRM Podcast, Threats, Pitfalls & Risk Myths, Nate Lee talks with Jake Bernardes, Chief Information Security Officer at Anecdotes and former CISO at Whistic, known for his candid, data-first approach to GRC and third-party...

Can I download this The TPRM Podcast episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!