pc-hero-frame
GRC & Cyber Security Podcast
SureCloud Production
Subscribe

19 Oct 2023   |   33:03 Share this

Share this episode

Copy the link or share directly:

LinkedIn X (Twitter) Email

E23: Automation in Compliance - Michelle Garcia, Carnival Cruise Line's Information Security & Compliance

In this episode of the GRC & Cyber Security Podcast, Michelle Garcia, Director of Information Security and Compliance at Carnival Cruise Line, joins Matthew Davies, VP of Product at SureCloud, to unpack the rising complexity of IT compliance and the growing need for organisations to adopt unified, technology-enabled frameworks.

 

Michelle brings extensive experience from one of the world’s largest leisure travel companies, offering a candid look at the realities of managing compliance at scale. From navigating regulatory overlap to embedding sustainable processes across a global enterprise, her insights provide real-world clarity for security and risk professionals facing similar challenges.

 

A central theme in the episode is automation—not as a luxury, but as an essential enabler. Michelle and Matthew explore how automation can streamline evidence collection, reduce manual workload, strengthen assurance, and improve reporting accuracy. They also discuss where automation is most effective, where it fails, and how teams can adopt it without overwhelming existing processes.

 

Key topics covered include:

  • The challenges of modern IT compliance in large, regulated organisations

  • How unified frameworks can reduce complexity and strengthen governance

  • The practical role of technology in supporting compliance programmes

  • Why automation is crucial—and where to start when implementing it

  • What’s working today in compliance operations, and what still needs improvement

  • The biggest industry challenges and concerns facing security leaders in 2023

  • The essential skills that define effective information security professionals

 

This episode is ideal for CISOs, compliance leaders, IT risk managers, GRC specialists, and anyone seeking to modernise their compliance function with smarter, more scalable approaches.

Hosted by: Mathew Davies Chief Product Officer - Surecloud

Guest: Michelle Garcia Director, Information Security and Compliance

  • Compliance
  • GRC
Latest Episodes
podcast_1080-primary (2)
E1: The First 72 Hours: What Really Matters in a Major Incident

18 Dec 2025

  • Cybersecurity
Foundations Product Launch Webinar
The Risk Reckoning & SureCloud Foundations Launch Webinar

28 Aug 2025

  • GRC
thumbnail-youtube-1280x720-matt-davies-1
How Dynamic Risk Intelligence and Automation Are Transforming the Industry

20 Feb 2025

  • GRC
  • Automation
pc-hero-frame
E28: Rory Innes - A World Where Cybercriminals Don’t Win

28 May 2024

  • Cybersecurity
  • GRC
Useful Resources
  • GRC
  • Other
Get your free RFP template for GRC software
Read more
  • GRC
  • White Paper
The Risk Reckoning - Exclusive Industry Research report
Read more
  • Compliance
  • ISO 27001
  • SOC 2
  • Guide
SOC 2 Compliance Guide
Read more
  • DORA
  • Compliance
  • Toolkit
The Complete DORA Self-Assessment
Read more
  • DORA
  • Compliance
  • White Paper
Understanding and Complying with the Digital Operational Resilience Act
Read more
  • Compliance
  • Other
UK Corporate Governance Code & Provision 29
Read more