.png)
.png?width=152&height=29&name=icon-shield-compliance%201%20(1).png){kind=icon}
Compliance Management
Risk Management
Third-Party Risk Management
Internal Audit
Data Privacy
Business Continuity & Resilience
E23: Automation in Compliance - Michelle Garcia, Carnival Cruise Line's Information Security & Compliance
In this episode of the GRC & Cyber Security Podcast, Michelle Garcia, Director of Information Security and Compliance at Carnival Cruise Line, joins Matthew Davies, VP of Product at SureCloud, to unpack the rising complexity of IT compliance and the growing need for organisations to adopt unified, technology-enabled frameworks.
Michelle brings extensive experience from one of the world’s largest leisure travel companies, offering a candid look at the realities of managing compliance at scale. From navigating regulatory overlap to embedding sustainable processes across a global enterprise, her insights provide real-world clarity for security and risk professionals facing similar challenges.
A central theme in the episode is automation—not as a luxury, but as an essential enabler. Michelle and Matthew explore how automation can streamline evidence collection, reduce manual workload, strengthen assurance, and improve reporting accuracy. They also discuss where automation is most effective, where it fails, and how teams can adopt it without overwhelming existing processes.
Key topics covered include:
-
The challenges of modern IT compliance in large, regulated organisations
-
How unified frameworks can reduce complexity and strengthen governance
-
The practical role of technology in supporting compliance programmes
-
Why automation is crucial—and where to start when implementing it
-
What’s working today in compliance operations, and what still needs improvement
-
The biggest industry challenges and concerns facing security leaders in 2023
-
The essential skills that define effective information security professionals
This episode is ideal for CISOs, compliance leaders, IT risk managers, GRC specialists, and anyone seeking to modernise their compliance function with smarter, more scalable approaches.
Hosted by: Mathew Davies Chief Product Officer - Surecloud
Guest: Michelle Garcia Director, Information Security and Compliance
