ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Countering Shadow IT Through Nudging Intervention - Garret Gross"
Episode Synopsis
In this episode of The Security Repo Podcast, let's talk about the largest IT threat outside of IT, and maybe out of the line of site of Security teams, Shadow IT.
We are joined by Garrett Gross, a seasoned cybersecurity professional with over twenty years of experience. Garrett currently holds the position of Head of Product Success at Nudge Security. His primary focus is on implementing innovative strategies to address SaaS sprawl and mitigate the risks associated with shadow IT. With a strong background in security operations, incident response, and threat research, Garrett's expertise and dedication to the field are evident. He actively contributes to the cybersecurity community by collaborating with organizations such as OWASP and ISSA, aiming to elevate industry standards and best practices.
We start with a look at how bad the issue of shadow IT really is today and what it is potentially costing companies. From there, we talk about how blocking people from working is a less-than-optimal way to implement security since people will often bypass those restrictions. By the end, we discuss the idea of nudging people, using guardrails, and some clever automation, to do the right thing and improve security for us all.
Links from this episode:
https://www.linkedin.com/in/garretthgross/
https://nudgesecurity.com
https://www.nudgesecurity.com/our-approach
We are joined by Garrett Gross, a seasoned cybersecurity professional with over twenty years of experience. Garrett currently holds the position of Head of Product Success at Nudge Security. His primary focus is on implementing innovative strategies to address SaaS sprawl and mitigate the risks associated with shadow IT. With a strong background in security operations, incident response, and threat research, Garrett's expertise and dedication to the field are evident. He actively contributes to the cybersecurity community by collaborating with organizations such as OWASP and ISSA, aiming to elevate industry standards and best practices.
We start with a look at how bad the issue of shadow IT really is today and what it is potentially costing companies. From there, we talk about how blocking people from working is a less-than-optimal way to implement security since people will often bypass those restrictions. By the end, we discuss the idea of nudging people, using guardrails, and some clever automation, to do the right thing and improve security for us all.
Links from this episode:
https://www.linkedin.com/in/garretthgross/
https://nudgesecurity.com
https://www.nudgesecurity.com/our-approach
More episodes of the podcast The Security Repo
The CISO Whisperer Approach: Security Leadership, Empathy, and ‘Dad Bod’ Metrics – Douglas Brush
17/12/2025
Scaling Open Source Observability and Managing Risk in the Software Supply Chain – Avi Press
10/12/2025
Why Technical CISOs Matter and How AI Is Shaping Security Ops - David Cross on Leading Security
26/11/2025
From Military Intel to CISO: Navigating Security Leadership in the Age of AI – Darren Desmond
12/11/2025
In God we trust