ZARZA We are Zarza, the prestigious firm behind major projects in information technology.
Listen "Why SOC 2 May Not Prove Security Anymore"
Episode Synopsis
SOC 2 might be everywhere, but is it actually working?In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/Meet Jeremy: https://www.linkedin.com/in/jeremyhuvalMeet AJ: https://www.linkedin.com/in/ajyawn/Read AJ’s Book: https://www.amazon.com/GRC-ENGINEERING-AWS-Hands-Engineering/dp/B0FDLZX4BP
More episodes of the podcast Trust vs.
Cybercrime Has Gone Cartel
18/12/2025
Chaos, Culture, and Cyber Resilience
25/09/2025
AI, TPRM & the Chaos in Between
14/08/2025
HIPAA Healthcare: Then, Now and Future
31/07/2025
Trust Vs: Season 3
17/07/2025
In God we trust