GRC resources
Discover blogs, news, events and more from CoreStream GRC’s experts.
-
·
When employees become the attack surface: lessons from the Carnival breach
Key Takeaways Introduction: what happened in the Carnival data breach? Carnival Corporation is one of the world’s largest cruise operators, with a portfolio of cruise brands serving customers across international markets. On 14 April 2026, Carnival Corporation said its IT security team identified unauthorized activity involving an employee account. According to the company, an unauthorized…
-
·
Michael Rasmussen podcast with Richard Eddolls: why CoreStream GRC focuses on value-based GRC technology
Speakers: Michael Rasmussen, GRC 20/20, and Richard Eddolls, Co-Founder and Chief Product Officer, CoreStream GRC In this episode of The Hitchhiker’s Guide in the GRC Technology Galaxy, Michael Rasmussen returned to CoreStream GRC’s London office to speak with Richard Eddolls, Co-Founder and Chief Product Officer at CoreStream GRC. The conversation explored the origins of CoreStream GRC, why flexibility and usability still matter in enterprise…
-
·
5 overlooked retail GRC risks senior leaders should be watching
Key takeaways Retail leaders are focused on growth, margin, resilience, customer trust and operational performance. For GRC teams to add real value, they need to connect risk and controls to those outcomes, not manage them in isolation. Recent retail examples show why this matters. Lindsay Haselhurst, Chief Operating Officer at Currys, said retail crime statistics “make for difficult reading”, but the…
-
·
Spotlight on Women in GRC: Risk Director on AI, trust & career paths
In anticipation for the Women in GRC Awards on 2nd July 2026, we’re running a podcast series “Spotlight on Women in GRC”. In this first episode, Head of Marketing, Lucy Montague of CoreStream GRC sits down with Lauren de Thibault, a Risk Director at a leading global telecommunications company and previous Women in GRC Award winner, and shares how a career spanning law, compliance, governance and risk shaped her leadership style. The…
-
·
US & UAE GRC headlines: Regulators are widening the assurance perimeter.
Recent regulatory activity in the US and UAE points to a bigger GRC trend: regulators are looking beyond policies and asking whether organizations can prove control across more areas of the business. In the US, the Department of Justice announced a $549.5m False Claims Act settlement over alleged evasion of customs duties on Chinese aluminum extrusions. The…
-
·
What is the Secure Controls Framework and why does it matter for compliance?
Key takeaways Compliance teams are not short of frameworks. They are short of time, clarity and defensible evidence. The Secure Controls Framework, or SCF, is designed to reduce duplication by consolidating 200+ laws, regulations and frameworks into a single control architecture. SCF covers 1,400+ controls across 33 domains, giving organizations a clearer way to understand…
Ready to chat with our experts?
Contact us today!
This form may not be visible due to adblockers, or JavaScript not being enabled.