In this episode of Security & GRC Decoded, host Raj Krishnamurthy, CEO of ComplianceCow, sits down with Abhay Kshirsagar, Director of Security Services and Tools at Salesforce, to explore the evolving landscape of security, compliance, and customer assurance.

Abhay shares his journey from IT audit and risk advisory to leading compliance automation, continuous monitoring, and customer assurance at industry giants like Cisco and now Salesforce. They discuss how compliance programs can move beyond checkboxes to become strategic enablers of business growth, unlocking new markets, influencing revenue, and strengthening customer trust.

Key takeaways include:
✅ Compliance Automation & Risk Reduction: How automation is transforming GRC processes and reducing engineering burdens.
✅ Customer Assurance as a Competitive Advantage: Why transparency and trust are becoming business differentiators.
✅ Metrics That Matter: How compliance teams can track and demonstrate their impact beyond regulatory requirements.
✅ Future of GRC: The shift towards predictive security, self-service platforms, and risk-driven compliance models.

Tune in to hear practical insights, real-world strategies, and a fresh perspective on the intersection of security, compliance, and business success in today's fast-changing regulatory landscape.

🎙️ Security & GRC Decoded is brought to you by ComplianceCow. Subscribe now for expert insights from industry leaders shaping the future of security & compliance.

Learn More About How ComplianceCow Can Help Your GRC Team Today!

📌 Episode Timestamps

00:00 - Introduction

• Host Raj Krishnamurthy introduces the episode and guest Abhay Kshirsagar, Director of Security Services & Tools at Salesforce.

02:15 - Abhay’s Background & Journey into Security & GRC

• From Temple University to IT Audit & Cybersecurity.
• Early career in risk advisory and SOX ITGC.
• Transition to Silicon Valley and working on SOC 2 & ISO 27001.

08:45 - Joining Cisco & Building the Cloud Controls Framework (CCF)

• Creating Cisco’s CCF and open-sourcing it.
• Moving from compliance into product security and automation.

13:30 - Defining Security, Compliance & Customer Assurance

• Security = Protection, Compliance = Following Rules, Assurance = Transparency.
• How these functions overlap and why customer assurance is critical.

18:50 - GRC & Its Role in Business Growth

• How compliance unlocks market access & revenue growth.
• The real value of security & compliance programs beyond checkboxes.

23:20 - Customer Assurance & Measuring Customer Trust

• “What makes customers sad” – tracking gaps in compliance programs.
• Why SOC 2 isn’t enough for modern supply chain security.

28:00 - Industry Trends: Automation, Transparency & Supply Chain Security

• The rise of compliance automation and reducing engineering burdens.
• The role of SBOM (Software Bill of Materials) & SSDF in supply chain security.

34:10 - The Challenge of Security Transparency

• How to