about me & GRC

Communication through storytelling has always been my passion. Whether I'm explaining complex QA test results to development teams or helping colleagues understand new processes, I've learned that stories make complicated concepts stick.

When I started my cybersecurity journey, I noticed something interesting: the same human behaviours that get characters killed in horror films are exactly what make people vulnerable to cyber attacks. Social engineering, poor risk assessment, ignoring security protocols - it's all there in the movies we watch for entertainment.

turned off black television
turned off black television

My Background:

  • QA Testing: Taught me to identify vulnerabilities, think like an attacker, and document risks clearly

  • Team Building & Communication: Developed skills in translating technical concepts for non-technical audiences

  • No-Code Website Development: Understanding of digital systems and user experience

  • Risk Assessment: Natural ability to spot potential problems before they become disasters

The Blog's Purpose: This blog exists because cybersecurity education is often intimidatingly technical or fear-based. I wanted to create something different - a space where people can learn security concepts through familiar stories, without feeling overwhelmed or judged for not knowing technical details.

do not cross police barricade tape close-up photography
do not cross police barricade tape close-up photography

Why Films and Security Make Perfect Sense

What This Blog Is:

  • A conversation starter about security awareness

  • Practical lessons through entertaining examples

  • A learning journey we're taking together

  • Proof that security education can be engaging and accessible


What This Blog Is Not:

  • A comprehensive technical manual

  • A platform for showing off expertise

  • A competition to see who knows more

  • A fear-mongering exercise about digital dangers

My goal is simple: help people understand why security matters and how to think about risk in their daily lives, using stories that make the concepts memorable and actionable.

security Tasks That Mirror Daily Life

Think you don't have the skills? Think again. Every day, we instinctively protect what matters most to us - our family, money, home, and privacy. Below are security measures you already perform without thinking. Sound familiar?
These are the exact same skills cybersecurity professionals use, just applied to digital environments.

Digital Hygiene = Personal Hygiene Just like brushing teeth or washing hands, cybersecurity requires daily habits - updating passwords, checking for software updates, and scanning for malware. Both prevent small problems from becoming serious health issues.

Home Security = Network Security Locking doors, installing alarms, and checking who's at the door parallels setting up firewalls, monitoring network traffic, and authenticating users before granting access to systems.

Financial Budget Management = Risk Assessment Tracking expenses and planning for emergencies mirrors how security professionals assess vulnerabilities and allocate resources to protect against the most likely and damaging threats.

Background Checks for Babysitters = Vendor Security Reviews Just as parents research caregivers before trusting them with children, organisations must vet third-party vendors and their security practices before granting system access.

Teaching Kids About Stranger Danger = Security Awareness Training Parents educate children about recognising suspicious behaviour and safe responses, similar to how security teams train employees to identify phishing attempts and social engineering tactics.

Medical Check-ups = Security Audits Regular health screenings catch problems early, just like periodic security assessments identify vulnerabilities before attackers can exploit them.

Insurance Policies = Backup and Recovery Plans Having health, auto, and home insurance mirrors maintaining data backups and incident response procedures - both provide protection when things go wrong.

Security Monitoring = Security Camera Systems at Home
Just like homeowners install security cameras to continuously watch their property for break-ins, suspicious activity, or package theft, cybersecurity teams deploy monitoring tools that continuously watch network traffic, user behavior, and system activities for signs of unauthorised access or malicious activity.

gray alarm system on yellow wall
A group of electronic devices sitting on top of a table
two brown spray bottles on brown table
avocado, tomatoes, eggs, mushrooms, spring onions, and leaves

READY FOR MORE?
GRC Tasks That Mirror Daily Life

GOVERNANCE

Family Rules & House Management = Corporate Governance Setting household rules, assigning chores, and making family decisions mirrors how organiSations establish policies, delegate responsibilities, and create decision-making frameworks.

Personal Budget Planning = Strategic Planning Managing household finances, setting savings goals, and planning major purchases parallels how organiSations set strategic objectives and allocate resources.

Teaching Kids Right from Wrong = Ethics Programs Parents instilling values and moral guidelines reflects how companies develop codes of conduct and ethical training programs.

RISK MANAGEMENT

Checking Weather Before Travel = Risk Assessment Looking at forecasts and planning alternate routes mirrors how organiSations identify potential threats and develop contingency plans.

Car Insurance Coverage Decisions = Risk Appetite Choosing deductibles and coverage levels based on driving habits and financial capacity parallels how companies determine acceptable risk levels for different business activities.

Emergency Fund Planning = Business Continuity Saving money for unexpected expenses mirrors how organisations plan for operational disruptions and maintain reserves.

Home Safety Inspections = Risk Monitoring Regularly checking smoke detectors, testing security systems, and maintaining appliances parallels ongoing risk assessments and control testing.

COMPLIANCE

Following Traffic Laws = Regulatory Compliance Obeying speed limits, stopping at red lights, and renewing vehicle registration mirrors how companies must follow industry regulations and maintain required certifications.

Tax Preparation and Filing = Compliance Reporting Gathering documents, calculating obligations, and meeting IRS deadlines parallels how organisations prepare regulatory reports and meet compliance requirements.

Professional Dress Codes at Work = Industry Standards Following workplace expectations for appropriate attire, maintaining professional appearance standards, and adhering to company culture norms mirrors how organisations must comply with industry-specific standards and best practices to maintain credibility and meet stakeholder expectations.

School Permission Slips = Audit Documentation Signing forms and maintaining records for children's activities parallels how organisations document compliance activities and maintain audit trails.

Medical Records Management = Data Governance Keeping track of vaccinations, prescriptions, and health history mirrors how companies manage data quality, retention, and privacy requirements.

GRC SECURITY ON SCREEN
PLAY@GRCSOS.COM