Innovation occurs across many areas, and compliance professionals need not only to be ready for it but also to embrace it. Join Tom Fox, the Voice of Compliance, as he visits with top innovative minds, thinkers, and creators in the award-winning Innovation in Compliance podcast. In this episode, host Tom visits with Jeff Kushner, a compliance and IT security leader at Allgress.
Jeff talks about “compliance drift,” where external obligations such as laws, frameworks like NIST/ISO/CIS, and customer and licensing requirements fall out of alignment with internal governance policies, procedures, and contracts, creating silent gaps that surface only during audits or incidents. They discuss the added volatility from business and geopolitical changes and identify industries most exposed to hidden compliance risks, including small and mid-sized businesses, AI-focused organizations, behavioral health clinics managing many frameworks across multiple sites with drop-in audits, and small DoD contractors facing CMMC. Jeff argues that traditional spreadsheet-based or audit-centric GRC is static and point-in-time. He describes Reg Watch as a complementary regulatory intelligence layer that continuously monitors 3,000+ global standards, provides real-time alerts, explains changes in plain English, and provides sample policies and implementation steps, along with supporting documentation and follow-up validation.
Key highlights:
- Compliance Drift Explained
- Volatility Beyond Regulations
- Why Old GRC Fails
- Reg Watch Intelligence Layer
- Documenting Actions and Proof
Resources:
Jeff Kushner on LinkedIn
Innovation in Compliance was recently honored as the Number 4 podcast in Risk Management by 1,000,000 Podcasts.