Why SOC 2 May Not Prove Security Anymore
SOC 2 might be everywhere, but is it actually working? In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.
Resources > Podcast
Listen to HITRUST’s award-winning podcast, Trust vs.
Hear from experts as we explore the burning questions and challenges that cybersecurity professionals, company leaders, legislators, and suppliers all face. Join hosts Jeremy Huval, Chief Innovation Officer at HITRUST®, Robert Booker, Chief Strategy Officer at HITRUST, and Ryan Patrick, Vice President of Adoption at HITRUST, and a roster of exciting guests as we challenge trust and dive into the world of confidence in cybersecurity.
Podcast Episodes
Sep 25, 2025
Chaos, Culture, and Cyber Resilience Chaos, Culture, and Cyber Resilience
Cybersecurity,
Security
Sep 11, 2025
Uncle Ronnie and the Problem with AI Security Uncle Ronnie and the Problem with AI Security
Risk Management,
AI,
Cybersecurity
Aug 28, 2025
Everything About Your Cyber Risk Assessment is Wrong Everything About Your Cyber Risk Assessment is Wrong
Risk Management,
Cybersecurity
Aug 14, 2025
AI, TPRM, and the Chaos in Between AI, TPRM, and the Chaos in Between
Risk Management,
AI,
Third-Party Risk Management
Jul 31, 2025
HIPAA Healthcare: Then, Now, and Future HIPAA Healthcare: Then, Now, and Future
HIPAA,
Healthcare,
Compliance
Oct 31, 2024
Fostering the Next Generation of Cybersecurity Leaders Fostering the Next Generation of Cybersecurity Leaders
Leadership,
Cybersecurity
Oct 17, 2024
The Trust Partnership with the Board - Closing the Loop through Accountability and Engagement The Trust Partnership with the Board - Closing the Loop through Accountability and Engagement
Leadership,
Cybersecurity,
Trust
Oct 3, 2024
AI - Our Shared Responsibility AI - Our Shared Responsibility
Shared Responsibility and Inheritance,
AI,
Security
Sep 19, 2024
AI’s Biggest Threat is People AI’s Biggest Threat is People
AI,
Threat Management,
Security
Sep 19, 2024
The AI Conundrum: Security Standards in a World of Innovation The AI Conundrum: Security Standards in a World of Innovation
Risk Management,
AI,
Security
Aug 22, 2024
Cybersecurity Is Strategy — Not Just Settings And Systems Cybersecurity Is Strategy — Not Just Settings And Systems
Cybersecurity,
Security
Aug 8, 2024
The Ransomware Battle on the Cyber Frontier The Ransomware Battle on the Cyber Frontier
Risk Management,
Threat Management,
Ransomware
Jul 11, 2024
Jul 25, 2024
We Promise This Episode on Insurance is Interesting We Promise This Episode on Insurance is Interesting
Risk Management,
Data Security,
Cyber Insurance
May 23, 2024
Rebuilding Trust After The Latest Breach Rebuilding Trust After The Latest Breach
Data Breach,
Healthcare,
Trust
Sep 27, 2023
Sep 13, 2023
Trust vs. Enterprise Risk Trust vs. Enterprise Risk
Risk Management,
Data Security,
Data Privacy
Sep 6, 2023
Trust vs. Third Parties Trust vs. Third Parties
Risk Management,
Cybersecurity,
Third-Party Risk Management
Aug 24, 2023
Aug 2, 2023
Jul 19, 2023
Trust vs. Cloud Trust vs. Cloud
Shared Responsibility and Inheritance,
Cybersecurity,
Healthcare
Jul 5, 2023
Trust vs. Perception Trust vs. Perception
Leadership,
Data Security,
Threat Management,
Cybersecurity
Jun 21, 2023
Trust vs. Compliance Trust vs. Compliance
Data Security,
Cybersecurity,
Healthcare,
Compliance
No results found
X