Why SOC 2 May Not Prove Security Anymore

SOC 2 might be everywhere, but is it actually working? In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.

Trust vs. Podcast 1

Listen to HITRUST’s award-winning podcast, Trust vs.

 

Hear from experts as we explore the burning questions and challenges that cybersecurity professionals, company leaders, legislators, and suppliers all face. Join hosts Jeremy Huval, Chief Innovation Officer at HITRUST®, Robert Booker, Chief Strategy Officer at HITRUST, and Ryan Patrick, Vice President of Adoption at HITRUST, and a roster of exciting guests as we challenge trust and dive into the world of confidence in cybersecurity.

podcast_award_1
podcast_award_2
Best B2B Branded Podcast_Winner_Trust VS

Podcast Episodes

Sep 25, 2025
Chaos, Culture, and Cyber Resilience
Cybersecurity, Security
Sep 11, 2025
Uncle Ronnie and the Problem with AI Security
Risk Management, AI, Cybersecurity
Aug 28, 2025
Everything About Your Cyber Risk Assessment is Wrong
Risk Management, Cybersecurity
Aug 14, 2025
AI, TPRM, and the Chaos in Between
Risk Management, AI, Third-Party Risk Management
Jul 31, 2025
HIPAA Healthcare: Then, Now, and Future
HIPAA, Healthcare, Compliance
Oct 31, 2024
Fostering the Next Generation of Cybersecurity Leaders
Leadership, Cybersecurity
Oct 17, 2024
The Trust Partnership with the Board - Closing the Loop through Accountability and Engagement
Leadership, Cybersecurity, Trust
Oct 3, 2024
AI - Our Shared Responsibility
Shared Responsibility and Inheritance, AI, Security
Sep 19, 2024
AI’s Biggest Threat is People
AI, Threat Management, Security
Sep 19, 2024
The AI Conundrum: Security Standards in a World of Innovation
Risk Management, AI, Security
Aug 22, 2024
Cybersecurity Is Strategy — Not Just Settings And Systems
Cybersecurity, Security
Aug 8, 2024
The Ransomware Battle on the Cyber Frontier
Risk Management, Threat Management, Ransomware
Jul 11, 2024
AI Is Not a Strategy
Risk Management, AI, Data Security
Jul 25, 2024
We Promise This Episode on Insurance is Interesting
Risk Management, Data Security, Cyber Insurance
May 23, 2024
Rebuilding Trust After The Latest Breach
Data Breach, Healthcare, Trust
Sep 27, 2023
Trust vs. AI
Risk Management, AI, Cybersecurity
Sep 13, 2023
Trust vs. Enterprise Risk
Risk Management, Data Security, Data Privacy 
Sep 6, 2023
Trust vs. Third Parties
Risk Management, Cybersecurity, Third-Party Risk Management
Aug 24, 2023
Trust vs. the Board
Leadership, Cybersecurity, Compliance
Aug 2, 2023
Trust vs. Breaches
Data Breach, Data Security, Threat Management
Jul 19, 2023
Trust vs. Cloud
Shared Responsibility and Inheritance, Cybersecurity, Healthcare
Jul 5, 2023
Trust vs. Perception
Leadership, Data Security, Threat Management, Cybersecurity
Jun 21, 2023
Trust vs. Compliance
Data Security, Cybersecurity, Healthcare, Compliance
X

Subscribe to get updates,
news, and industry information.

The Only Certification Proven to Work

With a 99.41% breach-free rate among HITRUST-certified environments, HITRUST stands alone in cybersecurity assurance. From third-party risk to internal controls, trust the solution that reduces risk — and proves it.

Get Started
Chat

Chat Now

This is where you can start a live chat with a member of our team