Everything you don’t see in GRC reports: A look back at Humans of GRC series

When people hear “GRC,” they think policies, audits, frameworks, reports. They think about structure, not stories. Control, not connection.

But we’ve spent years inside this world, working alongside the people who do the hard, quiet work—the ones who keep organizations steady through uncertainty, regulation, and change, who step in during crises, adapt to new technologies, mentor teams, and do it all with little recognition.

And yet, their stories rarely get told.
They’re the people behind the policies.
But too often, they get reduced to them.

That’s when it hit us: There’s a whole human side to GRC that the world doesn’t see.

So we started asking:

Who’s the woman who’s kept every audit on track for over a decade?
Who’s the person that built a world-class risk strategy while caring for a parent with cancer?
Who’s the immigrant navigating an industry that doesn’t always see them?

That’s how Humans of GRC was born.

Inspired by Humans of New York, Humans of GRC is a space to honor the human side of the industry—to hear voices that don’t often get airtime, and to remind the world that every policy has a person behind it.

Season 1 was more than we imagined. Now, we invite you to experience it for yourself.

Episode 1: Alex Sharpe’s story of grit, grace and an accidental entrepreneurship

“I think if I had tried to plan out building a business, it never would have happened. But falling into it kind of the way I did, it made perfect sense.”

How many of us have had the courage to choose ‘purpose’ over ‘pay’ in our early career years? Especially if we’ve graduated from a good university and are struggling financially (think odd jobs at gas stations, florists, liquor stores). Well, Alex took that hard call. He chose a low-paying job at the National Security Agency over lucrative alternatives because he was looking for more meaning.

His story floored us. Alex has always risen to the occasion and none of the curves, bends and changing slopes on his career graph have been able to shake his grit. He has had some exceptional stints at KPMG, Booze Allen and even at a startup that went public.

During our conversation with him, he opened up about the most testing time of his life when his mother was diagnosed with terminal cancer. He prioritised family over money and stepped away from formal work because he couldn’t and didn’t want to manage both at that moment.

But the universe had its own script. He started a 6-week consulting contract at AOL, which eventually turned into a 24-year business! An unexpected phone call became his ‘entrepreneurship by chance’ story. And now he’s one of the biggest names in the GRC and Cybersecurity industry!

Behind that poised smile and patient conversations are years of struggle and resilience, but like he says

“Everything will be okay, you just don’t know when.”

Episode 2: Dan Lohrmann preaches young CISOs to ‘Say yes Securely’

“ I was against Wi-Fi, it wasn’t secure, there were a lot of headlines!”

Dan has had to push through a lot of disbeliefs in his life because he started in security when security wasn’t even a thing. In our conversation, he reflects on an essential learning from his experience on the evolution of security from the pre 9/11 era to the present.

The year was 1997, Dan told us, half-laughing as he remembered offices with signs like “watch your purse” and co-workers who’d roll their eyes when he asked them to set passwords. “We’re not the NSA,” they’d joke.

Post 9/11, the outlook for both physical and cybersecurity changed, and he spent quite some time working on Y2K bugs and on the frontlines of bigger conversations about tech and safety.

One such moment came when he was a CISO in Michigan. At that time he strongly resisted Wi-Fi implementation because he was convinced it would open doors to hackers and credit card theft.

But his boss, gave him an ultimatum:”If that’s your answer, you can’t be the CISO”. That moment changed everything because Dan had never imagined losing his job for such reasons. So he dove deep into research, found a secure way forward, and the state went on to win awards for its Wi-Fi rollout. That experience humbled him. It reshaped how he saw his role.

His most significant learning:

CISOs usually have a tendency to say no to new technology. He has seen it for Wi-Fi, IoT, cloud, and now even AI. When in reality, the goal should be to be an enabler and look for secure solutions to adapt innovation and stay ahead of the curve.

Episode 3: Alexandre Blanc’s invisible to invincible story

“My brother was a year younger than me but he had no issues. It felt unfair growing up because he could come out of school and watch TV and I had to stay back with a teacher”

Imagine starting life with no heartbeat! Alexandre was born clinically dead and revived. That moment, as surreal as it sounds, marked the beginning of a life full of unexpected challenges that would shape his deepest convictions about safety, identity, and the human cost of technology.

Growing up he had developmental issues. He had to be tutored after school to keep up with other kids and felt unfairly disadvantaged. But his perseverance resulted in him excelling in sports and even winning gold medals in skiing.

But the most unthinkable chapter came later in life. Alexandre took a job, unaware that the company he worked for was actually tied to a terrorist group. By the time he realized the truth, it was too late. He received threats, and his identity was erased from French records. Just like that, he was erased—unable to access basic services, stripped of rights, isolated from society.

What followed was years of trauma that resulted in deep distrust and PTSD.

But in an extraordinary turn, the French secret service stepped in not just to help him, but to work with him. Together, they dismantled the group. Alexandre built secure communication tools like an encrypted radio software that protected lives. That was his redemption arc. And it became the foundation for everything he does today in privacy and data security.

His biggest learning:

Technology must serve people and not the other way round and privacy and security are shields against real-world harm.

Episode 4: Jeffrey Wheatman’s hard lessons from family scams

“My parents are in their 80s. In the past year they have been scammed three times!”

When we asked Jeffrey Wheatman what keeps him up at night, his answer wasn’t about enterprise breaches or ransomware headlines. It was personal. He felt helpless protecting his parents against scams.

The first fraud happened when a scammer wired $220,000 from his mother’s account. Despite the fraudulent account being newly opened and tied to a bank recently fined for fraud, his mother’s bank couldn’t identify the red flags. Jeffrey had to fight tooth and nail—endless hours with script-reading reps, before they finally returned the money.

Then came a fake text from the Treasury Department. His mother was told her identity had been stolen and she needed to withdraw $18,000 and deliver it to an address in New Jersey. She didn’t go, thankfully, but she also didn’t call anyone in the family. “She didn’t want to bother us,” Jeffrey said quietly. “That broke my heart!”

The third time, scammers set up unauthorized Zelle transfers to a Robinhood account and made a series of transfers for thousands of dollars. The bank eventually froze the accounts and created new ones but the emotional toll remained. 

And it’s not just the elderly. Even Jeffrey—savvy, experienced, cautious, once nearly fell for a LinkedIn scam. A connection asked if he had contacts at the FBI. It seemed odd, but plausible. It wasn’t until they tried to move the conversation to Signal that the red flags clicked.

His biggest learning?

“Trust no one and tell yourself the story aloud. If it sounds like a scam, step back”.

Episode 5: Jacob Hill’s journey of hope, healing, and the rise of GRC Academy

“ I believe God is going to heal me, and it gives me hope.”

Jacob talks about a deeply personal story of his physical challenges.

When Jacob was just five years old, a sledding accident changed the course of his life. It left him with spasticity, which is a neurological condition that causes constant muscle tension and pain. Even today, his right arm is visibly larger than his left, managing discomfort most of us can’t imagine.

But Jacob doesn’t lead with pain,he leads with purpose. He speaks openly about his faith and a moment he believes was nothing short of divine: a night of prayer that eased his pain for the first time in years.

Outside of his demanding executive role, Jacob is also quietly building something powerful. Two years ago, he launched a bootstrapped GRC academy, starting with CMMC training. 

He was initially quite nervous about the feedback, but it turned out to be positive. Now, he works before and after his day job to build it, one day at a time.

Jacob has learnt a lot of skills in this building journey and emphasizes that skill-building always pays off, maybe not immediately, but eventually.

His biggest learning?

Stay hopeful to fight life’s difficulties and work on honing your skill set.

We’re coming back with Season 2!

Season 1 left a mark on us.

We heard stories that cracked something open—honest, unfiltered, and deeply human. These weren’t just career journeys. They were life journeys, tucked inside roles too often defined by rules and reports.

What we learned is simple: People are at the heart of GRC. And their stories deserve space.

So, for Season 2, we’re turning our focus to women in GRC.

Those who’ve led in rooms they weren’t always invited into. The ones who’ve made room for others while carving out space for themselves and who’ve shaped this space often without credit.

Their stories are coming. We can’t wait for you to meet them. And we think you’ll find pieces of yourself in them, too. Watch the season 2 trailer here!