Redefining the GRC Function: Leading the Shift Beyond Checkbox Security Training
Security Awareness Training was built for compliance, not resilience, and attackers are exploiting gaps that legacy models were never designed to address. GRC leaders are now expected to demonstrate measurable risk reduction, not just training completion rates.
Dune Security and Alumni Ventures hosted a virtual discussion featuring Dune Security CEO David Dellapelle, alongside Meghan Hunt of The University of Vermont Health Network, Jake Wesenberg of Koch, and Sam Pena of Tetra Tech. The conversation focused on why traditional Security Awareness Training falls short and how GRC teams can close the gap between compliance activity and true resilience.
The session explored how attackers bypass standard training, what user layer risk looks like today, how GRC leaders can shift toward a risk-based strategy, and which metrics truly demonstrate readiness to executives and regulators.
Thank you to everyone who joined us. We look forward to continuing the conversation and partnering with our community to strengthen how organizations manage user cyber risk.
Video Recap
Photo Gallery
Step into the atmosphere of our past event — watch the recap and relive the moments where cybersecurity, innovation, and community came together.
.png)
New York Security Leader Happy Hour
Join Dune Security for a happy hour at The Rutherford in New York City, bringing together a curated group of security leaders for drinks, light bites, and conversation.
.png)
GPSEC® Tysons
Join Dune Security at GPSEC Tysons, a premier cybersecurity conference for enterprise security leaders and practitioners.
Exploring the Role of the CISO in Cybersecurity
Join Dune Security for a virtual webinar featuring CISOs from Scrut Automation, Wallarm, and Culligan exploring the evolving role of the CISO and how security leaders are navigating rising expectations, emerging threats, and enterprise leadership responsibilities.
Interested in hosting an event with Dune Security?
