Greg Conn
Bradenton, Florida, United States
2K followers
500+ connections
View mutual connections with Greg
Greg can introduce you to 2 people at Biblioso
or
New to LinkedIn? Join now
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
View mutual connections with Greg
or
New to LinkedIn? Join now
By clicking Continue to join or sign in, you agree to LinkedIn’s User Agreement, Privacy Policy, and Cookie Policy.
About
I help security, risk, compliance, and technology leaders answer critical exposure…
Articles by Greg
-
The Cart Door
The Cart Door
The Cart Door Why the most dangerous thing about AI is the one we already know how to fix A few years back I was at a…
7
1 Comment -
What are we missing?Sep 29, 2014
What are we missing?
I often wonder when doing a security review what I might be missing. Up to 90% of what we ask is the same.
10
5 Comments -
Mantrap and Anti-TailgatingJun 28, 2014
Mantrap and Anti-Tailgating
Mantrap and anti-tailgating, two of the most misunderstood concepts in physical security, and arguably two of the most…
10
1 Comment
Activity
2K followers
-
Greg Conn shared thisA company once spent a million dollars on rotating mantrap doors to stop people from tailgating into their data center. I stood and watched everyone walk through the cart door instead. I asked the guard why. "It gets busy in the mornings, so we open it up so people aren't late clocking in." Straight face. Completely reasonable man. A million dollars of access control, defeated by someone with a good reason. I've spent thirty years auditing controls, and that is the most reliable finding of my career: controls decay toward convenience, every time, unless someone empowered is standing on the floor. We just wired the entire economy onto AI systems nobody is allowed to audit. We've removed the auditor from the floor. The full piece is below.
-
Greg Conn reposted thisGreg Conn reposted thisI knew this would be an issue. I am just waiting for the shoe to drop. https://lnkd.in/ei8KzD9wThe Horrible Economics of AI Are Starting to Come Crashing DownThe Horrible Economics of AI Are Starting to Come Crashing Down
-
Greg Conn posted thisThe issue is rarely the issue. The missing context is. Most organizations do not have an issue management problem. They have a context problem. I have seen large organizations spend hours working through issues that should have been easier to triage, route, prioritize, and close. Audit findings. Control gaps. Policy exceptions. Vendor remediation items. Vulnerabilities. Application risks. Operational risk events. Compliance gaps. The issue itself was rarely the hardest part. The missing context was. Who owns it? Which application is impacted? Which business service depends on it? Which asset or software is involved? What data could be exposed? Which control failed? Which risk does it map to? Is a third party involved? Is this a duplicate issue? Is there a compensating control? What should be fixed first? Without that context, issue management becomes meetings, spreadsheets, email threads, status updates, and manual reconciliation. That is not risk management. That is risk administration. This is where ServiceNow can create real value, but only when the data model supports the outcome. Discovery matters. CSDM matters. The CMDB matters. Application context matters. Ownership matters. APM, SAM, and HAM matter. Controls, risks, policies, and business services matter. An issue by itself is just a record. An issue connected to an application, asset, owner, control, vulnerability, vendor, business service, and data context becomes actionable intelligence. That is the shift. AI can help summarize issues. AI can help classify issues. AI can help recommend next steps. AI can help identify patterns. AI cannot fix a broken operating model where the relationships are missing. The real maturity question is not: “How many issues are we tracking?” The better question is: “How quickly can we turn an issue into an accountable action?” That is where enterprise risk starts to become operational. And that is where platforms like ServiceNow can move from system of record to system of action. #ServiceNow #GRC #EnterpriseRisk #CSDM #RiskManagement #AI
-
Greg Conn posted this“I have an idea for an app. If only I knew how to create one I would be a millionaire!” I have heard some version of that sentence for years. Today, I created my first iOS app on my own time. I used Xcode, Codex, and ChatGPT. I described what I wanted in simple language. In under an hour, I had a working app. I did not manually write one line of code. That is incredible. The skill is changing. It is no longer just about knowing every syntax rule or framework detail. It is about knowing what you want to build, how to explain it clearly, how to test the output, how to refine the result, and how to keep pushing the idea forward. AI did not remove the need to think. It made thinking actionable faster. For anyone who has ever said, “I have an idea for an app,” the barrier just got a lot lower. Now the question is not: “Can I build it?” The question is: “What is worth building?” Apple OpenAI #AI #Xcode #ChatGPT #iOSDevelopment #Codex
-
Greg Conn posted thisThe Awkward CMDB Moment in Every ServiceNow Demo Every ServiceNow demo I used to do had the same awkward moment. I would show a CISO, CIO, risk executive, or compliance leader what was possible: Real-time risk visibility. Application context. Vulnerability prioritization. Control reporting. Issue management. Executive dashboards. Automated workflows. Then the executive would turn to the CMDB owner and ask: “Can we do all of this?” The answer was usually hesitant. “Not really. Our CMDB sucks.” At first, I used to get defensive. Then I realized that moment was the most important part of the demo. Because the platform was not the problem. The missing context was the problem. Nothing can produce reliable risk intelligence if the organization does not know: What assets exist. What software is installed. What applications depend on them. Who owns them. What data they process. Which business services they support. Which controls apply. Which vulnerabilities matter. Which third parties are involved. Which issues require action. This is where many organizations misunderstand discovery. Discovery is not just a CMDB population exercise. Discovery is the starting point for enterprise exposure intelligence. But discovery alone is not enough. Discovery tells you what exists. CSDM helps structure how those assets, applications, services, owners, and business capabilities relate to each other. The CMDB connects the relationships. GRC creates accountability. ServiceNow can turn it into workflow. AI can accelerate the analysis. But if the relationships are missing, every dashboard becomes questionable. That is why the old advice still matters: Know your assets. Know your software. Know your data. But I would add one more: Know the relationships. Because when leadership asks, “Are we exposed?” they are not asking for a spreadsheet. They are asking: Where are we exposed? How bad is it? Who owns it? What business service is impacted? What data is at risk? What controls are working? What should we do first? That answer does not come from a tool alone. It comes from connected context. Discovery finds what exists. CSDM gives it meaning. Risk management turns it into a decision. That is where the real value starts. #ServiceNow #GRC #EnterpriseRisk #CSDM #CMDB
-
Greg Conn posted thisBuilt my first ServiceNow app using Claude and the ServiceNow SDK. Two things came to mind during this exercise. One, I miss writing code. Two, the efficiencies people talk about are not quite as advertised. I do love the work Earl Duque is doing with this. I highly recommend his videos and papers. ServiceNow Anthropic Claude
-
Greg Conn shared thisMy cousin’s son. He looks up to me like an uncle he never had, or maybe a computer geek family member. I’m not sure which it is. He definitely got his smarts from the Conn side of the family, of course. I couldn’t be happier for him. I get to bask in his glory like I had anything to do with this. Hint: I didn’t. So proud of you, Adam Cook. You amaze your family with your brilliance. I just wish you were more humble like me. https://lnkd.in/etMjZ88c
-
Greg Conn shared thisOne of my favorite workflows!Greg Conn shared thisStruggling to identify risks in your organization? This article explains how ServiceNow IRM Risk Identification Workflow and GenAI can streamline risk identification and help first-line identify the key risks https://lnkd.in/g7r6BfyP Thanks to my amazing OPM team for collating these resources.Understanding the role of risk identification in IRM Risk ManagementUnderstanding the role of risk identification in IRM Risk Management
-
Greg Conn shared thisA coworker. Posting only so my network can say a prayer and maybe a couple dollars their way. Very sad. Live life like there is not tomorrow. https://darbybukowski.com/
-
Greg Conn liked thisGreg Conn liked thisI warned you;o) CrMDB™ has arrived! Is your resiliency data AI ready? FOR IMMEDIATE RELEASE Riffle Resilience Launches CrMDB™, the Crisis Management Database Built to Make Enterprise Resiliency Programs Data Confident and AI Ready "AI doesn't have a model problem in resilience — it has a data problem," said Aaron Callaway, Cofounder at Riffle Resilience. "Every organization we talk to has an AI initiative, and nearly all of them are being held back by the same thing: a foundational database that isn't clean, isn't current, and isn't built for the questions resilience teams actually need answered during a crisis. We built CrMDB™ to fix that at the root." Shane Mathew, Austin Cruz,Bena Thomas, Riffle Resilience, Atlassian, Chris Hemphill, Kay Lawal, Aaron Zuber, Association of Continuity Professionals, Continuity Insights, DRI International (Disaster Recovery Institute), The BCI https://lnkd.in/g_9tg_Hd
-
Greg Conn liked thisGreg Conn liked thisA little over a month ago, I shared that I was heading back to work after five months of maternity leave - excited to reconnect, get back up to speed, and see what had changed while I was away. Turns out, a lot. 😅 One of the things I’ve been most excited to come back to is the momentum around AI and the conversations organizations are having about how to actually adopt it responsibly and at scale. Now, through NewRocket’s partnership with Anthropic, those conversations are becoming even more real. As companies move from experimenting with AI to embedding it into the way their businesses operate, questions around AI governance, security, risk, and responsible adoption are only becoming more important. If AI governance, enterprise AI strategy, or how to put the right guardrails around AI adoption is on your roadmap, I’d love to connect. Whether you’re already well into the journey or just starting to figure out what it should look like, please reach out - I’d be happy to be a resource. It’s an exciting time to be back. 🚀 Richard Stack Kevin Connolly Harsha Kumar Anthony Evans Frank Palermo Sean Iannuzzi
-
Greg Conn liked thisGreg Conn liked thisToday marks my last day at ServiceNow. After more than 2½ years, it's been an interesting journey—one filled with unique challenges, memorable customer experiences, and plenty of opportunities to learn. While every role comes with its ups and downs, what has stood out most to me are the incredible people I've had the opportunity to work alongside. I'm especially grateful to those individuals who made the experience meaningful and memorable. To name a few (and I'm sure I will miss some): Peter Goedegebuure, Steve Bates, Matt Porwoll, Melissa Atkinson, MISM, Bogdan Dejeu, PMP, ITIL, Waleed E., Pallavi Gadepalli, Scott Tuck, Mary Klug, Doug Penta, Maryann Potter, Freedom David, Carrie Kim, Brian Federle, Mike Spano, John Heuer, Laurel McDevitt, MPA, SPC, Chris McDevitt, Cami Burns Schaffner, Bianca Morgan-Brown, James Pollock, Craig Willey, Cutter Smith, Cynthia Seeley, Viva Pham, Ivan Martez, Renae Semple, James Rinkus, James Moore, Nicola Blakemore, AJ Close-- Thank you for your support, partnership, sense of humour, and friendship along the way. One of my biggest takeaways is that not every experience needs to be about climbing the next rung on the ladder. Sometimes, a role serves a different purpose. Sometimes it provides the space, flexibility, and stability you need to focus on what matters most outside of work. As I close this chapter, I leave with new perspectives, valuable relationships, and a deeper appreciation for how success can look different at different stages of life. Here's to the next adventure. #CareerJourney #Leadership #NewBeginnings #ServiceNow
-
Greg Conn liked thisCompleted another learning course on ServiceNow: Now Assist!ServiceNow: Now Assist Essentials (Nov 2024 Store Release)ServiceNow: Now Assist Essentials (Nov 2024 Store Release)
-
Greg Conn liked thisEnjoyed participating. Rich Latayan - excellent moderating the panel, Luciano Ferrari and Kris Kistler, MS, CISSP great discussion 🙏Greg Conn liked thisShared the stage at FutureCon CyberSecurity Events Orlando alongside CISOs Sanjay Deo, Kris Kistler, MS, CISSP and Luciano Ferrari. It was an honor to exchange perspectives on security strategy, the business of protecting the organization and the accelerating velocity of AI shaping our landscape. These conversations are critical as we continue aligning cybersecurity with business outcomes while navigating rapid technological change. A special thank you to Andrew Gaule for serving as an outstanding MC - your energy and presence made the entire day even more engaging. And thank you to Kim Hakim for bringing together such an exceptional group of leaders and practitioners. Events like this truly highlight the value of collaboration across our community. AAA National #CyberSecurity #Leadership #promoteNprotect
-
Greg Conn liked thisGreg Conn liked thisTwo weeks after getting laid off, I've become the busiest unemployed person I know, and, unfortunately, I know many. Thursdays have somehow become my day for announcements. Two weeks ago: laid off after twenty years in the ServiceNow ecosystem and twelve years at the company. Last week: Britt Bowman LLC launched. This week's announcement? I'm tired. In the 14 days since I left ServiceNow, I've booked 7 speaking opportunities, including one today. I have 2 equity advisor agreements close to being signed, 1 FTE role I'm embarrassingly excited about, and multiple executive search firms actively working my search. I've formed an LLC, built a website, set rates, drafted the contracts and invoicing templates to get paid for advisory and fractional work, and gotten accepted into multiple expert communities and board networks. I've taken founder calls, done advisory work, and said yes to almost everything. I have been in motion. This is what I do. When the ground moves, I build. I fill the calendar because a full calendar feels like evidence that I'm okay. Forward motion means I'm not standing still in something I didn't choose. What I did not do was rest. I've had more social interactions in 2 weeks than I typically have in 2 months. I'm an ambivert. I love people in doses. I exceeded my dose by about 6 weeks. I stayed too late at too many things. I said yes to the conversations that fed me and ones that drained me, because any conversation could turn into an opportunity, right? I ran on adrenaline, wine, and the specific energy that comes from knowing your future is both completely open and unresolved. And then I ran out of it. Last night I was supposed to go to book club. I love book club, but I didn't have a single social calorie left. My family had the evening sorted without me, so I flaked on book club, went to the nicest restaurant in my tiny town, sat at the bar, ordered scallops, broccolini, and prosecco, and read a book by myself. I don't remember the last time I took myself to dinner with nowhere else to be. Nobody needed me there. That was the whole point. And it was luxurious. Here's what my hypocritical mind keeps spinning on: my entire career has been built on helping organizations distinguish between motion and progress. I've built enterprise operating models around that idea, helped teams see that a full roadmap isn't the same as a working strategy, that a packed calendar isn't the same as a productive quarter, that activity and outcomes are not interchangeable, no matter how much we want them to be. I forgot that applied to people, too. The emotional recovery from something like this and the professional sprint to figure out what's next don't run on the same timeline. The opportunities will still be there next week. The conversations that matter won't disappear because I took a night off. Recovery isn't the thing you earn after the work is finished. It's one of the things that makes the work possible in the first place.
-
Greg Conn liked thisGreg Conn liked thisEarly AI wins can be exciting, but they can also mask challenges around ownership, visibility, data, and scale. Join Prabhakar, Usman, and me on this webinar tomorrow for some practical insights on what works, what breaks, and how to bridge the gap between AI pilots and enterprise deployment. We'll cover: - Connecting planning and workflows for faster decisions - Improving visibility into AI initiatives and outcomes - Building a process that controls and governs the full AI lifecycle https://lnkd.in/gfyxftsG
-
Greg Conn liked thisView my verified achievement from ServiceNow.Certified Implementation Specialist - Data Foundations (CMDB and CSDM) (CIS-DF(CMDB and CSDM)) was issued by ServiceNow to Gokul Donthi.Certified Implementation Specialist - Data Foundations (CMDB and CSDM) (CIS-DF(CMDB and CSDM)) was issued by ServiceNow to Gokul Donthi.
Experience
Licenses & Certifications
Recommendations received
1 person has recommended Greg
Join now to viewView Greg’s full profile
-
See who you know in common
-
Get introduced
-
Contact Greg directly
Other similar profiles
Explore more posts
-
Allan Friedman, PhD
TPO Group • 5K followers
CISA has published a draft of the new CISA SBOM Minimum Elements! The 2021 NTIA Minimum Elements were an important step to help create a common specification of what should be in an SBOM. CISA is proposing an updated, clarified version that can be aligned with existing tools and support use cases. They are actively seeking feedback, so please share, review, and send them your thoughts! https://lnkd.in/eRm_zxT2
201
13 Comments -
Moore Technology Consulting
188 followers
Compliance frameworks like NIST are great on paper-but they’re hard to translate into real-world tools and workflows. Huntress makes this easier by aligning its platform to NIST functions (identify, protect, detect, respond, recover) so you can show how your controls work together in practice. See how Huntress fits into a modern security stack: https://oal.lu/VNMNO
-
Deura Information Security Consulting LLC | InfoSec leadership on demand
629 followers
Are day-to-day PDF tasks slowing you down? It’s time to **accelerate your workflow**. Security teams handle sensitive PDFs every day — audit reports, compliance documentation, contracts, vulnerability assessments. PDF Agile is a professional PDF solution designed for security-conscious teams who need more than just basic viewing. It enables encrypted document sharing, permission control, redaction, digital signatures, and controlled editing — all in one lightweight desktop application. For organizations that value data integrity and document governance, PDF Agile offers a practical alternative to complex or costly PDF platforms. ([PDF Agile][1]) 📄 **Edit Like a Pro** – Update text, adjust layouts, insert images or multimedia, and modify documents just like you would in a word processor. ([PDF Agile][1]) 🔄 **Convert Without Compromise** – Seamlessly convert from PDF to Word, Excel, PowerPoint, TXT, images, or CAD — and back — *without losing original formatting*. ([PDF Agile][1]) 📚 **Organize and Optimize** – Merge, split, rearrange, and compress pages with simple drag-and-drop controls. ([PDF Agile][1]) 🔓 **OCR and Security Built-In** – Extract text from scanned or image-based PDFs with powerful OCR and protect your files with passwords, signatures, and redaction tools. ([PDF Agile][1]) 📎 **Designed for Every Workflow** – From finance and legal to publishing and education, PDF Agile supports professionals with tools that scale to daily demands. ([PDF Agile][1]) Whether you're handling contracts, reports, or creative assets, PDF Agile accelerates your productivity while removing complexity — *all without bloated subscriptions*. **Ready to transform how you work with PDFs?** 👉 Discover PDF Agile today and supercharge your document workflows. #PDFTools #Productivity #DocumentManagement #PDFEditor #PDFConversion #OCR #DigitalWorkflow #BusinessTools #PDFAgile [1]: https://tidd.ly/4reTXrS "PDF Agile: All-in-One PDF Editor, Converter and Viewer" https://tidd.ly/4reTXrS
2
-
ElevenX Capital
27K followers
**Mismanagement in Cyber Talent Programs: A Call to Action** A recent DHS OIG audit uncovered significant mismanagement and improper payments within the CISA Cyber Incentive program, designed to retain critical cyber talent. This revelation emphasizes the necessity for robust governance associated with cybersecurity initiatives. At ElevenX Capital, we advocate for innovative frameworks that bolster talent retention and enhance security protocols. How can we ensure that investment in cybersecurity talent yields sustainable results? #investing #innovation #venturecapital #entrepreneurship #cybersecurity
-
SofTECH
759 followers
Are day-to-day PDF tasks slowing you down? It’s time to **accelerate your workflow**. Security teams handle sensitive PDFs every day — audit reports, compliance documentation, contracts, vulnerability assessments. PDF Agile is a professional PDF solution designed for security-conscious teams who need more than just basic viewing. It enables encrypted document sharing, permission control, redaction, digital signatures, and controlled editing — all in one lightweight desktop application. For organizations that value data integrity and document governance, PDF Agile offers a practical alternative to complex or costly PDF platforms. ([PDF Agile][1]) 📄 **Edit Like a Pro** – Update text, adjust layouts, insert images or multimedia, and modify documents just like you would in a word processor. ([PDF Agile][1]) 🔄 **Convert Without Compromise** – Seamlessly convert from PDF to Word, Excel, PowerPoint, TXT, images, or CAD — and back — *without losing original formatting*. ([PDF Agile][1]) 📚 **Organize and Optimize** – Merge, split, rearrange, and compress pages with simple drag-and-drop controls. ([PDF Agile][1]) 🔓 **OCR and Security Built-In** – Extract text from scanned or image-based PDFs with powerful OCR and protect your files with passwords, signatures, and redaction tools. ([PDF Agile][1]) 📎 **Designed for Every Workflow** – From finance and legal to publishing and education, PDF Agile supports professionals with tools that scale to daily demands. ([PDF Agile][1]) Whether you're handling contracts, reports, or creative assets, PDF Agile accelerates your productivity while removing complexity — *all without bloated subscriptions*. **Ready to transform how you work with PDFs?** 👉 Discover PDF Agile today and supercharge your document workflows. #PDFTools #Productivity #DocumentManagement #PDFEditor #PDFConversion #OCR #DigitalWorkflow #BusinessTools #PDFAgile [1]: https://tidd.ly/4reTXrS "PDF Agile: All-in-One PDF Editor, Converter and Viewer" https://tidd.ly/4reTXrS
Explore top content on LinkedIn
Find curated posts and insights for relevant topics all in one place.
View top content