AV CEO Spotlight: Redefining the GRC Function

​Redefining the GRC Function: Leading the Shift Beyond Checkbox Security Training

Security Awareness Training was built for compliance, not resilience, and attackers now exploit gaps that legacy models cannot cover. GRC (Governance, Risk, and Compliance) leaders are being asked to prove real risk reduction, not just training completion.

​Join Alumni Ventures’ portfolio company Dune Security CEO, David Dellapelle, along with Meghan Hunt from The University of Vermont Health Network, Jake Wesenberg from Koch, and Sam Pena from Tetra Tech for a virtual conversation on why traditional Security Awareness Training falls short and how GRC teams can close the gap between compliance activity and real resilience.

​The session will explore how attackers are bypassing standard training, what user layer risk looks like today, how GRC leaders can shift toward a risk-based strategy, and which metrics truly demonstrate readiness to executives and regulators.

​CEO Spotlights are virtual conversations designed for the Alumni Ventures community to learn from visionary entrepreneurs about emerging opportunities and practical strategies shaping the future of investing and innovation.