https://511d98a7.spoiledlunch.pages.dev/Nerdy Stuff. Tech Talk. Zero Freshness. Analysis and commentary on GRC, security, and AI.Hugo 0.160.1en-usTue, 19 May 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-25-soc-2-became-a-sales-requirement-not-a-trust-signal/Tue, 19 May 2026 09:00:00 -0400https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-25-soc-2-became-a-sales-requirement-not-a-trust-signal/Article • May 19, 2026 • 7 min read | Topics: GRC | SOC 2 still matters. That is exactly why the industry has let it become something more misleading than useless. The report was supposed to be a narrow assurance artifact: a way to evaluate whether a …SpoiledlunchGRCsoc 2auditgovernanceassurancehttps://511d98a7.spoiledlunch.pages.dev/articles/2026-04-18-soc2-compliance-cargo-cult/Sat, 18 Apr 2026 14:30:00 -0700https://511d98a7.spoiledlunch.pages.dev/articles/2026-04-18-soc2-compliance-cargo-cult/Article • April 18, 2026 • 7 min read | Topics: GRC, Security | SOC 2 compliance has become a cargo cult ritual in enterprise security. Organizations implement the ceremonial controls, follow the prescribed procedures, and wait for security to magically appear. …SpoiledlunchGRCSecuritySOC 2compliancesecurity controlsaudit