I recently recorded a Voices of AdTech episode with Laura Diment, Senior Security Engineer at Teads. It’s a thoughtful conversation worth your time if you’re interested in how governance, risk, gender, and culture intersect in tech.
We talked about Governance, Risk, and Compliance (GRC), a topic that is often reduced to checklists or framed as internal bureaucracy. What became very clear through our conversation is that GRC is really about confidence. Confidence for clients, partners, regulators, and teams that innovation is happening responsibly.
Laura described GRC as an enabler. It exists to help teams move forward with clarity, within the legal and ethical boundaries companies are accountable for. We spoke about frameworks like SOX, a mechanism that public companies listed on NASDAQ, like Teads, are required to implement. SOX allows organizations to clearly trace financial flows, understand who can modify financial data or system configurations, and catch issues early before they become serious. In a tech company, where revenue, bidding, and reporting live inside systems, this is as much a technical responsibility as it is a financial one.
What I appreciated most was how clearly she spoke about the complexity of our identities, and how experiences from every part of life shape who we are and how we show up at work. In fields like GRC, that diversity of perspective is not just valuable, it’s essential. When people approach risk, compliance, and governance from different cultural, professional, and personal angles, they are more likely to notice blind spots others might miss. This leads to more balanced decisions, stronger controls, and a deeper understanding of how policies affect real people. Difference, in this context, becomes a safeguard as much as a strength.¹
We also spoke about culture and context. Laura shared that while security controls are universal, how risk and security are perceived is shaped by cultural environments. Communication styles and expectations differ, and those differences influence how risk is discussed, prioritized, and connected to business value.
Laura shared experiences that were both deeply personal and closely tied to broader histories of women in tech. They were a reminder that progress is real, but not linear, and that context matters.
One story she shared was particularly sobering. She spoke about the polytechnic school in Montreal, Canada, an institution marked by a tragic event in 1989, when a gunman entered an engineering classroom, separated women from men, and murdered fourteen women simply because they were studying engineering.² Although Laura studied at a similar school in a different province and at a different time, that awareness shaped the environment in which she learned and influenced her understanding of what it means to be a woman in technology.
This part of the conversation puts things into perspective. It reminds us that, in many parts of the world, the reality for women has been, and in some cases still is, deeply challenging. Reflecting on these histories and sharing experiences like Laura’s helps keep awareness alive, not to dwell on the past, but to understand both how far we’ve come and where continued attention is needed.
This also connects directly to risk management. Research consistently shows that diverse teams are more likely to challenge assumptions and think more critically, which is exactly what effective risk management requires. That connection between inclusion and better decision-making came through clearly in practice, not just in theory.
We also looked ahead to AI. She concluded that, used well, it improves efficiency and scale. At the same time, it introduces new risks that require structure, literacy, and oversight. Moving from experimentation to formal frameworks is part of that responsibility.
What I took away most is this. GRC is not about slowing innovation down. It is about building systems people can trust. At Teads, trust isn’t a buzzword; it’s the backbone of everything we build.
Here are a few practical takeaways from the conversation:
- GRC enables innovation.
Governance, Risk, and Compliance exist to support the business. Strong GRC allows teams to innovate while meeting legal, financial, and security obligations, and gives clients confidence that their data and investments are protected. - GRC is deeply human and cross-functional.
Effective GRC depends on leadership support, shared accountability, and the ability to translate risk into business language. It works when finance, tech, legal, and operations collaborate, not when compliance sits in a silo. - AI increases both efficiency and responsibility.
AI helps automate audits, documentation, and training, but it also introduces new risks. This makes AI literacy, human oversight, and formal frameworks like NIST, ISO, and ISO 42001 essential for responsible innovation.
Episode 3 of Voices of AdTech is now live. Click here and take a listen. It’s for anyone curious about how governance, culture, and leadership quietly shape confidence in technology.
Sources
¹ Phillips, K. W. (2014). How diversity makes us smarter. Scientific American.
¹ Women in Computing, WW2 Codebreaking, LGfL.
² Leroy, A. (2025, December 6). It was December 6th: the Montreal Polytechnic School massacre. Entrevue
² Wurtzburg, S. J. (2022). École Polytechnique massacre. EBSCO Research Starters.