Rethinking Software Security Compliance in the Age of AI with Nick Selby

Rethinking Software Security Compliance in the Age of AI with Nick Selby

From Nerding Out With Viktor by Viktor Petersson

November 5, 2025 · 57 min · Season 2 · Episode 19

About this episode

Viktor Petersson and Nick Selby discuss the challenges of software security compliance in the context of AI adoption and the importance of fostering a security culture over mere compliance.

In this episode of "Nerding Out with Viktor," host Viktor Petersson sits down with Nick Selby, a security leader and advocate for practical security culture, to explore the reality behind software security compliance and why so many teams treat it as a checkbox rather than a mindset. The discussion unpacks how frameworks like SOC 2 and ISO 27001 often provide structure but not necessarily safety, and why real resilience depends on culture, not compliance. Viktor and Nick dig into the challenges of adopting AI tools faster than they can be secured, the limits of certification-driven trust, and how modern legislation such as the Cyber Resilience Act and SBOMs can reshape accountability across the software supply chain. Nick shares insights from his extensive experience in security leadership, revealing the gap between compliance theater and genuine security practices. The conversation explores how organizations can build security cultures that make compliance a natural outcome rather than a forced exercise, and why understanding the "why" behind security measures is more valuable than simply following checklists. The episode also delves into the practical challenges facing modern…

People in this episode

Host: Viktor Petersson

Guest: Nick Selby

Topics covered

  • software security compliance
  • AI tools
  • security culture
  • compliance frameworks
  • risk management
  • software supply chain

Keywords

  • software security
  • compliance
  • AI adoption
  • security culture
  • SOC 2
  • ISO 27001
  • Cyber Resilience Act
  • risk management

Mentioned in this episode

Organizations: SOC 2, ISO 27001, Cyber Resilience Act, SBOMs

More episodes of Nerding Out With Viktor

Explore listener stats, chart rankings, contacts and more on the Nerding Out With Viktor podcast page.