In this episode of Risk Is Our Business, Captain Michael Rasmussen is joined by Karan Rao, Head of Enterprise Risk at Embark Student Corp., for a conversation that started not in a boardroom but on LinkedIn.

A post from Karan caught Michael’s attention on how the best risk managers aren’t the ones with the most complex models, but the ones who can walk into a room, read the people, interrogate the data, and explain risk so clearly that action becomes unavoidable.

From there, the discussion dives into the human side of risk. They explore why understanding behavior is just as important as understanding data, and why the ability to communicate, write, and present with clarity separates those who inform from those who influence. Risk leaders, they argue, don’t hide behind dashboards, they translate insight into decisions.

They also discuss the importance of developing skills that compound over time: communication, storytelling, emotional intelligence, and business understanding. Karan shares how ideas from Atlas of the Heart shape his approach to risk leadership, helping him connect emotion, clarity, and decision-making in high-stakes environments.

This episode is about moving risk from a reporting function to a leadership discipline, one where the ability to engage the room matters just as much as the data on the screen.

In this episode of Risk Is Our Business, Captain Michael Rasmussen welcomes Anne Louise Higgins, Global Head of Cyber Governance, Risk and Control at BNY Mellon, for a conversation about how the risk profession has evolved and who will be leading it into the future.

Anne reflects on the growing role of women in risk management and cybersecurity, and how diversity of experience and perspective strengthens decision-making at every level of the enterprise. From there, the discussion broadens into how the practice of risk management itself has changed over time, from compliance-driven reporting toward more integrated, business-aligned approaches.

They also explore the cultural differences in how risk is approached in the United States versus Europe, and how those perspectives shape governance, accountability, and engagement with leadership. The conversation then turns to risk technology, what currently stands out in the market, and how emerging capabilities are reshaping the way organizations understand and manage uncertainty.

Michael and Anne also discuss the future of careers in risk, cyber, and GRC, particularly in an era increasingly shaped by AI and rapid technological change. The episode closes with practical insights on how professionals can future-proof their careers and build the skills, adaptability, and strategic mindset needed to stay relevant on the bridge as the risk landscape continues to evolve.

In this episode of Risk Is Our Business, Captain Michael Rasmussen connects over a slightly long-distance subspace channel (also known as a video call) with Alex Dali, President of the G31000 Risk Institute, to explore the evolution of one of the most widely recognized frameworks in modern risk management.

Alex walks through the story of ISO 31000, where the standard came from, how it has evolved since its original release, and what the next phase of its development may look like as organizations confront an increasingly complex risk landscape.

Along the way, they unpack the difference between bad risk management (overly procedural, disconnected from decisions, and driven by checklists and heat maps) and good risk management, which aligns with organizational objectives and supports leadership in navigating uncertainty.

The conversation also turns to the current state of risk technology, including the ongoing search for tools that genuinely support the principles of ISO 31000 rather than forcing risk management into rigid compliance workflows. From there, they explore how AI may reshape the discipline, the role technology should play in enabling better decision-making, and how the Chief Risk Officer role itself may evolve as risk becomes more integrated with strategy and business operations.

The discussion offers a thoughtful look at how risk management standards, technology, and leadership must evolve together if organizations are to navigate uncertainty with clarity rather than simply documenting it.