Chris Kreft, CISSP, is a GRC Manager at Steelcase with over 20 years of IT experience, including a decade-long tenure leading key security engineering, identity, and risk initiatives. In the past year, he spearheaded Steelcase's CMMC compliance through navigating federal terminology, defining enclave boundaries, and architecting practical risk strategies. With a technical background that spans zero-trust network segmentation, vulnerability management, application security, and IAM, he approaches compliance from an engineering mindset: finding real risks and making pragmatic, reasonable choices to solve them. When he's not decoding federal security standards, Chris enjoys watching soccer games, hanging out with his family, or training for his next triathlon.