Recklesss Compliance
A Federal Security & Compliance career is a very rewarding career - we get the honor and privilege of protecting some of the most guarded assets of our great country. However, it doesn’t come without a cost. We often take the brunt of the beating when it comes to the regulations that are impeding innovation. Join federal security professional Max Aulakh as he distills the challenges facing our career field, pulling back the curtain on culture, emerging technical knowledge, ATOs, CMMC and various federal cyber frameworks. Each episode is jam-packed with powerful information to cut through the noise. We will break down tools, tips and techniques to help you get better and to quickly get through the federal accreditation processes. It doesn’t matter what type of systems or technology you are dealing with, if you have heard of or are familiar with terms like STIGS, SAP, SAR, FedRAMP, and ConMON or newer terms like cATO, Big Bang, OSCAL, CMMC and SBOMs - we will break it all down.
Episodes
Max Aulakh and Michael Rasmussen, GRC analyst and CEO of GRC Report, discuss the recent FedRAMP Equivalency Memo released by the DoD in January 2024. They go into depth about the memo, what is involved, the requirements, as well as how this directly effects the CSP.
Topics we discuss:
- What is FedRAMP, and who is it for?
- How long has FedRAMP been around?
- Challenges with FedRAMP
- What is Equivalency, and why is it important?
- Is Equival...
Max Aulakh and Uliya Sparks, an ISSM at SAF Mission Partners Environment, discuss the potential of AI in federal compliance. They explore ISSMs' challenges, including managing multiple systems and navigating complex policies like NIST and FedRAMP. Uliya highlights the slow adoption of AI due to concerns about data sensitivity and job displacement, stressing the need for human expertise in validating AI-generated responses.
Topi...
In this episode, Max discusses the fundamental concepts of Control Inheritance and System Reciprocity, highlighting their differences, applications, and importance in the realms of cybersecurity and organizational governance. This topic ties in closely with his recent LinkedIn post about the need for a credit system for security work being done within different parts of the DoD.
Topics Covered
- Control Inheritance:
- Definition ...
Max Aulakh invites Reuben Patton to discuss the implementation of enclaves in the context of CMMC (Cybersecurity Maturity Model Certification). Reuben, with his experience in both the classified sector and cybersecurity, provides insights on how enclaves, traditionally used in classified environments, are now being applied to manage CMMC requirements. He dives into strategies for handling Operational Technology and Research & D...
In this episode, we explore how global entities can serve the US and European governments. Joseph Keenan, Global Head of Security and CISO at Airbus OneWeb breaks down some challenges and provides insight into managing CMMC, Security strategy, FedRAMP while selling Commercial Off-the-shelf products into the defense market . This episode focuses on the stressors of an international company in the age of CMMC as well as dives into th...
The podcast features Steve Demersky, the Chief Compliance Officer and Chief Legal Officer at 1010 Data. He discusses the importance of legal and compliance officers in the cybersecurity and risk management field. Data privacy is a major concern for SaaS companies, and they need to ensure they are handling client data safely and in compliance with regulations. The podcast also touches on the use of SOC audits and the need for credib...
Our guest today is Naveed Mirza, Senior Solutions Arcitect at Okta. This episode focuses on the importance of authorization boundaries and how to not only understand them but how to develop them. Naveed shares his background as a government contractor supporting the U S Marine Corps, highlighting the transferable skills and experiences that have prepared him for his role as SSA at Okta.
Topics we discuss:
- Authorization boundary<...
Our guest today is Anthony Fisic, Chief Information Security Officer at Battelle, who conducts research and development, designs and manufactures products, and delivers critical services for government and commercial customers. This podcast episode focuses on federal compliance's impact on defense industry businesses. Anthony shares his background in law enforcement and military service, highlighting the transferable skills an...
Alexander Hubert talks about his journey to becoming an authorization official in the public sector. He explains how he transitioned from being a weatherman in the Air Force to becoming an IT guy and then delves into his interest in cybersecurity. Alex shares that he has worked various positions within the risk management framework, including information assurance manager and security controls assessor. As an AO, his role is to acc...
Welcome to the first episode of the Reckless Compliance podcast, brought to you by Ignyte, In this episode, Max gives a high-level overview of the different key compliance terminology that will be discussed on the podcast. He provides context, definitions, and use cases.
Topics we discuss:
- Private Sector Defense Industrial Base
- Cloud Service Providers
- Public Sector Divisions of software companies
- Federal Agencies
- DoD/Armed...
Welcome to episode zero of the Reckless Compliance Podcast, brought to you by Ignyte Assurance Platform, where we discover the unintended consequences of compliance. I am your host, Max Aulakh.
In this inaugural episode, we cover the following topics:
- Overview of topics that will be covered in the podcast
- Overview of the goals of the podcast
- Max’s promise to listeners and subscribers
Max Aulakh Bio:
Max is the CEO of Ignyte...
Popular Podcasts
Current and classic episodes, featuring compelling true-crime mysteries, powerful documentaries and in-depth investigations.
Every week comedian and infamous roaster Nikki Glaser provides a fun, fast-paced, and brutally honest look into current pop-culture and her own personal life.
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
If you can never get enough true crime... Congratulations, you’ve found your people.
A straightforward look at the day's top news in 20 minutes. Powered by ABC News. Hosted by Brad Mielke.