Recklesss Compliance
A Federal Security & Compliance career is a very rewarding career - we get the honor and privilege of protecting some of the most guarded assets of our great country. However, it doesn’t come without a cost. We often take the brunt of the beating when it comes to the regulations that are impeding innovation.
Join federal security professional Max Aulakh as he distills the challenges facing our career field, pulling back the curtain on culture, emerging technical knowledge, ATOs, CMMC and various federal cyber frameworks.
Each episode is jam-packed with powerful information to cut through the noise. We will break down tools, tips and techniques to help you get better and to quickly get through the federal accreditation processes. It doesn’t matter what type of systems or technology you are dealing with, if you have heard of or are familiar with terms like STIGS, SAP, SAR, FedRAMP, and ConMON or newer terms like cATO, Big Bang, OSCAL, CMMC and SBOMs - we will break it all down.
Episodes
16 episodes
CMMC in a Day? NtelSec’s “Enclave” Approach to Fast-Track Compliance
In this episode of the Reckless Compliance podcast, Max talks with Justin Paquette from NtelSec about a bold idea: helping small contractors achieve “CMMC in a day” by working inside a pre-secured enclave—CUI Vault—instead ...
Valid Eval’s FedRAMP Journey: Lessons in Scaling, Security, and Government Partnerships
Description: In this episode of the Reckless Compliance podcast, Max is joined by the CTO of Valid Eval, who shares the journey of achieving FedRAMP Ready status and securing an IATO from NASA. From early career work on adva...
CMMC Compliance Insights with Swimlane's Head of GRC, Jack Rumsey
In this episode of the Reckless Compliance podcast, Max is joined by Jack Rumsey, Head of GRC at Swimlane. Jack shares his journey of navigating the world of compliance as Swimlane grows its presence in the federal market. The discussion covers...
Unpacking SBOMs: Software Supply Chain Risks & Compliance Challenges
Welcome to this episode of the Reckless Compliance podcast, brought to you by Ignyte, where we share our expertise on cyber risk and help you navigate the complexities of federal compliance. I am your host, Max Aulakh.Our guest today is ...
NSA's Secret Weapon for Small Business FedRAMP and CMMC Security
Welcome to this episode of the Reckless Compliance podcast, brought to you by Ignyte, where we explore cyber risk and compliance in the defense sector. I am your host, Max Aulakh. Today’s guest is Rose, an NSA liaison specializing in cybersecur...
DIBCAC Assessments: Lessons from Belcan's Chief Security and Data Officer, Matt King
Long Description: In this episode, Max is joined by Matt King, Chief Security and Data Officer at Belcan. Matt shares his story of transitioning from Anthem to Belcan, where he has been instrumental in building a security program to...
FedRAMP Equivalency Memo with GRC Analyst, Michael Rasmussen
Max Aulakh and Michael Rasmussen, GRC analyst and CEO of GRC Report, discuss the recent FedRAMP Equivalency Memo released by the DoD in January 2024. They go into depth about the memo, what is involved, the requirements, as well as how...
Use of Artificial Intelligence for NIST Controls Responses - Perspective from Air Force ISSM
Max Aulakh and Uliya Sparks, an ISSM at SAF Mission Partners Environment, discuss the potential of AI in federal compliance. They explore ISSMs' challenges, including managing multiple systems and navigating complex policies like NIST and FedRA...
Control Inheritance vs. Reciprocity
In this episode, Max discusses the fundamental concepts of Control Inheritance and System Reciprocity, highlighting their differences, applications, and importance in the realms of cybersecurity and organizational governance. This topic ties in...
Enclaves in the Era of CMMC with Reuben Patton
Max Aulakh invites Reuben Patton to discuss the implementation of enclaves in the context of CMMC (Cybersecurity Maturity Model Certification). Reuben, with his experience in both the classified sector and cybersecurity, provides insights on ho...
The Role of a Chief Legal Officer with Steven Dimirsky
The podcast features Steve Demersky, the Chief Compliance Officer and Chief Legal Officer at 1010 Data. He discusses the importance of legal and compliance officers in the cybersecurity and risk management field. Data privacy is a major concern...
Max Discusses Authorization Boundaries with Naveed Mirza from Okta
Our guest today is Naveed Mirza, Senior Solutions Arcitect at Okta. This episode focuses on the importance of authorization boundaries and how to not only understand them but how to develop them. Naveed shares his background as a government con...
CMMC and DIBCAC Audit Journey w/Anthony Fisic (CISO) from Battelle
Our guest today is Anthony Fisic, Chief Information Security Officer at Battelle, who conducts research and development, designs and manufactures products, and delivers critical services for government and commercial customers. This podcast epi...
DCSA Authorization Official - Alex Hubert - ATO in a Day - Is it real?
Alexander Hubert talks about his journey to becoming an authorization official in the public sector. He explains how he transitioned from being a weatherman in the Air Force to becoming an IT guy and then delves into his interest in cybersecuri...
Public Sector Compliance Terminology 101
Welcome to the first episode of the Reckless Compliance podcast, brought to you by Ignyte, In this episode, Max gives a high-level overview of the different key compliance terminology that will be discussed on the podcast. He provides context, ...
Welcome to Reckless Compliance - Meet Your Host Max Aulakh
Welcome to episode zero of the Reckless Compliance Podcast, brought to you by Ignyte Assurance Platform, where we discover the unintended consequences of compliance. I am your host, Max Aulakh.In this inaugural episode, we cover the foll...