Recklesss Compliance
A Federal Security & Compliance career is a very rewarding career - we get the honor and privilege of protecting some of the most guarded assets of our great country. However, it doesn’t come without a cost. We often take the brunt of the beating when it comes to the regulations that are impeding innovation.
Join federal security professional Max Aulakh as he distills the challenges facing our career field, pulling back the curtain on culture, emerging technical knowledge, ATOs, CMMC and various federal cyber frameworks.
Each episode is jam-packed with powerful information to cut through the noise. We will break down tools, tips and techniques to help you get better and to quickly get through the federal accreditation processes. It doesn’t matter what type of systems or technology you are dealing with, if you have heard of or are familiar with terms like STIGS, SAP, SAR, FedRAMP, and ConMON or newer terms like cATO, Big Bang, OSCAL, CMMC and SBOMs - we will break it all down.
Recklesss Compliance
CMMC Compliance Insights with Swimlane's Head of GRC, Jack Rumsey
In this episode of the Reckless Compliance podcast, Max is joined by Jack Rumsey, Head of GRC at Swimlane. Jack shares his journey of navigating the world of compliance as Swimlane grows its presence in the federal market. The discussion covers Swimlane’s move toward CMMC Level 1, the challenges of balancing federal compliance with commercial certifications like SOC 2 and ISO, and the complexities of managing government systems. Jack also explains Swimlane’s experience with GRC, strategies for scoping compliance efforts, and how their automation tools help drive compliance.
Discussion Topics:
- The role of Swimlane in security automation and compliance
- The process of navigating CMMC Level 1 and self-attestation
- The intersection of commercial compliance standards (SOC 2, ISO) and federal requirements (CMMC, FedRAMP)
- Managing expectations and aligning compliance efforts with business value
- Strategies for reducing the scope of assessments and managing government contracts
- The importance of technical and security controls in federal compliance
Max Aulakh Bio:
Max is the CEO of Ignyte Assurance Platform and a Data Security and Compliance leader delivering DoD-tested security strategies and compliance that safeguard mission-critical IT operations. He has trained and excelled while working for the United States Air Force. He maintained and tested the InfoSec and ComSec functions of network hardware, software, and IT infrastructure for global unclassified and classified networks.
Connect with Max:
- LinkedIn: Max Aulakh
- Website: Ignyte Assurance Platform
Connect with Jack:
LinkedIn: Jack Rumsay