Shows
Recklesss ComplianceCMMC Compliance Insights with Swimlane's Head of GRC, Jack RumseySend us a textIn this episode of the Reckless Compliance podcast, Max is joined by Jack Rumsey, Head of GRC at Swimlane. Jack shares his journey of navigating the world of compliance as Swimlane grows its presence in the federal market. The discussion covers Swimlane’s move toward CMMC Level 1, the challenges of balancing federal compliance with commercial certifications like SOC 2 and ISO, and the complexities of managing government systems. Jack also explains Swimlane’s experience with GRC, strategies for scoping compliance efforts, and how their automation tools help drive compliance.Discussion Topics:The...2025-04-1429 minRecklesss ComplianceUnpacking SBOMs: Software Supply Chain Risks & Compliance ChallengesSend us a textWelcome to this episode of the Reckless Compliance podcast, brought to you by Ignyte, where we share our expertise on cyber risk and help you navigate the complexities of federal compliance. I am your host, Max Aulakh.Our guest today is Aaron Bray, co-founder of Phylum, a company specializing in securing software supply chains.We discuss:What is an SBOM? Understanding the Software Bill of Materials and its role in risk managementOpen-source security risks: How third-party libraries expose organizations to vulnerabilitiesExecutive Orders & Compliance: The evolving...2025-03-1021 minRecklesss ComplianceNSA's Secret Weapon for Small Business FedRAMP and CMMC SecuritySend us a textWelcome to this episode of the Reckless Compliance podcast, brought to you by Ignyte, where we explore cyber risk and compliance in the defense sector. I am your host, Max Aulakh. Today’s guest is Rose, an NSA liaison specializing in cybersecurity collaboration.Topics we discuss:The NSA’s cybersecurity mission and its role in protecting the defense industrial base (DIB)NSA’s free cybersecurity services for small businesses, including threat intelligence collaboration, attack surface management, protective DNS, and continuous autonomous penetration testingHow these services align with CMMC requirements and help s...2025-02-2421 minRecklesss ComplianceDIBCAC Assessments: Lessons from Belcan's Chief Security and Data Officer, Matt KingSend us a textLong Description: In this episode, Max is joined by Matt King, Chief Security and Data Officer at Belcan. Matt shares his story of transitioning from Anthem to Belcan, where he has been instrumental in building a security program to meet the stringent requirements of federal compliance. The conversation dives into the DIBCAC assessment process, the challenges of implementing NIST 800-171 controls, the importance of limiting scope, and strategies for pushing back on government requirements when appropriate.Discussion Topics:The mission and operations of Belcan in the defense and a...2024-08-1228 minRecklesss ComplianceDIBCAC Assessments: Lessons from Belcan's CISO, Matt KingShort Description: Welcome to the Reckless Compliance Podcast, where we explore the unintended consequences of federal compliance, brought to you by Ignyte Assurance Platform. Whether you're looking to navigate the complexities of cyber risk management and enter the federal market or you're a security professional seeking a community within the federal space, this podcast is for you. We break down essential tools, tips, and techniques to help you streamline federal accreditation processes across various systems and agencies. If terms like ATOs, FedRAMP, RMF, DISA Stigs, CATO, Big Bang, OSCAL, and SBOMs confuse you, we’ll clarify them all....2024-08-1228 min
Top of the MorningOne charger to rule them allWelcome to Top of the Morning by Mint, your weekday newscast that brings you five major stories from the world of business. It's Friday, June 21, 2024. My name is Nelson John. Let's get started:Indian benchmark indices, Nifty and Sensex, opened at record levels and touched new highs during the session before ending the day marginally higher, with Sensex up 0.18 percent and Nifty up 0.22 percent.From next June, every new smartphone and tablet sold in India will need to have a USB-C charging port so that consumers can charge all their devices with just one type...2024-06-2107 min
(CS)²AI Podcast Show: Control System Cyber Security111: From Scrubbing Hard Drives to Securing the Future: Max's Journey in CybersecurityWe are thrilled to have Max Aulakh, the Founder and CEO of Ignyte Assurance Platform, joining us today. Max is a military veteran and motorcycle enthusiast who enjoys doing voluntary work. He is a prolific contributor to the cybersecurity community, always willing to be of service to others. When Max was three, his father applied for American citizenship at the US Embassy in India. It was an extremely long process, and after losing all hope, he and his family finally migrated to Oklahoma a decade later. Join us to learn how Max transitioned from the mi...2024-05-2836 minRecklesss ComplianceFedRAMP Equivalency Memo with GRC Analyst, Michael RasmussenSend us a textMax Aulakh and Michael Rasmussen, GRC analyst and CEO of GRC Report, discuss the recent FedRAMP Equivalency Memo released by the DoD in January 2024. They go into depth about the memo, what is involved, the requirements, as well as how this directly effects the CSP.Topics we discuss:What is FedRAMP, and who is it for?How long has FedRAMP been around?Challenges with FedRAMPWhat is Equivalency, and why is it important?Is Equivalency a good o...2024-05-1427 minRecklesss ComplianceUse of Artificial Intelligence for NIST Controls Responses - Perspective from Air Force ISSMSend us a textMax Aulakh and Uliya Sparks, an ISSM at SAF Mission Partners Environment, discuss the potential of AI in federal compliance. They explore ISSMs' challenges, including managing multiple systems and navigating complex policies like NIST and FedRAMP. Uliya highlights the slow adoption of AI due to concerns about data sensitivity and job displacement, stressing the need for human expertise in validating AI-generated responses.Topics we discuss:Artificial Intelligence in context of Control ResponsesTool limitations and how we as humans can address themBringing awareness of our work to a younger generation2024-04-1528 minRecklesss ComplianceControl Inheritance vs. ReciprocitySend us a textIn this episode, Max discusses the fundamental concepts of Control Inheritance and System Reciprocity, highlighting their differences, applications, and importance in the realms of cybersecurity and organizational governance. This topic ties in closely with his recent LinkedIn post about the need for a credit system for security work being done within different parts of the DoD. Topics CoveredControl Inheritance:Definition and significance in cybersecurity.Examples of control inheritance, such as identity management systems.Utilization of control catalogs, like NIST's 800-53, for formal control inheritance.System Reciprocity:Explanation of reciprocity a...2024-04-0112 minRecklesss ComplianceEnclaves in the Era of CMMC with Reuben PattonSend us a textMax Aulakh invites Reuben Patton to discuss the implementation of enclaves in the context of CMMC (Cybersecurity Maturity Model Certification). Reuben, with his experience in both the classified sector and cybersecurity, provides insights on how enclaves, traditionally used in classified environments, are now being applied to manage CMMC requirements. He dives into strategies for handling Operational Technology and Research & Development in relation to CMMC, discussing the challenges and considerations of incorporating these areas into compliance frameworks. The conversation also touches on the practicalities and complexities of managing enclaves, offering valuable guidance for organizations...2024-03-1834 minRecklesss ComplianceU.S. vs European Operation Public Sector Cyber Compliance with Joseph Keenan - CISO AirbusIn this episode, we explore how global entities can serve the US and European governments. Joseph Keenan, Global Head of Security and CISO at Airbus OneWeb breaks down some challenges and provides insight into managing CMMC, Security strategy, FedRAMP while selling Commercial Off-the-shelf products into the defense market . This episode focuses on the stressors of an international company in the age of CMMC as well as dives into the differences between the US and European operations that he is experiencing in his current role.Topics we discuss:What is it like to manage US...2024-03-0430 minRecklesss ComplianceThe Role of a Chief Legal Officer with Steven DimirskySend us a textThe podcast features Steve Demersky, the Chief Compliance Officer and Chief Legal Officer at 1010 Data. He discusses the importance of legal and compliance officers in the cybersecurity and risk management field. Data privacy is a major concern for SaaS companies, and they need to ensure they are handling client data safely and in compliance with regulations. The podcast also touches on the use of SOC audits and the need for credible auditors who can identify and address organizational flaws.Topics we discuss:Role of Legal at 1010 DataRisk Management S...2024-02-1934 minRecklesss ComplianceMax Discusses Authorization Boundaries with Naveed Mirza from OktaSend us a textOur guest today is Naveed Mirza, Senior Solutions Arcitect at Okta. This episode focuses on the importance of authorization boundaries and how to not only understand them but how to develop them. Naveed shares his background as a government contractor supporting the U S Marine Corps, highlighting the transferable skills and experiences that have prepared him for his role as SSA at Okta. Topics we discuss:Authorization boundaryWhat is it, why is it important? How can it help?Can a boundary establishment exercise be harmful when it comes t...2024-02-1237 minRecklesss ComplianceCMMC and DIBCAC Audit Journey w/Anthony Fisic (CISO) from BattelleSend us a textOur guest today is Anthony Fisic, Chief Information Security Officer at Battelle, who conducts research and development, designs and manufactures products, and delivers critical services for government and commercial customers. This podcast episode focuses on federal compliance's impact on defense industry businesses. Anthony shares his background in law enforcement and military service, highlighting the transferable skills and experiences that have prepared him for his role as CISO at Battelle. The DIBCAC Audit JourneyGeneral Process from CISO PerspectiveStrategic Shifts internallyPreparing from a leadership perspectiveHow Anthony prepared his teamImpact on Team M...2024-02-0534 minRecklesss ComplianceDCSA Authorization Official - Alex Hubert - ATO in a Day - Is it real?Send us a textAlexander Hubert talks about his journey to becoming an authorization official in the public sector. He explains how he transitioned from being a weatherman in the Air Force to becoming an IT guy and then delves into his interest in cybersecurity. Alex shares that he has worked various positions within the risk management framework, including information assurance manager and security controls assessor. As an AO, his role is to accept risk on behalf of the government and determine the suitability of systems on the network. He also discusses the mission of his organization...2024-01-2932 minRecklesss CompliancePublic Sector Compliance Terminology 101Send us a textWelcome to the first episode of the Reckless Compliance podcast, brought to you by Ignyte, In this episode, Max gives a high-level overview of the different key compliance terminology that will be discussed on the podcast. He provides context, definitions, and use cases. Topics we discuss:Private Sector Defense Industrial BaseCloud Service ProvidersPublic Sector Divisions of software companiesFederal Agencies DoD/Armed ServicesIntelligence AgenciesMax Aulakh Bio:Max is the CEO of Ignyte Assurance Platform and a Data Security and Compliance leader delivering DoD-tested se...2024-01-0828 minRecklesss ComplianceWelcome to Reckless Compliance - Meet Your Host Max AulakhSend us a textWelcome to episode zero of the Reckless Compliance Podcast, brought to you by Ignyte Assurance Platform, where we discover the unintended consequences of compliance. I am your host, Max Aulakh.In this inaugural episode, we cover the following topics:Overview of topics that will be covered in the podcastOverview of the goals of the podcastMax’s promise to listeners and subscribersMax Aulakh Bio:Max is the CEO of Ignyte Assurance Platform and a Data Security and Compliance leader delivering DoD-tested security strategies and co...2024-01-0408 min
Emerging Cyber RiskAnthropics Responsible AI Scaling PolicyIn this episode of the Emerging Cyber Risk podcast, Joel and Max explore Anthropic's responsible AI scaling policy. They discuss the practicality and strategic nature of the framework, which aims to ensure the safety of AI models as they push the boundaries of capabilities. They highlight the commitments made by Anthropic and the public disclosure aspect, emphasizing the importance of responsible AI development.2023-12-1847 min
Emerging Cyber RiskJoel's Book Review (Secure Intelligent Machines)On this episode of the Emerging Cyber Risk podcast, we Joel's latest book, "Secure Intelligent Machines". The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. This podcast episode features Max Aulakh and Joel Yonts talk about Joel's book, which explores the security aspects of AI and how to build a cyber protection program for it. They highlight the lack of literature on this topic and e...2023-11-2735 min
Emerging Cyber RiskDeveloping an AI PolicyOn this episode of the Emerging Cyber Risk podcast, we cover the recent meeting that President Biden had with some of the top AI cybersecurity leaders in the industry. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss what an AI policy is, how do you know if your company needs an AI policy and what contents would go inside o...2023-11-1343 min
Emerging Cyber Risk2024 Annual Planning for AI EnablementOn this episode of the Emerging Cyber Risk podcast, we discuss the AI planning that is going into 2024 and how this may affect our business. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the upcoming year’s initiatives and what you, as a business leader, should be planning for concerning AI development. AI...2023-10-3032 min
Emerging Cyber RiskThe Intersection of AI and the Military: A Discussion with Taylor Johnston, Former Chief of Innovation for the U.S. Air ForceOn this episode of the Emerging Cyber Risk podcast, our guest is Taylor Johnston, Chief Operations Officer at the USF Institute of Applied Engineering and former Chief of Innovation for the United States Air Force. Join us as we investigate the integration of artificial intelligence and automation into the air force and the wider military. Tune in to discover the potential applications and use cases, as well as the already existing benefits; the current focus on autonomous systems; and the similarities between AI and the atomic bomb.The podcast is brought to you by...2023-10-1631 min
Emerging Cyber RiskThe Biden Administration Hands the Safety & Security of AI to Industry Leaders!On this episode of the Emerging Cyber Risk podcast, we cover the recent meeting that President Biden had with some of the top AI cybersecurity leaders in the industry. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the new initiative that President Biden has introduced concerning controlling OpenAI and the 3 pillars around w...2023-10-0235 min
Emerging Cyber RiskNavigating the Legal Challenges of Artificial Intelligence with Scott Koller of Baker & Hostetler LLPOn this episode of the Emerging Cyber Risk podcast, our guest is Scott Koller, a skilled privacy and data security attorney and Partner at Baker & Hostetler LLP. Join us as we navigate the legal challenges posed by artificial intelligence (AI), delving into the associated risks and possible future solutions. We further explore the ownership and copyright challenges that are currently facing the court systems and how these could trigger court reform. Tune in to discover how different Global Perspectives on AI regulations can help bridge the gap between the legal sector and the quickly developing technology sector. 2023-09-1838 min
Emerging Cyber RiskExploring the Adoption of AI in the Defense Industry with Ron Fehlen of L3Harris TechnologiesOn this episode of the Emerging Cyber Risk podcast, our guest is Ron Fehlen, VP and GM of USAF Programs and Broadband Communication Systems at L3Harris Technologies, the trusted disruptor for the global aerospace and defense industry. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the adoption of artificial intelligence, including both the negatives and the upsides. Discover t...2023-09-0435 min
Emerging Cyber RiskExploring the Intersection of Cyber Security and AI: Insights from Phil Harris of IDCOn this episode of the Emerging Cyber Risk podcast, our guest is Phil Harris, Research Director, Cyber Security Risk Management Services at IDC, the premier global marketing intelligence platform. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the fascinating intersection of cyber insurance and artificial intelligence (AI). Discover how the rise of ransomware attacks has influenced the cyber insurance landscape, resulting in...2023-08-2137 min
Emerging Cyber RiskTransparency and Collaboration: Driving AI Adoption in the Military and Government with Aaron McCray of the US NavyOn this episode of the Emerging Cyber Risk podcast, our guest is Aaron McCray, a twenty-six-year veteran of the U.S. Navy. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the challenges and potential of AI adoption in the US Navy. Aaron highlights the importance of collaboration between the military and commercial sectors and the need for validation and testing while adopting...2023-08-0744 min
Emerging Cyber RiskLeveraging AI for Risk Management: Insights from Laura Whitt Winyard, VP of Security and IT at HummingbirdOn this episode of the Emerging Cyber Risk podcast, our guest is Laura Whitt Winyard, VP of Security and IT at Hummingbird. The podcast is brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts. Join us as we discuss the future of AI and its role in risk management. We explore the responsible use of AI, the collaboration between teams, the validation of AI models, and the potential risks and benefits...2023-07-2430 min
Emerging Cyber RiskNavigating the Intersection of AI and Healthcare with Christopher RogersToday's guest is Christopher Rogers, COO at Carenet Health. In this episode, we discuss how healthcare companies and consumers should navigate the intersection of AI and healthcare. We cover multiple touchpoints, including AI's potential benefits and pitfalls in healthcare and the importance of using it responsibly. We also examine the need for collaboration and foresight in navigating the rapidly advancing field of AI2023-07-1047 min
Emerging Cyber RiskIncorporating AI in Risk Management: Challenges and Potential Benefits with Jeff Lowder, Co-Founder of The Society of Information Risk AnalystsToday's guest is Jeff Lowder, the Co-Founder and Past President of The Society of Information Risk Analysts, a society dedicated to continually improving the practice of information risk analysis. Our discussion today focuses on the emerging cyber risks and ethical concerns associated with AI in enterprise risk management, highlighting the challenges of managing risks, the need for interdisciplinary translation, and the importance of accurate language and calibrated estimations in risk management.2023-06-2641 min
Emerging Cyber RiskChallenges in Developing, Democratizing, and Adopting AI with Dr. Amit Shah, Founder and President of GNS-AI LLCToday's guest is Dr. Amit Shah, Founder and President of GNA-AI LLC, a data science/ML/AI consulting business specializing in building data-based decision support systems. Our discussion focuses on the challenges in developing and adopting AI solutions, unifying democratized models, and the challenge of developing FDA-compliant models for the healthcare industry. We also touch on the GDPR challenges while building AI models.2023-06-1238 min
Being BuiltEpisode 17 with Max Aulakh (CEO at Ignyte Assurance Platform)
Max Aulakh is a Data Security and Compliance leader delivering DoD-tested security strategies and compliance that safeguard mission-critical IT operations. Trained and excelled in The United States Air Force, Max maintained, and tested the InfoSec and ComSec functions of network hardware, software, and IT infrastructure for global unclassified and classified networks. He also provided short notice, rapid-response Security and Linguistics capabilities that were deployed to any part of the world. Max learned how to build strategic relationships working directly with Turkish, Afghani, and Iraqi Army units in the Middle East.
After leaving the USAF, he drove the Information Assurance...2023-06-0541 min
Emerging Cyber RiskManaging Cyber Security Challenges in the Retail Space with Ganjar Imansantosa, VP and CISO at Tropical Smoothie CafeToday's guest is Ganjar Imansantosa, VP and CISO at Tropical Smoothie Cafe, a nationally franchised quick-service restaurant.We discuss the challenges and solutions of implementing cybersecurity protocols in a shared risk environment between the brand and the franchisee. Ganjar covers multiple touchpoints, including managing cyber security in a shared risk environment, why the retail industry lags in adopting cybersecurity protocols, and maintaining customer data privacy at retail brands. He also covers the role played by legal teams in defining the cybersecurity strategy of an organization.2023-05-2939 min
Emerging Cyber RiskOpportunities and Challenges of AI in Cybersecurity with Phil Agcaoili, Entrepreneur and Former CISO at Elavon, Cox, and VeriSignOur guest today is Phil Agcaoili, who is a recent Entrepreneur and a former Chief Information Security Officer at Dell. Together, we discuss the impact of AI on cybersecurity, compliance, and the workforce. Phil shares valuable insights on aligning emerging risks with technological advancements with protection software. Phil is an expert in cybersecurity risk management and shares his experience and knowledge on the copilot system. This tool helps organizations quantitatively measure their cybersecurity risk. Don't miss out on this informative and engaging podcast!2023-05-1543 min
Emerging Cyber RiskEmerging Cyber Risks and Zero Trust with Paul Miller, Zero Trust Architecture Expert at Appian LogicOur guest today is Paul Miller, Zero Trust Architecture Expert at Appian Logic, a management consulting and IT security company. They unpack zero trust and ZTNA as a security shield, formulation of a national cybersecurity document, driving awareness and change at companies, and the legacy lag at companies that prevent the adoption of zero trust architecture.2023-05-0138 min
Emerging Cyber RiskThe Need to Bring Cybersecurity Front and Center in the Healthcare Industry with Bill Scandrett, Chief Information Security Officer at Allina HealthOur guest today is Bill Scandrett, Chief Information Security Officer at Allina Health. Our discussion pivots around the awareness and implementation of cybersecurity protocols in the healthcare industry. The discussion focuses on oversight of the FDA on medical devices, best practices in operationalizing GRC, managing third-party risk, and protecting healthcare data while innovating new technologies.2023-05-0120 min
Emerging Cyber RiskEpisode Zero - An Introduction to the Emerging Cyber Risk PodcastWelcome to the first episode of the Emerging Cyber Risk podcast, brought to you by Ignyte and Secure Robotics, where we share our expertise on cyber risk and AI to help you prepare for the risk management of emerging technologies. We are your hosts, Max Aulakh and Joel Yonts.2023-04-2512 min
Veteran On the MoveIgnyte Assurance Platform with Max AulakhThis week Joe is joined by Air Force Veteran Max Aulakh, the founder and CEO of Ignyte Assurance Platform. Max served in Security Forces, deploying to both Iraq and Afghanistan. He transitioned out of the military in 2009, during a difficult job market, and started working as a defense contractor. Max entered the world of cybersecurity and entrepreneurship. He discusses the importance of market validation, his journey for the American dream, and details about his latest company Ignyte Assurance Platform.
Check out more about Ignyte Assurance Platform here.
About Our Guest
Max Aulakh is the CEO and Founder of Ignyte Assurance Pla...2022-02-0734 min