Hyperproof
Drafting Compliance
To lighten the dark corners of compliance, hosts Kayne and Tom as share with you Hyperproof's journey to becoming FedRAMP moderate, an overall roadmap to achieve FedRAMP compliance in a year, and the tips and tricks they learn along the way. As if compliance isn't fun enough, the hosts also try out a new beer each episode and rate it on a scale from 1-10.
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
3PAO Accreditation Loss with CISO Joe Evangelisto 21.09.2023 27:50
Kayne and Tom talk with Joe Evangelisto from Tango Analytics about an interesting and stressful scenario where his 3PAO lost its accreditation. Of course, Kayne tackles yet another beer that elicited a memorable response.
How to do Personnel Security for FedRAMP 07.09.2023 20:29
Kayne and Tom talk about personnel security, background checks, what FedRAMP requires for onboarding and terminating employees as well as a host of tips and tricks for meeting this control family. Of course, they also try a new beer and maybe, just maybe, agree on the score.
How to do Media Protection for FedRAMP 26.08.2023 17:08
Kayne and Tom talk about Media Protection while sipping a new pale ale. Learn the challenges of removable media, both digital and non-digital, along with a few tips and tricks for getting started with your Media Protection journey.
FedRAMP Costs with Guest Jacob Berry 17.08.2023 36:15
Kayne, Tom, and special guest Jacob Berry (Field CISO at Clumio) talk about the challenges in pursuing FedRAMP. Costs, hidden challenges and go-to market are rounded out with two drinkable, but not memorable, non-alchoholic beers. Listen for the knowledge, stay for the beer ratings.
FedRAMP Authorization with CISO Mark Houpt 27.07.2023 23:23
Kayne, Tom, and special guest CISO Mark Houpt talk about a GSA rules change that affected Mark’s prior FedRAMP certification, the consequences, and his ultimate solutions and lessons learned from the experience.
Identification and Authentication for FedRAMP 13.07.2023 24:29
Kayne and Tom talk about the domain under FedRAMP moderate, providing both an overview of the domain as well as specific examples of controls, and real-world scenarios for the use of those controls. They also come close to agreeing about “Color Cloud Pink”, a Berliner Weisse with “Pink Guava, Dragon Fruit, and Passion Fruit” by Equilibrium Brewery of Middletown, New York.
How to do Contingency Planning for FedRAMP 29.06.2023 20:02
Kayne and Tom talk about the Contingency Planning domain under FedRAMP moderate, comparing it against the best practice of Business Continuity Planning, and providing specific guidance for key elements of a successful contingency plan. They also find what amounts to near common ground on this episodes beer tasting, Laughing Lab Scottish Ale.
What about the Maintenance Domain Under FedRAMP? 15.06.2023 16:37
Kayne and Tom talk about the Maintenance domain under FedRAMP moderate, including how it is related to the Configuration Management domain. They also nearly agree on Rogue’s Hazelnut Brown Nectar, although Kayne still likens it to old hotel coffee while Tom will drink a free one.
How to do a FedRAMP Security Assessment and Authorization 01.06.2023 19:40
Kayne and Tom talk about the requirements of continuous compliance under the Security Assessment and Authorization family of controls, including key considerations for continuous monitoring and reauthorization. During the episode, they explore yet another fruit-forward beer, Deschutes’ Farmstand Fresh Mango IPA.
FedRAMP Supply Chain Challenges 18.05.2023 14:56
Kayne and Tom talk about recent challenges caused by two vendors in our software supply chain not achieving FedRAMP Moderate in 2023. While discussing their path forward, they sample the New Belgium Voodoo Ranger Juice Force IPA.
How to do Configuration Management in FedRAMP 05.05.2023 15:26
Kayne and Tom talk about the major pillars of Configuration Management. While digging into inventory management, baseline configurations, configuration drift, and risk, they tackle Bell’s Two Hearted American IPA.
Physical and Environmental Protection under FedRAMP 20.04.2023 13:40
Kayne and Tom uncover the different approach to the Physical and Environmental controls, with a discussion of all-cloud, on prem and hybrid scenarios. Of course, they tackle a new beer as well, maybe Kayne will like this one, and maybe Tom will not… I think you already know!
Security Awareness Training Deserves a Good Beer! 06.04.2023 20:08
Kayne and Tom talk about the joys of security awareness training, managing training, and the different types of security and privacy training you should consider, and as always, beer. This episode’s beer is Sierra Nevada Hazy Little Thing IPA.
FedRAMP and Beer: April First Special 01.04.2023 5:10
Kayne and Tom tackle the interesting nuances of both beer and FedRAMP. Does a beer consumed by CISOs need to also be FedRAMP compliant? Come find out.
What Is the FedRAMP Incident Response Control Family? 23.03.2023 17:11
In this episode, Kayne and Tom talk about the nuances of the Incident Response family of FedRAMP controls, some of the required documentation, testing, and beer. This episode’s beer is Woods Boss Brewing Company’s Pulaski Pecan Brown Ale.
The FedRAMP Access Control Family 09.03.2023 21:11
Kayne and Tom discuss FedRAMP's access control family, language that must be in the access control policy, wireless access control for SaaS companies, and how to prevent creating a paper tiger. Includes beer tasting notes for Epic Brewery's Hopulent.
How to do a FedRAMP Gap Analysis 23.02.2023 18:14
Kayne and Tom dive into where to begin in your FedRAMP gap analysis. They discuss the efficiencies that Hyperproof found in order to save time, and suggest other approaches. Includes beer tasting notes for Oliphant's Super Squishy.
How to Define the FedRAMP Authorization Boundary 09.02.2023 18:32
Hosts Kayne and Tom talk about how to create the Authorization Boundary, a cornerstone of the System Security Plan (SSP) as part of FedRAMP certification. Includes beer tasting notes for Black Butte Porter.
What IS FedRAMP? 25.01.2023 17:42
Join Hyperproof hosts Kayne McGladrey, CISSP, Field CISO, and Thomas Wilcox, CISSP, Sr. Director of Security and Compliance, as they discuss the intent and overall roadmap to achieve FedRAMP compliance in a year. Includes beer tasting notes for Anchor Steam.
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.