Paramify
The Paramify Podcast
The Paramify Podcast is a practical, occasionally chaotic show about GRC, risk management, and staying audit-ready without losing your mind. It’s part talking security strategy, and part group therapy. We talk with cybersecurity and GRC leaders, including CISOs, auditors, founders, and security engineers, about FedRAMP and FedRAMP 20x, SOC 2, CMMC, NIST RMF, the shift toward continuous evidence, and everything in between. Learn about what we do at P aramify here: www.paramify.com
Where to listen?
Podcasts in the app Replaio Radio Coming soonPodcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts
Episodes
#35 - Risk Management Explained Through Star Wars 06.01.2025 28:37
We’ve heard you. We all want to know just how much it cost The Empire when the first Death Star was blown to oblivion by a young boy from Tatooine? How could the Empire let this happen? Kenny Scott and Mike Schreiner dive deep into risk management and cybersecurity—all through the lens of Star Wars. Kenny uses Star Wars analogies to break down key concepts like: • 𝗔𝘀𝘀𝗲𝘁𝘀 (Death Stars) • 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗶...
#34 - Discussing CMMC with Tony Bai from RISCPoint 09.12.2024 47:15
Today we’re talking to Tony Bai. He’s got 25 years of experience in cyber defense and operations, Tony Bai serves as the Chief Solutions Officer at RISCPoint. A United States Air Force veteran and lots of leadership experience at leading consulting organizations. Tony specializes in FedRAMP, CMMC and other NIST frameworks and is a leading voice on their latest developments that seem to be pretty i...
#33 - Discussing Cybersecurity with Mandy Andress CISO at Elastic 25.11.2024 41:59
We're talking with Mandy Andress, Chief Information Security Officer (CISO) at Elastic. Mandy is making a huge impact in the security industry as the author of Surviving Security: How to Integrate People, Process, and Technology, a Top 100 CISO (C100) Award recipient, and a LinkedIn Top Voice. Her leadership goes well beyond her role as CISO – she's also a trusted advisor to many organizations, a...
#32 - Discussing FedRAMP with Michael Carter 06.09.2024 54:07
Today, we’re honored to have Michael Carter on the show! Michael is the Managing Partner and Co-founder of Fortreum. Michael brings over two decades of expertise in cybersecurity and compliance, specializing in FedRAMP, FISMA, PCI, and more. He has held key leadership roles at Coalfire and Veris Group, shaping compliance strategies for top organizations across both government and commercial sector...
#31 - Discussing OSCAL and Cybersecurity with Alexander Stein 23.08.2024 1:00:53
Today, we're honored to have Alexander Stein on the show. Alexander has a host of experience in Cybersecurity. He has worked as an IT Cybersecurity Specialist at the National Institute of Standards and Technology (NIST). With over two years at NIST focusing on Information Technology and Vulnerability Management, Alex has also held key roles at Flexion Inc. as a Security Practice Lead and Applicati...
#30 - Discussing Government Affairs & Compliance with Michael Clauser 09.08.2024 45:23
Today, we're honored to have Michael Clauser, on the show. Mike is the Founder & Managing Director of Ark where he helps tech and defense companies navigate government relations. He is a seasoned professional in government affairs, cybersecurity, and national security. Michael has led pivotal roles at Okta, Access Partnership, Analog Devices, and Fujitsu Limited, and served as a national secur...
#29 - Discussing GRC Automation with Matt Hillary 26.07.2024 51:47
Today we're honored to have Matt Hillary on the podcast. Matt is the Vice President of Security and Chief Information Security Officer at Drata. He is a seasoned cybersecurity leader with 15 years of experience and a passion for enabling innovation. Learn more about Matt Hillary: LinkedIn: https://www.linkedin.com/in/matthewhillary/ Matt Hillary's Forbes Article: https://www.forbes.com/sites/forb...
#28 - Discussing Cloud Security and GRC with Eric Evans 12.07.2024 1:02:07
Today we're honored to have Eric Evans on the show! Eric is the Founder and CTO of HanaByte, he is a cloud security and compliance expert. He has led security initiatives for startups to Fortune 10 companies and is a renowned public speaker on cloud security and compliance automation. Learn more about Hanabyte: https://www.hanabyte.com/ https://www.linkedin.com/company/hanabyte/posts/?feedView=all...
#27 - Discussing Cybersecurity and Compliance with Den Jones 28.06.2024 48:13
Today, we're honored to be joined by Den Jones, Founder and CEO of 909Cyber and a veteran in cybersecurity. With a robust career that includes roles as Chief Security Officer at SonicWall, CSO at Banyan Security and Senior Director of Enterprise Security at Cisco, Den brings a wealth of experience to the table. He's a Stanford alumnus with a focus on Cyber Security and Executive Strategy, holds a...
#26 - Exploring OSCAL and GRC with Rob Sherwood 14.06.2024 1:00:18
Today, we’re honored to have Rob Sherwood on the podcast. Rob is a seasoned cybersecurity professional with extensive experience in policy management, PKI architecture, and identity management. With over two decades in the field, Rob has left a lasting impact through his dedication to standards development, including his significant contributions to the Open Security Controls Assessment Language (...
#25 - Exploring GRC & FedRAMP with Matthew Graham 31.05.2024 46:03
Today we had the honor to talk with Matthew Graham, the Director of US Federal Practice at Prescient Security. Matthew is a seasoned cybersecurity expert whose extensive career has spanned technical and strategic leadership roles. With a rich background that includes high-level certifications such as CISSP, CASP+, and CCNA, Matthew brings a wealth of knowledge on FedRAMP & cybersecurity practi...
#24 - Discussing GRC & OSCAL with Brandt Keller 17.05.2024 47:59
Today we had honor to talk with Brandt Keller, a distinguished software engineer and open source developer advocate with a comprehensive background that spans significant achievements in both the military and technology sectors. A veteran of the U.S. Marine Corps, Brandt has transitioned his disciplined and strategic approach from the field of communications within the military to the forefront of...
#23 - Discussing Data Privacy with Tommy Hoschouer 03.05.2024 41:44
Today we're honored to host Tommy Hoschouer, who currently leads the global public sector efforts at DeleteMe. Tommy's rich history at companies like Sprinklr, Medallia, SAP, and Qualtrics has equipped him with a unique perspective on using technology to enhance public sector operations, leading to significant improvements in revenue and efficiency. Now at DeleteMe, he is dedicated to defending pe...
#22 - A Journey from Journalism to GRC with Brian Martinez 19.04.2024 45:59
Today, we had the honor to have Brian Martinez, a leading expert in governance, risk, and compliance (GRC) with over two decades of experience at Michigan State University and the broader cybersecurity community. As the Governance, Risk, and Compliance Lead at MSU, Brian has spearheaded critical security projects and compliance frameworks, contributing significantly to the university's research an...
#21 - Discussing Cybersecurity & GRC with Troy Fine 05.04.2024 54:39
Today we had the honor to speak with Troy Fine, the Senior Advisor at Geels Norton, where he's making significant strides in cybersecurity and compliance. With a rich history in the field, including key positions at Drata and Schneider Downs, Troy's credentials—boasting certifications like ISO 27001:2013 Lead Auditor and CISSP—speak volumes of his expertise. Beyond his professional acumen, Troy c...
#20 - Discussing GRC and Infosec with Beau Butaud 22.03.2024 56:06
Today we had the honor to talk to Beau Butaud, a visionary in the compliance and cybersecurity field and the co-founder of Render Compliance. With a background that includes leading roles in risk advisory and compliance management at Moss Adams, and significant contributions at BDO USA, LLP, and Peterson Sullivan LLP, Beau brings a wealth of expertise to the forefront of cybersecurity. His credent...
#19 - Discussing GRC and IT Audit with Jack Rumsey 08.03.2024 1:01:20
Today we had the honor to talk to Jack Rumsey, the Head of GRC at Swimlane. With a rich background in IT security and audit, including roles at DaVita, Schellman, and KPMG, Jack is an expert in compliance standards like SOC II, ISO27001, GDPR, and FedRAMP. Holding a Bachelor's degree in Computer and Information Systems Security from Illinois State University. In today's episode, we talk about ever...
#18 - Discussing CMMC & Cybersecurity with Fernando Machado 23.02.2024 29:03
Today, we're excited to welcome a true luminary in the field of cybersecurity, Fernando Machado. Not only is he the Managing Principal and CISO at Cybersec Investments, LLC, but Fernando is also a recognized Certified Third-Party Assessment Organization (C3PAO) leader. His extensive experience spans over two decades with key roles in companies like L3Harris Technologies and Raytheon. Fernando is t...
#17 - Discussing FedRAMP and The Origin of Paramify with Brad Bartholomew 09.02.2024 49:39
Today we had the honor to sit down with Brad Bartholomew , the Director of FedRAMP Compliance at Trellix, and a veteran in the cybersecurity field. With a rich history spanning Adobe to Palo Alto Networks, Brad brings invaluable insights into GRC, cloud security, and the evolving landscape of cybersecurity frameworks. In this episode, we discuss everything from creating an ATO package in 3.5 hours...
#16 - Exploring The Fatal Funnel of Sales with Reade King 26.01.2024 52:38
Today we had the honor to sit down with Reade King, a seasoned professional whose dynamic career spans over 15 years, including roles in the Department of Defense, and the Utah Army National Guard, and is now involved in the fast-paced world of SaaS startups. Reade brings a unique blend of strategic relationship-building and resilience honed in high-pressure environments to his current role in Sal...
#15 - Discussing Cybersecurity with Frank Kyazze 12.01.2024 58:58
Frank is a renowned expert in cybersecurity and Governance, Risk Management, and Compliance (GRC). As the Founder and CEO of GRC Knight, he has spearheaded the integration of advanced detection technologies with comprehensive security and privacy compliance consulting. His rich experience includes key roles at TrustCloud, Cognizant, and Schellman & Company. In Today's episode, we talk about ev...
#14 - Discussing Cybersecurity with Josh Pugmire and Bryson Loughmiller 29.12.2023 44:21
In today's episode, Kenny and Keaton talk with Josh Pugmire and Bryson Loughmiller. Both men are notable figures in cybersecurity, each boasting extensive careers marked by significant contributions to the field. Their expertise and experience have made them influential voices in cybersecurity circles. Currently, they hold pivotal roles at Entrata, a leading technology company in the property mana...
#13 - Discussing The Future of AI and Recruiting with Neal Schmidt 15.12.2023 1:08:40
In today's episode, we talk with Neal Schmidt, the Founder of ScreenDoor.ai , about everything from our favorite concerts to where we think the future of AI and recruiting is going. Neal Schmidt’s LinkedIn https://www.linkedin.com/in/nealschmidt/overlay/about-this-profile/ Neal’s business: https://screendoor.ai/ Learn more about Paramify here: https://www.paramify.com/
#12 - Discussing Mentorship and Cybersecurity with Blake Entrekin 01.12.2023 55:17
Blake Entrekin is an experienced Security Compliance leader with a notable 21-year tenure in the Security and Technology field, complemented by a decade of expertise as a people manager. He is currently the Director of Security Compliance at HackerOne. In this episode, we discuss FedRAMP, compliance, cybersecurity, and the importance of having a mentor. Learn more about Blake Entrekin: https://www...
#11 - Discussing Cybersecurity with Bryce Kunz 17.11.2023 1:14:54
Bryce Kunz is a prominent Information Security Researcher and the Chief Security Officer (CSO) at UltraViolet Cyber. Renowned for his expertise in exploiting cloud environments, Bryce has a keen focus on critical systems like containers, orchestration systems, and web applications. His rich professional background spans across key agencies such as the NSA, DoD, DHS, and CBP, and extends into the t...
Similar podcasts
Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.