The first M in the CMMC assessment framework stands for maturity, and that's exactly what is needed...
EP 21 — AWS’s Travis Goldbach on Future Trends in Cloud Security and Zero Trust
On this week's episode of the DIB Innovators podcast, David speaks with Travis Goldbach, Global Head of CMMC Go-To-Market at Amazon Web Services (AWS). Travis is an expert in DFARS, NIST, and CMMC compliance and uses his knowledge to dive into the challenges small and medium-sized businesses face in navigating complex defense compliance requirements and offers practical advice on how to meet these standards.
Travis highlights the critical importance of robust cybersecurity measures for reducing exposure to threats. Additionally, he discusses exciting future trends in cloud security, including zero trust strategies and advancements in artificial intelligence and machine learning.
Topics discussed:
- How small and medium-sized businesses can understand and meet DFARS, NIST, and CMMC compliance requirements in the defense sector.
- How AWS supports businesses in achieving and maintaining compliance with stringent defense industry standards.
- The importance of educating businesses on specific compliance requirements and providing resources for better understanding and implementation.
- Insights into the need for robust cybersecurity measures to protect against nation-state-level threats and secure controlled unclassified information.
- Adopting a risk management approach tailored to each organization's needs for protecting sensitive data.
- Strategies for strengthening supply chain security to reduce vulnerabilities and enhance overall defense readiness.
- Exploration of upcoming trends in cloud security, including the adoption of zero trust strategies and their impact on the defense sector.
- How advancements in AI and ML are shaping the future of cybersecurity in the defense industry.
- The role of independent assessments, such as those by C3PAOs, in verifying compliance with all required standards.
- Importance of leveraging partnerships to enhance compliance efforts and cybersecurity measures, ensuring a more secure defense industrial base.
Guest Quotes:
“I was at a event not too long ago, and I was still hearing about the defense industrial base waiting to move on some of these requirements. And that was just shocking to me. Maybe it's because they weren't educated enough to really understand the requirements. So this is me just trying to help the defense industrial base, showcasing what AWS can do, no cost. I want you to be as successful as possible, because ultimately it's our children's future that's at hand, and we want to be sure that we're protecting not just them, but our warfighters.”
“It's essential for the defense industrial base, especially the ones that are going to be seeking to do business with the DoD. It's not just the regulatory requirements that they have, but it's also the strategic investment in cybersecurity that can really protect your sensitive information and the DoD’s sensitive information. It will preserve that trust and it will honestly unlock some new opportunities for growth and success within your organization.”
“If organizations can't, you know, do these things on their own or have the right resources, there's a ton of resources that are out there. There's managed security service providers like RADICL that could ultimately help out from a CMMC perspective. There's plenty of consultants out there that will help you go down the road and understand the requirements and making sure that you're starting to build the proper processes to achieve a great cybersecurity program.”
“So the real question as business leaders that we should be asking ourselves is how can we leverage both cybersecurity and compliance to reduce that exposure? So we're working with defense, industrial based customers and partners of all sizes around those programs and how they mesh together.”
Get in touch with Travis Goldbach:
Get in touch with your host, David Graff:
Listen to more episodes:
