Federal Tech Podcast: for innovators, entrepreneurs, and CEOs who want to increase reach and improve brand awareness

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We are at the point where AI is almost expected in any technology offering. Today, we sat down with John Kindervag from Illumio to learn how AI can be applied to the world of federal Zero Trust. Some have characterized today's current cybersecurity situation as an arms race; some call it a whack-a-mole game. An innovative technology, such as AI, becomes popularized, and adversaries use it to improve attacks. As a result, the defenders of data must bolster their response, and they, in turn, use AI to defend. He highlights the importance of visibility, using AI to quickly parse logs, and the concept of dwell time, in which attackers can remain undetected for extended periods. To protect valuable data, Kindervag distinguishes between the attack surface and the defense surface. Although a malicious actor can instigate AI-driven attacks across any surface, sensitive information can be protected by thorough segmentation of the protected surface. During the interview, Kindervag provides tactics to manage legacy technology, fragmented data, and the critical topic of risk-averse culture.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It is rare to see AI applied to federal cybersecurity mandates. However, today, we will sit down with Louis Echenbaum from Color Tokens. He will unpack the concept of using AI to help federal leaders improve their ability to implement microsegmentation. We all know about Executive Order 14028 and the OMNB Memo M-22-09, which are forcing federal agencies to deploy a robust Zero Trust framework. The key components include identity and access management, asset management, continuous monitoring, and micro segmentation. During the interview, Louis Echenbaum expands on current challenges like legacy systems and visibility. For example, what happens once a malicious actor breaches a federal system? Some call this east-west traffic. The general response is to prioritize and segment data so the intruder is denied access. This concept looks good on paper, but in the real world, leaders encounter some issues. First, how can they know exactly what is on their network? This is perplexing in environments where endpoints are in areas that cannot be upgraded. Further, the move to a hybrid cloud offers varying levels of data segmentation. One system administrator may be competent with a specific cloud service provider but does not know all the details of another company. This skills gap can lead to coverage gaps and opportunities for attack. The solution Echenbaum suggests is to leverage AI to improve visibility and give leaders ways to prioritize datasets into appropriate microsegments.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In the world of federal technology we are being deluged with so much information about Artificial Intelligence that we may not see what some of other technologies that may have as great an impact as AI. The White House, the OMB (M-23-02), the Office of the National Cyber Director have made it clear that the time to prepare for post-quantum cryptography is now. Agencies are required to inventory cryptographic systems, prioritize high-value assets, and build migration plans in line with NIST standards. Today, we sit down with Eric Hay from Quantum Xchange to look at making this transition. During the interview, Hay handles issues like technology, operations and appropriate strategy. He highlights the role of NIST in developing and approving new algorithms like NIST PQC Post Quantum Encryption, ML, and CHEM. Eric explains the five-step process for transitioning to these new standards: discovery, prioritization, deployment, monitoring, and management. Rather than spending time evaluating algorithms, Eric Hay stresses the importance of a network-centric approach, suggesting that agencies focus on securing data transport first. Eric predicts Q day, when current encryption methods could be compromised, within 3-5 years, with some European partners aiming for 2029.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com John Kindervag began the concept of Zero Trust; he probably did not realize the impact it would have on the technological community. Today, we look at the federal government and Zero Trust implementation from 40,000 feet. Kindervag will opine on topics such as browser security, the importance of data, and operational technology. Instead of using his technical knowledge as a cudgel, Kindervag reinforces the importance of a balanced approach in which federal leaders consider both technological and behavioral aspects of implementing Zero Trust. People with a basic understanding of Zero Trust can disregard the importance of data; he calls it the 'protect surface'. This involves identifying and securing the smallest space within the network, as well as the entire network itself. One missing link in the move to Zero Trust is Operational Technology. When looking at the Department of War, it has assets deployed all over the world. They have thousands of sensors that may or may not be part of a network. Kindervag suggests that when you have a protected surface that is a critical asset, which means it can be included in data sets. The interview ended with comments regarding the challenges of implementing zero trust, particularly the need for strong leadership and the potential of AI to enhance cybersecurity measures, while acknowledging the complexities of data classification and the evolving threat landscape. Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com A quick review of malicious activity shows large-scale cyberattacks being run without any human intervention. That means traditional penetration testing, which occurs once a year, can be easily defeated by massive, systematic attacks. During the interview with Snehal Antani, CEO of Horizon Three, he highlights the importance of continuous autonomous penetration. He suggests that it may be the only response to a non-human automated attack. Horizon3 has recently collaborated with the NSA's Cybersecurity Collaboration Center to develop the Continuous Autonomous Penetration program. He details identifying critical vulnerabilities not only in federal systems, but also in the Defense Industrial Base.] Today's cyber threat landscape is rapidly evolving, with artificial intelligence fueling a new wave of increasingly sophisticated attacks. Malicious actors now leverage AI to automate and scale their operations, resulting in large-scale, highly coordinated cyberattacks requiring little to no human oversight. This surge in automation on the offensive side has exposed a significant gap in the traditional cybersecurity strategies of federal agencies, which still largely rely on manual or scheduled defense mechanisms such as annual penetration testing. These legacy approaches are woefully inadequate against relentless, continuously evolving threats executed by automated tools that probe for weaknesses around the clock. Federal leaders, traditionally cautious about deploying automated systems for cybersecurity, now face a crucial crossroads. The old paradigm—where automation in cyber defense was seen as risky—must be reconsidered in light of real-world evidence that manual processes cannot keep pace with automated adversaries. In a recent interview, Snehal Antani, CEO of Horizon3, emphasized the critical need for continuous, autonomous penetration testing. He argued that just as attackers use automation to identify and exploit vulnerabilities at scale, defenders must employ similar automation to uncover and remediate those weaknesses swiftly and continuously. To advance this approach, Horizon3 has partnered with the NSA's Cybersecurity Collaboration Center, launching the Continuous Autonomous Penetration program. This initiative aims to proactively identify critical vulnerabilities not just in federal government networks, but also across the Defense Industrial Base. By integrating automated, persistent penetration testing into daily operations, federal agencies can better defend against the nonstop, AI-driven threats now targeting every aspect of their infrastructure.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The good news is that federal security measures are preventing successful attacks; the bad news is that adversaries are examining every nook and cranny of a federal system and increasingly targeting the browser itself as an attack vector. During the interview, Scott "Monty" Montgomery gives a quick overview of Enterprise Browsers and Secure Enterprise Browsers. After all, browsers have been around since 1994. It may be the only application ubiquitous on home-based machines and in enterprise systems. They were not designed for security; they were intended to open the internet to the World Wide Web, full of images, links, and audio. Malicious actors did not have to focus on an app with limited use; by targeting a browser, they have almost unlimited targets to attack. Montgomery mentions the increase in browser-based attacks. In fact, they increased by 198% in the second half of 2023. Scott explains that phishing persists because people are curious or fearful, leading them to click on malicious links. A Secure Enterprise Browser can help prevent many common phishing exploits. Additionally, an SEB can support policies and controls. This means that an SEB fits completely with any current Zero Trust initiatives across all agencies. Beyond that, SEBs can be configured to manage legacy systems and even operate in low-bandwidth environments.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Every federal agency prepares a backup strategy to protect data. This is a rigorous endeavor in which teams practice what to do in the event of a breach or system failure. However, nobody really has a plan for a temporary federal shutdown. Any political pundit worth his salt knows there will be another federal shutdown sometime in the future. It is reasonable to consider automation to see how it can be used to bridge services during a temporary shutdown. David Grundy is the Public Sector CTO for Tines. He has decades of experience in and outside the federal government. He highlights the challenges of human-centered workflows. For example, just because the staff is reduced does not mean attackers will take the day off. Adversaries work 365 days a year and are immune to political infighting. Based on David Grundy's experience, an agency should start with visibility to know which workflows exist. From there, document processing can be detailed, enabling scaling. During the interview, Grundy shares his experience in a federal agency that had to make digital transitions while complying with federal regulations. He is optimistic that operational resilience can be achieved through initiative-taking by all federal agencies.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In a recent report from Microsoft, they share that foreign adversaries are increasing attacks on American infrastructure. One variation is that they will not penetrate systems and attack, but they will steal credentials and install code to act in stealth mode. This code can hide for years and be deployed when the antagonist wants. Today, we sat down with Travis Roseik from Rubrik to try to find some options for defending against this hidden attack. Let us say an agency has improved its resistance to foreign attacks. This is satisfactory progress, but what happens in a situation where the malicious code was planted prior to the increased defense. Further, during the interview, Roseik states that companies may be able to leverage AI to improve defense, nation states will be using that same AI to improve attack methods. If malicious code is within the walls of an organization, whether by AI or user error, Roseik makes the point that a defensive posture may not be enough in today's sophisticated world of attack. He recommends moving from a defensive approach to an initiative-taking threat hunting strategy. Even if Zero Trust and threat hunting fail, the best response is to have immutable backups. For example, if a breach occurs and the system recovers quickly, then the attackers will go after more vulnerable targets. The conversation underscores the urgency for organizations to adapt and innovate to counteract these threats.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government recognizes that threats are multiplying at an exponential level. In fact, in October 2025, CISA released a free vulnerability scanner, and 10,000 organizations have signed up. Today, CISA is at its current capacity. Today, we examine solutions from a successful startup called CrunchAtlas. One of the co-founders, Ben Fabrelle, will share with the audience his experience in threat hunting in the federal government and why he combined with another veteran to form a company that can assist in threat intelligence, data analysis, and automation. During the interview, Fabrelle says that CrunchAtlas likes to attack "wicked" complex problems. One of the most complicated problems the federal government has is identifying threats in a world where the DoD is being attacked by malicious actors every day. Fabrelle suggests that the solution is a persistent cyber-hunt platform. It can search for threats in a wide range of environments. This means it can be deployed on-prem, in the cloud, or in an air-gapped environment. The founders view that a platform approach is the best way to scale against these adversaries. One of the key differentiators for CrunchAtlas is its ability to operate in the cloud, on-prem, and even in an air-gapped environment. In fact, their offering's code stack, from design, operates in an air-gapped environment. Automation in this kind of environment will allow for a reduction in false positives, which will, in turn, reduce fatigue and decrease the need for human threat hunters.

Ep. 281 How Zero Trust Automation Helps Federal Agencies do More with Less Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com As this interview was recorded, the federal government was in the middle of a shutdown. Hundreds of pundits have given interviews about the politics of the situation; very few have looked at the impact on cybersecurity during a phase of workforce reduction. Today, we sat down with Gary Barlet, the Public Sector CTO at Illumio, to see whether Zero Trust can help the federal government bridge this short personnel gap. Barlet begins by giving an overview of Zero Trust and automation. Rather than having human beings vet entry into federal systems, the concept is to use an automated process that reviews credentials and decides on permission. Barlet emphasizes the importance of Zero Trust in automating security tasks and maintaining operational resilience, especially with reduced staff. He continues to mention several other benefits of Zero Trust in a federal environment. Compliance: A well-thought-out Zero Trust architecture will enable managers to collect data to demonstrate policy enforcement. Legacy: One can effectively take existing systems and "ring fence" them off. This approach creates hundreds and hundreds of rings of defense. Design: During the interview, Gary recommends that you have a handle on the real traffic to reduce complexity. That way, when policies change, the rules can adapt to the environment. Maturity Level: Although CISA has a maturity level for Zero Trust. Barlet distills down some of the requirements for which efforts can be applied to sensitive systems. He suggests focusing on security, not necessarily on a grade. Additionally, he addresses the challenges of managing complex, hybrid environments and the emergence of shadow AI models, stressing the need for robust policies and controls.