Ep. 332 Why Compliance Alone Won’t Protect Federal Agencies
In this episode of the Federal Tech Podcast, Robert Salvia of Fortress Information Security explains why agencies must move beyond a compliance mindset and adopt continuous risk management. One key insight stands out: "It's not what you find, it's what you fix," showing that mission impact should guide vulnerability priorities rather than compliance boxes. One insightful observation Salvia makes concerns observability. Many companies pride themselves on being able to see network details, including potentially unknown vulnerabilities. Salvia says the ability to find is important, but the ability to fix that problem is more valuable. He suggests that AI can assist in that endeavor, but it is a force multiplier, not an answer to everything. His main theme is to move from compliance to continuous risk management. Salvia explores the complexities of supply chain risk management (SCRM), emphasizing the need for comprehensive, enterprise-level solutions that address both hardware and software vulnerabilities. Salvia highlights the importance of collaboration, continuous monitoring, and adapting to new threats and regulations. He also discusses the role of AI, such as Mythos, in increasing the scale of vulnerability detection and the necessity of integrating AI with human expertise for effective risk management and remediation.

The Frank Zappa Interview That Still Feels Dangerous Today (1984)

Ep 331 Autonomous AI and Observability in Federal IT

Violence Expert: Real Self-Defense Is TERRIFYING

I Hacked This Temu Router. What I Found Should Be Illegal.

THESE Apps Are SPYING on You — Shut Them Off NOW!

Top 20 Most Quotable Monty Python Moments

The Uncomfortable Truth About AI “Reasoning” | World Science Festival

I Investigated The World's Skinniest vs Fattest City

BREAKING NEWS: COVID-19 Whistleblower Testifies Publicly Before Rand Paul-Led Senate Committee

This Is What 500 Days of Trump's Corruption Looks Like

This is not the AI we were promised | The Royal Society

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

The $4 Amish Fix for a Deadly Hot House (Save $3000 This Summer)

Ep. 329 How Federal Agencies Can Unlock Hidden Workforce Skills

We Asked a CIA Officer 24 Tough Questions | Honesty Box

How Nuclear-Powered Submarines Actually Work | Authorized Account | Insider

Edward Snowden Reveals How They Spy on You

Meet the Former CIA Agent Who Wants to Abolish the CIA

