The Paramify Podcast

Today we're honored to host Tommy Hoschouer, who currently leads the global public sector efforts at DeleteMe. Tommy's rich history at companies like Sprinklr, Medallia, SAP, and Qualtrics has equipped him with a unique perspective on using technology to enhance public sector operations, leading to significant improvements in revenue and efficiency. Now at DeleteMe, he is dedicated to defending personal and professional information from increasingly sophisticated digital threats, such as identity theft and cyber attacks. His focus on strengthening data privacy and security is crucial in our digital era. We look forward to unpacking his valuable insights on how to protect digital identities and adapt to the evolving technological landscape in the public sector.
In today's episode Kenny, Keaton, and Tommy talk about everything from data privacy, the importance of protecting your data, to our favorite ice cream shakes.
Learn more about Tommy: https://www.linkedin.com/in/tommy-h-18484087/
Learn more about DeleteMe: https://joindeleteme.com/
Learn more about Paramify: https://www.paramify.com/

Today, we had the honor to have Brian Martinez, a leading expert in governance, risk, and compliance (GRC) with over two decades of experience at Michigan State University and the broader cybersecurity community. As the Governance, Risk, and Compliance Lead at MSU, Brian has spearheaded critical security projects and compliance frameworks, contributing significantly to the university's research and security posture. Beyond MSU, Brian enriches the cybersecurity field through his roles as Founder and President of BIDE Consulting and Director at #misec, alongside his volunteer work with (ISC)² in developing the CISSP certification exam. In this episode, we'll dive into Brian's extensive career, his approach to GRC in academia, and his insights into the future of cybersecurity. It's a pleasure to have Brian join us to share his valuable experience, expertise, and perspectives.
 
Brian's LinkedIn: https://www.linkedin.com/in/brianrmartinez/
 
Learn more about Paramify: https://www.paramify.com/

Today we had the honor to speak with Troy Fine, the Senior Advisor at Geels Norton,  where he's making significant strides in cybersecurity and compliance. With a rich history in the field, including key positions at Drata and Schneider Downs, Troy's credentials—boasting certifications like ISO 27001:2013 Lead Auditor and CISSP—speak volumes of his expertise. Beyond his professional acumen, Troy captures the cybersecurity community's attention with insightful, humorous memes on LinkedIn, making the dense world of GRC and IT audit accessible and engaging. His memes commonly refer to SOC 2 not being a certification.
In today's episode we talk about everything from SOC 2 not being a certification, Troy's legendary memes to Troy's history and how he started his career in Cybersecurity. 
 
Troy Fine's LinkedIn: https://www.linkedin.com/in/troyjfine/
Learn more Geels Norton: geelsnorton.com
Learn More about Paramify: paramify.com

Today we had the honor to talk to Beau Butaud, a visionary in the compliance and cybersecurity field and the co-founder of Render Compliance. With a background that includes leading roles in risk advisory and compliance management at Moss Adams, and significant contributions at BDO USA, LLP, and Peterson Sullivan LLP, Beau brings a wealth of expertise to the forefront of cybersecurity. His credentials, including AWS Security Fundamentals, CISA, and CPA certifications, underscore his deep commitment to the industry. Beau's innovative approach to SOC 2 assessments at Render Compliance is redefining standards, making security compliance both accessible and impactful for businesses striving to build trust in today's digital landscape. Learn more about Paramify: https://www.paramify.com/ Learn more about Beau Butaud: https://www.linkedin.com/in/beaubutaud/ Learn about Beau's approach: https://rendercompliance.com/approach/

Today we had the honor to talk to Jack Rumsey, the Head of GRC at Swimlane. With a rich background in IT security and audit, including roles at DaVita, Schellman, and KPMG, Jack is an expert in compliance standards like SOC II, ISO27001, GDPR, and FedRAMP. Holding a Bachelor's degree in Computer and Information Systems Security from Illinois State University.
In today's episode, we talk about everything from the difficulties of explaining a GRC career to someone outside of GRC, to building GRC tools in OSCAL.
Learn more about Paramify here: https://www.paramify.com/blog/accurate-fedramp-high-ssp-in-less-than-4-hours
Jack Rumsey's LinkedIn: https://www.linkedin.com/in/jack-rumsey-83303469/
The GRC Destroyer: https://grcdestroyer.substack.com/
Learn about Swimlane here: https://swimlane.com/cpg-swimlane-turbine/?utm_source=google&utm_medium=cpc&utm_campaign=17300073347&creative=691938325323&keyword=swimlane&matchtype=b&network=g&device=c&gad_source=1&gclid=CjwKCAiA6KWvBhAREiwAFPZM7qRRyeO8sghv0oF3G_HDQGIORB22_EHb64pCZJFTFI5L-4mIBwcj8hoC8goQAvD_BwE

Today, we're excited to welcome a true luminary in the field of cybersecurity, Fernando Machado. Not only is he the Managing Principal and CISO at Cybersec Investments, LLC, but Fernando is also a recognized Certified Third-Party Assessment Organization (C3PAO) leader. His extensive experience spans over two decades with key roles in companies like L3Harris Technologies and Raytheon. Fernando is the author of "CMMC Simplified," a pivotal resource for understanding the complexities of the Cybersecurity Maturity Model Certification.
In today's episode, Fernando tells us about his invaluable insights on cybersecurity's evolving landscape and the nuances of CMMC 2.0.
Fernando Machado's book CMMC Simplified: https://www.amazon.com/CMMC-Simplified-
Fernando-Machado/dp/1088207707 Fernando Machado's LinkedIn: https://www.linkedin.com/in/fernando-machado-cissp-cism-cca-ccp-5b5581124/
Learn more about Paramify here: https://www.paramify.com/

Today we had the honor to sit down with Brad Bartholomew, the Director of FedRAMP Compliance at Trellix, and a veteran in the cybersecurity field. With a rich history spanning Adobe to Palo Alto Networks, Brad brings invaluable insights into GRC, cloud security, and the evolving landscape of cybersecurity frameworks.
In this episode, we discuss everything from creating an ATO package in 3.5 hours to the challenges of FedRAMP and the origins of Paramify.
 
Learn more about Brad Bartholomew: https://www.linkedin.com/in/bradbartholomew7/
 
Learn more about Paramify: https://www.paramify.com/
 
 
 
 

Today we had the honor to sit down with Reade King, a seasoned professional whose dynamic career spans over 15 years, including roles in the Department of Defense, and the Utah Army National Guard, and is now involved in the fast-paced world of SaaS startups. Reade brings a unique blend of strategic relationship-building and resilience honed in high-pressure environments to his current role in Sales Development at Anonyome Labs, Inc.
In our conversation, we talk about everything from the "color of money" to fixing trucks. Perhaps the most interesting concept we discuss is the concept of the "Fatal Funnel" – a term that Reade learned throughout his military training. Reade masterfully draws parallels between this concept and his approach to sales, providing insights into how recognizing and navigating through the 'fatal funnels' in sales processes can lead to more successful outcomes.
Learn more about Reade King: 
Reade King's LinkedIn: https://www.linkedin.com/in/readeking/
Anonyome Labs: https://anonyome.com
 
Learn more about Paramify here: https://www.paramify.com/

Frank is a renowned expert in cybersecurity and Governance, Risk Management, and Compliance (GRC). As the Founder and CEO of GRC Knight, he has spearheaded the integration of advanced detection technologies with comprehensive security and privacy compliance consulting. His rich experience includes key roles at TrustCloud, Cognizant, and Schellman & Company. In Today's episode, we talk about everything from CMMC 2.0, to our love of pizza.
Learn more about Frank Kyazze here:
Frank Kyazze's LinkedIn: https://www.linkedin.com/in/grcknight/
GRC Knight's website: https://www.linkedin.com/company/grcknight/ GRC Knight's
CMMC white paper: https://44444846.fs1.hubspotusercontent-na1.net/hubfs/44444846/A%20CMMC%20Survival%20Guide%20for%20Companies.pdf
 
Learn more about Paramify here: https://www.paramify.com/

In today's episode, Kenny and Keaton talk with Josh Pugmire and Bryson Loughmiller. Both men are notable figures in cybersecurity, each boasting extensive careers marked by significant contributions to the field. Their expertise and experience have made them influential voices in cybersecurity circles.
Currently, they hold pivotal roles at Entrata, a leading technology company in the property management industry. Josh Pugmire serves as the Head of Compliance and Information Security, a role critical for ensuring that Entrata adheres to various cybersecurity standards and regulatory requirements. Josh is also a Board Member of SL|CISO a group that focuses on bringing the Utah InfoSec Community together and giving back to the next generation of Security Leadership and Practitioners.
In parallel Bryson Loughmiller occupies the position of Principal Platform Security Engineer, where he plays a key role in safeguarding Entrata's technology platforms against potential cybersecurity threats. Together, their work at Entrata exemplifies their commitment to maintaining robust cybersecurity frameworks and protecting sensitive information in a digitalized world.
Entrata's website: https://loom.ly/ZhLecww
 
Learn more about Paramify here: https://www.paramify.com/
SL|CISO's website: http://www.slciso.org
Josh Pugmire's LinkedIn: https://loom.ly/JcNW4VI
Bryson Loughmiller's LinkedIn: https://loom.ly/nBCdypc