Some conversations are worth hearing again—this episode is one of them.

Federal agencies are under pressure to innovate—while staying compliant.

As cyber threats evolve and AI becomes mission-critical, agencies are struggling with the growing tension between innovation and compliance. Frameworks like NIST’s Risk Management Framework (RMF) are essential—but increasingly criticized for slowing modern technology adoption.

One of the biggest pain points?
The Authority to Operate (ATO) process.

In this episode of Keeping IT Brief, Peter O’Donoghue, CTO of Tyto Athene, and Gaurav “GP” Pal, CEO of stackArmor, join the conversation to explore how agencies can modernize RMF implementation without throwing the framework away.

Together, they discuss:

• Why the ATO has become a bottleneck for federal IT and cloud programs
• How manual, outdated processes clash with modern DevSecOps practices
• The role of automation, ATO-as-code, and continuous compliance
• Practical ways agencies can accelerate innovation while maintaining security and trust

With decades of experience in cloud computing, cybersecurity, FedRAMP, FISMA RMF, DoD RMF, and CMMC, Peter and GP bring real-world insight into how government can move faster—without compromising mission or security.

If you work in federal IT, cybersecurity, cloud modernization, or compliance, this episode delivers clear, actionable perspective on what needs to change—and how to get there.

Keeping IT Brief with Mary Ann Brown features quick, insightful conversations with government and industry leaders on federal IT, cybersecurity, AI, and emerging technologies shaping the future of government operations.

Don’t miss an episode—follow the show on your favorite podcast app.
Explore all episodes and learn more: https://www.govforum.io/tags/podcasts