Podcast appearances and mentions of John Gilroy

The word "deplorable" signals something shockingly bad. Often used for the truly awful or dreadful, Todd Harbour, with decades of federal data experience, applies it specifically to data quality. That may be an overstatement, but the description certainly makes the point that today AI is based on fragmented, incomplete data sets. The bright, shiny thing called AI is so much in focus that federal leaders may not pause to ask what data is being used to train today's models. During the interview, Harbour acknowledges that nobody is seeking perfection here. He has coined the term "mission-ready" to describe the kind of data that should be used for decision-making in the federal government. This would indicate a serious attempt to include siloed and poorly structured data. In a fascinating digression, he refers to MIT's Project Iceberg. This initiative suggests that AI is only the "tip of the iceberg" of its economic impact. The majority are in the future and beneath the surface. If that is the case, the case for mission-ready data is even stronger. Harbour urges immediate initiative-taking measures to confront these challenges and proactively prepare for rapid AI-driven changes to cybersecurity and national defense. Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com      

Ahead of her new book What's So Great About the Great Books? coming out in April, Naomi Kanakia and I talked about literature from Herodotus to Tony Tulathimutte. We touched on Chaucer, Anglo-Saxon poetry, Scott Alexander, Shakespeare, William James, Helen deWitt, Marx and Engels, Walter Scott, Les Miserables, Jhootha Sach, the Mahabharata, and more. Naomi also talked about some of her working habits and the history and future of the Great Books movement. Naomi, of course, writes Woman of Letters here on Substack.TranscriptHenry Oliver: Today, I am talking with Naomi Kanakia. Naomi is a novelist, a literary critic, and most importantly she writes a Substack called Woman of Letters, and she has a new book coming out, What's So Great About the Great Books? Naomi, welcome.Naomi Kanakia: Thanks for having me on.Oliver: How is the internet changing the way that literature gets discussed and criticized, and what is that going to mean for the future of the Great Books?Kanakia: How is the internet changing it? I can really speak to only how it has changed it for me. I started off as a writer of young adult novels and science fiction, and there's these very active online fan cultures for those two things.I was reading the Great Books all through that time. I started in 2010 through today. In the 2010s, it really felt like there was not a lot of online discussion of classic literature. Maybe that was just me and I wasn't finding it, but it didn't necessarily feel like there was that community.I think because there are so many strong, public-facing institutions that discuss classic literature, like the NYRB, London Review of Books, a lot of journals, and universities, too. But now on Substack, there are a number of blogs—yours, mine, a number of other ones—that are devoted to classic literature. All of those have these commenters, a community of commenters. I also follow bloggers who have relatively small followings who are reading Tolstoy, reading Middlemarch, reading even much more esoteric things.I know that for me, becoming involved in this online culture has given me much more of an awareness that there are many people who are reading the classics on their own. I think that was always true, but now it does feel like it's more of a community.Oliver: We are recording this the day after the Washington Post book section has been removed. You don't see some sort of relationship between the way these literary institutions are changing online and the way the Great Books are going to be conceived of in the future? Because the Great Books came out of a an old-fashioned, saving-the-institutions kind of radical approach to university education. We're now moving into a world where all those old things seem to be going.Kanakia: Yes. I agree. The Great Books began in the University of Chicago and Columbia University. If you look into the history of the movement, it really was about university education and the idea that you would have a common core and all undergraduates would read these books. The idea that the Great Books were for the ordinary person was really an afterthought, at least for Mortimer Adler and those original Great Books guys. Now, the Great Books in the university have had a resurgence that we can discuss, but I do think there's a lot more life and vitality in the kind of public-facing humanities than there has been.I talked to Irina Dumitrescu, who writes for TLS (The Times Literary Supplement), LRB (The London Review of Books), a lot of these places, and she also said the same thing—that a lot of these journals are going into podcasts, and they're noticing a huge interest in the humanities and in the classics even at the same time as big institutions are really scaling back on those things. Humanities majors are dropping, classics majors are getting cut, book coverage at major periodicals is going down. It does seem like there are signals that are conflicting. I don't really know totally what to make of it. I do think there is some relation between those two things.Ted Gioia on Substack is always talking about how culture is stagnant, basically, and one of the symptoms of that is that “back list” really outsells “front list” for books. Even in 2010, 50 percent of the books that were sold were front-list titles, books that had been released in the last 18 months. Now it's something like only 35 percent of books or something like that are front-list titles. These could be completely wrong, but there's been a trend.I think the decrease in interest in front-list books is really what drives the loss of these book-review pages because they mostly review front-list books. So, I think that does imply that there's a lot of interest in old books. That's what our stagnant culture means.Oliver: Why do you think your own blog is popular with the rationalists?Kanakia: I don't know for certain. There was a story I wrote that was a joke. There are all these pop nonfiction books that aim to prove something that seems counterintuitive, so I wrote a parody of one of those where I aim to prove that reading is bad for you. This book has many scientific studies that show the more you read, the worse it is because it makes you very rigid.Scott Alexander, who is the archrationalist, really liked that, and he added me to his blog roll. Because of that, I got a thousand rationalist subscribers. I have found that rationalists at least somewhat interested in the classics. I think they are definitely interested in enduring sources of value. I've observed a fair amount of interest.Oliver: How much of a lay reader are you really? Because you read scholarship and critics and you can just quote John Gilroy in the middle of a piece or something.Kanakia: Yeah. That is a good question. I have definitely gotten more interested in secondary literature. In my book, I really talk about being a lay reader and personally having a nonacademic approach to literature. I do think that, over 15 years of being a lay reader, I have developed a lot of knowledge.I've also learned the kind of secondary literature that is really important. I think having historical context adds a lot and is invaluable. Right now I'm rereading Les Miserables by Victor Hugo. When I first read it in 2010, I hardly knew anything about French history. I was even talking online with someone about how most people who read Les Miserables think it's set in the French Revolution. That's basically because Americans don't really know anything about French history.Everything makes just a lot more sense the more you know about the time because it was written for people in it. For people in 1860s France, who knew everything about their own recent history, that really adds a lot to it. I still don't tend to go that much into interpretive literature, literature that tries to do readings of the stories or tell me the meaning of the stories. I feel like I haven't really gotten that much out of that.Oliver: How long have you been learning Anglo-Saxon?Kanakia: I went through a big Anglo-Saxon phase. That was in 2010. It started because I started reading The Canterbury Tales in Middle English. There is a great app online called General Prologue created by one of your countrymen, Terry Richardson [NB it is Terry Jones], who loved Middle English. In this app, he recites the Middle English of the General Prologue. I started listening to this app, and I thought, I just really love the rhythms and the sounds of Middle English. And it's quite easy to learn. So then, I got really into that.And then I thought, but what about Anglo-Saxon? I'm very bad at languages. I studied Latin for seven years in middle school and high school. I never really got very far, but I thought, Anglo-Saxon has to be the easiest foreign language you can learn, right? So, I got into it.I cannot sight read Anglo-Saxon, but I really got into Anglo-Saxon poetry. I really liked the Anglo-Saxon Chronicle. Most people probably would not like the Anglo-Saxon Chronicle because it's very repetitive, but that makes it great if you're a language learner because every entry is in this very repetitive structure. I just felt such a connection. I get in trouble when I say this kind of stuff, because I'm never quiet sure if it's 100 percent true. But it's certainly one of the oldest vernacular literatures in Europe. It's just so much older than most of the other medieval literature I've read. And it just was such a window into a different part of history I never knew about.Oliver: And you particularly like “The Dream of the Rood”?Kanakia: Yeah, “The Dream of the Rood” is my favorite Anglo-Saxon poem. “The Dream of the Rood” is a poem that is told from the point of view of Christ's cross. A man is having a dream. In this dream he encounters Christ's cross, and Christ's cross starts reciting to him basically the story of the crucifixion. At the end, the cross is buried. I don't know, it was just so haunting and powerful. Yeah, it was one of my favorites.Oliver: Why do you think Byron is a better poet than Alexander Pope?Kanakia: This is an argument I cannot get into. I think this is coming up because T. S. Eliot felt that Alexander Pope was a great poet because he really exemplified the spirit of the age. I don't know. I've tried to read Pope. It just doesn't do it for me. Whereas with Byron, I read Don Juan and found it entertaining. I enjoyed it. Then, his lyric poetry is just more entertaining to read. With Alexander Pope, I'm learning a lot about what kind of poetry people wrote in the 18th century, but the joy is not there.Oliver: Okay. Can we do a quick fire round where I say the name of a book and you just say what you think of it, whatever you think of it?Kanakia: Sure.Oliver: Okay. The Odyssey.Kanakia: The Odyssey. Oh, I love The Odyssey. It has a very strange structure, where it starts with Telemachus and then there's this flashback in the middle of it. It is much more readable than The Iliad; I'll say that.Oliver: Herodotus.Kanakia: Herodotus is wild. Going into Herodotus, I really thought it was about the Persian war, which it is, but it's mostly a general overview of everything that Herodotus knew, about anything. It's been a long time since I read it. I really appreciate the voice of Herodotus, how human it is, and the accumulation of facts. It was great.Oliver: I love the first half actually. The bit about the Persian war I'm less interested in, but the first half I think is fantastic. I particularly love the Egypt book.Kanakia: Oh yeah, the Egypt book is really good.Oliver: All those like giant beetles that are made of fire or whatever; I can't remember the details, but it's completely…Kanakia: The Greeks are also so fascinated by Egypt. They go down there like what is going on out there? Then, most of what we know about Egypt comes from this Hellenistic period, when the Greeks went to Egypt. Our Egyptian kings list comes from the Hellenistic period where some scholar decided to sort out what everybody was up to and put it all into order. That's why we have such an orderly story about Egypt. That's the story that the Greeks tried to tell themselves.Oliver: Marcus Aurelius.Kanakia: Marcus Aurelius. When I first read The Meditations, which I loved, obviously, I thought, “being the Roman emperor cannot be this hard.” It really was a black pill moment because I thought, “if the emperor of Rome is so unhappy, maybe human power really doesn't do it.”Knowing more about Marcus Aurelius, he did have quite a difficult life. He was at war for most of his—just stuck in the region in Germany for ages. He had various troubles, but yeah, it really was very stoic. It was, oh, I just have to do my duty. Very “heavy is the head that wears the crown” kind of stuff. I thought, “okay, I guess being Roman emperor is not so great.”Oliver: Omar Khayyam.Kanakia: Omar Khayyam. Okay, I've only read The Rubaiyat of Omar Khayyam by Edward Fitzgerald, which I loved, but I cannot formulate a strong opinion right now.Oliver: As You Like It.Kanakia: No opinions.Oliver: Boswell's Life of Samuel Johnson.Kanakia: Boswell's Life of Samuel Johnson. I do have an opinion about this, which is that they should make a redacted version of Boswell's Life of Samuel Johnson. I normally am not a big believer in abridgements because I feel like whatever is there is there. But, Boswell's Life of Samuel Johnson, first of all, has a long portion before Boswell even meets Johnson. That portion drags; it's not that great. Then it has all these like letters that Johnson wrote, which also are not that great. What's really good is when Boswell just reports everything Johnson ever said, which is about half the book. You get a sense of Johnson's conversation and his personality, and that is very gripping. I've definitely thought that with a different presentation, this could still be popular. People would still read this.Oliver: The Communist Manifesto.Kanakia: The Communist Manifesto. It's very stirring. I love The Communist Manifesto. It has very haunting, powerful lines. I won't try to quote from it because I'll misquote them.Oliver: But it is remarkably well written.Kanakia: Oh yeah, it is a great work of literature.Oliver: Yeah.Kanakia: I read Capital [Das Kapital], which is not a great work of literature, and I would venture to say that it is not necessarily worth reading. It really feels like Marx's reputation is built on other political writings like The Eighteenth Brumaire of Louis Bonaparte and works like that, which really seem to have a lot more meat on the bone than Capital.Oliver: Pragmatism by William James.Kanakia: Pragmatism. I mean, I've mentioned that in my book. I love William James in general. I think William James was writing in this 19th-century environment where it seemed like some form of skepticism was the only rational solution. You couldn't have any source of value, and he really tried to cut through that with Pragmatism and was like, let's just believe the things that are good to believe. It is definitely at least useful to think, although someone else can always argue with you about what is useful to believe. But, as a personal guide for belief, I think it is still useful.Oliver: Major Barbara by George Bernard Shaw.Kanakia: No strong opinions. It was a long time ago that I read Major Barbara.Oliver: Tell me what you like about James Fenimore Cooper.Kanakia: James Fenimore Cooper. Oh, this is great. I have basically a list of Great Books that I want to read, but four or five years ago, I thought, “what's in all the other books that I know the names of but that are not reputed, are not the kind of books you still read?”That was when I read Walter Scott, who I really love. And I just started reading all kinds of books that were kind of well known but have kind of fallen into literary disfavor. In almost every case, I felt like I got a lot out of these books. So, nowadays when I approach any realm of literature, I always look for those books.In 19th-century American literature, the biggest no-longer-read book is The Last of the Mohicans by James Fenimore Cooper, which was America's first bestseller. He was the first American novelist that had a high reputation in Europe. The Last of the Mohicans is kind of a historical romance, à la Walter Scott, but much more tightly written and much more tightly plotted.Cooper has written five novels, the Leatherstocking Tales, that are all centered around this very virtuous, rough-hewn frontiersman, Natty Bumppo. He has his best friend, Chingachgook, who is the last of the Mohicans. He's the last of his tribe. And the two of these guys are basically very sad and stoic. Chingachgook is distanced from his tribe. Chingachgook has a tribe of Native Americans that he hates—I want to say it's the Huron. He's always like, “they're the bad ones,” and he's always fighting them. Then, Natty Bumppo doesn't really love settled civilization. He's not precisely at war with it, but he does not like the settlers. They're kind of stuck in the middle. They have various adventures, and I just thought it was so haunting and powerful.I've been reading a lot of other 19th-century American literature, and virtually none of it treats Native Americans with this kind of respect. There's a lot of diversity in the Native American characters; there's really an attempt to show how their society works and the various ways that leadership and chiefship works among them. There's this very haunting moment in The Last of the Mohicans, where this aged chief, Tamenund, comes out and starts speaking. This is a chief who, in American mythology, was famous for being a friend to the white people. But, James Fenimore Cooper writing in the 1820s has Tamenund come out at 80 years old and say, “we have to fight; we have to fight the white people. That's our only option.” It was just such a powerful moment and such a powerful book.I was really, really enthused. I read all of these Leatherstocking Tales. It was also a very strange experience to read these books that are generally supposed to be very turgid and boring, and then I read them and was like, “I understand. I'm so transported.” I understand exactly why readers in the 1820s loved this.Oliver: Which Walter Scott books do you like?Kanakia: I love all the Walter Scott books I've read, but the one I liked best was Kenilworth. Have you ever read Kenilworth?Oliver: I don't know that one.Kanakia: Yeah, it's about Elizabeth I, who had a romantic relationship with one of her courtiers.Oliver: The Earl of Essex?Kanakia: Yeah. She really thought they were going to get married, but then it turned out he was secretly married. Basically, I guess the implication is that he killed his wife in order to marry Queen Elizabeth I. It's a novel all about him and that situation, and it just felt very tightly plotted. I really enjoyed it.Oliver: What did you think of Rejection?Kanakia: Rejection by Tony Tulathimutte? Initially when I read this book, I enjoyed it, but I was like, “life cannot possibly be this sad.” It's five or six stories about these people who just have nothing going on. Their lives are so miserable, they can't find anyone to sleep with, and they're just doomed to be alone forever. I was like, “life can't be this bad.” But now thinking back over it, it is one of the most memorable books I've read in the last year. It really sticks with you. I feel like my opinion of this book has gone up a lot in retrospect.Oliver: How antisemitic is the House of Mirth?Kanakia: That is a hotly debated question, which I mentioned in my book. I think there has been a good case made that Edith Wharton, the author of House of Mirth, who was from an old New York family, was herself fairly antisemitic and did not personally like Jewish people. What she portrays in this book is that this old New York society also was highly suspicious of Jewish people and was organized to keep Jewish people out.In this book there is a rich Jewish man, Simon Rosedale, and there's a poor woman, Lily Bart. Lily Bart's main thing is whether she's going to marry the poor guy, Lawrence Selden, or the rich guy, Percy Gryce. She can't choose. She doesn't want to be poor, but she also is always bored by the rich guys. Meanwhile, through the whole book, there's Simon Rosedale, who's always like, “you should marry me.” He's the rich Jewish guy. He's like, “you should marry me. I will give you lots of money. You can do whatever you want.”Everybody else kind of just sees her as a woman and as a wife; he really sees her as an ally in his social climbing. That's his main motivation. The book is relatively clear that he has a kind of respect for her that nobody else does. Then, over the course of the book, she also gains a lot more respect for him. Basically, late in the book, she decides to marry him, but she has fallen a lot in the world. He's like, “that particular deal is not available anymore,” but he does offer her another deal that—although she finds it not to her taste—is still pretty good.He basically is like, “I'll give you some money, you'll figure out how to rehabilitate your reputation, and later down the line, we can figure something out.” So, I think with a great author like Edith Wharton, there's power in these portrayals. I felt it hard to come away from it feeling like the book is like a really antisemitic book.Oliver: Now, you note that the Great Books movement started out as something quite socially aspirational. Do you think it's still like that?Kanakia: I do think so. Yeah. For me, that's 100 percent what it was because I majored in econ. I always felt kind of inadequate as a writer against people who had majored in English. Then I started off as a science fiction writer, young adult writer, and I was like, “I'm going to read all these Great Books and then I'll have read the books that everybody else has read.” In my mind, that's also what it was—that there was some upper crust or literary society that was reading all these Great Books.That's really what did it. I do think there's still an element of aspiration to it because it's a club that you can join, that anyone can join. It's very straightforward to be a Great Books reader, and so I think there's still something there. I think because the Great Books movement has such a democratic quality to it, it actually doesn't get you to the top socially, which has always been the true, always been the case. But, that's okay. As long as you end up higher than where you started, that's fine.Oliver: What makes a book great?Kanakia: I talk about it this in the book, and I go through many different authors' conceptions of what makes a book great or what constitutes a classic. I don't know that anyone has come up with a really satisfying answer. The Horatian formulation from Horace—that a book is great or an author is great if it has lasted for a hundred years—is the one that seems to be the most accurate. Like, any book that's still being read a hundred years after it was written has a greatness.I do think that T. S. Eliott's formulation—that a civilization at its height produces certain literature and that literature partakes of the greatness of the civilization and summarizes the greatness of the civilization—does seem to have some kind of truth to it.But it's hard, right? Because the greatest French novel is In Search of Lost Time, but I don't know that anyone would say that the France in the 1920s was at its height. It's not a prescriptive thing, but it does seem like the way we read many of these Great Books, like Moby Dick, it feels like you're like communing with the entire society that produced it. So, maybe there's something there.Oliver: Now, you've used a list from Clifton Fadiman.Kanakia: Yes.Oliver: Rather than from Mortimer Adler or Harold Bloom or several others. Why this list?Kanakia: Well, the best reason is that it's actually the list I've just been using for the last 15 years. I went to a science fiction convention in 2009, Readercon, and at this science fiction convention was Michael Dirda, who was a Washington Post book critic. He had recently come out with his book, Classics for Pleasure, which I also bought and liked. But he said that the list he had always used was this Clifton Fadiman book. And so when I decided to start reading the Great Books, I went and got that book. I have perused many other lists over time, but that was always the list that seemed best to me.It seemed to have like the best mix. There's considerable variation amongst these lists, but there's also a lot of overlap. So any of these lists is going to have Dickens on it, and Tolstoy, and stuff like that. So really, you're just thinking about, “aside from Dickens and Tolstoy and George Eliot and Walt Whitman and all these people, who are the other 50 authors that you're going be reading?”The Mortimer Adler list is very heavy on philosophy. It has Plotinus on it. It has all these scientific works. I don't know, it didn't speak to me as much. Whereas, this Clifton Fadiman and John Major list has all these Eastern works on it. It has The Tale of Genji, Romance of the Three Kingdoms, Story of the Stone, and that just spoke to me a little bit more.Oliver: What modern books will be on a future Great Books list, whether it's from someone alive or someone since the war.Kanakia: Have you ever heard of Robert Caro?Oliver: Sure.Kanakia: Yeah. I think his Lyndon Johnson books are great books. They have changed the field of biography. They're so complete, they seem to summarize an entire era, epoch. They're highly rated, but I feel like they're underrated as literature.What else? I was actually a little bit surprised in this Clifton Fadiman-John Major book, which came out in 1999, that there are not more African Americans in their list. Like, Invisible Man definitely seemed like a huge missed work. You know, it's hard. You would definitely want a book that has undergone enough critical evaluation that people are pretty certain that it is great. A lot of things that are more recent have not undergone that evaluation yet, but Invisible Man has, as have some works by Martin Luther King.Oliver: What about The Autobiography of Malcolm X?Kanakia: I would have to reread. I feel like it hasn't been evaluated much as a literary document.Oliver: Helen DeWitt?Kanakia: It's hard to say. It's so idiosyncratic, The Last Samurai, but it is certainly one of the best novels of the last 25 years.Oliver: Yeah.Kanakia: It is hard to say, because there's nothing else quite like it. But I would love if The Last Samurai was on a list like this; that would be amazing.Oliver: If someone wants to try the Great Books, but they think that those sort of classic 19th-century novels are too difficult—because they're long and the sentences are weird or whatever—what else should they do? Where else should they start?Kanakia: Well, it depends on what they're into, or it depends on their personality type. I think like there are people who like very, very difficult literature. There are people who are very into James Joyce and Proust. I think for some people the cost-benefit is better. If they're going to be pouring over some book for a long time, they would prefer if it was overtly difficult.If they're not like that, then I would say, there are many Great Books that are more accessible. Hemingway is a good one and Grapes of Wrath is wonderful. The 19th-century American books tend to be written in a very different register than the English books. If you read Moby Dick, it feels like it's written in a completely different language than Charles Dickens, even though they're writing essentially at the same time.Oliver: Is there too much Freud on the list that you've used?Kanakia: Maybe. I know that Interpretation of Dreams is on that list, which I've tried to read and have decided life is too short. I didn't really buy it, but I have read a fair amount of Freud. My impression of Freud was always that I would read Freud and somehow it would just seem completely fanciful or far out, like wouldn't ring true. But then when I started reading Freud, it was more the opposite. I was like, oh yeah, this seems very, very true.Like this battle between like the id and the ego and the super ego, and this feeling that like the psyche is at war with itself. Human beings really desire to be singular and exceptional, but then you're constantly under assault by the reality principle, which is that you're insignificant. That all seemed completely true. But then he tries to cure this somehow, which does not seem a curable problem. And he also situates the problem in some early sexual development, which also did not necessarily ring true. But no, I wouldn't say there's too much. Freud is a lot of fun. People should read Freud.Oliver: Which of the Great Books have you really not liked?Kanakia: I do get asked this quite a bit. I would say the Great Book that I really felt like—at least in translation—was not that rewarding in an unabridged version was Don Quixote. Because at least half the length of Don Quixote is these like interpolated novellas that are really long and tedious. I felt Don Quixote was a big slog. But maybe someday I'll go back and reread it and love it. Who knows?Oliver: Now you wrote that the question of biography is totally divorced from the question of what art is and how it operates. What do you think of George Orwell's supposition that if Shakespeare came back tomorrow, and we found out he used to rape children that we should—we would not say, you know, it's fine to carry on to doing that because he might write another King Lear.Kanakia: Well, if we discovered that Shakespeare was raping children, he should go to prison for that. No. It's totally divorced in both senses. You don't get any credit in the court of law because you are the writer of King Lear. If I murdered someone and then I was hauled in front of a judge and they were like, oh, Naomi's a genius, I wouldn't get off for murder. Nor should I get off for murder.So in terms of like whether we would punish Shakespeare for his crime of raping children, I don't think King Lear should count at all, but it's never used that way. It's never should someone go to prison or not for their crimes, because they're a genius. It's always used the other way, which is should we read King Lear knowing that the author raped children, but I also feel like that is immaterial. If you read King Lear, you're not enabling someone to rape children.Oliver: There's an almost endless amount of discussion these days about the Great Books and education and the value of the humanities, and what's the future of it all. What is your short opinion on that?Kanakia: My short opinion is that the Great Books at least are going to be fine. The Great Books will continue to be read, and they would even survive the university. All these books predate the university and they will survive the university. I feel like the university has stewarded literature in its own way for a while now and has made certain choices in that stewardship. I think if that stewardship was given up to more voluntary associations that had less financial support, then I think the choices would probably be very different. But I still think the greatest works would survive.Oliver: Now this is a quote from the book: “I am glad that reactionaries love the Great Books. They've invited a Trojan horse into their own camp.” Tell us what you mean by that.Kanakia: Let's say you believed in Christian theocracy, that you thought America should be organized on explicitly Christian principles. And because you believe in Christian theocracy, you organize a school that teaches the Great Books. Many of these schools that are Christian schools that have Great Books programs will also teach Nietzsche. They definitely put some kind of spin on Nietzsche. But they will teach anti-Christ, and that is a counterpoint to Christian morality and Christian theology. There are many things that you'll read in the Great Books that are corrosive to various kinds of certainties.If someone who I think is bad starts educating themselves in the Great Books, I don't think that the Great Books are going to make them worse from my perspective. So it's good.Oliver: How did reading the Mahabharata change you?Kanakia: Oh yeah, so the Mahabharata is a Hindu epic from, let's say, the first century AD. I'm Indian and most Indians are familiar with the basic outline of the Mahabharata story because it's told in various retellings, and there's a TV serial that my parents would rent from the Indian store growing up and we would watch it tape by tape. So I'm very familiar with it. Like there's never been a time I have not known this story.But I was also familiar with the idea that there is a written version in Sanskrit that's extremely long. It is 10 times as long as the Iliad and the Odyssey combined. This Mahabharata story is not that long. I've read a version of it that's about 800 pages long. So how could something that's 10 times this long be the same? A new unabridged translation came out 10 years ago. So I started reading it, and it basically contains the entire Sanskrit Vedic worldview in it.I had never been exposed to this very coherently laid-out version of what I would call Hindu cosmology and ethics. Hindus don't really get taught those things in a very organized way. The book is basically about dharma, the principle of rightness and how this principle of rightness orders the universe and how it basically results in everybody getting their just deserts in various ways. As I was reading the book, I was like, this seems very true that there is some cosmic rebalancing here, and that everything does turn out more or less the way it should, which is not something that I can defend on a rational level.But just reading the book, it just made me feel like, yes, that is true. There is justice, the universe is organized by justice. It took me about a year to read the whole thing. I started waking up at 5:00 a.m. and reading for an hour each morning, and it just was a really magical, profound experience that brought me a lot closer to my grandmother's religious beliefs.Oliver: Is it ever possible to persuade someone with arguments that they should read literature, or is it just something that they have to have an inclination toward and then follow someone's example? Because I feel like we have so many columns and op-eds and “books are good because of X reason, and it's very important because of Y reason.” And like, who cares? No one cares. If you are persuaded, you take all that very seriously and you argue about what exactly are the precise reasons we should say. And if you're not persuaded, you don't even know this is happening.And what really persuades you is like, oh, Naomi sounds pretty compelling about the Mahabharata. That sounds cool. I'll try that. It's much more of a temperamental, feelingsy kind of thing. Is it possible to argue people into thinking about this differently? Or should we just be doing what we do and setting an example and hoping that people will follow.Kanakia: As to whether it's possible or not, I do not know. But I do think these columns are too ambitious. A thousand-word column and the imagined audience for this column is somebody who doesn't read books at all, who doesn't care about literature at all. And then in a thousand-word column, you're going to persuade them to care about literature. This is no good. It's so unnecessary.Whereas there's a much broader range of people who love to read books, but have never picked up Moby Dick or have never picked up Middlemarch, or who like maybe loved Middlemarch, but never thought maybe I should then go on and read Jane Austen and George Eliot.I think trying to shift people from “I don't read books at all; reading books is not something I do,” to being a Great Books card-carrying lover of literature is a lot. I really aim for a much lower result than that, which is to whatever extent people are interested in literature, they should pursue that interest. And as the rationalists would say, there's a lot of alpha in that; there's a lot to be gained from converting people who are somewhat interested into people who are very interested.Oliver: If there was a more widespread practice of humanism in education and the general culture, would that make America into a more liberal country in any way?Kanakia: What do you mean by humanism?Oliver: You know, the old-fashioned liberal arts approach, the revival of the literary journal culture, the sort of depolitical approach to literature, the way things used to be, as it were.Kanakia: It couldn't hurt. It couldn't hurt is my answer to that question.Oliver: Okay.Kanakia: What you're describing is basically the way I was educated. I went to Catholic school in DC at St. Anselm's Abbey School, in Northeast, DC, grade school. Highly recommend sending your little boys there. No complaints about the school. They talked about humanism all the time and all these civic virtues. I thought it was great. I don't know what people in other schools learn, but I really feel like it was a superior way of teaching.Now, you know, it was Catholic school, so a lot of people who graduated from my school are conservatives and don't really have the beliefs that I have, but that's okay.Oliver: Tell us about your reading habits.Kanakia: I read mostly ebooks. I really love ebooks because you can make the type bigger. I just read all the time. They vary. I don't wake up at 5:00 a.m. to read anymore. Sometimes if I feel like I'm not reading enough—because I write this blog, and the blog doesn't get written unless I'm reading. That's the engine, and so sometimes I set aside a day each week to read. But generally, the reading mostly takes care of itself.What I tend to get is very into a particular thing, and then I'll start reading more and more in that area. Recently, I was reading a lot of New Yorker stories. So I started reading more and more of these storywriters that have been published in the New Yorker and old anthologies of New Yorker stories. And then eventually I am done. I'm tired. It's time to move on.Oliver: But do you read several books at once? Do you make notes? Do you abandon books? How many hours a day do you read?Kanakia: Hours a day: Because my e-reader keeps these stats, I'd say 15 or 20 hours a week of reading. Nowadays because I write for the blog, I often think as I'm reading how I would frame a post about this. So I look for quotes, like what quote I would look at. I take different kinds of notes. I'll make more notes if I'm more confused by what is going on. Especially with nonfiction books, I'll try sometimes to make notes just to iron out what exactly I think is happening or what I think the argument is. But no, not much of a note taker.Oliver: What will you read next?Kanakia: What will I read next? Well, I've been thinking about getting back into Indian literature. Right now I'm reading Les Miserables by Victor Hugo. But there's an Indian novel called Jhootha Sach, which is a partition novel that is originally in Hindi. And it's also a thousand pages long, and is frequently compared to Les Miserables and War and Peace. So I'm thinking about tackling that finally.Oliver: Naomi Kanakia, thank you very much.Kanakia: Thanks for having me. This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit www.commonreader.co.uk

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com When people look back on 2025 they will see many changes in the FedRAMP process.  It looks like a new administration examined the process, got feedback from companies, and launched new initiatives to speed up the process. During today's interview, Irina Denisenko (Knox CEO) details FedRAMP's challenges and something called "FedRAMP 20x." Knox runs the largest FedRAMP-managed cloud, enabling 90-day authorizations by hosting customers' production environments. Denisenko explains the story of the origin of Knox Systems:   she was running a training company and the Air Force wanted to use her product.  It would have taken so long to complete the FedRAMP requirements that she just bought a company that was FedRAMP compliant. It is hard to believe that the process is so frustrating that fewer than 500 apps are authorized at moderate/high FedRAMP The initiative from the GSA is called FedRAMP 20x  It shifts to continuous monitoring and continuous authorization, moving from annual audits (sampled every 3 years) and monthly CVE spreadsheets to real-time, machine-readable data. What Knox offers is a tried-and-true platform that has reduced time for compliance in order to better serve federal needs. 

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Way back in 2011, one of the goals of FedRAMP was to eliminate software redundancy. The federal government had evolved to the point where one agency would spend millions of dollars on the same application program that the agency in the same zip code had just invested heavily in. The theory proposed by luminaries like Vivek Kundra was to move to the cloud to share services. Reducing cost and improving resilience. FedRAMP was the initiative that established a safe environment for federal cloud use. Companies can comply with regulations outlined in an Authorization to Operate (ATO). Well, fifteen years later, and we are seeing the same duplication not in the application programs, but in the process to get the ATO itself. For example, FedRAMP, RMF, and agency internal policies may require specific artifacts to satisfy one or the other. During the interview, Travis Howerton paints the legacy model—static documentation, annual/3-year audits, spreadsheets. His solution is to have AI assist with documentation, which will drastically reduce compliance time; he cites an example of reducing a process from 52 weeks to 356 weeks. RegScale uses OSCAL (XML/YAML/JSON) to auto-generate RMF artifacts and integrate with SIEMs (Splunk, Elastic), Axonius, ServiceNow, and APIs. Howerton understands the limitations of many automated systems and suggests that a human is a key component after the machine language has assembled the data to make the decision.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Cybersecurity is a rapidly evolving field, where every effective defense technique is quickly noticed and adapted to by malicious actors. The real question is how fast each side of this ongoing cat-and-mouse game can respond. Let us take an example of web applications. In the decade-long slog of the cloud, federal users migrated to web-based applications protected by Web Application Firewalls (WAFs). firewalls. As that method matured, malicious observers noted that the Application Programming Interface (API) allowed these software programs to communicate and exchange data. Voila, another attack vector was born. During today's interview, Joe Henry from Akamai Technologies notes that 80% of their customers report API attacks. Henry details a curious term called "Broken-Object Level Authorization." In this attack, an application fails to check if a user is authorized to access specific data objects. The ID is manipulated, and the malicious actor gets access. Akamai's API Security performs behavioral analysis beyond WAFs, flags PII exposure, and supports a zero-trust posture. Software developers talk about a "shift left"; we apply that to the Akamai approach. They have a worldwide network of Points of Presence (POPs) and data centers where they can observe attacks as they develop. It is so strong that it provides fail-open resilience with a 100% SLA. Akamai provides a State of the Internet Report (quarterly). If you would like to stay connected with the next manifestation of attack, consider subscribing or visiting their website to stay informed about the latest trend

Twenty years ago, the concept of Bring Your Own Device (BYOD) entered the federal IT landscape with the advent of network-connected devices like Blackberries—sometimes even within secure federal networks. This slow start has exploded into a federal information technology system with sensors on satellites, submarines, and everywhere in between. That "in between" can include on-prem networks, multiple clouds, and hybrid clouds. Today, we sit down with Ryan Leiws, the CEO of Rancher Government Solutions, to look at some of the challenges in managing this dispersed environment and how to manage it. Lewis describes how Rancher connects hybrid environments using containers and Kubernetes for secure orchestration. Lewis emphasizes continuous compliance and DevSecOps via Rancher's Carbide stack, SBOM-level visibility, and rapid recovery in contested, denied/disconnected/intermittent/limited (DDIL) environments. Lewis notes that Rancher's declarative stack reduces maintenance and allows simple app redeployment. They also emphasize portability, cost efficiency, and alignment with zero-trust principles, with upcoming hardened features.  = Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

We began the interview with a startling fact. Maximus' federal systems interface with one in three Americans each year—about 110 million people. Building on Maximus's broad reach, Pledger says the company's core is designing world‑class digital experiences by starting with the end goal (e.g., veterans' benefits) and using automation, AI, analytics, and omni‑channel outreach. We have all heard about improvements in systems; today, Pledger offers specifics on how health care can improve. He cites his own 2008 Iraq injury and notes veteran case durations historically ran three hundred to four hundred days; Maximus has reduced that to two hundred to 270 days, but still deems it too long. Maximus' success is due to its unique ability to leverage AI to drive this transformation. One approach is to partner with companies with vertical-market expertise. For instance, Maximus partners with Salesforce (CRM) and Genesis (telephony) to respond to complex medical cases. Example: outbound campaigns (text, email, AI‑generated calls) cut lapses; proactive engagement improves experience and reduces call‑center burden. Maximus is a story about a complex environment being tamed through understanding processes, applying technology, and making the right partnerships.   Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

Everyone reading this has had minor delays at the airport. It is remarkable that more problems have not developed. Look at Chicago O'Hare International Airport—it has 857,392 takeoffs and landings in a year. Each one has passengers, and most have luggage. The opportunities for problems are overwhelming. Now add an increasing number of sensors and interlaced networks, and you have an attack surface of biblical proportions. All an adversary needs is one single point of vulnerability to attack a system. Think what could happen if an airport network were disabled by a ransomware attack. During today's interview, Lou Karu makes suggestions for defense that include a multi-layered strategy emphasizing zero trust and network segmentation. However, Karu reminds us that a cybersecurity strategy is not complete without a robust recovery plan. For example, if a basic recovery plan was deployed, it is possible that a system can have compromised code locked into a backup. An airport suffers an attack, pays the ransom, and the recovered data has more attacks built in. Best practice here is to have a backup system that is rapid and accurate, and that restores the code without it being hot-infected with additional malicious code. Systems like this from Rubrik call these backups "immutable." The next time you go to the airport, try to imagine  the numerous attack points that an airport must contend with. Even the most robust cyber defense must include plans for safe, secure recovery.   Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

Technology is changing so fast that it is impossible to predict the next twelve days. Despite that, we have asked Travis Rosiek, Public Sector CTO at Rubrik, to gaze into his crystal ball and make some predictions for the next twelve months. The good news is that Rosiek sees a shift from intellectual property theft to disruptive attacks on critical infrastructure. The bad news is that Rosiek thinks attacks are increasing to the point that an event will light a fire under the current cybersecurity plans. During the interview, the concept of Zero Trust was unpacked. The idea is that federal systems have already been breached. As a result, the focus must be on microsegmentation, with permission as the limiting factor. Roseik's opinion is that malicious actors have planted code into systems that are acting as "sleepers." At one time in the indeterminate future, this code can be invoked, and severe damage can take place. If this nightmare situation occurs, the best defense is to have recovery built in. Today, leaders must have a system in place to restore data from backups. Unfortunately, malicious actors know this plan as well and have been known to insert code into backups that renders them useless. In a complex game of attack and counterattack, Roseik believes that a recovery strategy that includes immutable backups and an audit mechanism is the best approach in the 21st-century world of threats and countermeasures. He also stressed the necessity of reducing complexity to enhance cybersecurity and the need for initiative-taking measures, including regular stress testing and resilience training. = = Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

It is always tricky to compare commercial networking challenges with those faced by federal leaders. For example, the military and intelligence agencies require traffic encryption. How can an organization detect threats while observing this traffic? Today, we discuss Vectra AI's network threat detection capabilities with Wes Nagel, DoD sales manager, and Gage Cowger, a security engineer. With technology from Vectra AI, network traffic can be analyzed for timing, size, direction, and protocol use. These can give behavioral patterns for network visibility without worrying about encryption. Cowger will argue that behavioral patterns are more effective than signatures, especially in mitigating alert fatigue. Signatures can overwhelm monitors with false positives; Vectra's AI and ML capabilities provide trustworthy alerts. This ability positions Vectra AI to adapt to new networking initiatives, such as software-defined and OT/IoT networks, which will be prevalent in the future. The discussion also touches on the future of network detection, emphasizing the need for real-time, behavior-based detection to counteract advanced threats and adapt to evolving networks. Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com    

One of the biggest trends in software development over the past 10 years is the shift from writing code to "assembling" code from off-the-shelf components. During today's interview with Javed Hasan from Lineaje, we learned that 70% of that pre-assembled code is open source. In other words, an anonymous person in some countries modified software instructions. This casual approach may be fine for small businesses, but an organization like the federal government must be highly cautious. Hasan describes how his company was one of the first to work with the federal government to set standards for this existing code. These initial efforts began ten years ago and resulted in Executive Order #14028, which requires a Software Bill of Materials for any organization selling to the federal government. This initiative expanded in 2021-2022 when NIST published related guidelines. These efforts are a good start. However, federal leaders must evaluate SBOM technology from many perspectives. For example, how to incorporate this mandate into air-gapped networks, legacy COTS, or even in a classified environment. System administrators also need to know if they are exposed. Further, every organization has a varying definition of what "deep software transparency" is. Hassan also discusses Lineage's innovative approach to creating "Gold open source" software, ensuring it is free of malware and vulnerabilities. If you are interested in seeing a demonstration of how Lineaje can help with software forensics, there is an event at the Carahsoft office in Reston, Virginia, on January 30 = = Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com  

In the past 10 years, Amazon Web Services has gone from a niche player in the federal government to being responsible for billions in sales. One key aspect of this is how Amazon integrates leadership with innovation to address complex federal requirements. Today, we sit down with Andrew Christian to get an overview of concepts like customer obsession, working backwards, and the sixteen leadership principles that AWS implements to accomplish that drastic growth. ONE Customer-focus In the commercial marketplace, the concept of being  "customer-focused" is certainly not breaking news. However, as Christian explains, AWS tries to understand (almost obsessively) what the requirements are for federal systems. No, technically, they are not "customers," but they are the end users for any technology project. This focus has given AWS remarkable success in the commercial world, and when they apply it to federal technology, they can succeed where others have failed. TWO  Working Backwards Christian explains that "working backwards" is a concept where a team is forced to write a mock press release and FAQ for a future project. This is before they build anything. This helps to clarify the customers' needs by identifying gaps early. THREE    encouraging innovations Many describe innovation as failing fast, then recovering. That may hold up in a commercial application where lives are not at stake. During the interview, Andrew Christian differentiates between the importance of making quick, reversible decisions (two-way doors) versus long-term, impactful ones (one-way doors). He encourages federal agencies to adopt these principles to enhance their innovation and adapt to a world co constantly changing technology. Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Today, we have an experienced tech veteran, Bob Stevens from GitLab, offering insights on how he sees the federal government overcoming three main technology challenges in 2026. Challenge ONE:   Software improvement on scale. Stevens observed that everyone has seen AI's ability to review code. It has passed the basic phase, and now, in 2026, it cannot only review code but also identify security vulnerabilities, ensure compliance, and even generate documentation. This means that older, expensive-to-maintain systems can be transitioned to more flexible, economical cloud models. Challenge TWO:   Going away from reacting. The word "continuous" has been the goal for cyber defenders for the past several years. Fortunately, AI is allowing that noble goal to be put into practice. When applied appropriately, newer technology can achieve lower breach rates and faster threat response times. Challenge THREE:   emergence of a "universal" developer. Traditionally, requirements would be gathered by an intermediary and then translated into instructions for software developers. Stevens shows how newer AI-based approaches can eliminate that intermediary step. In other words, a pilot can precisely describe what they want in an avionics system, and the developers can work from that description. That means solving domain-specific problems with traditional development skills. Ideally, subject matter experts directly translate their knowledge into functional software systems. Some call this the "universal" developer approach. Stevens emphasized the importance of AI, security, and flexibility for future developers. GitLab's DevSecOps platform integrates AI across the entire software development process.

(We recorded this interview at Monk's BBQ in lovely downtown Purcellville, VA) Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Defrauding the federal government is like the weather; everyone wants to complain, but nobody can do anything about it. For example, a joint DOL-SBA report from December 2024 revealed $2.3 billion in potentially fraudulent payments. Today, we sat down with Jeff Gallimore from Excella, where he will diagnose the problem of federal waste, fraud, and abuse. From there, he presents a solution that has already saved millions of dollars. The problem: too many silos From a data management perspective, most enterprise computational capabilities evolved through a federated approach. From a historical perspective, it makes sense that each agency would have its own computers and storage. It makes sense that individual data stores in this environment would be separated, or perhaps the word "siloed", into distinct areas. Now, if you have one silo, you can protect it; if you have a thousand, then there is a problem. During the interview, Gallimore mentioned an agency that manages 9,000 grants. That is a lot of data to coordinate when it is stored in its "silos." The solution:  gap analysis   Silos can be secure, but the architecture can allow for gaps in security coverage. These gaps, or seams, can allow fraudsters to exploit this structure. For example, an agency may have a division that has identified a person as a fraudster. If that information is not shared, this person can use the same exploit on another area of the agency. Further, interlinks between federated systems can allow adversaries to gain access. Excella has a profile of how they have managed to fill in the gaps in siloed data architecture.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com When cloud computing was introduced, it was quite a simple concept: leverage other people's hardware to scale easily. Not too much to manage. However, today's cloud world has metastasized. Today, federal leaders live in a world of on-prem, multiple clouds, private clouds, hybrid clouds, and even sovereign clouds. Complications arise when they are burdened with compliance requirements and staff reductions. Today, we sat down with Ryan McArthur from Zscaler to discuss how to effectively manage a cloud environment when challenged with deploying Zero Trust. He begins by sharing his experience helping federal leaders understand the inherent risks of the VPN system. Few realize that VPN technology was first introduced by Microsoft back in 1996, and then popularized with Windows 4.0, which included built-in support. Thirty-year-old technology can present severe limitations. Unfortunately, the popularity of VPN technology increased with the demands of remote computing during COVID. We are now in a situation where many enterprises have built their architecture on this dated technology. Ryan mentions that one key to juggling clouds is to focus on the applications themselves. He emphasized Zscaler's ability to securely connect users. If you want more information about Zscaler, you should attend the Zscaler Public Sector Summit in March, where you can discuss and collaborate further.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We are at the point where AI is almost expected in any technology offering. Today, we sat down with John Kindervag from Illumio to learn how AI can be applied to the world of federal Zero Trust. Some have characterized today's current cybersecurity situation as an arms race; some call it a whack-a-mole game. An innovative technology, such as AI, becomes popularized, and adversaries use it to improve attacks. As a result, the defenders of data must bolster their response, and they, in turn, use AI to defend. He highlights the importance of visibility, using AI to quickly parse logs, and the concept of dwell time, in which attackers can remain undetected for extended periods. To protect valuable data, Kindervag distinguishes between the attack surface and the defense surface. Although a malicious actor can instigate AI-driven attacks across any surface, sensitive information can be protected by thorough segmentation of the protected surface. During the interview, Kindervag provides tactics to manage legacy technology, fragmented data, and the critical topic of risk-averse culture.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It is rare to see AI applied to federal cybersecurity mandates. However, today, we will sit down with Louis Echenbaum from Color Tokens. He will unpack the concept of using AI to help federal leaders improve their ability to implement microsegmentation. We all know about Executive Order 14028 and the OMNB Memo M-22-09, which are forcing federal agencies to deploy a robust Zero Trust framework. The key components include identity and access management, asset management, continuous monitoring, and micro segmentation. During the interview, Louis Echenbaum expands on current challenges like legacy systems and visibility. For example, what happens once a malicious actor breaches a federal system? Some call this east-west traffic. The general response is to prioritize and segment data so the intruder is denied access. This concept looks good on paper, but in the real world, leaders encounter some issues. First, how can they know exactly what is on their network? This is perplexing in environments where endpoints are in areas that cannot be upgraded. Further, the move to a hybrid cloud offers varying levels of data segmentation. One system administrator may be competent with a specific cloud service provider but does not know all the details of another company. This skills gap can lead to coverage gaps and opportunities for attack. The solution Echenbaum suggests is to leverage AI to improve visibility and give leaders ways to prioritize datasets into appropriate microsegments.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In the world of federal technology we are being deluged with so much information about Artificial Intelligence that we may not see what some of other technologies that may have as great an impact as AI.  The White House, the OMB (M-23-02), the Office of the National Cyber Director have made it clear that the time to prepare for post-quantum cryptography is now.  Agencies are required to inventory cryptographic systems, prioritize high-value assets, and build migration plans in line with NIST standards. Today, we sit down with Eric Hay from Quantum Xchange to look at making this transition.  During the interview, Hay handles issues like technology, operations and appropriate strategy. He highlights the role of NIST in developing and approving new algorithms like NIST PQC Post Quantum Encryption, ML, and CHEM. Eric explains the five-step process for transitioning to these new standards: discovery, prioritization, deployment, monitoring, and management. Rather than spending time evaluating algorithms, Eric Hay stresses the importance of a network-centric approach, suggesting that agencies focus on securing data transport first. Eric predicts Q day, when current encryption methods could be compromised, within 3-5 years, with some European partners aiming for 2029.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com John Kindervag began the concept of Zero Trust; he probably did not realize the impact it would have on the technological community. Today, we look at the federal government and Zero Trust implementation from 40,000 feet. Kindervag will opine on topics such as browser security, the importance of data, and operational technology. Instead of using his technical knowledge as a cudgel, Kindervag reinforces the importance of a balanced approach in which federal leaders consider both technological and behavioral aspects of implementing Zero Trust. People with a basic understanding of Zero Trust can disregard the importance of data; he calls it the 'protect surface'. This involves identifying and securing the smallest space within the network, as well as the entire network itself. One missing link in the move to Zero Trust is Operational Technology. When looking at the Department of War, it has assets deployed all over the world. They have thousands of sensors that may or may not be part of a network. Kindervag suggests that when you have a protected surface that is a critical asset, which means it can be included in data sets. The interview ended with comments regarding the challenges of implementing zero trust, particularly the need for strong leadership and the potential of AI to enhance cybersecurity measures, while acknowledging the complexities of data classification and the evolving threat landscape. Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com A quick review of malicious activity shows large-scale cyberattacks being run without any human intervention. That means traditional penetration testing, which occurs once a year, can be easily defeated by massive, systematic attacks. During the interview with Snehal Antani, CEO of Horizon Three, he highlights the importance of continuous autonomous penetration. He suggests that it may be the only response to a non-human automated attack. Horizon3 has recently collaborated with the NSA's Cybersecurity Collaboration Center to develop the Continuous Autonomous Penetration program. He details identifying critical vulnerabilities not only in federal systems, but also in the Defense Industrial Base.] Today's cyber threat landscape is rapidly evolving, with artificial intelligence fueling a new wave of increasingly sophisticated attacks. Malicious actors now leverage AI to automate and scale their operations, resulting in large-scale, highly coordinated cyberattacks requiring little to no human oversight. This surge in automation on the offensive side has exposed a significant gap in the traditional cybersecurity strategies of federal agencies, which still largely rely on manual or scheduled defense mechanisms such as annual penetration testing. These legacy approaches are woefully inadequate against relentless, continuously evolving threats executed by automated tools that probe for weaknesses around the clock. Federal leaders, traditionally cautious about deploying automated systems for cybersecurity, now face a crucial crossroads. The old paradigm—where automation in cyber defense was seen as risky—must be reconsidered in light of real-world evidence that manual processes cannot keep pace with automated adversaries. In a recent interview, Snehal Antani, CEO of Horizon3, emphasized the critical need for continuous, autonomous penetration testing. He argued that just as attackers use automation to identify and exploit vulnerabilities at scale, defenders must employ similar automation to uncover and remediate those weaknesses swiftly and continuously. To advance this approach, Horizon3 has partnered with the NSA's Cybersecurity Collaboration Center, launching the Continuous Autonomous Penetration program. This initiative aims to proactively identify critical vulnerabilities not just in federal government networks, but also across the Defense Industrial Base. By integrating automated, persistent penetration testing into daily operations, federal agencies can better defend against the nonstop, AI-driven threats now targeting every aspect of their infrastructure.            

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The good news is that federal security measures are preventing successful attacks; the bad news is that adversaries are examining every nook and cranny of a federal system and increasingly targeting the browser itself as an attack vector. During the interview, Scott "Monty" Montgomery gives a quick overview of Enterprise Browsers and Secure Enterprise Browsers.  After all, browsers have been around since 1994. It may be the only application ubiquitous on home-based machines and in enterprise systems. They were not designed for security; they were intended to open the internet to the World Wide Web, full of images, links, and audio. Malicious actors did not have to focus on an app with limited use; by targeting a browser, they have almost unlimited targets to attack. Montgomery mentions the increase in browser-based attacks. In fact, they increased by 198% in the second half of 2023. Scott explains that phishing persists because people are curious or fearful, leading them to click on malicious links. A Secure Enterprise Browser can help prevent many common phishing exploits. Additionally, an SEB can support policies and controls. This means that an SEB fits completely with any current Zero Trust initiatives across all agencies. Beyond that, SEBs can be configured to manage legacy systems and even operate in low-bandwidth environments.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Every federal agency prepares a backup strategy to protect data. This is a rigorous endeavor in which teams practice what to do in the event of a breach or system failure. However, nobody really has a plan for a temporary federal shutdown. Any political pundit worth his salt knows there will be another federal shutdown sometime in the future. It is reasonable to consider automation to see how it can be used to bridge services during a temporary shutdown. David Grundy is the Public Sector CTO for Tines. He has decades of experience in and outside the federal government. He highlights the challenges of human-centered workflows. For example, just because the staff is reduced does not mean attackers will take the day off. Adversaries work 365 days a year and are immune to political infighting. Based on David Grundy's experience, an agency should start with visibility to know which workflows exist. From there, document processing can be detailed, enabling scaling. During the interview, Grundy shares his experience in a federal agency that had to make digital transitions while complying with federal regulations. He is optimistic that operational resilience can be achieved through initiative-taking by all federal agencies.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In a recent report from Microsoft, they share that foreign adversaries are increasing attacks on American infrastructure. One variation is that they will not penetrate systems and attack, but they will steal credentials and install code to act in stealth mode. This code can hide for years and be deployed when the antagonist wants. Today, we sat down with Travis Roseik from Rubrik to try to find some options for defending against this hidden attack. Let us say an agency has improved its resistance to foreign attacks. This is satisfactory progress, but what happens in a situation where the malicious code was planted prior to the increased defense. Further, during the interview, Roseik states that companies may be able to leverage AI to improve defense, nation states will be using that same AI to improve attack methods. If malicious code is within the walls of an organization, whether by AI or user error, Roseik makes the point that a defensive posture may not be enough in today's sophisticated world of attack. He recommends moving from a defensive approach to an initiative-taking threat hunting strategy. Even if Zero Trust and threat hunting fail, the best response is to have immutable backups. For example, if a breach occurs and the system recovers quickly, then the attackers will go after more vulnerable targets. The conversation underscores the urgency for organizations to adapt and innovate to counteract these threats.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government recognizes that threats are multiplying at an exponential level. In fact, in October 2025, CISA released a free vulnerability scanner, and 10,000 organizations have signed up. Today, CISA is at its current capacity. Today, we examine solutions from a successful startup called CrunchAtlas. One of the co-founders, Ben Fabrelle, will share with the audience his experience in threat hunting in the federal government and why he combined with another veteran to form a company that can assist in threat intelligence, data analysis, and automation. During the interview, Fabrelle says that CrunchAtlas likes to attack "wicked" complex problems. One of the most complicated problems the federal government has is identifying threats in a world where the DoD is being attacked by malicious actors every day. Fabrelle suggests that the solution is a persistent cyber-hunt platform. It can search for threats in a wide range of environments. This means it can be deployed on-prem, in the cloud, or in an air-gapped environment. The founders view that a platform approach is the best way to scale against these adversaries. One of the key differentiators for CrunchAtlas is its ability to operate in the cloud, on-prem, and even in an air-gapped environment. In fact, their offering's code stack, from design, operates in an air-gapped environment. Automation in this kind of environment will allow for a reduction in false positives, which will, in turn, reduce fatigue and decrease the need for human threat hunters.  

Ep. 281 How Zero Trust Automation Helps Federal Agencies do More with Less Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com As this interview was recorded, the federal government was in the middle of a shutdown. Hundreds of pundits have given interviews about the politics of the situation; very few have looked at the impact on cybersecurity during a phase of workforce reduction. Today, we sat down with Gary Barlet, the Public Sector CTO at Illumio, to see whether Zero Trust can help the federal government bridge this short personnel gap. Barlet begins by giving an overview of Zero Trust and automation. Rather than having human beings vet entry into federal systems, the concept is to use an automated process that reviews credentials and decides on permission. Barlet emphasizes the importance of Zero Trust in automating security tasks and maintaining operational resilience, especially with reduced staff. He continues to mention several other benefits of Zero Trust in a federal environment. Compliance:  A well-thought-out Zero Trust architecture will enable managers to collect data to demonstrate policy enforcement. Legacy: One can effectively take existing systems and "ring fence" them off. This approach creates hundreds and hundreds of rings of defense. Design:  During the interview, Gary recommends that you have a handle on the real traffic to reduce complexity. That way, when policies change, the rules can adapt to the environment. Maturity Level:  Although CISA has a maturity level for Zero Trust. Barlet distills down some of the requirements for which efforts can be applied to sensitive systems. He suggests focusing on security, not necessarily on a grade. Additionally, he addresses the challenges of managing complex, hybrid environments and the emergence of shadow AI models, stressing the need for robust policies and controls.            

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Today, we sat down with Chris Wysopal from Veracode to talk about how to leverage the power of AI to increase productivity in federal systems. It seems like every headline you read talks about AI speeding up the process of writing code. However, there may be mixed messages here. Wysopan read some academic reports that talked about vulnerabilities being introduced in human code as well as AI code. Because this has been a concern for a while, He initiated the Gen AI Code Security report. They examined a wide range of LLMs to get a fair overview. They discovered 45% introduced vulnerabilities. What is even more shocking is this is similar to the rate from regular, old, garden variety software developers. You can get more details from the Veracode's 2025 Gen AI Code Security Report. It details methodology and notes despite improvements in syntax; security remains a concern. When he presented at a recent Billington Cyber Summit, he was deluged with people interested in problems with AI generated code. The overview is Implement a centralized risk management approach to prioritize and address the most critical vulnerabilities.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com MongoDB has spent years earning a formidable reputation in the developer world; today, we will unpack some of its capabilities for project managers and federal leaders so they can understand where MongoDB may fit in their stack. Conventional wisdom is that MongoDB is a flexible open-source database. Although that is true, this does not do justice to some characteristics that will appeal to the federal audience. ONE: An agency may have restrictions on where the cloud is not suitable for storage. Because of its ability to use flexible, JSON-like documents, MongoDB has listened to those needs and can have storage in many varying regions.   In fact, we have seen a movement to move cloud applications back on premises. MongoDB provides flexibility for working in both hybrid and on-premises environments. TWO:  Most readers have studied encryption and think of it primarily as data at rest. Cloud storage transitions have forced a method where data is encrypted during transit. MongoDB can take encrypted data and search while it remains encrypted. Some will describe encryption at rest, in transit, and now, data in use.  THREE   MongoDB has listened to the federal community and is offering something called MongoDB Atlas for Government. It is a secure, fully managed cloud database service for U.S. Government agencies to modernize applications and oversee sensitive data. During the interview, Ben Cephalo revealed the effort MongoDB is making to serve federal agencies that require FedRAMP high capabilities.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Elastic has been around since 2012 and has been gradually gaining traction in the commercial world. In fact, Elastic has recently signed agreements with Nvidia and Google to improve integration with its distributed search analysis. All this assists with AI search and observability. Today, we sat down with Chris Thompson from Elastic to highlight how commercial success can be applied to the federal world. Looking back at his decades of work with federal agencies, he sees one of the problems in acquisition. In a world of rapid change, it is challenging to acquire technology that can keep pace with the fast pace of change. During the interview, Thompson discusses a recent strategic agreement developed by Elastic working with the GSA and other companies. This streamlines the process of providing technology to federal professionals. This agreement accomplished several tasks at once: >>It leverages the GSA's collective buying power. Rather than negotiating separate prices for dozens of agencies, it has substantial discounts with all the major cloud providers. >>>  It reduces duplication. We know several federal agencies are facing similar tech challenges. Rather than duplicating requirements gathering and testing before making a purchase, the GSA approach eliminates this duplicative process. >>With numerous AI tools flooding the market, this agreement enables the accelerated use of these tools.  >> When you have standardized contracts, enhanced security is typically the result. No contract is perfect, and people who have developed this agreement know it is a living document that can flex and adapt to technical situations as they arise. GSA officials have stated this is an evolving approach, giving it the ability to adapt to innovative technology, new companies, and a rapidly changing cyber threat.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Many listeners have become so familiar with AI that they may have assumed it has been around for decades. Today, we sat down with Will Angel from Excella to explore the application of AI to federal technology from a more nuanced perspective. We dive into three main aspects of AI:  challenges of integrating AI services, Model Context Protocol, and security considerations with agentic systems. Challenges: No company has grown as fast as ChatGPT; in fact, it is the fastest-adopted consumer application in history. Today, it has an estimated eight hundred million weekly users. This has attracted developers who work on federal projects. Wil Angel recommends careful consideration of people arbitrarily porting data to or from products like ChatGPT because it can compromise data security. MCP In certain circles, the term “Model Context Protocol” is used constantly. It has become so popular that people do not realize it was just coined by Anthropic in November of 2024. During the interview, Angel presents variations on MCP for software development and warns about the hype surrounding the relatively new standard for AI systems. Agentic AI  Autonomous systems have been the holy grail for every software developer. The promise of Agentic AI is so powerful that some have jumped into applications without a more prudent approach. When a series of tasks is assembled, unintended consequences can come into play. It is one thing in the commercial world to reveal essential data; it is a completely different situation when the DoD is dealing with life and death situations. Angel predicts significant changes in AI over the next few years, with large language models revolutionizing software systems.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Many listeners have become so familiar with AI that they may have assumed it has been around for decades. Today, we sat down with Will Angel from Excella to explore the application of AI to federal technology from a more nuanced perspective. We dive into three main aspects of AI:  challenges of integrating AI services, Model Context Protocol, and security considerations with agentic systems. Challenges: No company has grown as fast as ChatGPT; in fact, it is the fastest-adopted consumer application in history. Today, it has an estimated eight hundred million weekly users. This has attracted developers who work on federal projects. Wil Angel recommends careful consideration of people arbitrarily porting data to or from products like ChatGPT because it can compromise data security. MCP In certain circles, the term “Model Context Protocol” is used constantly. It has become so popular that people do not realize it was just coined by Anthropic in November of 2024. During the interview, Angel presents variations on MCP for software development and warns about the hype surrounding the relatively new standard for AI systems. Agentic AI  Autonomous systems have been the holy grail for every software developer. The promise of Agentic AI is so powerful that some have jumped into applications without a more prudent approach. When a series of tasks is assembled, unintended consequences can come into play. It is one thing in the commercial world to reveal essential data; it is a completely different situation when the DoD is dealing with life and death situations. Angel predicts significant changes in AI over the next few years, with large language models revolutionizing software systems.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Sometimes, the plow must go deeper. Current approaches to Zeer Trust implementation can leave gaps in security. Today, we sat down with Akamai's Mike Colson to discuss the concept of combining Identity Credential Access Management with Least Permissive Trust. Setting the stage, Mike Colson details some of the challenges in the varying kinds of Zero Trust that are being applied in the Federal Government. The standard way of implementing ICM can result in assigning more resources than necessary, leading to permission creep and inflexible permission. Over provisioning: The amount of data being created is almost impossible to manage. A person may be given access to a data set they are not permitted to see. A “just in time” permission structure would help avoid that situation. Stale:  Just because a person has access to a data set on a Tuesday does not mean he has access on a Wednesday. People can leave the workforce, be reassigned, or change roles. Access must be constantly updated. Static:  Ron Popiel made the phrase, “Set it and forget it,” memorable. Unfortunately, this approach can lead to a permission structure that may limit access to key data. This may be considered under-provisioning, potentially leading to time delays in obtaining key information. Colson took the listeners through several iterations of access control, including Role-Based Access Control and Attribute-Based Access Control. On top of these old favorites, Colson discussed what may be called Context-Based Access Control, or what he calls Least Permissive Trust. Least permissive trust is a concept Colson outlined, which uses user behavior, device health, and contextual factors to grant permission dynamically. The conclusion is simple:  not all Zero Trust is created equal.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The impact of AI in software development in the federal government is so pervasive that, in July of 2025, the President of the United States released a White House AI Action Plan. Today, we sat down with Bob Stevens from GitLab to put this development into perspective, examine some use cases, and suggest methods that federal agencies can use to prepare for this technological shift. What precipitated the initiative is the recognition that change is occurring so rapidly in the world of software development that the federal government must adapt more quickly than in the past, or it will be vulnerable to cyberattacks. Stevens notes that the federal government has been targeting modernization, producing software faster, and being more efficient, for a decade. AI will help them get there, with some possible cost reduction. For example, in the past, a vulnerability may have taken weeks to discover. Utilizing AI allows federal software developers to reduce that discovery to minutes. That ties in with one essential element in the White House initiative: security. In fact, one of the pillars of the Action Plan is titled “Promoting Secure-by-Design AI Technologies and Applications.” Stevens has been involved in federal software development for decades and thinks that a platform approach best serves the essential objectives of this Action Plan. The conversation concludes with the potential for AI to streamline government processes and improve operational efficiency. If you are interested in learning more about the economics of this approach, you can download The Economics of Software Innovations: $750 billion Opportunity at a Crossroads.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com We are recording this at the Air Force Air, Space, & Cyber Conference. During the second day of the conference, General B. Chance Saltman, Chief of Space Operations at the Space Force, talked about a “focus on readiness.” Our guest, Rob Bocek from Virtualitics begins the interview by talking about the concept of readiness being applied to AI. In fact, Bocek recently did an in-depth discussion of this topic at a conference he led titled The Frontiers of AI for Readiness. Today, we combine some of the lessons learned from that gathering with some of the goals and aspirations that were given at presentations at this year's Air Force Air, Space, & Cyber Conference. In a wide-ranging interview, Bocek comments on topics like guardrails, leadership, procurement, and collaboration. GUARDRAILS Even the casual observer will notice that AI will have an impact on the DoD. However, the DoD deals with life and death decisions daily and cannot be subject to data poisoning and LLM attacks. During the interview, Bocek commented on implementing guardrails when experimenting with AI. LEADERSHIP In the corporate world, leaders will justify a blind jump into AI with assertions like, “if they don't jump in, their competitors will.”  The DoD deals with much more than a profit and loss statement. Military leaders must step up with understanding the positives and negatives of AI, and lead technology experts into correct implementations. PROCUREMENT When General B. Chance Saltman was presenting nobody in the audience thought he would include acquisition reform as one of his three main points. He reinforced the concept of living in a contested world where adversaries can adapt quickly, and the American military cannot be held back by antiquated procurement processes. Listen to the podcast to get an idea of some of the solutions available for federal leaders trying to use AI in a responsible manner.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Ten years ago, Nutanix exploded on the federal scene. By now, just about every listener has heard of Nutanix partnering with the federal government in a wide range of projects. Today, an update with Greg O'Connell from Nutanix. He demonstrates how federal agencies can leverage Nutanix's experience to achieve mission success across various cloud environments. During the interview, O'Connell gives a basic comparison of multi-cloud vs. hybrid cloud. From his perspective, a multi-cloud environment includes one or more public cloud providers. A hybrid cloud enables a system that combines on-premises infrastructure with public cloud services. This allows a single, integrated environment, providing more control over access, compliance, and ability to connect with legacy systems. Existing applications and data always present a challenge in moving to the scalability and flexibility of the cloud. Nutanix brings to federal technology its ability to work with legacy systems in a system that has been evaluated over time. Most federal leaders may wonder what is taking place in other agencies. To that end, Nutanix provides an annual report on cloud activities. The 7th Annual Nutanix Enterprise Cloud Index Report highlights that 94% of US government entities utilize AI, but 76% require infrastructure improvements. Liten to this podcast to get an update on innovation from Nutanix and download the report to gain a better understanding of activities in the federal tech community.            

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Most listeners are familiar with LMI as a sixty-year-old nonprofit, providing logistics management services and related research to the federal government. Today, LMI is a for-profit organization that leverages its decades of experience to gain a competitive advantage in understanding use cases where AI can reduce costs, enhance security, and facilitate the analysis of unstructured data. An engagement with LMI does not begin with clients explaining federal regulations; it starts with mission-ready products and platforms that are built on a deep understanding of the need for trust, transparency, and compliance. During the interview, Bettina Koleda explains that the federal government is getting pressured to do more with less. Additionally, because of the importance of the data inherent in many federal applications, users must trust that the data is not being compromised in any manner. LMI has developed a platform called LIGER that combines the need for reduced costs while maintaining compliance. Bettina Koleda explains how it can help translate mission goals into software requirements and continuously refine solutions through feedback from federal agencies. Kaleida is optimistic about the future of AI, believing it can help solve significant global issues if managed effectively.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com It is difficult to pinpoint an exact number, but some statistics show an executive is five times more likely to be attacked than a regular employee. It makes sense. If you receive a suspicious email from a fellow employee, do not respond. However, if you receive an email from the CEO, you are more likely to react more aggressively. In today's interview, Richard Fleeman and Ricky Freeman from Fortreum Labs discussed the increased risk executives face, citing a 74% human error rate in breaches. How do malicious actors get personal information on an executive? Sometimes, leaders are too active on social media and, for example, post when they are on vacation. If an employee gets fooled, he may transfer assets online. Okay, we know ransomware is on the rise drastically, and companies are vulnerable – what can an executive do to prevent this activity? Richard Fleeman observes that once the money is transferred, it is exceedingly difficult to find a resolution. He suggests that prevention is the best approach. Start with social media and see if you are revealing your email or confidential information. Some call this oversharing. Multi Factor Authentication is a terrific way to limit access to your accounts. People often use the same password. Humans tend to repeat passwords. "Password spraying" can be used to break into accounts. Fortreum offers a service to help executives avoid these common pitfalls. They can start with publicly available data and then move onto the dark web. Ricky Freeman notes that attacks like the OMB breach often result in data for sale on the dark web. He has developed tools that enable the scraping of the dark web to determine if an executive can compromise sensitive information. Hard to expunge – easier to opt out Dark web. Even if your compromised information is extant on the dark web, you may not be able to do anything about it. Fortreum's services include manual testing, attack surface analysis, and dark web scraping to identify vulnerabilities and provide recommendations. You can get an idea of your vulnerability by taking advantage of guides to see if you are exposed. 

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government manages a great deal of sensitive information that it is reluctant to share with other agencies or organizations. However, isolation means important decision-making data can be inadvertently withheld from leaders. The simple term "collaborate" can be easily applied in a classroom. Still, it becomes almost impossible with petabytes of data that have varying levels of security, such as classified, secret, and top secret. Even if the puzzle of sharing data is solved, the issue of data classification changes and data being attacked with malicious code remains. Sean Berg is the CEO of Everfox, a company that has spent the last twenty-five years solving this data problem by using cross-domain technologies. During the interview, Sean Berg discusses the role of AI in ensuring data integrity, the challenges posed by legacy systems, and the critical nature of data management in national security and digital transformation. Sean Berg moves beyond Cross Domain Solutions to Everfox's Content Disarm and Reconstruct (CDR) technology. With this approach, the document is opened and examined for malicious code, then copied. CDR is a tool for ensuring data integrity and preventing malware infiltration, allowing for safe and secure collaboration between federal entities.    

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Sometimes, a company becomes so large that it is difficult to be specific about how it can help any organization, especially one as vast as the federal government. Today, we sit down with Ron Bushar, Chief Information Security Officer & Managing Director – Google Public Sector. We address many of the significant concerns federal technology leaders have regarding topics such as cloud-native, edge computing, and Zero Trust. This is a rudimentary overview of working with Google Public Sector. If you would like to connect in more detail, you can attend the free Google Public Sector event in late October. The focus will be on the investments Google Public Sector has made in AI and security. Ron Bushar begins the discussion by highlighting the benefits of transitioning to cloud-native applications. Modern applications demand availability anytime and anywhere. Emphasizing applications that can leverage the cloud provides scalability and security that are often lacking in older systems. Furthermore, when one combines cloud-native with AI, the result is a lighter-weight platform that can be used worldwide to support missions. This “anywhere” concept encompasses areas of the world that require remote access, which is increasingly referred to as edge computing. Google has provided international access since its early years, and it has the capability that can allow federal technology to be connected at the edge. Most federal security conversations today involve the concept of Zero Trust. Ron Bushar makes the point that Google was a pioneer in Zero Trust. Listen to the interview to hear about ·      70% discount ·      Agentic AI ·      Hardening of Google   ·      Gemini and federal applications Even better, attend the Google Public Sector event on October 29, 2025. 

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Virtualitics, a company spun out of Caltech and NASA JPL in 2016, focuses on applying advanced AI to mission-critical challenges, including asset availability, personnel readiness, and supply chain optimization. During the interview, Rob Bocek, Chief Revenue Officer at Virtualitics, provides listeners with insight into how his company can enhance Air Force readiness while ensuring explainability and democratizing AI. Sometimes, AI is described as a “black box” where one pours in data and out pops an answer. In a life-or-death scenario that many military organizations face, this arbitrary approach will not suffice. As a result, solutions provided by Virtualitics, document the process carefully. Listening to the customer is key to understanding supply chain problems.  Rob Bocek details how his team will get close to the end user. This can be a “democratic” approach where a wide variety of input is absorbed. Virtualitics aims to identify the root causes of pain and determine what specifically needs to be solved. He highlights their ability to detect anomalies, optimize training pipelines, and anticipate equipment failures. Once these preliminaries are brought together, the most tremendous success will be accomplished when leadership takes risks. Looking ahead, Virtualitics is hosting the Frontiers of AI for Readiness Summit at Caltech to convene DoD leaders, academics, industry, and investors. Bocek emphasizes partnerships across technology providers, cloud platforms, and startups as essential to scaling AI solutions and accelerating the DoD's adoption.  

"I have friends everywhere." In this special episode, we're joined by Tony Gilroy, the creative force behind the electrifying Star Wars series Andor. Critics and activists on the frontlines in America have praised Andor for its powerful portrayal of resistance, and with Season 2 up for 14 Emmy Awards, it's clear this is no ordinary space opera. Gilroy's vision grounds the story in centuries of history, showing us what it means to resist empire in all its brutality. Andor is an urgent guide for Americans today.  For more than three decades, Gilroy has been shaping modern cinema with blockbusters and fearless storytelling. He gave us Rogue One: A Star Wars Story, and wrote and directed the critically acclaimed political thriller Michael Clayton, which earned him Oscar nominations for both screenplay and direction. His credits include Armageddon and the first four entries of the Bourne series (in which he directed the fourth), Devil's Advocate, Dolores Claiborne, The Cutting Edge, State of Play, and many, many other films.  The son of World War II veteran and Tony and Pulitzer-winning playwright and filmmaker Frank Gilroy, and brother to acclaimed film editor John Gilroy and Oscar-nominated writer-director Dan Gilroy (an Emmy-nominated writer on Andor), Tony Gilroy doesn't just tell stories: he builds immersive worlds where power, corruption, and resistance collide, worlds that help us make sense of our own. We're thrilled to welcome him to Gaslit Nation to discuss this dark chapter in America's history and, through his art, remind us of the courage it takes to stand and fight back. For Gaslit Nation listeners who want the full breakdown of the convicted felon/war criminal distraction circus and what comes next for the Free World, our latest salon digs into the Putin-Trump gaslighting sideshow in Alaska and how the war can actually end. You can watch the recording at Patreon.com/Gaslit. Thank you to everyone who makes our independent journalism possible! Don't miss Monday's salon at 4pm ET, only on Patreon, where we'll dive into two powerful films about resisting dictatorship: The Lives of Others and I'm Still Here.  The Lives of Others tells the haunting story of artists defying the East German Stasi, while I'm Still Here tells the story of a woman whose husband is disappeared by Brazil's military dictatorship in the 1970s, and how she transforms her country for the better.  These two films are reminders that light will always defeat darkness: it's just a matter of time, and collective courage and defiance.    Want to enjoy Gaslit Nation ad-free? Join our community of listeners for bonus shows, exclusive Q&A sessions, our group chat, invites to live events like our Monday political salons at 4pm ET over Zoom, and more! Sign up at Patreon.com/Gaslit!   Show Notes:   Trailer: Andor (Season 2) https://www.youtube.com/watch?v=AE4wxt70aUM   Andor Clip featured in episode: “You're coming home to yourself.” https://www.youtube.com/watch?v=rugpDpd0aV4   'The world is behaving irrationally' - Putin's warm welcome gets cold reaction in Ukraine https://www.bbc.com/news/articles/ckg4mj4011lo   Kremlin critics say Russia is targeting its foes abroad with killings, poisonings and harassment https://apnews.com/article/russia-attacks-poisoning-killing-litvinenko-skripal-5ddda40fd910fe3f8358ea89cb0c49f1?utm_source=copy&utm_medium=share   Gaslit Nation Action Guide: https://www.gaslitnationpod.com/action-guide  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In 1987 Microsoft introduced PowerPoint, it is one of the few applications that has endured almost four decades! Today, we look at some options that incorporate more flexible ways to innovate. Charles Firey from Excella provides listeners three ways to make a transition from PowerPoint to modern applications.  He discusses setting temporary instances of a modification, making sure this approach is consistent, and where to look for opportunities to apply this dynamic method. Sandbox. Instead of worrying about managing sensitive data, create a sandbox or synthetic data environment to enable quick concept demonstrations without compromising security or compliance. Once a federal leader can see the proposed solution, iterations can take place in a more effective manner. Consistent. Once the concept of a “sandbox” has been established, think about federal security considerations. Develop a consistent approach for creating prototypes that align with production-ready compliance requirements that include protecting data at rest and data in transit. Opportunities  - Identify opportunities to incorporate rapid prototyping as part of the method. Not every technical problem can be solved with improving interactions with websites; however, many areas can be helped if you know how to apply an iterative approach to software development. Charles notes that Excella uses synthetic data and consistent workflows to ensure prototypes align with production standards. The conversation also touches on the cost-effectiveness and future potential of AI-driven prototyping in federal projects.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In boardrooms across America, members are slowly starting to notice the proliferation of cyber-attacks. It is one thing to recognize the danger, quite another to do something about it. Board members may ask, how does a company's risk profile compare to others? What is a reasonable amount of money to budget for cybersecurity? What about company growth & change? Are there tools to use to approximate risk level? Today, Ben Scudera from Fortreum jumps feet first and answers the tough questions Ben admits that financial estimates are always difficult, he suggests  a typical  spend of   ½ % - 2%  of a company's annual budget for a typical company. If you are in a regulated environment, perhaps one like a hospital or bank, you may need to revise that estimate. Risk prioritization will have to vary based on the circumstances of each organization. Some start at a weak baseline, others can be quite safe. Even if you are secure, what happens in the future is your company acquires another? What about drastic growth in sales and plant expansion? How to keep up with new attack vectors? Ben's goal is to provide an understanding of the threat without any scare tactics. One approach is to use a guideline from Fortreum's Cyberfoundation  that includes eighteen metrics. This view allows leaders to prioritize remediation efforts. He highlights the importance of continuous risk management and education to combat evolving threats like ransomware and phishing attacks. Here is a link to the guidelines from Fortreum:

Ep. 264 How Automation Is Accelerating Digital Transformation Across Federal Agencies Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com In this episode of the Federal Tech Podcast, host John Gilroy interviews Nabil Amiri, Vice President of Business Development for the federal practice at NWN. The discussion introduces NWN's expanding role in helping federal agencies adopt advanced technologies, particularly artificial intelligence (AI), as part of broader digital transformation efforts. Amiri explains NWN's recent acquisition of Leverage Information, a move that brought deep federal experience—especially with defense, intelligence, and civilian agencies—into NWN's already strong commercial portfolio. This merger allows NWN to deliver robust, secure IT solutions tailored to the complexities of federal requirements such as FedRAMP, STIGs, and Zero Trust. He emphasizes that innovation and compliance can—and must—coexist in the federal space. The conversation touches on the real-world challenges federal agencies face, like outdated systems, budget cuts, workforce reductions, and tool sprawl. Amiri critiques the proliferation of “single panes of glass” in IT environments, which often complicate rather than simplify operations. NWN's strength lies in delivering visibility across systems, reducing complexity, and enabling security and automation through integrated, scalable platforms. Key themes include Zero Trust architecture, infrastructure modernization, automation, and streamlining tech procurement. NWN's flexible acquisition pathways (e.g., via GSA and SEWP contracts) make it easier for agencies to respond quickly to crises like COVID or cyberattacks. On AI, Amiri emphasizes its role in real-time data analysis to improve visibility and prevent outages, critical for mission continuity. NWN remains vendor-neutral, working with a broad ecosystem of partners to deliver best-in-class, mission-focused outcomes. Looking ahead, Amiri confidently predicts that AI will become foundational to all federal IT strategies, driving operational resilience and transformation in the next five years. The interview sets the stage for deeper dives into emerging topics like agentic AI and cloud-native strategies in future discussions.

Ep. 263  How Microsoft Drives Cloud-Powered Transformation in Federal Agencies   Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Microsoft has been a behemoth in the world of information technology since its founding in 1985. The only way to understand how Microsoft can impact the federal government is to take a topic like AI and conduct a thorough analysis. Today, we sat down with Wole Moses, the Chief AI Officer for Microsoft Federal. He shares his perspective on how Microsoft's innovation can help federal agencies achieve their ambitious goals. Essentially, we discuss AI's role in cyber threats, legacy infrastructure, and compliance. Moses explains that Microsoft's AI assistant, Copilot, is integrated into various products to enhance productivity. He emphasizes the importance of a strategic approach to AI, aligning projects with agency missions and goals. Moses discusses the potential of AI to modernize legacy systems and processes, improve cybersecurity, and support software developers. In AI, multimodal refers to a system that utilizes text, images, audio, and even video. He also highlights the need for multimodal AI to expand communication capabilities and the importance of compliance with frameworks like FedRAMP and NIST RMF.   Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Today, we discuss the importance of user experience for federal websites with guests Amanda Chavez and Rishi Vajpayee from Qualtrics. The expansion covers topics such as cost savings, automation, and the impact of unstructured data on how websites provide information. COST SAVINGS Older systems in the federal government may have been designed to optimize for one function. When new administrations are elected, it is possible that alterations can be made, and the existing system can lead to inefficiency and slow data utilization. During the interview, Amanda Chavez details how a company like Qualtrics can help federal leaders understand friction points. This is especially effective when making a transition to the cloud. Bottlenecks are identified, and the remedy is provided, enabling the complete flexibility of the cloud to be leveraged. AUTOMATION Federal agencies are encouraged to do more with less. Automation can provide the solution to this challenge. Frequently, self-service channels can provide information to citizens faster and more reliably than a traditional human in a call center can. UNSTRUCTURED DATA Rishi Vajpayee discusses some of the weaknesses in how surveys about web experience have been conducted. He notes that unstructured data, such as text, email, and feedback, provides a much richer and deeper understanding of how to enhance a website's effectiveness. Qualtrics' upcoming federal summit in August aims to address these issues and improve service delivery. The Qualtrics Federal Summit event in August 2025 will discuss improving the federal website.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The current administration has a focus on reducing costs while also improving the delivery of goods and services. When it comes to handling data, innovations in code generated by artificial intelligence have enabled this remarkable goal. The challenge arises when transitioning from the data center to the hospital. " Fail early" may be a mantra for a software developer, but in a healthcare situation, it is unacceptable.   Today, we sat down with two executives from Phillips and explored the value of applying mobile technology to reduce cost and enhance patient outcomes in hospitals. Both gentlemen are military veterans, and the focus of the discussion is the Department of Veterans Affairs, which operates 170 medical centers and employs over 470,000 staff members. When examining the population of veterans, we can see that it has a wide distribution in rural areas. This can mean long trips for patients to get care. During the interview, we look at wearable devices that can provide information to physicians to help make treatment decisions. These can provide real-time health monitoring to act as an "early warning" system for patients. For example, it can detect signs of infectious diseases before symptoms appear.   Advances in machine learning and artificial intelligence enable Phillips to develop a risk score calculation that reduces exposure to vulnerable populations. Explore opportunities to further deploy Philips' remote monitoring and telehealth technologies within the VA healthcare system.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com According to Forrester, 48% of organizations have more than one hundred tools in a typical toolchain. How many are not being used? How many duplicates are there? How many can remove abilities in other tools? When you deal with a company, they are getting paid to focus on their solution and ignore others. When you deal with a reseller, they have biases, respond to changes quickly, and understand the complexities of vendors in “swim lanes,” which can include competitors. Today, we sit down with Sam O'Daniel, the President and CEO of TVAR. The conversation ranged from selection of the correct tool to procurement and licensing models. For example, in a recent interview, Scott Rose from NIST talked about modern technology that may include IPv6. The sad news is that it prevents scanning address blocks because it cannot scan all the addresses that IPv6 covers. TVAR collaborates with numerous vendors and is familiar with the strengths and weaknesses of each. Additionally, he understands which vendors work well together and respects the concept of their “swim lanes” in the context of federal technology. A typical federal leader cannot spend five hours a day keeping up with modern technology; resellers must maintain updated knowledge, which they can provide federal agencies with a perspective that few have. The conversation also addresses the challenges of procurement and the need for tool consolidation to minimize government waste.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com   Artificial Intelligence can dazzle people to the point where they lose focus on the objectives of the federal agency. In today's interview, Adam Lurie from Knexus begins by discussing a corporate strategy that combines research and innovation with engineering. This approach has been consistent over decades of serving the federal government. One stellar example of this fusion was their success in the $919 million 10-year Supply Chain Risk Illumination Professional Tools and Services (SCRIPTS) Blanket Purchase Agreement from the GSA. One of the challenges in “applied” AI is the data itself. Often, particularly in the federal government, there are strict rules governing the handling of data. We have all heard about the encryption of data at rest and data in transit. Given this limitation, it may be challenging to establish an iterative process that optimizes security and reliability. The answer from Knexus is to use synthetic data to emulate an actual sensitive federal data set. That way, several methods can be used to rapidly identify foreign influence, monitor vendor integrity, and visualize complex risk management scenarios. This innovation enables developers to optimize the security of a supply chain, taking into account variations that incorporate modern technologies and adapt to emerging threats. A key partner in this creative approach is Google. Knexus was recently named 2025's Google Cloud Business Application Partner of the Year for Government. Retaining security while innovating will be the key to applying AI to solve federal business needs now and in the future.  

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Fifteen years ago, Vivek Kundra began the “Cloud First” policy in the federal government.  It took five years for people beginning to talk about “cloud native” applications.  In other words, instead of a lift and shift to the cloud, developers could take advantage of the cloud's capabilities resulting in increased agility, scalability, and resilience. Well, here we are in 2025, and it sure looks like the early days of cloud computing.  Lots of dazzling, but few people know how to leverage efficiency, speed, and personalization of AI. Today, we sat down with Sri Iyer, CTO and Co-founder of a company called KOVR.AI.  Finally, he presents to listeners how AI can be applied to the tedious process of federal certification. We look at the complex process of CMMC. One aspect of CMMC is CUI.  It does sound simple, but if a company over scopes or under scoped CUI it can make for difficulty in completing the certification. Further, assets are changing all the time.  How can a company provide a detailed report of its assets at a specific moment in time?  Next, the employees in a typical federal contractor are billing 40 hours a week.  Is a business owner supposed to pull people off a revenue-generating position to complete CMMC tasks? Finally, what about the companies who supply the DIB?  In a normal supply chain, more than just the company seeking CMMC is part of the puzzle. Listen to the interview to see how the innovation Sri Iyer can be applied to making the CMMC process faster and easier to document. Iyer emphasizes the importance of proper documentation and training for CUI (Controlled Unclassified Information) and offers practical advice for companies to prepare for CMMC, including creating an inventory of IT systems and vendors, and seeking expert help.

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com Zebra Technologies is the best-kept secret in town. The reason is simple: Zebra Technology has been in business for 55 years and has achieved an impressive amount of success in the commercial world. Jan states that 80% of Fortune 500 companies rely on Zebra for asset tracking. Yet, if one were to walk through a federal technology trade show, one would never identify Zebra. In today's interview, we focused on how Zebra Technologies has had a relentless focus on replacing pen-and-paper systems with modern technology. One unexpected benefit of streamlining asset tracking is the reduction in time to prepare reports. Jan Ruderman states that audit preparation can be reduced from eight hours to twenty minutes. Federal technology leaders are drowning in data, much of which is generated by devices such as Operational Technology under the control of Information Technology. Logistics management is the only way to get control of a rapidly changing system. The real lesson is an application of commercial success to the needs of a federal government that is increasingly operating at the edge.