Kayne and Tom talk with Lisa Hall, CISO at Safebase. Recorded from Austin, Texas, they try a flight of local beer! They also take time to discuss Lisa's FedRAMP journey, talking with auditors, and the implications of the CrowdStrike disaster. ▬ Contents of this episode ▬▬▬▬▬▬▬▬▬▬ 0:00 - Intro 0:55 - Beer background 7:00 - Implementing FedRAMP at a Company with an Agency Sponsor 13:07 - Comparing FedRAMP with Other Cybersecurity Frameworks 18:50 - How Frameworks Should Demonstrate Existing Practices 23:51 - Being Comfortable with Controls When Talking to Auditors 29:11 - July 2024 CrowdStrike IT Disaster and Its Implications 33:00 - Beer reviews The Drafting Compliance series: To lighten the dark corners of compliance, hosts Kayne and Tom as share with you Hyperproof's journey to becoming FedRAMP moderate, an overall roadmap to achieve FedRAMP compliance in a year, and the tips and tricks they learn along the way. As if compliance isn't fun enough, the hosts also try out a new beer each episode and rate it on a scale from 1-10.