S2E24: Paul Puckett & Tyler Gesling

In this episode of Resilient Cyber, Chris Hughes is joined by Paul Puckett, Director of the Army’s Enterprise Cloud Management Agency, and Tyler Gesling, DoD CIO, to discuss the recently published DoD Continuous ATO (cATO) memo. They dive into the challenges and opportunities around continuous authorization and how this new framework aims to enhance security and operational agility across the Department of Defense. 🔐

🔑 Key Highlights:

• What is Continuous Authorization (cATO) and why it's a game changer for the DoD

• The importance of aligning cloud, DevSecOps, and digital modernization with continuous ATO

• Insights into the three pillars of the cATO memo and their implications for security teams

• Addressing the challenge of scaling cATO across different service branches

• How continuous monitoring and real-time risk management can improve the DoD’s security posture

• Lessons learned from implementing DevSecOps and cloud infrastructure in the Army and broader DoD

• The role of leadership in fostering innovation while maintaining security and compliance

Paul and Tyler also share their thoughts on the future of cloud adoption in the DoD, the importance of collaboration across services, and how this memo helps to streamline security efforts in a rapidly evolving threat landscape.