Tech Transforms

• Episode 105: From Compliance to Capability: Securing the Federal Software Supply Chain in the Age of AI

  On this episode of Tech Transforms, host Carolyn Ford welcomes Antoine Harden, Regional VP of Federal at Sonatype, to unpack one of the most urgent challenges in federal cybersecurity: securing the software supply chain. With more than 25 years of experience at Oracle, Google, and now Sonatype, Antoine shares why software supply chain risks from SolarWinds to Log4j have pushed SBOMs (Software Bills of Materials) and continuous monitoring into the spotlight. Together, they break down what SBOMs are (think nutrition labels for software), how mandates like Executive Order 14028 and frameworks like NIST’s Secure Software Development Framework (SSDF) and DoD’s SWFT are changing the compliance landscape, and why automation is essential to get from static ATOs to continuous authorization. Antoine also explains how Sonatype uses AI and software composition analysis tools to close critical gaps in open source and AI-heavy environments, helping agencies shift left, reduce vulnerabilities, and accelerate secure delivery of mission-critical systems. Along the way, the conversation covers everything from JFK delays caused by vulnerabilities, to the risks of “ludicrous speed” AI adoption, to the surprising history of Project Pigeon in WWII. For federal leaders ready to take action, Antoine offers one concrete step: start with a single mission-critical application, mandate an SBOM, and see what hidden risks you uncover. Show Notes: Connect with Antoine https://www.linkedin.com/in/antoine-harden-mba-035a441/ Executive Order 14028 (https://www.federalregister.gov/documents/2021/05/17/2021-10460/improving-the-nations-cybersecurity)NIST Secure Software Development Framework (SSDF) (https://nvlpubs.nist.gov/nistpubs/specialpublications/nist.sp.800-218.pdf) CISA Zero Trust Maturity Model (https://www.cisa.gov/zero-trust-maturity-model) DoD’s SWFT (Software Fast Track Initiative) (https://www.defense.gov/News/Releases/Release/Article/4174350/software-fast-track-initiative/) Sonatype Resource Center (https://www.sonatype.com/resources?_gl=1*1jtfn7r*_up*MQ..*_ga*Mzc1ODU4NTM3LjE3NTYzMTc3NTc.*_ga_3W70E95Z6Q*czE3NTYzMTc3NTUkbzEkZzAkdDE3NTYzMTc3NTUkajYwJGwwJGgw*_ga_2TMM6KZPXQ*czE3NTYzMTc3NTUkbzEkZzAkdDE3NTYzMTc3NTUkajYwJGwwJGgw*_ga_08HT33J01V*czE3NTYzMTc3NTUkbzEkZzAkdDE3NTYzMTc3NTUkajYwJGwwJGgw)

  --------  

  40:57

  --------

  40:57
• Episode 104: Securing the Future: AI, Cyber Risk, and the Federal Mission

  In this episode of TechTransforms, host Carolyn Ford sits down with Martin Stanley, Senior Advisor at NIST, to explore how AI is reshaping federal cybersecurity. They dive into NIST’s AI Risk Management Framework, the growing need for secure and resilient AI systems, and what it takes to build a “risk-aware” culture in government. Stanley shares insights on guarding against threats like model theft and prompt injection, how agencies are adapting zero trust principles for AI, and why explainability is essential in machine learning models. Whether you're new to AI governance or advancing your cybersecurity strategy, this episode offers practical guidance for navigating the evolving AI risk landscape. Show Notes: NIST AI resources: https://www.nist.gov/artificial-intelligence/ai-resources AI Risk Management Framework https://www.nist.gov/itl/ai-risk-management-framework NIST-AI-600-1: AI RMF Generative AI Profile https://airc.nist.gov/docs/NIST.AI.600-1.GenAI-Profile.ipd.pdf Secure Software Development Practices for Generative AI and Dual-Use Foundation Models: An SSDF Community Profile https://doi.org/10.6028/NIST.SP.800-218A Email: [email protected] LinkedIn: https://www.linkedin.com/in/mcs729/

  --------  

  48:21

  --------

  48:21
• Episode 103: From GOTS to COTS: How Policy and Innovation Are Reshaping the Tactical Edge

  *COTS vs. GOTS: What the Federal Mandate Really Means with Dom Perez * In this episode of Tech Transforms, host Carolyn Ford is joined by Dominic Perez, CTO of Curtiss-Wright Defense Solutions, to break down one of the hottest topics in defense tech: the federal government’s new COTS-first mandate. What happens when agencies must justify government-off-the-shelf (GOTS) solutions in 60 days or lose funding? Dom shares what this means for acquisition teams, why the policy might create more confusion than clarity, and how commercial solutions for classified (CSfC) are transforming secure communications in the field. From rugged mesh networks to “MacGyvered” mission-ready tech, Dom takes us behind the scenes of CSFC innovation, explaining how rapid deployment, lifecycle savings, and mission flexibility are driving real change. If you’ve ever wondered how defense innovation happens at the speed of relevance or what’s really in that “Rubbermaid tote” this one’s for you. Topics include: * The 60-day COTS mandate and its real-world impact * CSFC vs. Type 1: Speed, security, and scale * What government and industry must do better * Why the coolest tech might not come from GOTS anymore * The value of failure, fast iteration, and field-informed design Follow Dom Perez on LinkedIn for more insights and check out Curtiss-Wright’s whitepapers on modular open systems, CSFC, and edge AI. * Dominic Perez LinkedIn: https://www.linkedin.com/in/dominicperez/ * Curtiss Wright White Papers: https://www.curtisswrightds.com/resources/white-papers

  --------  

  42:33

  --------

  42:33
• Episode 102: Jurassic Networks: High Threat, Low Defenses, and the OT Reckoning

  In this episode of Tech Transforms, Daryl Haegley, Technical Director for Control Systems Cyber Resilience at the Department of the Air Force, shares insights from his nearly four decades of federal service, discussing the evolving landscape of cybersecurity for operational technology and control systems. He talks about the importance of creating a culture of security across government and industry, the challenges of modernizing legacy systems, and the urgent need to address cybersecurity gaps before adversaries exploit them. From developing a first-ever scorecard for facility cybersecurity to his mission of aligning cyber practices with national defense priorities, Haegley underscores the critical role of leadership, collaboration, and continuous innovation in securing the nation’s most vulnerable systems. For an even deeper dive, here are additional resources for your convenience: · Annual Threat Assessment Report: 2024 DNI ATA and 2025 DNI ATA (https://www.dni.gov/index.php/newsroom/reports-publications/reports-publications-2025/4058-2025-annual-threat-assessment) · Cyber Resilience Office for Control Systems (CROCS): Watch (https://media.dau.edu/media/t/1_dkw9po8q) · “OT: Lock It Down” Music Video: Listen here (https://youtu.be/PKVbmCt_Vyo) · Articles Referenced: Wired for Risk – SC World (https://www.scworld.com/perspective/wired-for-risk-the-overlooked-cyber-threat-to-americas-military-communities) Cyber Skills Gap – Federal News Network (https://federalnewsnetwork.com/cybersecurity/2025/06/agencies-grapple-with-cyber-skills-gap-in-control-systems/) Cyber OT training: [Article] (https://www.spaceforce.mil/News/Article-Display/Article/4077138/control-systems-security-specialist-training-strengthening-our-critical-systems/)

  --------  

  42:54

  --------

  42:54
• Episode 101: The Fast Track to Global Defense Collaboration

  What happens when bureaucratic red tape meets bold collaboration? In this episode of Tech Transforms, Carolyn Ford is joined by Mat Cantagallo, Defense Director at Austrade, to explore how OWL, GME, and Austrade became the first to successfully leverage the AUKUS exemption, cutting through years of export restrictions to enable real-time defense collaboration between the U.S. and Australia. From simplifying tech transfer to accelerating mission-critical training, this conversation offers a powerful look at how smart policy and strategic partnerships are setting a new benchmark for global security innovation. If you’re in defense, cybersecurity, international trade, or just love a good story about making the impossible possible, this one’s for you. Contact Mat https://www.linkedin.com/in/mat-c-a377937/

  --------  

  40:30

  --------

  40:30

More Government podcasts

Trending Government podcasts

About Tech Transforms