The Secure Developer

A podcast about security for developers, covering tools and best practices.


episode 95: Ep. #95 Security in Public Service with Robert Wood

How do you protect sensitive healthcare information for millions of people while at the same time keeping up with fast-paced development demands? On today’s episode of The Secure Developer, we speak with Robert Wood who has been grappling with this question over the past year. Robert has an established career in the private cybersecurity sector having worked for a range of startups of varying sizes, from teams as small as six to numbering well over a hundred people. He has since been driven to public service and for the past six months, he has been working at The Center for Medicare & Medicaid (CMS) as their chief information security officer.

In our discussion, we look at the intersection between government and security to interrogate how to make modern security approaches thrive in an environment that poses unique challenges but essentially functions from a place of integrity and good intentions. Robert shares how he’s had to adjust to working at a government agency after his history working in startups, like becoming accustomed to the decentralized goals in government versus the singular focus of product development at a startup. He explains how risk aversion can cause stagnation, which in turn causes its own vulnerabilities and risks, and how he would like to see this issue addressed in the future. Tuning in you’ll hear why Robert is a big proponent of the security champions model and how CMS has been able to utilize an information system security officer. Join us today for a fascinating peek behind the curtain of how CMS is run and how it has the potential to innovate!


 2021-05-17  38m