Sign up to save your podcasts
Or
Share FedRAMP 20x Explained, CMMC Impact, and Real Compliance Talk with Matt Bruggeman
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
FedRAMP 20x Explained, CMMC Impact, and Real Compliance Talk with Matt Bruggeman
In this episode of Behind the Shield, Jason Shropshire, InfusionPoints COO, sits down with Matt Bruggeman, Director of GTM Federal at A-LIGN, to explore one of the most unique career paths in the compliance space and how it directly shapes the way he approaches FedRAMP today. Starting in engineering, transitioning into improv comedy, and ultimately moving into sales engineering, Matt brings a perspective that blends technical depth with communication, adaptability, and real-world problem solving.
We dive into the realities of FedRAMP, including the friction points that have challenged CSPs over the last several years, from inconsistent interpretations to long timelines and the operational burden of maintaining authorization. Matt shares firsthand insight into how these challenges have impacted both providers and assessors, and where the industry is starting to shift.
The conversation also unpacks FedRAMP 20x and what it actually means beyond the headlines. We talk about automation, machine-readable evidence, and what organizations need to start thinking about now if they want to keep pace with where the program is going. This isn’t just about moving faster, it’s about fundamentally changing how compliance is approached.
We also touch on CMMC and its growing influence across the defense ecosystem, how it compares to FedRAMP, and why organizations need to think strategically about overlapping requirements and long-term compliance investments.
Throughout the episode, Matt highlights the importance of clear communication, storytelling, and being able to translate complex technical requirements into something actionable, especially in a space that often leans too heavily on jargon and process.
Whether you're early in your FedRAMP journey, actively working toward authorization, or rethinking your approach in light of 20x, this episode offers practical insight, honest perspective, and a look at where compliance is headed next.
What You’ll Learn:
• Matt’s journey from engineering to improv and how it shaped his approach to problem-solving
• The realities of FedRAMP challenges and why the process has been so difficult historically
• How FedRAMP is evolving and what changes are underway
• What FedRAMP 20x actually means and what it requires from organizations
• The impact of CMMC on the broader compliance and defense ecosystem
• Why communication, storytelling, and adaptability matter in technical roles
• Key insights for navigating compliance in a rapidly changing environment
Chapters:
0:00 - Introduction to the Podcast
0:29 - Meet Matt Bruggeman
1:16 - Matt's Engineering Background
2:13 - Transition to Improv Comedy
4:04 - Sales Engineering Journey
6:02 - Joining A-LIGN and FedRAMP
11:01 - FedRAMP Challenges and Changes
17:12 - CMMC and Industry Impact
23:33 - FedRAMP 20X Discussion
47:43 - Lighter Fare and Closing
If you’re building, managing, or defending in regulated environments, make sure to subscribe for more conversations like this.
Interested in learning more about FedRAMP 20x? Join our FedRAMP 20x Explained webinar on April 2nd at 1 PM EST: https://xbu40.com/20x-cohort
Guest Links:
Matt Bruggeman Linkedin: https://www.linkedin.com/in/matt-bruggeman/
A-LIGN- https://www.a-lign.com/
Mostly Compliant Podcast- https://www.youtube.com/playlist?list=PLLU5Lb_V9iSyFhftOkbrOE_y0DVAvDmO4
Sooper Doods- https://www.youtube.com/@SooperDoods
InfusionPoints Links:
Jason Shropshire, COO- https://www.linkedin.com/in/shrop/
https://www.linkedin.com/company/infusionpoints/
https://www.InfusionPoints.com
https://infusionpoints.com/contact-us
View all episodes
By InfusionPointsIn this episode of Behind the Shield, Jason Shropshire, InfusionPoints COO, sits down with Matt Bruggeman, Director of GTM Federal at A-LIGN, to explore one of the most unique career paths in the compliance space and how it directly shapes the way he approaches FedRAMP today. Starting in engineering, transitioning into improv comedy, and ultimately moving into sales engineering, Matt brings a perspective that blends technical depth with communication, adaptability, and real-world problem solving.
We dive into the realities of FedRAMP, including the friction points that have challenged CSPs over the last several years, from inconsistent interpretations to long timelines and the operational burden of maintaining authorization. Matt shares firsthand insight into how these challenges have impacted both providers and assessors, and where the industry is starting to shift.
The conversation also unpacks FedRAMP 20x and what it actually means beyond the headlines. We talk about automation, machine-readable evidence, and what organizations need to start thinking about now if they want to keep pace with where the program is going. This isn’t just about moving faster, it’s about fundamentally changing how compliance is approached.
We also touch on CMMC and its growing influence across the defense ecosystem, how it compares to FedRAMP, and why organizations need to think strategically about overlapping requirements and long-term compliance investments.
Throughout the episode, Matt highlights the importance of clear communication, storytelling, and being able to translate complex technical requirements into something actionable, especially in a space that often leans too heavily on jargon and process.
Whether you're early in your FedRAMP journey, actively working toward authorization, or rethinking your approach in light of 20x, this episode offers practical insight, honest perspective, and a look at where compliance is headed next.
What You’ll Learn:
• Matt’s journey from engineering to improv and how it shaped his approach to problem-solving
• The realities of FedRAMP challenges and why the process has been so difficult historically
• How FedRAMP is evolving and what changes are underway
• What FedRAMP 20x actually means and what it requires from organizations
• The impact of CMMC on the broader compliance and defense ecosystem
• Why communication, storytelling, and adaptability matter in technical roles
• Key insights for navigating compliance in a rapidly changing environment
Chapters:
0:00 - Introduction to the Podcast
0:29 - Meet Matt Bruggeman
1:16 - Matt's Engineering Background
2:13 - Transition to Improv Comedy
4:04 - Sales Engineering Journey
6:02 - Joining A-LIGN and FedRAMP
11:01 - FedRAMP Challenges and Changes
17:12 - CMMC and Industry Impact
23:33 - FedRAMP 20X Discussion
47:43 - Lighter Fare and Closing
If you’re building, managing, or defending in regulated environments, make sure to subscribe for more conversations like this.
Interested in learning more about FedRAMP 20x? Join our FedRAMP 20x Explained webinar on April 2nd at 1 PM EST: https://xbu40.com/20x-cohort
Guest Links:
Matt Bruggeman Linkedin: https://www.linkedin.com/in/matt-bruggeman/
A-LIGN- https://www.a-lign.com/
Mostly Compliant Podcast- https://www.youtube.com/playlist?list=PLLU5Lb_V9iSyFhftOkbrOE_y0DVAvDmO4
Sooper Doods- https://www.youtube.com/@SooperDoods
InfusionPoints Links:
Jason Shropshire, COO- https://www.linkedin.com/in/shrop/
https://www.linkedin.com/company/infusionpoints/
https://www.InfusionPoints.com
https://infusionpoints.com/contact-us