Permission To Play W/Nathan Kaufma #409
You've Been Heard, Monday, March 23rd, 2026
Nathan Kaufman walked into a $100 million defense contractor with 80 employees, zero IT infrastructure, and two years to become CMMC Level 2 compliant or lose all DoD contracts. No Active Directory. SSH open to the internet. Engineers buying equipment with personal credit cards. A flat network running on unpatched switches.
He built it all from the ground up. Deployed CrowdStrike across 350+ endpoints. Migrated to Azure GCC High. Survived a merger, acquisition, and divestiture simultaneously. Grew the team from one person (him) to five across three locations and 260 employees. Passed the CMMC audit in November 2025.
Then he got fired in August.
We get into the technical path for CMMC compliance, why "permission to play" became his rallying cry with executives, and the SBI framework for communicating IT value. Nathan shares his biggest lesson: you can have amazing technical skills, but if you don't advocate for yourself, nobody else will.