RegScale’s Travis Howerton on taking the pain out of compliance in highly-regulated industries

In this week’s episode of The Future of Security Operations podcast, Thomas is joined by Travis Howerton, Co-founder and CEO of RegScale. Travis began his security career with roles at government and regulated organizations, including the National Nuclear Security Administration and Oak Ridge National Laboratory, before being inspired by inefficiencies in compliance processes to co-found RegScale. As CEO of RegScale, he oversees their Continuous Controls Monitoring platform, which enables rapid GRC outcomes for organizations like Wiz, Keybank, and the US Department of Energy.

In this episode:

[02:15] How an interest in computer science led Travis to pursue a career in security

[03:20] Working in “the Major Leagues of cyber” at the National Nuclear Security Administration

[06:20] Moving fast in highly-regulated environments

[07:10] Securing the world’s fastest supercomputer at Oak Ridge National Laboratory

[10:30] Supporting digital transformation at enormous scale at Bechtel Corp

[15:15] How outdated compliance processes inspired Travis to co-found RegScale

[18:15] How RegScale acquired its first high-profile clients through "hustle and luck"

[19:20] The challenges of building the first version of RegScale

[21:15] Taking the pain out of compliance

[23:20] The biggest GRC roadblocks teams are facing right now

[25:10] Practical advice for moving the needle on your automation program

[27:33] Eliminating redundancy and inefficiency in federal compliance programs

[32:30] What’s next for RegScale

[33:45] The best applications of AI (and which decisions should "never" be made AI)

[35:45] Navigating regulatory uncertainty when it affects your whole business model

[38:40] What SecOps and compliance teams might look like in the future

[40:20] What the best compliance teams do to build rapport with security, IT and other business functions

[43:30] Why AI adoption is a risk-based conversation every organization should be having with their CISO

[46:00] Connect with Travis

Where to find Travis Howerton:

• LinkedIn

• RegScale

Where to find Thomas Kinsella:

• LinkedIn

• Tines

Resources mentioned:

• The CISO Society 2025 State of Continuous Control Monitoring Report