Colorado Springs, CO

Aaron Gilmore

Industrial Security & Compliance, Emergency Management, Software Engineering, Project Management, Communications & Emerging Technology SME

I work directly with leadership teams of all types when security and/or safety are a top priority. As a 2016 Defense Counterintelligence and Security Agency (DCSA) Cogswell Awardee, you can rest assured that I bring high quality Classified Security & Emergency Management capabilities to all industries, all the same.

How I think

Security isn’t a tool or a department — it’s an ecosystem of people, communications, facilities, process, and technology that either works together under pressure or fails together in silence. My background spans comms architecture (US Army 25U), Classified program and Courier Management discipline, emergency readiness, compliance translation, and implementation realities.... so I naturally think end-to-end instead of in silos (Or in other words, I think of the Forest instead of the Trees). I’m at my best when constraints are real: limited time, imperfect data, and systems that must keep operating while you fix them. I translate dense standards into buildable plans and evidence — not just “what the requirement says,” but what it looks like in workflows, configurations, training, and artifacts a team can maintain. I bias toward solutions that are simple enough to operate during disruption, not just elegant on paper. I’m also allergic to security theater... if we’re going to do “minimum viable compliance” because that's all the resources you as a client have, it still has to hold up when an incident, audit, or business shock tests it. My long-term goal is to bring the discipline of the classified world into everyday organizations — especially small businesses — so strong security and compliance aren’t reserved for the highest bidders (CMMC is now a vehicle that can deliver that goal). And I hold a strict ethical line: I build protection, transparency, and resilience — not shortcuts that compromise people’s rights, privacy, or intellectual property.

The principles that guide my work:

End-to-end visibility beats siloed optimization. If comms, people, policy, and tech don’t connect, your “controls” are just paperwork.
Evidence beats opinions. Especially in audits and incident reviews — if it isn’t provable, it isn’t real.
Build it simple enough to operate under stress. A control you can’t execute during disruption is a liability, not a safeguard.

“Tradition becomes our security — and when our mind is secure, we are in decay.”

--Jiddu Krishnamurti

Experience

High-trust security discipline (classified + industrial security).
I’ve worked in environments where mistakes have real consequences—COMSEC accountability, classified handling, and industrial security expectations that demand consistent procedure, documentation, and follow-through. I’m also a DoD James S. Cogswell Award recipient (2016), one of the most respected recognitions in the industrial security community. Check out what this award means: https://www.dcsa.mil/Industrial-Security/Cogswell-Awards/ .

Communications “full stack” (architecture + interoperability + reliability).
My foundation is communications technology systems and operations (from secret message delivery, to flag signals, to SatCom, to blockchain networks): troubleshooting, building, teaching, and keeping complex architectures functioning across mixed environments.

Resilience and emergency readiness (security that works under pressure).
I’ve supported teams that needed plans they could actually execute—especially when conditions were stressful, time was limited, or the environment was changing.

Program and project leadership (delivery across complexity).
I’ve led multi-stakeholder work where governance, coordination, and execution decide success—including managing large teams and evolving a complex emerging-technology effort into a government-sponsored program.

Community leadership (building the local pipeline).
I currently serve as Chair of the Pikes Peak Business & Education Alliance (PPBEA) Computer Science, IT & Cybersecurity Committee, working with educators and employers to strengthen the local talent pipeline and improve how we prepare students for real-world careers—not just theoretical skill checklists:
https://www.cde.state.co.us/postsecondary/promisingpractices/ppbea

https://ppbea.org/#/

Why I Joined Bees

I met Gary while assisting the University of Colorado Colorado Springs (UCCS) with a blockchain project funded by Colorado Senate Bill 18-086. At first Gary was my Project Manager partner for that project. But after learning more about each other over around a year, Gary asked me a very simple but complicated question one day:

“What do you actually want to do, if you could work for yourself?”

I thought for a while and then came back to him on a different day with a complicated response:

“Deliver the same capabilities of a classified Secret Industrial Security program ready to implement “Happy Meal”, to unclassified US government contractors, and disrupt the entire security sector by also spreading this same solutions to ALL general industries alike, especially small businesses that cannot traditionally afford this level of security”.

From there it was an offering of an handshake and a “do you want to do that together?” and I became his 1st partner. By succeeding in the many difficult challenges the Army presented me, I doomed myself into a fate to become a COMSEC CAM, a Classified Program Manger & Classified Courier Manger, and the many other adventures that continued to build in my career both in and out of service. Receiving the coveted Cogswell award in 2016 only strengthened this fated resolve further. Learning blockchain with Gary forced me to learn software engineering, and shortly after COVID, AI went from Sci-Fi fantasy to plausible in a matter of a few years. Now you can say I unlocked more achievements in real life with these new emerging tech and software skills that i cannot ignore learning 1st hand.

Now I continue these same skills with a combined dream at BEES Computing, Industry Disruption through SEM and Automation technology for SMBs.

How I Engage

When you bring me in, you’re not just getting advice — you’re getting a practical operator who can assess reality, translate requirements into buildable steps, and help your team produce outcomes you can sustain. I adapt my delivery to what you actually need (policy updates, implementation support, training, or readiness validation), but I keep the engagement flow consistent so you always know where we are and what “done” looks like.

1) First, I assess and clarify scope. I review what exists, map how work really happens (people/process/tech/facility), identify the highest-consequence gaps, and define what “good” means for your size, industry, and risk tolerance.

2)Then, I build an executable plan. I translate requirements (CMMC, NIST 800-family, RMF-style controls, or your internal standards) into a roadmap your team can actually run — roles, priorities, artifacts, and a realistic sequence that doesn’t break operations.

3) Finally, I validate and leave you stronger. We produce usable evidence (not just documents), pressure-test the plan with tabletop exercises or operational checks where appropriate, and make sure the program can function without me — owners assigned, cadence established, and the work integrated into normal business rhythm.

In practice, this often means a mix of: policy/procedure packs, control-to-evidence mapping, POA&Ms and remediation plans, training toolkits, incident/emergency playbooks, and “audit-ready” evidence organization. Where deeper specialization is needed, I coordinate with the right technical experts — but I stay accountable for keeping the work coherent, realistic, and tied to business outcomes. And although I've mostly focused on Security above, I also am a seasoned Project Manager, a SME in Blockchain, Automation & AI Technologies and traditional comms architectures still used in both the military and general industry. These 3 steps still apply in how i deliver results in these fields as well.

I build mission-ready security and emergency management programs that survive reality — for organizations on this world, and the ones we haven’t met yet.

I'm open for business to all galactic species!!

Human-led, Automation-Enhanced. SEM-Artificium.

AI Transparency & Professional Standards

Bees Computing leverages AI tools as part of our research, analysis, and content development processes. All deliverables, assessments, and recommendations are reviewed, validated, and approved by our certified cybersecurity professionals before publication or delivery to clients. Our use of AI enhances efficiency while maintaining the human expertise, judgment, and accountability that our clients depend on.