Buzzword? Architecture? Perhaps a true security approach for modern organizations? Join us as we chat with organizations of all types and sizes to learn about their Zero Trust adoption journey and as we answer these questions along the way.
…
continue reading
1
Behind the scenes of cybersecurity media and reporting
1:04:53
1:04:53
나중에 재생
나중에 재생
리스트
좋아요
좋아요
1:04:53
Season 3, Episode 15: We gather a panel of journalists, communications, and a researcher to discuss how cybersecurity news and incidents are reported. You can read the show notes here. In the world of cybersecurity journalism, you can broadly divide it into four competing forces: reporters, communications teams, researchers, and readers. Each requi…
…
continue reading
1
GRC tool or spreadsheets, that is the question | GRC Uncensored Preview
43:13
43:13
나중에 재생
나중에 재생
리스트
좋아요
좋아요
43:13
In our final preview episode of GRC Uncensored, we explore a particularly bipolar debate: do you need a GRC tool to manage compliance, or will spreadsheets suffice? After this, we will be back to our regularly produced AZT episodes. The last episodes of our pilot for GRC Uncensored can be found on your favorite podcast app or newsletter on Substack…
…
continue reading
1
Podcast Preview: GRC Uncensored and the commoditization of compliance
41:30
41:30
나중에 재생
나중에 재생
리스트
좋아요
좋아요
41:30
We are interrupting our regularly scheduled podcast series to introduce you to a new series we developed: GRC Uncensored. This pilot season will elevate conversations about GRC that are often buried under millions of dollars in marketing spend. No boring talks about controls or frameworks, just unfiltered discussions with auditors and practitioners…
…
continue reading
Welcome back to Adopting Zero Trust! In this episode, hosts Elliot Volkman and Neal Dennis are joined by Rob Allen, Chief Product Officer of ThreatLocker, to dive deep into the operationalization of Zero Trust. Despite covering various aspects over three seasons, this crucial topic is addressed thoroughly. They explore pre-adoption preparation, ali…
…
continue reading
1
Log4j Continues to act as Organizational Vulnerability
47:56
47:56
나중에 재생
나중에 재생
리스트
좋아요
좋아요
47:56
Season 3, Episode 13: Cato Network’s Etay Maor provides fresh research on the abuse of unpatched log4j libraries. Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. This week on Adopting Zero Trust (AZT), we highlight a significant cybersecurity risk focused on the notorious Log4j vulnerability and the growi…
…
continue reading
1
Overturning of Chevron Deference’s Impact on Cybersecurity Regulation
51:44
51:44
나중에 재생
나중에 재생
리스트
좋아요
좋아요
51:44
Season 3, Episode 12: Could the overturning of Chevron Deference impact cybersecurity and privacy regulations? Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. Welcome back to Adopting Zero Trust or AZT. In our latest episode, we assembled a distinguished panel to dig into a timely topic affecting the cybe…
…
continue reading
Season 3, Episode 11: Vulnerability management is critical to any Zero Trust strategy, but you probably already know that. Fortra’s Tyler Reguly breaks down severity vs. risk. Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. Every organization relies on some form of technology to run, and each tool you add…
…
continue reading
1
The Unstoppable Phish: A Discussion with Vivek Ramachandran
26:31
26:31
나중에 재생
나중에 재생
리스트
좋아요
좋아요
26:31
Season 3, Episode 10: Elliot chat’s with Vivek Ramachandran of SquareX about his approach to tackling the impossible: Social engineering. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. For nearly three decades, social engineering, particularly phishing, has been one of the most impactful and fina…
…
continue reading
1
Breaking Down the SMB Threat Landscape and The Value of MSPs with SonicWall
46:22
46:22
나중에 재생
나중에 재생
리스트
좋아요
좋아요
46:22
Season 3, Episode 9: We chat with SonicWall’s Doug McKee about the top 5 threats targeting SMBs based on recent research. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Cybersecurity challenges come in many different flavors regardless of how old your company is or how many employees it houses. L…
…
continue reading
1
Decoding Emerging Threats: MITRE, OWASP, and Threat Intel
25:00
25:00
나중에 재생
나중에 재생
리스트
좋아요
좋아요
25:00
Season 3, Episode 8: AZT and Dr. Zero Trust have a crossover episode where we chat with reps from MITRE and OWASP about challenges associated with emerging threats. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Every few weeks, and occasionally every few days, we hear report of a new novel techn…
…
continue reading
1
Navigating the Ever-Changing Landscape of Cybersecurity Regulations With Lacework and Drata
30:10
30:10
나중에 재생
나중에 재생
리스트
좋아요
좋아요
30:10
Season 3, Episode 7: Though regulation impacting cybersecurity moves slow, when new laws are introduced it often puts significant strain on companies. Lacework’s Tim Chase and Drata’s Matt HIllary discuss navigating the latest broad-sweeping regulations. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes h…
…
continue reading
Season 3, Episode 6: Two seasoned cybersecurity professionals, Bryan Willett and Kris Lovejoy, shed light on the dilemma organizations face when hit by ransomware: Should they pay the ransom or not? Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Ransomware: To Pay or Not to Pay? It’s an easy ques…
…
continue reading
Season 3, Episode 5: Cyber Insurance may not be the sexiest topic, but it’s an important piece of any mature cyber program. We chatted with a lawyer and a VC who share their perspective. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are many aspects of cybersecurity that are not classified…
…
continue reading
1
The Current and Future State of Zero Trust With Forrester’s David Holmes
54:05
54:05
나중에 재생
나중에 재생
리스트
좋아요
좋아요
54:05
Season 3, Episode 4: Forrester Principal Research Analyst on Zero Trust, David Holmes, shares his perspective on the current and future state of Zero Trust. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Zero Trust is a concept, a strategy, a philosophy, and, for some poor souls, a solution you c…
…
continue reading
Season 3, Episode 3: Canva’s Head of Enterprise Security, Kane Narraway, discusses how to deploy a Zero Trust strategy in under a year. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. This week on Adopting Zero Trust (AZT) we chat with Kane Narraway, the head of Head of Enterprise Security at Canv…
…
continue reading
Season 3, Episode 2: In our conversation with Energy Solution’s CIO David Weisong we chat about how new processes, technology, and budgets are formed. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. It’s a mystery as old as time: the cybersecurity and technology budget and acquisition strategy. Ho…
…
continue reading
To start the new season, we are joined by Hacker Valley Media’s Ron Eddings and Chris Cochran, who discuss breaking into cybersecurity and the role storytelling plays. A new year, a new season, and plenty of new threats to impact the world of cybersecurity. This week we break from our typical conversations about modern cybersecurity strategies and …
…
continue reading
1
From Hacktivist to White Hat Hacker. A Chat with LulzSec’s Sabu.
56:18
56:18
나중에 재생
나중에 재생
리스트
좋아요
좋아요
56:18
Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. PS, we're giving away a Flipper Zero on our site as a little season finale gift. Check out details on our site. You know what they say, you save the best for last. As we wrap season two of Adopting Zero Trust, we take a shift from our standard conver…
…
continue reading
Season two, episode 18: Evgeniy Kharam, a founder, CISO, architect, and podcast producer discusses the rise of Enterprise (Secure) browsers. You can read the show notes here and subscribe to updates. In the latest episode of AZT, Evgeniy Kharam, a founder, CISO, architect, and podcast producer, joins the discussion to talk about the rise of Enterpr…
…
continue reading
1
Beyond the Buzzword: Applicable use of AI in Cybersecurity
56:37
56:37
나중에 재생
나중에 재생
리스트
좋아요
좋아요
56:37
Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. The word AI, much like Zero Trust, has come with a lot of baggage in the past few years. It’s a term that’s been misused, slapped on the front of startups’ overpriced booths at RSA and Black Hat, and it feels like every cybersecurity product under th…
…
continue reading
1
AZT: Zack Butcher on Building Zero Trust Standards and Securing Microservices
54:57
54:57
나중에 재생
나중에 재생
리스트
좋아요
좋아요
54:57
Season two, episode 16: Zack Butcher discusses building upon NIST’s Zero Trust policies and standards, and ZT’s influence on a service mesh as it relates to microservices. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are several guiding concepts that make it easier for organizations to bu…
…
continue reading
1
AZT: API Security with John Kindervag, Chase Cunningham, and Richard Bird
38:12
38:12
나중에 재생
나중에 재생
리스트
좋아요
좋아요
38:12
Season two, episode 15: We talk ZT History and API security with the godfather of Zero Trust, Dr Zero Trust, and Richard Bird. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. In the past few years, supply chain attacks and their impacts have or will soon overtake that of the damage done by ransomw…
…
continue reading
The illusion of going passwordless with Derek Hanson, Vice President Solutions Architecture and Alliances at Yubico. You can read the show notes here. True or False: The concept of passwordless is new. False. This is shocking, we know. Considering the amount of hype around the concept, it certainly can feel like a new concept since the masses are b…
…
continue reading
1
Adopting Zero Trust: Philosophy of Prevention with iHeartMedia’s Janet Heins
44:02
44:02
나중에 재생
나중에 재생
리스트
좋아요
좋아요
44:02
Season two, episode 13: Cybersecurity prevention on a global scale with Janey Heins, Global CISO for iHeartMedia. At the heart of Zero Trust is the idea of prevention. If you don’t trust anything or any person, you are playing in the same pool as risk avoidance. While total risk avoidance isn’t feasible, Zero Trust gets us closer to reality. Now, m…
…
continue reading
Over the past two years, we’ve explored the ins and outs of Zero Trust, ranging from the concept as a strategy down to the more technical components, such as how it impacts the physical world as found in IoT devices. However, what is often missed in these conversations, is at what point an organization can actually build trust. Not just crawling up…
…
continue reading
Last episode, we brought to you a wild story of a victim who was SIM-swapped four times, and this week we’re back to basics with some fresh research and a closer look at a critical piece of Zero Trust: Non-federated applications. Cerby’s Chief Trust Officer, Matt Chiodi, was kind enough to add a bit of color to a research report they released at RS…
…
continue reading
Taking a break from our usual format, this week we chat with a victim-turned-CEO who was hit by SIM-swapping attacks. However, not all harsh starts have to end that way, and Haseeb Awan made the best of a bad situation. After being compromised not once… nor twice, but four times, Haseeb eventually took matters into his own hands and developed a new…
…
continue reading
Season two, episode nine: Featuring Bloomberg’s Head of Information Security Architecture and the Information Security Program, Phil Vachon. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. What does implementing a Zero Trust strategy actually look like in an organization? Nearly a year into our po…
…
continue reading
1
Adopting Zero Trust with Bitwarden: The Mighty Password
54:32
54:32
나중에 재생
나중에 재생
리스트
좋아요
좋아요
54:32
There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but also reusing them across multiple platforms, making it incredibly easy to breach someone once they’ve been caught up in a previous breach. On the vendo…
…
continue reading
1
Adopting Zero Trust: Empathetic Leadership with Kyndryl’s Kris Lovejoy
57:45
57:45
나중에 재생
나중에 재생
리스트
좋아요
좋아요
57:45
For many, cybersecurity is seen as a cost center that reduces risk to the business. This can be oversimplified to something akin to how HR reduces people-related risks but comes with layer on top of layer of complexities ranging from technology to physical buildings and, of course, people. Regardless of organizational size, cybersecurity leadership…
…
continue reading
1
Adopting Zero Trust: Cybersecurity Innovation with Stanford Fellow AJ Grotto
39:14
39:14
나중에 재생
나중에 재생
리스트
좋아요
좋아요
39:14
For more than a decade, Zero Trust as a concept has moved from a philosophy and now into a practical architecture and strategy that organizations can adopt. While Zero Trust encapsulates much of what has gone well in cybersecurity for the past 30 years or so, does it truly offer an innovative approach or just iterative change? Is the concept positi…
…
continue reading
This week on AZT, we chat about something timely and impactful to everyone in the cybersecurity and users impacted by related decisions: the new National Cybersecurity Strategy (full strategy here). Our guests this week are Tony Scott and Ilona Cohen, both industry powerhouses and experts well-equipped to navigate this complex document. Ilona Cohen…
…
continue reading
This week Neal and I continue with our exploration of new formats, and this time we go one-on-one with the Founder and CEO of Netfoundry, Galeal Zino. Prior to Netfoundry, Zino spent much of his career traversing R&D, and later moving into a key role for Tata Communications. Though Netfoundry’s bread and butter is a Zero Trust Network Access (ZTNA)…
…
continue reading
1
Adopting Zero Trust with Author George Finney: Approachable
50:43
50:43
나중에 재생
나중에 재생
리스트
좋아요
좋아요
50:43
Zero Trust as a concept or strategy on the surface appears simple in nature. Heck, it’s only two words. However, when push comes to shove, and it’s time for organizational adoption, Zero Trust impacts every aspect of a business in the form of a digital transformation. Fortunately, for every complexity and question, there is an answer and solution, …
…
continue reading
This week we have a two-for-one special and feature our newest panel-style format. On the practitioner side, we have crowd favorite Andrew Abel, who currently works with a financial institution, but has worked across multiple other industries in the past. On the Zero Trust technology side, we have Michael Loewy, Co-Founder of Tide Foundation. Tide …
…
continue reading
1
Adopting Zero Trust With Ismael Valenzuela: Less Trust
48:47
48:47
나중에 재생
나중에 재생
리스트
좋아요
좋아요
48:47
This week we chat with Ismael Valenzuela, VP of Threat Intel at Blackberry, a 13-year SANS instructor, and has balanced his time between educator and practitioner for decades. Before peppering Ismael with our usual questions and falling down the rabbit hole, we dug a bit deeper into his background and what drives him to split his time between educa…
…
continue reading
Welcome to the last episode of season one, where Neal and I go on a rambling adventure and look back on some of the interesting and eye-opening conversations we’ve had over the past few months. To wrap things up, and what was supposed to be a 20-minute conversation, we felt it was time to better introduce ourselves to our listeners, discuss some pl…
…
continue reading
1
Adopting Zero Trust with Chase Cunningham: The Doctor is in
56:17
56:17
나중에 재생
나중에 재생
리스트
좋아요
좋아요
56:17
This week we chat with Chase Cunningham, Doctor Zero Trust himself, about the decade-overnight success of Zero Trust, how he got involved with the concept, and methods for navigating vendors wanting to shape the concept. For those initiated into the world of Zero Trust, you are no doubt familiar with his podcast, regular LinkedIn musings, and histo…
…
continue reading
1
Adopting Zero Trust with Chris Reinhold: Pen Testing Zero Trust
46:18
46:18
나중에 재생
나중에 재생
리스트
좋아요
좋아요
46:18
This week we chatted with Chris Reinhold, Director of Innovation at Core BTS, a managed security service provider (MSSP) and IT consulting firm. We dig into the long-awaited answer to our previous call, pen testing Zero Trust systems. Plus, we chat about the idea of Zero Trust as a certification and the always relevant factoid that compliance is no…
…
continue reading
1
Adopting Zero Trust with J. R. Cunningham: The Moat Has Dried Up
48:56
48:56
나중에 재생
나중에 재생
리스트
좋아요
좋아요
48:56
This week we chat with J. R. Cunningham, Chief Security Officer at Nuspire, and we dig into Zero Trust as a journey. Nuspire is a managed security service provider that provides support ranging from managed detection and response (MDR), endpoint detection, vulnerability management, and of course supporting their customers with adopting Zero Trust. …
…
continue reading
1
Adopting Zero Trust With Maureen Rosado: Selling Zero Trust
49:32
49:32
나중에 재생
나중에 재생
리스트
좋아요
좋아요
49:32
This week we chat with Maureen Rosado, a Zero Trust Strategist for BT, who has an outstanding history of business development for enterprise companies like IBM and Microsoft. This week we break away from our norms of the technical ins and outs of Zero Trust, and take a look at the ideal way to consult and coach security teams through the process of…
…
continue reading
1
Adopting Zero Trust with Christine Owen: Searching For the Finish Line
59:29
59:29
나중에 재생
나중에 재생
리스트
좋아요
좋아요
59:29
This week we chat with Christine Owen, Director at Guidehouse, and we dig into Zero Trust as an approach to harden your identity and access management strategy, her dislike of passwords, and phishing-resistant multifactor authentification. Christine brings to the table the expertise of an IAM (identity and access management) pro and an attorney, wh…
…
continue reading
1
Adopting Zero Trust with Lexmark’s Bryan Willett: Culture of Security
49:27
49:27
나중에 재생
나중에 재생
리스트
좋아요
좋아요
49:27
This week we chat with Bryan Willett, Lexmark’s CISO, who has built a legacy over the past 25 years working for the global company. Starting from his early days as a firmware developer, transitioning into managing teams and projects, and now as the CISO, Bryan has built a long-standing successful career. During our chat, we talk about how security …
…
continue reading
This week we chat with Dom Glavach, Chief Security Officer (CSO) of CyberSN (Cyber Security Network) and a security consultant, and we dig into Zero Trust as a journey, the delta between buzzwords and tool upgrades, and the hunt for red teams focused on prodding Zero Trust architectures. For those unfamiliar with CyberSN, they connect cybersecurity…
…
continue reading
1
Adopting Zero Trust With Nicolas Chaillan: From Policy to DHS
44:59
44:59
나중에 재생
나중에 재생
리스트
좋아요
좋아요
44:59
Nicolas Chaillan is an Entrepreneur who became a US citizen about six years ago, and immediately joined the DHS where he became the chief architect and special advisor for cyber, leading him to become the first chief software officer for Space Force where he led the shift to DevSecOps for DoD and at the time implementation of Zero Trust. Prior to S…
…
continue reading
This week we chat with Ryan Alford, Founder and CEO of Engineering Design Group (EDG), and we dig into how Zero Trust impacts the future of hardware, software, IoT, and access (both human and machine). EDG provides distributed sensor monitoring through a cloud-based solution and associated hardware for organizations with critical data needs. As a h…
…
continue reading
1
Adopting Zero Trust With Andrew Abel: Translating Zero Trust Into Business Concepts
42:47
42:47
나중에 재생
나중에 재생
리스트
좋아요
좋아요
42:47
This week we chat with Andrew Abel, our defacto Zero Trust expert who is currently the EUC Cyber Security Strategy and Architecture Lead for an energy company out of Brisbane Australia. Andrew has been involved with Zero Trust for some time, holds Forrester’s Zero Trust certification, and has an extensive background with solutions architecture and …
…
continue reading
1
Adopting Zero Trust, Episode Zero: Let’s Make a Podcast
28:04
28:04
나중에 재생
나중에 재생
리스트
좋아요
좋아요
28:04
Today, Zero Trust is a fuzzy term with more than a dozen different definitions. Threat Analyst Neal Dennis and Cybersecurity Journalist Elliot Volkman set off on a journey to get a better understanding of Zero Trust and what it truly offers. Is Zero Trust a concept, a strategy, framework, set of technology, or perhaps a mix of each? Each episode Ne…
…
continue reading
Today, Zero Trust is a fuzzy term with more than a dozen different definitions. We are on a mission to give a voice to cybersecurity practitioners and others who have been in these shoes, have begun adopting or implementing a Zero Trust strategy, and to share their experience and insight with peers while not influenced by vendor hype.…
…
continue reading