Buzzword? Architecture? Perhaps a true security approach for modern organizations? Join us as we chat with organizations of all types and sizes to learn about their Zero Trust adoption journey and as we answer these questions along the way.
…
continue reading
Where Automation Meets Security
…
continue reading
Cybersecurity in space! Join us as we talk about protecting assets in space, hardening existing assets, and models for the new space ecosystem. Hosted by Dave Pearah, CEO of SpiderOak and SpiderOak Mission Systems.
…
continue reading
In this episode of 'Adopting Zero Trust (AZT)', host Neal Dennis and producer Elliot Volkman delve into the often-overlooked realm of soft or 'non-tech' skills in cybersecurity. This week, we chat with Courtney Hans, VP of Cyber Services at AmTrust Financial Services, and Evgeniy Kharam, author of Architecting Success: The Art of Soft Skills, who h…
…
continue reading
1
Behind the scenes of cybersecurity media and reporting
1:04:53
1:04:53
Αναπαραγωγή αργότερα
Αναπαραγωγή αργότερα
Λίστες
Like
Liked
1:04:53
Season 3, Episode 15: We gather a panel of journalists, communications, and a researcher to discuss how cybersecurity news and incidents are reported. You can read the show notes here. In the world of cybersecurity journalism, you can broadly divide it into four competing forces: reporters, communications teams, researchers, and readers. Each requi…
…
continue reading
In our final preview episode of GRC Uncensored, we explore a particularly bipolar debate: do you need a GRC tool to manage compliance, or will spreadsheets suffice? After this, we will be back to our regularly produced AZT episodes. The last episodes of our pilot for GRC Uncensored can be found on your favorite podcast app or newsletter on Substack…
…
continue reading
We are interrupting our regularly scheduled podcast series to introduce you to a new series we developed: GRC Uncensored. This pilot season will elevate conversations about GRC that are often buried under millions of dollars in marketing spend. No boring talks about controls or frameworks, just unfiltered discussions with auditors and practitioners…
…
continue reading
Welcome back to Adopting Zero Trust! In this episode, hosts Elliot Volkman and Neal Dennis are joined by Rob Allen, Chief Product Officer of ThreatLocker, to dive deep into the operationalization of Zero Trust. Despite covering various aspects over three seasons, this crucial topic is addressed thoroughly. They explore pre-adoption preparation, ali…
…
continue reading
Season 3, Episode 13: Cato Network’s Etay Maor provides fresh research on the abuse of unpatched log4j libraries. Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. This week on Adopting Zero Trust (AZT), we highlight a significant cybersecurity risk focused on the notorious Log4j vulnerability and the growi…
…
continue reading
Season 3, Episode 12: Could the overturning of Chevron Deference impact cybersecurity and privacy regulations? Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. Welcome back to Adopting Zero Trust or AZT. In our latest episode, we assembled a distinguished panel to dig into a timely topic affecting the cybe…
…
continue reading
Season 3, Episode 11: Vulnerability management is critical to any Zero Trust strategy, but you probably already know that. Fortra’s Tyler Reguly breaks down severity vs. risk. Catch this episode on YouTube, Apple, Spotify, or Amazon. You can read the show notes here. Every organization relies on some form of technology to run, and each tool you add…
…
continue reading
Season 3, Episode 10: Elliot chat’s with Vivek Ramachandran of SquareX about his approach to tackling the impossible: Social engineering. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. For nearly three decades, social engineering, particularly phishing, has been one of the most impactful and fina…
…
continue reading
Season 3, Episode 9: We chat with SonicWall’s Doug McKee about the top 5 threats targeting SMBs based on recent research. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Cybersecurity challenges come in many different flavors regardless of how old your company is or how many employees it houses. L…
…
continue reading
Season 3, Episode 8: AZT and Dr. Zero Trust have a crossover episode where we chat with reps from MITRE and OWASP about challenges associated with emerging threats. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Every few weeks, and occasionally every few days, we hear report of a new novel techn…
…
continue reading
Season 3, Episode 7: Though regulation impacting cybersecurity moves slow, when new laws are introduced it often puts significant strain on companies. Lacework’s Tim Chase and Drata’s Matt HIllary discuss navigating the latest broad-sweeping regulations. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes h…
…
continue reading
Season 3, Episode 6: Two seasoned cybersecurity professionals, Bryan Willett and Kris Lovejoy, shed light on the dilemma organizations face when hit by ransomware: Should they pay the ransom or not? Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Ransomware: To Pay or Not to Pay? It’s an easy ques…
…
continue reading
Season 3, Episode 5: Cyber Insurance may not be the sexiest topic, but it’s an important piece of any mature cyber program. We chatted with a lawyer and a VC who share their perspective. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are many aspects of cybersecurity that are not classified…
…
continue reading
Season 3, Episode 4: Forrester Principal Research Analyst on Zero Trust, David Holmes, shares his perspective on the current and future state of Zero Trust. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Zero Trust is a concept, a strategy, a philosophy, and, for some poor souls, a solution you c…
…
continue reading
Building a Micro-segmented 3-Tier Architecture in Azure Government with STRUCTURA.IO: Infrastructure as Code and Zero Trust Network Pillar PrinciplesΑπό τον VILLA-TECH
…
continue reading
Season 3, Episode 3: Canva’s Head of Enterprise Security, Kane Narraway, discusses how to deploy a Zero Trust strategy in under a year. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. This week on Adopting Zero Trust (AZT) we chat with Kane Narraway, the head of Head of Enterprise Security at Canv…
…
continue reading
Season 3, Episode 2: In our conversation with Energy Solution’s CIO David Weisong we chat about how new processes, technology, and budgets are formed. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. It’s a mystery as old as time: the cybersecurity and technology budget and acquisition strategy. Ho…
…
continue reading
1
Zero Trust Bytes Podcast EP4: Data Pillar with MSFT Purview for Data Lifecycle Management and DLP
28:50
The Zero Trust Data Pillar is a critical component of the Department of Defense's (DoD) Zero Trust Strategy, which aims to enhance cybersecurity and protect sensitive information. The Data Pillar focuses on securing and safeguarding data by implementing a Zero Trust approach. This approach assumes that no user or asset can be trusted by default, an…
…
continue reading
To start the new season, we are joined by Hacker Valley Media’s Ron Eddings and Chris Cochran, who discuss breaking into cybersecurity and the role storytelling plays. A new year, a new season, and plenty of new threats to impact the world of cybersecurity. This week we break from our typical conversations about modern cybersecurity strategies and …
…
continue reading
1
Zero Trust Bytes: Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure
31:11
Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3. Scroll to the bottom to click on "Contact" link. 4. Fill in contact information. 5. Click submit! Let us know what kind of content you …
…
continue reading
Implementing an Organizational Multi-Factor Authentication and Identity Provider Solution with Microsoft Entra ID, Yubico, and KeyFactor Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3…
…
continue reading
Where Automation Meets Security: Episode 2 Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3. Scroll to the bottom to click on "Contact" link. 4. Fill in contact information. 5. Click su…
…
continue reading
Από τον VILLA-TECH
…
continue reading
Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. PS, we're giving away a Flipper Zero on our site as a little season finale gift. Check out details on our site. You know what they say, you save the best for last. As we wrap season two of Adopting Zero Trust, we take a shift from our standard conver…
…
continue reading
Season two, episode 18: Evgeniy Kharam, a founder, CISO, architect, and podcast producer discusses the rise of Enterprise (Secure) browsers. You can read the show notes here and subscribe to updates. In the latest episode of AZT, Evgeniy Kharam, a founder, CISO, architect, and podcast producer, joins the discussion to talk about the rise of Enterpr…
…
continue reading
Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. The word AI, much like Zero Trust, has come with a lot of baggage in the past few years. It’s a term that’s been misused, slapped on the front of startups’ overpriced booths at RSA and Black Hat, and it feels like every cybersecurity product under th…
…
continue reading
Season two, episode 16: Zack Butcher discusses building upon NIST’s Zero Trust policies and standards, and ZT’s influence on a service mesh as it relates to microservices. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are several guiding concepts that make it easier for organizations to bu…
…
continue reading
Season two, episode 15: We talk ZT History and API security with the godfather of Zero Trust, Dr Zero Trust, and Richard Bird. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. In the past few years, supply chain attacks and their impacts have or will soon overtake that of the damage done by ransomw…
…
continue reading
The illusion of going passwordless with Derek Hanson, Vice President Solutions Architecture and Alliances at Yubico. You can read the show notes here. True or False: The concept of passwordless is new. False. This is shocking, we know. Considering the amount of hype around the concept, it certainly can feel like a new concept since the masses are b…
…
continue reading
Season two, episode 13: Cybersecurity prevention on a global scale with Janey Heins, Global CISO for iHeartMedia. At the heart of Zero Trust is the idea of prevention. If you don’t trust anything or any person, you are playing in the same pool as risk avoidance. While total risk avoidance isn’t feasible, Zero Trust gets us closer to reality. Now, m…
…
continue reading
Over the past two years, we’ve explored the ins and outs of Zero Trust, ranging from the concept as a strategy down to the more technical components, such as how it impacts the physical world as found in IoT devices. However, what is often missed in these conversations, is at what point an organization can actually build trust. Not just crawling up…
…
continue reading
Last episode, we brought to you a wild story of a victim who was SIM-swapped four times, and this week we’re back to basics with some fresh research and a closer look at a critical piece of Zero Trust: Non-federated applications. Cerby’s Chief Trust Officer, Matt Chiodi, was kind enough to add a bit of color to a research report they released at RS…
…
continue reading
Taking a break from our usual format, this week we chat with a victim-turned-CEO who was hit by SIM-swapping attacks. However, not all harsh starts have to end that way, and Haseeb Awan made the best of a bad situation. After being compromised not once… nor twice, but four times, Haseeb eventually took matters into his own hands and developed a new…
…
continue reading
Season two, episode nine: Featuring Bloomberg’s Head of Information Security Architecture and the Information Security Program, Phil Vachon. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. What does implementing a Zero Trust strategy actually look like in an organization? Nearly a year into our po…
…
continue reading
There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but also reusing them across multiple platforms, making it incredibly easy to breach someone once they’ve been caught up in a previous breach. On the vendo…
…
continue reading
For many, cybersecurity is seen as a cost center that reduces risk to the business. This can be oversimplified to something akin to how HR reduces people-related risks but comes with layer on top of layer of complexities ranging from technology to physical buildings and, of course, people. Regardless of organizational size, cybersecurity leadership…
…
continue reading
For more than a decade, Zero Trust as a concept has moved from a philosophy and now into a practical architecture and strategy that organizations can adopt. While Zero Trust encapsulates much of what has gone well in cybersecurity for the past 30 years or so, does it truly offer an innovative approach or just iterative change? Is the concept positi…
…
continue reading
This week on AZT, we chat about something timely and impactful to everyone in the cybersecurity and users impacted by related decisions: the new National Cybersecurity Strategy (full strategy here). Our guests this week are Tony Scott and Ilona Cohen, both industry powerhouses and experts well-equipped to navigate this complex document. Ilona Cohen…
…
continue reading
This week Neal and I continue with our exploration of new formats, and this time we go one-on-one with the Founder and CEO of Netfoundry, Galeal Zino. Prior to Netfoundry, Zino spent much of his career traversing R&D, and later moving into a key role for Tata Communications. Though Netfoundry’s bread and butter is a Zero Trust Network Access (ZTNA)…
…
continue reading
Zero Trust as a concept or strategy on the surface appears simple in nature. Heck, it’s only two words. However, when push comes to shove, and it’s time for organizational adoption, Zero Trust impacts every aspect of a business in the form of a digital transformation. Fortunately, for every complexity and question, there is an answer and solution, …
…
continue reading
This week we have a two-for-one special and feature our newest panel-style format. On the practitioner side, we have crowd favorite Andrew Abel, who currently works with a financial institution, but has worked across multiple other industries in the past. On the Zero Trust technology side, we have Michael Loewy, Co-Founder of Tide Foundation. Tide …
…
continue reading
This week we chat with Ismael Valenzuela, VP of Threat Intel at Blackberry, a 13-year SANS instructor, and has balanced his time between educator and practitioner for decades. Before peppering Ismael with our usual questions and falling down the rabbit hole, we dug a bit deeper into his background and what drives him to split his time between educa…
…
continue reading
Welcome to the last episode of season one, where Neal and I go on a rambling adventure and look back on some of the interesting and eye-opening conversations we’ve had over the past few months. To wrap things up, and what was supposed to be a 20-minute conversation, we felt it was time to better introduce ourselves to our listeners, discuss some pl…
…
continue reading
This week we chat with Chase Cunningham, Doctor Zero Trust himself, about the decade-overnight success of Zero Trust, how he got involved with the concept, and methods for navigating vendors wanting to shape the concept. For those initiated into the world of Zero Trust, you are no doubt familiar with his podcast, regular LinkedIn musings, and histo…
…
continue reading
This week we chatted with Chris Reinhold, Director of Innovation at Core BTS, a managed security service provider (MSSP) and IT consulting firm. We dig into the long-awaited answer to our previous call, pen testing Zero Trust systems. Plus, we chat about the idea of Zero Trust as a certification and the always relevant factoid that compliance is no…
…
continue reading
This week we chat with J. R. Cunningham, Chief Security Officer at Nuspire, and we dig into Zero Trust as a journey. Nuspire is a managed security service provider that provides support ranging from managed detection and response (MDR), endpoint detection, vulnerability management, and of course supporting their customers with adopting Zero Trust. …
…
continue reading
This week we chat with Maureen Rosado, a Zero Trust Strategist for BT, who has an outstanding history of business development for enterprise companies like IBM and Microsoft. This week we break away from our norms of the technical ins and outs of Zero Trust, and take a look at the ideal way to consult and coach security teams through the process of…
…
continue reading
This week we chat with Christine Owen, Director at Guidehouse, and we dig into Zero Trust as an approach to harden your identity and access management strategy, her dislike of passwords, and phishing-resistant multifactor authentification. Christine brings to the table the expertise of an IAM (identity and access management) pro and an attorney, wh…
…
continue reading
This week we chat with Bryan Willett, Lexmark’s CISO, who has built a legacy over the past 25 years working for the global company. Starting from his early days as a firmware developer, transitioning into managing teams and projects, and now as the CISO, Bryan has built a long-standing successful career. During our chat, we talk about how security …
…
continue reading