Season 3, Episode 5: Cyber Insurance may not be the sexiest topic, but it’s an important piece of any mature cyber program. We chatted with a lawyer and a VC who share their perspective. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are many aspects of cybersecurity that are not classified…

Building a Micro-segmented 3-Tier Architecture in Azure Government with STRUCTURA.IO: Infrastructure as Code and Zero Trust Network Pillar Principlesبقلم VILLA-TECH

Season 3, Episode 4: Forrester Principal Research Analyst on Zero Trust, David Holmes, shares his perspective on the current and future state of Zero Trust. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. Zero Trust is a concept, a strategy, a philosophy, and, for some poor souls, a solution you c…

Season 3, Episode 3: Canva’s Head of Enterprise Security, Kane Narraway, discusses how to deploy a Zero Trust strategy in under a year. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. This week on Adopting Zero Trust (AZT) we chat with Kane Narraway, the head of Head of Enterprise Security at Canv…

Season 3, Episode 2: In our conversation with Energy Solution’s CIO David Weisong we chat about how new processes, technology, and budgets are formed. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. It’s a mystery as old as time: the cybersecurity and technology budget and acquisition strategy. Ho…

The Zero Trust Data Pillar is a critical component of the Department of Defense's (DoD) Zero Trust Strategy, which aims to enhance cybersecurity and protect sensitive information. The Data Pillar focuses on securing and safeguarding data by implementing a Zero Trust approach. This approach assumes that no user or asset can be trusted by default, an…

To start the new season, we are joined by Hacker Valley Media’s Ron Eddings and Chris Cochran, who discuss breaking into cybersecurity and the role storytelling plays. A new year, a new season, and plenty of new threats to impact the world of cybersecurity. This week we break from our typical conversations about modern cybersecurity strategies and …

Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3. Scroll to the bottom to click on "Contact" link. 4. Fill in contact information. 5. Click submit! Let us know what kind of content you …

Implementing an Organizational Multi-Factor Authentication and Identity Provider Solution with Microsoft Entra ID, Yubico, and KeyFactor Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3…

Where Automation Meets Security: Episode 2 Where Automation Meets Security: Episode 1 - Conditional Access Based on Location in Microsoft Azure. GIVEAWAY :tada: Instructions: 1. Like, comment, and subscribe! 2. Click on the link https://www.structura.io/ 3. Scroll to the bottom to click on "Contact" link. 4. Fill in contact information. 5. Click su…

بقلم VILLA-TECH

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. PS, we're giving away a Flipper Zero on our site as a little season finale gift. Check out details on our site. You know what they say, you save the best for last. As we wrap season two of Adopting Zero Trust, we take a shift from our standard conver…

Season two, episode 18: Evgeniy Kharam, a founder, CISO, architect, and podcast producer discusses the rise of Enterprise (Secure) browsers. You can read the show notes here and subscribe to updates. In the latest episode of AZT, Evgeniy Kharam, a founder, CISO, architect, and podcast producer, joins the discussion to talk about the rise of Enterpr…

Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. The word AI, much like Zero Trust, has come with a lot of baggage in the past few years. It’s a term that’s been misused, slapped on the front of startups’ overpriced booths at RSA and Black Hat, and it feels like every cybersecurity product under th…

Season two, episode 16: Zack Butcher discusses building upon NIST’s Zero Trust policies and standards, and ZT’s influence on a service mesh as it relates to microservices. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. There are several guiding concepts that make it easier for organizations to bu…

Season two, episode 15: We talk ZT History and API security with the godfather of Zero Trust, Dr Zero Trust, and Richard Bird. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. In the past few years, supply chain attacks and their impacts have or will soon overtake that of the damage done by ransomw…

The illusion of going passwordless with Derek Hanson, Vice President Solutions Architecture and Alliances at Yubico. You can read the show notes here. True or False: The concept of passwordless is new. False. This is shocking, we know. Considering the amount of hype around the concept, it certainly can feel like a new concept since the masses are b…

Season two, episode 13: Cybersecurity prevention on a global scale with Janey Heins, Global CISO for iHeartMedia. At the heart of Zero Trust is the idea of prevention. If you don’t trust anything or any person, you are playing in the same pool as risk avoidance. While total risk avoidance isn’t feasible, Zero Trust gets us closer to reality. Now, m…

Over the past two years, we’ve explored the ins and outs of Zero Trust, ranging from the concept as a strategy down to the more technical components, such as how it impacts the physical world as found in IoT devices. However, what is often missed in these conversations, is at what point an organization can actually build trust. Not just crawling up…

Last episode, we brought to you a wild story of a victim who was SIM-swapped four times, and this week we’re back to basics with some fresh research and a closer look at a critical piece of Zero Trust: Non-federated applications. Cerby’s Chief Trust Officer, Matt Chiodi, was kind enough to add a bit of color to a research report they released at RS…

Taking a break from our usual format, this week we chat with a victim-turned-CEO who was hit by SIM-swapping attacks. However, not all harsh starts have to end that way, and Haseeb Awan made the best of a bad situation. After being compromised not once… nor twice, but four times, Haseeb eventually took matters into his own hands and developed a new…

Season two, episode nine: Featuring Bloomberg’s Head of Information Security Architecture and the Information Security Program, Phil Vachon. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. What does implementing a Zero Trust strategy actually look like in an organization? Nearly a year into our po…

There’s no avoiding it, the headlines have not been kind to the ways we access systems today. Users are still using 1234, password, and even their dog's name. Not just using these weak passwords but also reusing them across multiple platforms, making it incredibly easy to breach someone once they’ve been caught up in a previous breach. On the vendo…

For many, cybersecurity is seen as a cost center that reduces risk to the business. This can be oversimplified to something akin to how HR reduces people-related risks but comes with layer on top of layer of complexities ranging from technology to physical buildings and, of course, people. Regardless of organizational size, cybersecurity leadership…

For more than a decade, Zero Trust as a concept has moved from a philosophy and now into a practical architecture and strategy that organizations can adopt. While Zero Trust encapsulates much of what has gone well in cybersecurity for the past 30 years or so, does it truly offer an innovative approach or just iterative change? Is the concept positi…

This week on AZT, we chat about something timely and impactful to everyone in the cybersecurity and users impacted by related decisions: the new National Cybersecurity Strategy (full strategy here). Our guests this week are Tony Scott and Ilona Cohen, both industry powerhouses and experts well-equipped to navigate this complex document. Ilona Cohen…

This week Neal and I continue with our exploration of new formats, and this time we go one-on-one with the Founder and CEO of Netfoundry, Galeal Zino. Prior to Netfoundry, Zino spent much of his career traversing R&D, and later moving into a key role for Tata Communications. Though Netfoundry’s bread and butter is a Zero Trust Network Access (ZTNA)…

Zero Trust as a concept or strategy on the surface appears simple in nature. Heck, it’s only two words. However, when push comes to shove, and it’s time for organizational adoption, Zero Trust impacts every aspect of a business in the form of a digital transformation. Fortunately, for every complexity and question, there is an answer and solution, …

This week we have a two-for-one special and feature our newest panel-style format. On the practitioner side, we have crowd favorite Andrew Abel, who currently works with a financial institution, but has worked across multiple other industries in the past. On the Zero Trust technology side, we have Michael Loewy, Co-Founder of Tide Foundation. Tide …

This week we chat with Ismael Valenzuela, VP of Threat Intel at Blackberry, a 13-year SANS instructor, and has balanced his time between educator and practitioner for decades. Before peppering Ismael with our usual questions and falling down the rabbit hole, we dug a bit deeper into his background and what drives him to split his time between educa…

Welcome to the last episode of season one, where Neal and I go on a rambling adventure and look back on some of the interesting and eye-opening conversations we’ve had over the past few months. To wrap things up, and what was supposed to be a 20-minute conversation, we felt it was time to better introduce ourselves to our listeners, discuss some pl…

This week we chat with Chase Cunningham, Doctor Zero Trust himself, about the decade-overnight success of Zero Trust, how he got involved with the concept, and methods for navigating vendors wanting to shape the concept. For those initiated into the world of Zero Trust, you are no doubt familiar with his podcast, regular LinkedIn musings, and histo…

This week we chatted with Chris Reinhold, Director of Innovation at Core BTS, a managed security service provider (MSSP) and IT consulting firm. We dig into the long-awaited answer to our previous call, pen testing Zero Trust systems. Plus, we chat about the idea of Zero Trust as a certification and the always relevant factoid that compliance is no…

This week we chat with J. R. Cunningham, Chief Security Officer at Nuspire, and we dig into Zero Trust as a journey. Nuspire is a managed security service provider that provides support ranging from managed detection and response (MDR), endpoint detection, vulnerability management, and of course supporting their customers with adopting Zero Trust. …

This week we chat with Maureen Rosado, a Zero Trust Strategist for BT, who has an outstanding history of business development for enterprise companies like IBM and Microsoft. This week we break away from our norms of the technical ins and outs of Zero Trust, and take a look at the ideal way to consult and coach security teams through the process of…

This week we chat with Christine Owen, Director at Guidehouse, and we dig into Zero Trust as an approach to harden your identity and access management strategy, her dislike of passwords, and phishing-resistant multifactor authentification. Christine brings to the table the expertise of an IAM (identity and access management) pro and an attorney, wh…

This week we chat with Bryan Willett, Lexmark’s CISO, who has built a legacy over the past 25 years working for the global company. Starting from his early days as a firmware developer, transitioning into managing teams and projects, and now as the CISO, Bryan has built a long-standing successful career. During our chat, we talk about how security …

This week we chat with Dom Glavach, Chief Security Officer (CSO) of CyberSN (Cyber Security Network) and a security consultant, and we dig into Zero Trust as a journey, the delta between buzzwords and tool upgrades, and the hunt for red teams focused on prodding Zero Trust architectures. For those unfamiliar with CyberSN, they connect cybersecurity…

Nicolas Chaillan is an Entrepreneur who became a US citizen about six years ago, and immediately joined the DHS where he became the chief architect and special advisor for cyber, leading him to become the first chief software officer for Space Force where he led the shift to DevSecOps for DoD and at the time implementation of Zero Trust. Prior to S…

This week we chat with Ryan Alford, Founder and CEO of Engineering Design Group (EDG), and we dig into how Zero Trust impacts the future of hardware, software, IoT, and access (both human and machine). EDG provides distributed sensor monitoring through a cloud-based solution and associated hardware for organizations with critical data needs. As a h…

This week we chat with Andrew Abel, our defacto Zero Trust expert who is currently the EUC Cyber Security Strategy and Architecture Lead for an energy company out of Brisbane Australia. Andrew has been involved with Zero Trust for some time, holds Forrester’s Zero Trust certification, and has an extensive background with solutions architecture and …

Today, Zero Trust is a fuzzy term with more than a dozen different definitions. Threat Analyst Neal Dennis and Cybersecurity Journalist Elliot Volkman set off on a journey to get a better understanding of Zero Trust and what it truly offers. Is Zero Trust a concept, a strategy, framework, set of technology, or perhaps a mix of each? Each episode Ne…

Today, Zero Trust is a fuzzy term with more than a dozen different definitions. We are on a mission to give a voice to cybersecurity practitioners and others who have been in these shoes, have begun adopting or implementing a Zero Trust strategy, and to share their experience and insight with peers while not influenced by vendor hype.…

On today’s episode Vice Chair of the National Cybersecurity Research and Development Center, Sam Visnor, joins Dave Pearah to discuss Zero Trust infrastructure in our space networks. What needs to happen to make space secure?بقلم SpiderOak

On today’s episode Dave welcomes Professor Hasshi Sudler. Professor Sudler is an adjunct professor at Villinova and an expert in Cybersecurity and Blockchain. Dave and Professor Sudler discuss how Blockchain is being applied in space, why it’s important, rockets exploding, and so much more. Music Credits to Paweł Feszczuk - Sunny Walk Created with …

This week Dave discuss cyber risks in space with MIT scientist, Johns Hopkins professor and Author of the book “Confronting Cyber Risk” Gregory Falco. From Governments to the private sector, what is happing when it comes to Cybersecurity in space? What is the future of Cybersecurity in space? Music Credits to Paweł Feszczuk - Sunny Walk Created wit…

Steven Bjornaas and Ben Fonner from TriSept Corporation join Dave to discuss Satellite security. What is perceived security vs actual security? The people at Trisept are doing their best to provide an affordable option for startup companies to be able to embrace security easier in the satellite space. What companies are currently doing and how thes…

In our first episode, SpiderOak CEO Dave Pearah talks with SpiderOak CTO Jonathan Moore about New Space and the challenges around security in orbit. We are moving into a new space age, one that's about commercialization and scale. Access to space is getting cheaper by the year. Cadence of launches are increasing. There's going to be more and more c…