In this episode, Den Jones shares his journey from Scotland to becoming a prominent figure in cybersecurity, discussing the evolving role of the CISO, the skills gap, and the importance of accountability. He emphasizes the need for effective communication with executives and the challenges posed by legacy systems. Den also reflects on leadership lessons learned from past mistakes and provides insights into implementing Zero Trust strategies. The conversation concludes with advice for aspiring leaders and a light-hearted discussion about food. Key Takeaways: • Den Jones shares his journey from Scotland to the US. • The role of the CISO has evolved significantly in recent years. • CISOs face increasing accountability and regulatory pressures. • There is a skills gap in cybersecurity, often due to employer expectations. • Legacy systems pose significant challenges for security teams. • Effective communication with executives is crucial for success. • Celebrating small wins can motivate teams and improve morale. • Zero Trust implementation requires understanding the audience's needs. • Leadership involves learning from mistakes and seeking mentorship. • The future of the CISO role may involve blending with CIO responsibilities. Follow & Subscribe on all Podcast platforms. What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye and John welcome Jerry Chapman, a leading expert in Zero Trust security. They discuss Jerry's journey into cybersecurity, the misconceptions surrounding Zero Trust, and the importance of understanding it as a journey rather than a one-time project. Jerry shares insights on the Zero Trust blueprint, which consists of four phases: readiness, assessment, strategy, and metrics. The conversation also delves into the challenges organizations face in implementing Zero Trust, the significance of user experience, and the need for continuous iteration and learning. Jerry emphasizes that data and application security are often the weakest areas in organizations and highlights the importance of evaluating current capabilities to start the Zero Trust journey effectively. Key Takeaways: • Zero Trust is a journey, not a one-time project. • Misconceptions about Zero Trust often focus on technology rather than process. • Organizations need to assess their readiness for Zero Trust implementation. • The Zero Trust blueprint consists of four phases: readiness, assessment, strategy, and metrics. • Understanding business assets and protect surfaces is crucial for Zero Trust. • Data and application security are often the weakest areas in organizations. • Organizations can start their Zero Trust journey without having everything in place. • User experience is critical in the adoption of Zero Trust principles. • Metrics for success in Zero Trust implementation can be challenging to define. • Continuous iteration and learning from customer interactions are essential for improving the Zero Trust framework. Follow & Subscribe on all Podcast platforms. What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye Tillson and John Spiegel engage with Jason Garbis of Numberline Security to explore the often misunderstood concept of Zero Trust and its associated maturity models. They discuss the importance of viewing Zero Trust as a strategy rather than a mere technology, emphasizing the need for cultural change within organizations. The conversation delves into common misconceptions, the role of maturity models in assessing security posture, and the necessity of engaging stakeholders beyond IT and security teams. Jason shares insights on how to effectively communicate Zero Trust initiatives to procurement teams and the complexities of measuring success in these initiatives. The episode concludes with a discussion on the continuous journey of Zero Trust adoption and the importance of embedding security by design in organizational processes. Key Takeaways: • Zero Trust is a strategy, not just a technology. • Maturity models help organizations assess their security posture. • Common misconceptions include viewing Zero Trust as a product to buy. • Successful Zero Trust implementation requires cultural change. • Engaging stakeholders outside of IT is crucial for success. • Zero Trust should be embedded in organizational processes. • Communication with procurement teams is essential for effective vendor evaluation. • Measuring success in Zero Trust initiatives is complex but necessary. • Continuous improvement is key in Zero Trust adoption. • Zero Trust is a journey, not a destination. Follow & Subscribe on all Podcast platforms. What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode Jaye Tillson and John Spiegel engage with Richard Bird, a seasoned cybersecurity expert, to discuss the evolving landscape of Zero Trust and identity management. Richard shares his unique journey from a small-town upbringing to becoming a chief security officer, emphasizing the importance of mentorship and the need for a paradigm shift in security architecture. The conversation delves into the critical role of identity in cybersecurity, the challenges organizations face in managing identities, and the implications of AI on security practices. Richard offers valuable insights for CISOs and CIOs, urging them to address persistent unearned trust within their systems. The episode concludes with light-hearted discussions about personal experiences and the significance of travel in broadening perspectives. Key Takeaways: • Richard Bird emphasizes the importance of mentorship in career development. • Zero Trust requires a fundamental rethink of security architecture. • Identity management is a critical component of cybersecurity. • Persistent unearned trust poses significant risks to organizations. • Contextual data is essential for effective identity management. • AI is reshaping the landscape of cybersecurity and identity management. • Organizations must recognize the importance of non-human identities. • Traveling can broaden one's perspective and enhance understanding. • Effective identity management requires understanding context and classification. • Cybersecurity solutions must evolve to address the complexities of AI. • Zero Trust principles are essential for managing AI agents. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye and John discuss the implications of AI agents and the importance of integrating Zero Trust principles into their deployment. Special guest Josh Woodruff shares insights from his upcoming book, emphasizing the need for a security-first approach to AI. The conversation covers the risks associated with autonomous AI, the development of the Agentic Trust Framework, and the cultural shifts necessary for successful AI adoption. Josh also explores the future of AI, including the role of government regulations, quantum computing, and the emergence of new job roles in the AI landscape. Key Takeaways: • AI agents are powerful and autonomous, posing new risks. • Zero Trust principles are essential for managing AI agents. • The Agentic Trust Framework helps govern AI behavior. • Cultural shifts are necessary for successful AI adoption. • AI can elevate human work rather than replace it. • Clear guidelines improve AI agent performance. • Security must evolve alongside technological innovation. • Emerging roles like AI ethicists will become important. • Causal AI will enhance decision-making capabilities. • Embracing AI technology is crucial for future competitiveness. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye and John engage with George Finney to explore the intersection of Zero Trust principles and AI agents. They discuss the challenges and opportunities presented by AI in cybersecurity, emphasizing the importance of identity management, governance, and the role of humans in overseeing AI systems. The conversation also touches on the future of AI, the necessity of pre-mortems in project planning, and the need for continuous education in cybersecurity. George shares insights from his experience as a CISO and offers advice for leaders navigating the evolving landscape of digital security. Key Takeaways: • AI agents pose significant security challenges. • Zero Trust principles must adapt to include AI. • Identity management is crucial for both humans and AI. • Governance structures are needed for AI oversight. • Investing in people is key to a secure future. • Pre-mortems can help identify potential AI risks. • Human involvement is essential in critical AI decisions. • AI's blending of control and data planes raises security concerns. • Continuous education in cybersecurity is vital for all staff. • The future of AI in cybersecurity is uncertain but requires critical thinking. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye and John engage with Chase Cunningham, a retired Navy cryptologic chief, to explore the concept of Zero Trust through the lens of military experience. They discuss the importance of situational awareness, effective leadership, and the necessity of building trust within teams. The conversation delves into crisis management, emphasizing the need for flexibility and adaptability in high-pressure situations. They also highlight the significance of after action reviews in learning from both successes and failures, and the critical role of empowered leadership in navigating cybersecurity challenges. Key Takeaways: • The mindset from special ops can enhance cybersecurity strategies. • Situational awareness is crucial in both military and civilian life. • Crisis management requires flexibility and the ability to adapt. • Effective leadership is essential during high-pressure situations. • Building trust within teams is vital for successful operations. • Organizations must have a clear mission to align efforts. • Regular after action reviews can improve response strategies. • Learning from past mistakes is critical to avoid future breaches. • Crisis response should prioritize isolation of threats. • Empowered leadership can facilitate better decision-making during crises. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, the No Trust team speaks with Jennifer Minella about her extensive experience in technology, particularly in wireless security and networking. They discuss the challenges of maintaining security in wireless networks, the evolution of networking technologies, and the complexities of implementing Network Access Control (NAC) in a hybrid work environment. The conversation also touches on the future of Zero Trust architecture, the importance of unique device identity, and the challenges posed by IoT and OT devices. The episode concludes with a light-hearted discussion about whiskey. • Jennifer Minella has over 30 years of experience in technology, focusing on infrastructure and security. • Wireless security protocols have not significantly changed in over 20 years, posing challenges for security professionals. • The majority of Wi-Fi technology is consumer-based, complicating enterprise security efforts. • Understanding the basics of networking is crucial for entering the cybersecurity field today. • NAC implementations are often challenging and can lead to significant operational disruptions. • Zero Trust architecture requires a shift in how organizations approach network security, especially with remote work. • Unique device identity is essential for effective security in IoT and OT environments. • The complexity of modern networks makes it difficult to manage security policies effectively. • The rise of ransomware attacks on IoT devices highlights the need for better security measures. • Whiskey culture provides a fun and engaging way to connect with others in the tech industry. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode of the No Trust Podcast, hosts Jaye Tillson and John Spiegel sit down with John Kindervag, the creator of Zero Trust, to uncover the story behind one of cybersecurity’s most transformative frameworks. Kindervag shares how Zero Trust has gained traction over the past 15 years, the cultural resistance that slowed its adoption, and how organizations can finally break through inertia by starting small and focusing on protecting what matters most. From the boardroom to the SOC, this conversation dismantles the myth that Zero Trust is “all or nothing” and reframes it as a business-driven strategy with measurable outcomes, including reduced operational costs and fewer breaches. Along the way, Kindervag reveals why the C-suite often understands Zero Trust better than technical teams, how misaligned incentives inside organizations hold security back, and why networking at conferences is still one of the best ways to drive change. Whether you’re a CISO, security architect, or business leader, this episode will challenge your assumptions and leave you with a clear, practical path toward Zero Trust. • John Kindervag is the creator of Zero Trust. • Zero Trust took 15 years to gain traction due to resistance to change. • Organizations should start small and protect specific assets. • Cybersecurity must evolve beyond traditional perimeter defenses. • Zero Trust is about protecting sensitive data, not just technology. • Incentives in organizations often hinder the adoption of new security models. • Zero Trust can lead to reduced operational costs and fewer data breaches. • The C-suite often understands Zero Trust better than technical teams. • Conferences provide valuable networking opportunities and insights. • The focus should be on business outcomes, not just technology. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/ Takeaways • Identity is the heart of zero trust. • Most breaches occur due to weak passwords. • Identity is the key to the perimeter. • Assuming trust can lead to vulnerabilities. • Zero trust is a continuous journey. • Organizations need visibility into their identity landscape. • AI can assist in analyzing identity-related data. • Non-human identities are a growing concern. • MFA is essential but not the only solution. • The future of identity management will involve AI. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

From Theory to Practice: The Zero Trust Journey - Episode 2, with John Kindervag and Dr Chase Cunningham by "No Trust" by Zero Trust Forum

In this conversation, Art Ocain discusses the current landscape of cybersecurity threats with the No Trust crew, particularly focusing on ransomware attacks. They explore how attackers gain access to systems, the importance of multi-factor authentication, and the vulnerabilities of small and medium-sized businesses. The conversation delves into immediate actions organizations should take during a ransomware attack, the balance between recovery and forensic investigation, and the critical role of communication during incidents. They also address the ethical dilemma of paying ransoms and share lessons learned from past incidents, emphasizing the need for ongoing security improvements and preparedness for future threats. Takeaways • VPN is currently the main vector for attacks • Small and medium businesses are often less prepared for attacks • Many companies still lack MFA on their VPNs • Organizations often believe they are immune to attacks until it's too late • Hypervisors are a primary target for ransomware attacks • Minimizing the attack surface is crucial for security • Isolating from the internet is a key first step during an attack • The decision to pay ransom is complex and often driven by immediate business needs • A full forensic investigation is essential after an attack • Ransomware trends continue to evolve and are not declining Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/ Takeaways • Identity is the heart of zero trust. • Most breaches occur due to weak passwords. • Identity is the key to the perimeter. • Assuming trust can lead to vulnerabilities. • Zero trust is a continuous journey. • Organizations need visibility into their identity landscape. • AI can assist in analyzing identity-related data. • Non-human identities are a growing concern. • MFA is essential but not the only solution. • The future of identity management will involve AI. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this conversation, David Morimanno and the No Trust crew delve into the critical role of identity in the context of zero trust security. They discuss how identity serves as the new perimeter, the importance of multi-factor authentication, and the challenges organizations face in implementing effective identity management strategies. The conversation also touches on the significance of non-human identities, the potential of AI in enhancing security measures, and the future trends in identity and cybersecurity. Takeaways • Identity is the heart of zero trust. • Most breaches occur due to weak passwords. • Identity is the key to the perimeter. • Assuming trust can lead to vulnerabilities. • Zero trust is a continuous journey. • Organizations need visibility into their identity landscape. • AI can assist in analyzing identity-related data. • Non-human identities are a growing concern. • MFA is essential but not the only solution. • The future of identity management will involve AI. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode of No Trust, Jaye Tillson, John Spiegel, John Kindervag, and Chase Cunningham discuss the evolution and significance of the Zero Trust cybersecurity model. They explore its origins, the pivotal moments that have shaped its adoption, and the importance of aligning organizational culture and leadership with Zero Trust principles. The conversation highlights the need for a strategic approach to cybersecurity that transcends traditional methods, emphasizing the importance of protecting data and assets in a constantly evolving threat landscape. Takeaways • Zero Trust originated from the limitations of traditional security models. • The concept of trust in digital systems is flawed and should be eliminated. • Zero Trust has evolved to address modern cybersecurity threats. • A strategic approach to Zero Trust is essential for effective implementation. • Incentives from leadership can drive the adoption of Zero Trust. • Understanding what to protect is crucial for a successful Zero Trust strategy. • Zero Trust should be seen as a continuous journey, not a one-time project. • Cultural shifts within organizations are necessary for Zero Trust to succeed. • The cybersecurity landscape is constantly changing, requiring ongoing adaptation. • Community engagement and charity initiatives can enhance the mission of cybersecurity professionals. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode of No Trust, Jaye Tillson, John Spiegel and Evgeniy Kharam discuss the key trends and challenges in cybersecurity as they reflect on 2024 and look ahead to 2025. They explore the impact of AI, the evolving startup landscape, the importance of asset management, and the ongoing threat of ransomware. The conversation also touches on the concept of zero trust, the significance of recovery and resilience in cybersecurity, and predictions for the future of the industry. Takeaways • 2024 was a year of reflection and adaptation in cybersecurity • AI has become a dominant buzzword, overshadowing other topics • Startups are facing challenges in raising funds due to market uncertainties • Ransomware remains a significant threat, evolving in its targeting • Zero trust is understood better but is not just a vendor solution • Asset management is critical for effective cybersecurity • Collaboration within the industry is increasing to tackle challenges • The cybersecurity impact on the economy is substantial, nearing $10 trillion • Mergers and acquisitions in cybersecurity are expected to rise in 2025 • Recovery and resilience are as important as protection in cybersecurity Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode of No Trust, Jaye Tillson, and John Spiegel discuss with Chris Denbigh-White his transition back to the corporate world as a CISO after a brief stint in the vendor space. They explore the challenges and benefits of networking at industry conferences, the importance of peer support and information sharing among security leaders, and the evolving security landscape as they look ahead to 2025. The conversation emphasizes the need for organizations to focus on the basics of cybersecurity, the potential role of AI in alleviating mundane tasks, and the necessity of building a solid security foundation before layering on advanced technologies. Takeaways • Transitioning from vendor to CISO brings new challenges • Networking at conferences is crucial for sharing experiences • Peer support groups can provide valuable insights • The security landscape in 2025 will focus on regulation and ransomware • Organizations must prioritize basic cybersecurity practices • AI can assist with mundane cybersecurity tasks • Building a solid foundation is essential for security • Sharing information among peers is becoming more accepted • The basics of cybersecurity are often overlooked for shiny new tools • Effective communication and user education are key to security success Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this engaging conversation with Jaye Tillson and John Spiegel, Cher Fox shares her unique journey from a young programmer to a data fitness coach and public speaker. She discusses the importance of data quality, security, and governance, emphasizing that everyone in an organization shares responsibility for data management. Cher also highlights the challenges of implementing AI and the need for organizations to be prepared before adopting new technologies. Additionally, she addresses the future of data science careers and the importance of fostering curiosity about technology in younger generations. Takeaways • Cher Fox began her career at a young age, learning programming on a Commodore 64 • Data fitness coaching parallels personal training, focusing on data quality and purpose • Bad data leads to significant issues in organizations, impacting decision-making • Everyone in an organization shares responsibility for data management • Data governance is a complex but necessary undertaking for businesses • Only a small percentage of organizational data meets quality standards • Many companies are unprepared for the implementation of AI technologies • Hiring practices need to evolve to allow diverse talent into data roles • Youth today are overexposed to technology, impacting their curiosity • Cher emphasizes the importance of fitness and physical activity in her life Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this conversation, Dritan Saliovski discusses the intersection of M&A and cybersecurity with John and Jaye. They explore how companies are now considering cybersecurity during the M&A process, including due diligence, costing, integration, and reputation. They also discuss the potential value that cybersecurity can bring to an acquiring company, as well as the impact of past breaches on the value of a company. The conversation touches on the trend of using AI in M&A and the challenges faced in the M&A process, such as stakeholder management and convincing stakeholders of the importance of cybersecurity. They also discuss the advantages of being an insurance broker in terms of access to real-time incident data and the focus on recovery in addition to protection. The conversation explores the importance of cyber resiliency in the context of mergers and acquisitions (M&A). It highlights the shift from focusing on physical events to cyber events as the more prevalent and likely threat. The discussion touches on the need for companies to have a cyber resiliency program and response plan, especially in the M&A process. The conversation also delves into the role of certifications and maturity models in assessing cyber resiliency, with the conclusion that they are not always reliable indicators. The episode ends with a lighthearted discussion about pizza toppings. Takeaways • Companies are now considering cybersecurity during the M&A process, including due diligence, costing, integration, and reputation. • Cybersecurity can bring potential value to an acquiring company, especially if the target company has better tools, technologies, or consolidation in place. • Past breaches can affect the value of a company, and companies that have been breached may be more willing to sell. • There is a trend of using AI in M&A, with larger companies acquiring smaller AI companies to harness their technology and intellectual property. • Challenges in the M&A process include stakeholder management and convincing stakeholders of the importance of cybersecurity. • Being an insurance broker provides access to real-time incident data, which can inform cybersecurity decisions and help clients mitigate risks. • The focus in cybersecurity is shifting from solely protection to also include recovery, as companies recognize the possibility of being compromised. Cyber resiliency is becoming increasingly important in the M&A process, as cyber events are more prevalent and likely than physical events. • Companies need to have a cyber resiliency program and response plan in place to mitigate the risks associated with cyber threats. • Certifications and maturity models may not always be reliable indicators of cyber resiliency, as the scope and applicability of these certifications can vary. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye Tillson and John Spiegel discuss with Roy Chua the evolving landscape of Zero Trust and SASE across different regions. They explore the challenges organizations face in implementing Zero Trust, the importance of governance, and the need for simplification in security tools. The conversation also highlights the significance of quick wins in Zero Trust implementation, the current state of SASE, and the concept of Universal Zero Trust. The episode concludes with a discussion on vendor diversity and the importance of community engagement in sharing knowledge and experiences. Takeaways • Zero Trust is recognized globally as essential for security • Many organizations struggle with the practical implementation of Zero Trust • Governance often leads to a checkbox mentality rather than genuine adoption • Simplifying security tools can enhance user experience and effectiveness • Identifying quick wins is crucial for gaining momentum in Zero Trust initiatives • Documentation on Zero Trust is often dense and vendor-specific • SASE is still evolving, with a need for simplification and integration • Universal Zero Trust aims to provide consistent security policies across environments • Diversity in security vendors can mitigate risks associated with single vendor reliance • Community engagement is vital for sharing best practices and learning from each other Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Jaye and John discuss the rebranding of their podcast to focus on Zero Trust in cybersecurity. They explore the importance of Zero Trust as a strategy, share insights on community engagement, and reflect on personal experiences, including Thanksgiving culinary traditions. The conversation emphasizes the need for resources and support in navigating the Zero Trust journey, inviting listeners to participate and contribute. Takeaways • We rebranded to focus on Zero Trust • Zero Trust is a critical strategy in cybersecurity • Community engagement is essential for sharing knowledge • We will review books and resources related to Zero Trust • Listeners are encouraged to reach out and participate • Thanksgiving traditions can spark culinary conversations • Food plays a significant role in cultural exchanges • We aim to help others avoid roadblocks in their Zero Trust journey • The new website is zerotrustforum.net • We want to hear from our listeners about topics and guests Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/

In this episode, Dr. Chase Cunningham discusses with John and Jaye the evolving landscape of Zero Trust cybersecurity. They explore the global adoption of Zero Trust principles, the importance of maturity models, and the need for accountability at all levels of an organization. The conversation highlights the challenges of user awareness, the future of Zero Trust, and the resources available for education. They also touch on the cultural shift needed within organizations to prioritize cybersecurity as a shared responsibility. Takeaways • Zero Trust is increasingly recognized as a strategic initiative globally. • Progress in cybersecurity should be measured incrementally. • Maturity models are essential for assessing Zero Trust implementation. • Leadership engagement is crucial for effective cybersecurity strategies. • User awareness programs often fail if they complicate workflows. • Cybersecurity should be seen as a fundamental human right. • Organizations must take personal accountability for their cybersecurity choices. • The future of Zero Trust will involve continuous evolution and adaptation. • Sharing experiences and lessons learned in cybersecurity is vital. • Education and resources for Zero Trust need to be more accessible. Follow & Subscribe on all Podcast platforms. link.chtbl.com/XIW5zsAn What is the Zero Trust Forum about?  It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way! Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/. Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/ Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/