Compliance shouldn’t come at the cost of security. In this episode, Leah McGrath (Executive Director, GovRAMP) and Brian Conrad (Director of Global Strategic Compliance Initiatives at Zscaler, formerly of FedRAMP) join the Trust vs. team to talk about multi-framework fatigue, the future of recognition and reciprocity, and why real cybersecurity progress depends on collaboration—not just more certifications. Hosted by HITRUST’s Ryan Patrick and Jeremy Huval, this episode dives deep into how public and private sectors can work together to reduce redundancy and get back to the real work: protecting critical systems and data.

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Leah: https://www.linkedin.com/in/leah-mcgrath-in/

Meet Brian: https://www.linkedin.com/in/brianhconrad/

SOC 2 might be everywhere, but is it actually working?

In this episode, the Trust vs. team welcomes cybersecurity leader, author, and GRC engineer AJ Yawn to break down the state of SOC 2 today and why its greatest strength may also be its biggest weakness. AJ brings years of hands-on experience in auditing, engineering, and startup leadership to explain how SOC 2 shifted from a signal of security to a sales checkbox and what that means for TPRM. We talk about flexibility vs. consistency, outdated frameworks, why some SOC 2s are nearly useless, and how organizations can move toward better assurance by asking better questions.

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet AJ: https://www.linkedin.com/in/ajyawn/

Read AJ’s Book: https://www.amazon.com/GRC-ENGINEERING-AWS-Hands-Engineering/dp/B0FDLZX4BP

You can’t plan for everything, but you can build for resilience. In this episode, the Trust vs. team sits down with cybersecurity leader Wendy Nather to explore the human side of resilience. From real-world chaos and crisis response to succession planning, decision authority, and chaos engineering, Wendy shares hard-earned wisdom on what it takes to build organizations that can bend but not break.

We talk about why most planning is too rigid, why psychological safety matters in cyber incidents, and how improvisation is  often a critical security skill. 

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Meet Wendy: https://www.linkedin.com/in/wendynath

If AI is already in your cybersecurity stack, are you managing the risk?

In this episode, the Trust vs. team sits down with Donnie Wendt, a Cybersecurity Researcher, and author of The Cybersecurity Trinity to talk about the growing risk surface AI creates. From data poisoning and third-party ML vulnerabilities to the real-world limits of vendor questionnaires, Donnie breaks down why traditional security frameworks fall short in an AI-enabled world. He shares insights from his research, the dangers of skipping AI assurance, and the mindset shift organizations need to secure tomorrow’s tech today.

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Meet Donnie: https://www.linkedin.com/in/dr-donnie-wendt/ 

What if the way we’ve been measuring cybersecurity risk is fundamentally flawed? Too often, organizations rely on color-coded charts and gut instinct to make critical risk decisions leading to a false sense of confidence and missed opportunities for real insight.

In this episode, we’re joined by Douglas Hubbard, creator of the Applied Information Economics (AIE) method and founder of Hubbard Decision Research. Doug is also the author of How to Measure Anything in Cybersecurity Risk, and he breaks down why risk matrices fall short, how most people misunderstand measurement, and what organizations can start doing right now to make smarter, data-driven decisions (no math degree or massive data set required!).

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Meet Doug: https://www.linkedin.com/in/dwhubbard/

Get a copy of How To Measure Anything In Cybersecurity 

Is your third-party risk management process ready for the age of AI? In this episode of Trust vs., Jeremy, Robert, and Ryan sit down with industry leader Laz to unravel the complex (and often chaotic) intersection of artificial intelligence and third-party risk. They explore how AI is amplifying both risk and opportunity in vendor governance, what organizations get wrong about ownership and collaboration, and how to move from reactive defense to strategic offense. Packed with practical insights and bold commentary, this episode challenges listeners to rethink how they're managing risk in a world where AI is already deeply embedded- whether they know it or not.

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Meet Laz: https://www.linkedin.com/in/iamlaz/

Kicking off Season 3 of Trust vs. with a bang, the team dives straight into one of the most pressing changes on the horizon for healthcare cybersecurity: the proposed updates to HIPAA. Hosts Jeremy Huval, Robert Booker, and new regular voice Ryan Patrick explore what the Notice of Proposed Rulemaking (NPRM) really means for covered entities and business associates. Is this HIPAA 2.0, or just long-overdue regulatory catch-up? The trio unpacks the implications of outdated safeguards, AI blind spots, and the broader need for industry-government collaboration to strengthen trust and assurance in the healthcare ecosystem.

Meet Ryan: https://www.linkedin.com/in/ryan-patrick-3699117a/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Cyber threats are evolving fast and compliance alone isn’t enough. This season on Trust vs., HITRUST’s Robert Booker, Jeremy Huval, Ryan Patrick to explore how to build true cyber resilience in a world transformed by AI, rising vendor risk, and outdated frameworks. It’s time to go beyond checkboxes and build trust that lasts.

In today’s world, the demand for skilled cybersecurity professionals has never been greater, yet the gap between that demand and the available talent continues to grow. In this episode, we sit down with M.K. Palmore, an advisor, cybersecurity leader, and host of The Leadership Student podcast, to explore innovative ways to close this gap. M.K. shares insights on attracting new talent to the field, making cybersecurity careers more accessible, and preparing the next generation for the complexities of defending digital frontlines.

Meet MK:https://www.linkedin.com/in/mkpalmore/

The Leadership Student Podcast: https://podcasts.apple.com/us/podcast/the-leadership-student-podcast/id1685389339

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

If we want to excel in working with our boards, communication is key, and no one understands this better than Mike Connly. As the former CTO at United Health Group and an experienced board member himself, Mike is sharing his top strategies for setting clear goals, reviewing progress, and ensuring accountability in the boardroom. He highlights the importance of grasping vulnerabilities, measuring program effectiveness, and creating supportive environments for cybersecurity teams and boards to thrive. 

Meet Mike: https://www.linkedin.com/in/michael-connly-26b21410/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

In the rapidly evolving world of artificial intelligence, grasping the layers of responsibility is essential for effectively implementing these technologies. 

In this episode, Richard Diver, a Solutions Architecture specialist for cloud security, author of Guardians of AI, and Senior Manager of Story Design at Microsoft, delves into the framework for AI responsibility. He emphasizes that while AI presents new solutions, many underlying challenges remain constant and shares that not all AI models are created equal. Breaking down the structure into three key layers (the AI platform, the application, and the usage layer) Richard underscores the importance of accountability at each level and breaks down the nuances of model selection.

Meet Richard Diver: https://www.linkedin.com/in/rdiver/

Read Guardians of AI: https://www.amazon.com/dp/B0D2TRVK33?ref_=cm_sw_r_cp_ud_dp_QHZZHT4CEEDAQQTFGSR2&skipTwisterOG=2

Richard’s Newsletter: https://www.linkedin.com/newsletters/7065381482126577664/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

In this episode, we sit down with FC Freaky Clown, an ethical hacker and author of How to Rob Banks, to explore the evolving role of AI in cybersecurity. FC, known for his unique blend of physical and digital hacking skills, discusses how AI is transforming social engineering tactics and its impact on both attackers and defenders. He shares insights from his experience at Defcon and BlackHat, emphasizing that while AI enhances tools for both good and ill, it remains a force multiplier rather than a replacement for human skills. Tune in to learn about AI's role in modern attacks, its limitations, and the importance of a multi-layered security approach.

Meet FC:https://www.linkedin.com/in/freakyclown/

Read How To Rob Banks: https://www.goodreads.com/book/show/78294430-how-i-rob-banks

Cygenta: https://www.cygenta.co.uk

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

How can we balance innovation and regulation in the world of AI? In this episode, Rob van der Veer, an expert in AI, security, and privacy, takes us through his journey from AI startups in the 90s to leading security at the Software Improvement Group. He delves into the rapid evolution of AI, particularly with transformer models, and discusses the dual nature of AI’s potential and risks. Rob emphasizes the need for robust AI security standards and regulations, while exploring the contributions of organizations like OWASP to AI security and the global impact of Europe’s AI Act.

Meet Rob: https://www.linkedin.com/in/robvanderveer/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

In this episode, Jason Clark, Chief Strategy Officer at Cyera shares insights on the evolving challenges of cybersecurity for organizations of all sizes. He breaks down the essentials of building a strong security strategy, emphasizing the importance of truly understanding your data and aligning cybersecurity efforts with your business goals. Whether you're a startup or an established company, this conversation offers practical advice on protecting your assets and staying ahead of threats in today's ever-changing digital landscape.

Meet Jason: https://www.linkedin.com/in/jasonclarkfl/

CYERA: https://www.cyera.io/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Jeremy and Robert sit down with Ransomware Sommelier Allan Liska to unravel the complex world of Ransomware, the criminals that engage in this activity, and the growing risk of new forms of extortion. Allan, with over 20 years in the field, delves into the mindset of ransomware actors, crucial monitoring strategies, and the battle taking place on the cyber frontier. He reveals why paying ransoms is not just a financial decision but a catalyst for further attacks on all companies, and how both small organizations and large corporations can better prepare for and respond to these digital extortion schemes.

Meet Allan: https://ransomwaresommelier.com/

Grab a copy of Allan’s books: https://www.amazon.com/Books-Allan-Liska/s?rh=n%3A283155%2Cp_27%3AAllan+Liska

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

In a world full of digital threats, even the best cybersecurity can’t eliminate residual risk. That's where cyber insurance steps in. But securing it is no easy task, even for the most prepared organizations.

In this episode, we are joined by Josh Ladeau, CEO of Trium Cyber and Sidney Prasse and Michael Giuliano from McGill and Partners to discuss the current state of cybersecurity insurance. Discover how security leaders, risk managers, brokers and underwriters are partnering to navigate this tricky terrain and how organizations like HITRUST are leading the charge to simplify the process and emphasize the critical role of assurance.

Meet Sidney: https://mcgillpartners.com/team?member=2021

Meet Josh: https://triumcyber.com/our-team/

Meet Michael: https://mcgillpartners.com/team?member=1646

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

We’re kicking off season 2 with a familiar face: Omar Khawaja is back to discuss how generative AI technology is impacting business governance and security leadership. Like other technologies, AI poses significant risk management challenges, but how can we better understand these systems to protect against them? Omar joins Robert and Jeremy to highlight the difference between understanding the business value created by AI over simply an AI strategy, the importance of defining the components that make up an AI system, the challenges security leaders face in engaging on AI initiatives, and advocating for integrating security expertise to ensure the safe and effective adoption of AI technologies.

Meet Omar: https://www.linkedin.com/in/smallersecurity?

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Join hosts Robert Booker and Jeremy Huval as they explore the critical importance of trust in cybersecurity in a whole new season of Trust Vs brought to you by HITRUST Alliance. This season, we’ll be speaking with industry experts to discuss the challenges and opportunities of artificial intelligence, cyber insurance, and emerging technologies.

Tune in to learn strategies for building and maintaining trust in the digital age, all while navigating the evolving world of cybersecurity with confidence.

We’re back with a special episode, recording in the midst of the largest breach in the American Healthcare industry. With this event, there has been a lot of concern and loss of trust in the systems that we put in place to keep us and our data secure. 

So how can we start to rebuild trust and confidence that we can better prepare for these attacks in the future? HITRUST CMO Steve Perkins joins the podcast to interview Trust Vs hosts Robert Booker and Jeremy Huval to unpack everything we have learned so far and why we should be focusing on cybersecurity assurance moving forward. 

Meet Steve: https://www.linkedin.com/in/steve-perkins-1604b31/

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/

Please consider rating and reviewing Trust vs. if you enjoyed this episode.

In the final episode of Season 1, Jeremy and Robert look into the future of cybersecurity, assurance and compliance. Listen to a collection of this season’s guests about their predictions for the future and how disruptive technologies like AI will shake up the industry. Find out how to maintain trust in this era of technology, and uncover how it might impact you and your business. 

Meet Jeremy: https://www.linkedin.com/in/jeremyhuval

Meet Robert: https://www.linkedin.com/in/robertbooker/