Avsnitt
-
In this episode, host Raghu Nandakumara sits down with Ann Johnson, Corporate Vice President, Microsoft Security Business Development, to explore AI, everyday Zero Trust conversations, cyber resilience best practices, and so much more.
--------
“Democratization has to exist as well, and there has to be global standards and there has to be global regulation, but there also has to be global cooperation, right?.. We’re seeing an increase in collaboration and cooperation, but we’re not where we need to be. And the only way we actually defeat the bad enemy is with collective defense, and we need to get a lot better about collective defense.”
--------
Time Stamps
(04:32) An egalitarian approach to cybersecurity
(11:01) “The greatest thing the industry can do is improve visibility”
(13:50) Three steps to Zero Trust
(25:00) What’s driving Zero Trust adoption?
(28:00) Talking cyber resilience to the Board
(34:36) Becoming a better CISO
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com.
--------
Links
Connect with Ann on LinkedIn
-
In this episode, host Raghu Nandakumara sits down with Richard Staynings, Chief Security Strategist at Cylera, to discuss how the role of the CISO has changed over the past 30 years, the IT challenges facing modern healthcare organizations, and today’s cybercrime landscape.
--------
“I'd like to think that all healthcare organizations are looking at all aspects of Zero Trust, right? But Zero Trust is a journey. It's not something where you can throw a switch on and become Zero Trust certified overnight. It's a mindset. It's a journey.”
--------
Time Stamps
(02:49) The role of the CISO through the years
(08:32) Understanding the perpetrators of cybercrime
(19:00) The medical OT threat landscape
(29:00) Reducing HIoT risk with Zero Trust
(39:00) AI and the future of healthcare
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com.
--------
Links
Connect with Richard on LinkedIn
-
Saknas det avsnitt?
-
In this episode, host Raghu Nandakumara sits down with Ryan Fried, Senior Security Engineer at Brooks Running, to discuss the role of cybersecurity in the manufacturing and retail sectors, building a successful Zero Trust program, and the difference between being compliant and being secure.
--------
“How can we go towards Zero and, I’ll say, Zero-ish Trust? Actual Zero Trust is really hard to do, and I think it's really intimidating...But, for instance, what we're talking about is micro-segmentation from a Zero Trust perspective, what is the best bang for our buck that we're gonna get with being the least disruptive?” - Ryan Fried
--------
Time Stamps
* (06:31) Mapping out your risk exposure
* (10:44) Striking a balance between good security and “good enough”
* (13:03) Compliance in less regulated industries
* (17:22) Being compliant vs. being secure
* (24:22) Zero-ish Trust in action
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com.
--------
Links
Connect with Ryan on LinkedIn
-
In this episode, host Raghu Nandakumara sits down with Rob Ragan, Principal Researcher at Bishop Fox – live at RSAC 2023! – to discuss the different types of threats, offensive security trends, and how to continuously find new opportunities to improve cyber resilience.
--------
"I'm seeing a lot more folks that are security engineers and are on blue teams that are also then wanting to participate in those red team exercises and in those tests, and be involved and actually understand how they can learn and apply those techniques while they're building into their threat models.
And I see that the folks that are doing that on a more regular basis are maturing more rapidly. And if they're not factoring in that testing to what they've implemented, then there may be long periods and long gaps where there's a susceptibility that remains unknown." - Rob Ragan
--------
Time Stamps
* (2:23) Learning the wrong ways to build applications
* (6:31) Securing IoT/OT and national critical infrastructure
* (15:36) Zero Trust and offensive security
* (19:27) Maturing faster with more testing
* (24:32) TCO and ROI
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com.
--------
Links
Connect with Rob on LinkedIn
-
In this episode, host Raghu Nandakumara sits down with Gary Barlet, Federal Field CTO at Illumio, to discuss his own personal experience with Zero Trust, top cyber challenges facing federal organizations, and why embracing an “assume breach” approach to cybersecurity matters.
--------
"You wanna continue to try to do your best, but there's no such thing as perfect. And you have to be ready for the alternative, right? What happens when the art of the perfect fails you, and you have to deal with a breach? And I think that that monumental shift in approach and philosophy is something that I think that modern entities, agencies, and businesses, if they don't make that shift, they're just gonna continue to lose." - Gary Barlet
--------
Time Stamps
* (3:07) Fighting the everyday battle in cyberspace
* (7:16) How to “assume breach”
* (17:53) The US Government’s top cyber challenges
* (28:17) Breach economics
* (35:33) The future of Zero Trust
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with Gary on LinkedIn
-
In this episode, host Raghu Nandukumara chats with Shawn Kirk, Worldwide Leader for Security Go to Market at Amazon Web Services. The two of them discuss the shared responsibility model, making incremental Zero Trust improvements in the cloud, and understanding cloud economics and ROI.
--------
"When we're having conversations with customers we are very, very reluctant to put the actual technology, feature or the control at the beginning of the conversation. Because, particularly with something as nuanced to Zero Trust, you really have to have a much more in-depth understanding of the problem that they're trying to solve." - Shawn Kirk
--------
Time Stamps
* (5:19) How to secure your cloud migration
* (9:38) Zero Trust’s role in cyber conversations
* (17:34) ROI benefits of cloud security
* (19:25) Top security challenges facing AWS customers
* (22:46) Evolving threats in the cloud
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com.
--------
Links
Connect with Shawn on LinkedIn
-
In this episode, host Raghu Nandukumara sits down with Illumio CTO and Co-Founder PJ Kirner, to discuss Illumio’s founding story, taking a data-driven approach to innovation and market validation, and what RSA attendees should be thinking about as they gear up for this year’s conference.
--------
"I do think we fell off the bandwagon with all this implicit trust in the environment…All these things that were just allowed to talk to each other implicitly—no one ever thought about, you know, let’s turn this into explicit trust? That's a place where I think we definitely needed Zero Trust to help us along that journey." - PJ Kirner
--------
Time Stamps
* (0:47) The Illumio founding story
*(11:39) What do submarines and cyber resilience have in common?
*(14:55) Overcoming implicit trust
*(24:40) Validating ideas with data
* (36:13) What a CTO hopes to see at RSA
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com or visit us at RSAC in San Francisco, between April 24 – April 27! You can find us in the North Hall, at Booth 5778.
--------
Links
Connect with PJ on LinkedIn
-
In this episode, host Raghu Nandakumara sits down with Stephen Coraggio and Greg Tkaczyk, Managing Partner and Executive Consultant at IBM Security, to discuss the business value of cybersecurity, defining your crown jewels, and overcoming “analysis paralysis” and other Zero Trust challenges.
--------
“Back in the day it was around protecting everything, encrypting everything, and really making sure that we scan everything in an environment. Now when we talk to clients, it's around how do we make sure that we are truly looking after the most important things in our environment, making sure that those are properly protected, [and] controlled.” - Stephen Coraggio
“You don't want to spend four months deciding what top five policies you want to enforce in a CSPM solution—Make those decisions quickly and reduce risk.” - Greg Tkaczyk
--------
Time Stamps
* 10:17 – Defining your “crown jewels”
* 13:09 – Overcoming “analysis paralysis”
* 22:35 – ZT as a framework: “It’s a set of guiding principles”
* 30:30 – What comes next in cyber (a case for AI/automation)
* 34:10 – Using data to demonstrate ROI
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with Stephen on LinkedIn
Connect with Greg on LinkedIn
-
In this episode, host Raghu Nandakumara and Vishal Salvi, CISO and Head of the Cyber Practice at Infosys, explore the evolution of the CISO over the past 25 years, democratizing cybersecurity and why “doing the boring things right” matters.
--------
“If you start taking an approach of zero tolerance—we need to start getting a sense of more governance around how do we manage this?
While we want to empower people, while we want to have speed and agility—you cannot do it at the cost of IT hygiene and therefore poor security and therefore risk of being breached.” - Vishal Salvi
--------
Time Stamps
* (6:02) Evolving as the profession evolves
* (9:30) Being an empathetic business leader
* (16:30) Back to basics — “Doing the boring stuff right”
* (20:52) Democratizing cybersecurity within the organization
* (31:50) How to make the most of your cyber investments
* (41:05) What excites a CISO
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with Vishal on LinkedIn
Check out Infosys
-
In this episode, host Raghu Nandakumara and Gerald Caron, Former Chief Information Officer for the Office of the Inspector General at the US Department of Health and Human Services, unpack how to manage operational risk, the role of data mapping in any successful Zero Trust strategy, and demonstrating ROI.
--------
“Because when you're managing risk, it's not just an IT thing. It's also a mission thing as well. What are the political aspects of the risk and the decisions that you're making? That informs the IT risk as well. But I think it has to be well understood that this is, going back to the ROI, this is why this is a good investment. This is gonna help mitigate this risk… [Zero Trust] is a cultural thing for an organization and it needs to be communicated.” - Gerald Caron
--------
Time Stamps
* (5:00) Understanding your operational risk posture as a CIO
* (9:52) What peanut butter, the cinema and Zero Trust have in common
* (14:10) Demystifying Zero Trust: Driving the adoption of ZT at the OIG
* (18:40) Measuring progress and effectiveness
* (25:53) Aligning Zero Trust with your company’s business strategy
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with Gerald on LinkedIn
-
In this episode, host Raghu Nandakumara chats with George Finney, best-selling author and Chief Security Officer at Southern Methodist University, about his experiences with Zero Trust in higher education, the cultural elements of cybersecurity, his new book “Project Zero Trust” and why some Zero Trust projects fail.
--------
“That understanding fundamentally of trust is something we don't necessarily talk about a lot in organizations. When you get into Zero Trust, the real trick is how do I spot the trusts? When I look at a computer, router, firewall, server config — what's the trust? How do I go through and get rid of them?
That's what Zero Trust is about. It's not about not trusting people. It's about finding those trusts in our digital systems and getting rid of them.” - George Finney
--------
Time Stamps
* (5:40) Establishing a unified security culture
* (11:10) What Zero Trust isn’t: “Don’t take the cynical approach”
* (16:50) The secret sauce to being a CSO today is building in security from day 1
* (24:00) Understanding your “protect surface” to maximize ROI
* (28:30) The reason some Zero Trust projects fail isn’t because of tools - it’s people
--------
Sponsor
Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with George on LinkedIn
Check out George's best-selling book "Project Zero Trust"
-
In this episode, host Raghu Nandakumara sits down with Chase Cunningham, former Forrester analyst and “Dr. Zero Trust”, to discuss the evolution of the Zero Trust framework and what organizations get wrong when mapping out their Zero Trust strategies.
--------
“...John [Kindervag] says it all the time: Trust is a human emotion; we've built it into computers. If you remove the trusted relationships, it's not that there's going to be “zero trust.” It's that they're going to have manageable risk based on trust relationships, and that makes the bad guy's day really hard.” — Dr. Chase Cunningham
--------
Time Stamps
* (6:34) Zero Trust is nothing new, just an evolution of something that’s always made sense
* (10:32) You can get Zero Trust wrong – but start small to get it right
* (16:18) How vendors have changed the Zero Trust landscape
* (21:39) How APIs are transforming the future of cybersecurity platforms
* (28:34) Federal Zero Trust progress is “fast-ish”
--------
Sponsor
Assume breach. Minimize impact. Increase resilience. With Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/
--------
Links
Connect with Chase on LinkedIn
Check out the DrZeroTrust podcast
-
In the past two years, more than three-quarters of organizations have been attacked by ransomware, and over two-thirds have experienced at least one software supply chain attack. Attackers are smarter, more sophisticated and move more quickly than ever. If your organization hasn’t been breached yet, odds are you will be.
On “The Segment: A Zero Trust Leadership Podcast”, you will hear from industry experts about the latest cybersecurity and ransomware trends. We will unpack how modern organizations can reduce risk and curtail impact with Zero Trust - a “never trust, always verify” approach to cybersecurity.
Join us for The Segment: A Zero Trust Leadership Podcast, brought to you by Illumio.
-------
Assume breach. Minimize impact. Increase resilience. With Illumio, the Zero Trust Segmentation company.
Learn more at illumio.com/