The Segment: A Zero Trust Leadership Podcast

The Monday Microsegment for the week of June 9th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Travelers left flying blind after cyberattack at Canadian airlineExtra! Extra! Hackers target journalists at The Washington PostAnd a fake IT support is tricking Salesforce users into downloading malwareHead to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

In this episode of The Segment, we dive deep into the critical intersection of cybersecurity, resilience, and organizational strategy with the renowned Dr. Larry Ponemon, founder of the Ponemon Institute and a pioneer in privacy and security research. With over 20 years of groundbreaking studies, including the IBM Cost of a Data Breach Report and the Global Cost of Ransomware Study, Dr. Ponemon shares valuable insights into the evolving cyber threat landscape and what businesses can do to stay ahead.We also talk about: The origins and evolution of the Ponemon Institute's research.Why prevention isn't enough, emphasizing containment and resilience in cybersecurity.The rising costs of data breaches and attackers' growing focus on disrupting operational resilience.How organizations can leverage research data to secure leadership buy-in and develop effective strategies.The importance of Zero Trust frameworks in addressing modern security challenges.The role of robust leadership, strategic planning, and redundancy in enhancing resilience.The evolving responsibilities of CISOs and unifying accountability within organizations.Emerging trends like artificial intelligence and global contributions to cybersecurity innovation.Metrics for measuring the effectiveness of security controls.The Global Cost of Ransomware Report: https://www.illumio.com/resource-center/cost-of-ransomware  Listening Notes:[2:30 - 6:00] Advice for Mitigating Ransomware Risks[6:00 - 11:00] Role of Zero Trust in Security[11:00 - 16:00] Accountability in Security Strategies[16:00 - 21:00]  Research Wishlist: Metrics and Trust[21:00 - 25:00] Long-Term Industry ObservationsTune in to learn how to shift from a prevention mindset to one of resilience and adaptability in an ever-changing digital world!

The Monday Microsegment for the week of June 9th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.A North Korean ransomware campaign is playing for keeps.A rose by any other name smells as sweet. But would malware by a standardized name be as leet?And is CISA's brain drain a crisis in the making?Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

The Monday Microsegment for the week of June 2nd. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.AI-powered cyberthreats are scaling fastVictoria's Secret remains hush-hush about security issue that triggered a website shutdownAnd U.S. banks are pushing back on breach disclosure rulesHead to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

The Monday Microsegment for the week of May 26th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.U.S. cyber defense faces budget cuts — just as threats are ramping up.A ransomware attack hamstrings a major healthcare network.And the Justice Department charges dozens in two global malware takedowns.Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

In a world where cybercrime is a business and national security secrets are often hidden in plain sight, this episode uncovers the gripping intersection of espionage and cybersecurity. Brian Boetig, a national security and public safety expert with 35 years of experience spanning the FBI, CIA, U.S. diplomacy, law enforcement, and consulting, shares fascinating stories from his career, including an unexpected brush with Russian intelligence, all thanks to a dachshund. In this episode we also discuss:The evolution of spycraft, from traditional field operations to modern cyber warfareHow cybercrime has transformed into a full-fledged business modelInsights into decoding behavioral patterns in cyberattacksThe complexities of cyber insurance and its limitationsHow businesses may be relying on cyber insurance in the wrong waysExamine how leadership engagement in cybersecurity has evolvedHighlight the critical role the C-suite plays in driving security initiativesStay Connected with our host, Raghu on LinkedInFor more information about Illumio, check out our website at illumio.com

The Monday Microsegment for the week of May 19th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- Japan's cyber defense is going on the offense- Scattered Spider crawls its way to the U.S. after UK crime spree.- And Spain reconsiders whether cyberattacks caused last month's national blackoutAnd Christer Swartz us for "Boos and Bravos."Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand

In this eye-opening episode of The Segment, we welcome Brett Johnson—once known as the "Original Internet Godfather" and a former U.S. Most Wanted cybercriminal. Now a reformed expert, Brett works to help law enforcement and organizations stay ahead of digital threats.Together, we explore the chilling reality of modern cyber threats, deepfake technology, and the manipulation of perception in an increasingly digital world. Brett shares his insights on why “the perception of reality is more important than reality itself,” how AI is fueling new forms of deception, and why personal relationships and trust are more critical than ever in cybersecurity.In this episode we also discuss:Why defenders continue to fall shortThe biggest misconceptions about cybercriminalsWhy billion-dollar security budgets aren't enoughThe role of regulations in shaping cybersecurity cultureWhy most cyberattacks succeed due to simple oversights, not sophisticated tacticsHow organizations can force attackers to adapt by closing common security gapsThe importance of layered security and data-driven threat detection Stay Connected with our host, Raghu on LinkedInFor more information about Illumio, check out our website at illumio.com 

The Monday Microsegment for the week of May 12th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Simple mistakes are leading to serious OT security issuesDid Samsung issue a sour patch for a server vulnerability last year?And malware is masquerading as an AI media toolAnd John Kindervag joins us for "Ask the Expert."Head to The Zero Trust Hub: hub.illumio.comIntroducing Illumio Insights: AI Cloud Detection and Response Webinar: https://lp.illumio.com/Introducing-Illumio-Insights-Webinar.On-Demand 

The Monday Microsegment for the week of May 5th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.The White House warns China: If you hack us, we may hack back.UK retailers are under siege — and one ransomware gang is taking credit.And stolen passwords are leading to millions of account takeovers.And Gary Barlet joins us for a special segment on live on the RSAC show floor. Head to The Zero Trust Hub: hub.illumio.com

When personal trauma meets professional purpose, it can reshape an entire industry—just ask Dr. Kelley Misata.Our guest today is Founder and CEO of Sightline Security and president of the Open Information Security Foundation. Dr. Misata brings a unique lens to the field, shaped by her personal journey as a stalking survivor turned cybersecurity advocate. From supporting nonprofits working with trafficking survivors to influencing how organizations manage open source risk, her work underscores the need to approach security with empathy, patience, and mission-first thinking.Together, we explore why cybersecurity can no longer be treated as a siloed function. Instead, it must be embedded into every decision, guided by understanding and tailored to the needs of those it aims to protect—especially in the nonprofit world. The conversation spans the dangers of digital assumptions, the importance of storytelling in awareness training, and how open source communities can be as critical to resilience as enterprise vendors.

The Monday Microsegment for the week of April 28th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.M&S battles a cyber incident that's ‘anything but ordinary'Is AI code generation playing fast and loose with security?And SAP scrambles to patch a critical vulnerability after real-world attacks.And Michael Adjei joins us for "Ask the Expert". Head to The Zero Trust Hub: hub.illumio.comRegister to attend RSAC: https://www.illumio.com/resources/events/rsa-conference-2025

The Monday Microsegment for the week of April 21st. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Russian hackers woo diplomats — with a glass of wine.AI flaws are going unfixed, even when they're critical.And security leaders look for a way forward after CVE program is pulled back from the brinkAnd Christer Swartz joins us for "Boos and Bravos". Head to The Zero Trust Hub: hub.illumio.comRegister to attend RSAC: https://www.illumio.com/resources/events/rsa-conference-2025

What if the biggest vulnerability in cybersecurity isn't the technology—but the people behind it? Dr. Erik Huffman, a pioneer in cyberpsychology, joins The Segment to break down the human factors behind digital attacks. Cyberpsychology—the blend of security, human behavior, and neuroscience—reveals that over 90% of data breaches involve human error or social engineering, not just technical exploits. The conversation shifts to why traditional cybersecurity awareness training isn't enough—awareness is widespread, but true preparedness is lacking.In this episode, we discuss:Why even the most secure organizations still fall victim to cyberattacksThe dangerous blame culture in cybersecurity and why it needs to changeThe intense pressure and burnout CISOs face in today's fast-moving business world What organizations can do to strengthen security beyond just investing in techHow attackers manipulate emotions If you think only careless people get hacked, think again.Resources Mentioned:Dr. Huffman Ted Talk

The Monday Microsegment for the week of April 14th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.China makes a cyber confession. Or was it a veiled warning?CISA director nomination blocked over another Chinese attackAnd ransomware attacks are up — but payouts are down.And John Kindervag joins us for "Ask the Expert."Head to The Zero Trust Hub: hub.illumio.comRegister to attend RSAC: https://www.illumio.com/resources/events/rsa-conference-2025

The Monday Microsegment for the week of April 7th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.TikTok gets more time in the U.S. — and a huge fine in Europe You can always count on death, taxes, and in April, IRS-themed phishing attacksAnd a major cybercriminal gang is taking the “ware” out of ransomware attacksAnd Trevor Dearing joins us for "Ask the Expert."Head to The Zero Trust Hub: hub.illumio.comRegister to attend RSAC: https://www.illumio.com/resources/events/rsa-conference-2025

Welcome to Season 3 of The Segment: A Zero Trust Leadership Podcast. This season, we're exploring the intersection of trust, resilience, and human behavior — how cybercriminals weaponize trust, why resilience is about more than just prevention, and why human psychology remains the most exploited element in cybersecurity. Be sure to subscribe so you don't miss these full-length interviews.

The Monday Microsegment for the week of March 31st. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.New “Morphing Meerkat” phishing kit packs a mighty punchCritical vulnerabilities cast a shadow over solar power systemsAnd the risk prognosis is not looking good for many medical devicesAnd Gary Barlet joins us for "Ask the Expert."Head to The Zero Trust Hub: hub.illumio.comRegister to attend RSAC: https://www.illumio.com/resources/events/rsa-conference-2025

The Monday Microsegment for the week of March 24th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.AI is supercharging organized crime, Europol warnsResearchers fool major AI tools into helping them write malwareAnd UK security leaders are confident — maybe too confidentAnd Christer Swartz joins us for a Boos and Bravos SegmentHead to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of March 17th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Accused LockBit ransomware developer facing lockup after U.S. extraditionMedusa ransomware now targeting critical infrastructureYou're not a robot, and “ClickFix” is not a solutionAnd Gary Barlet joins us for a Book Club segment. Brooking's article: https://www.brookings.edu/articles/generative-ai-the-american-worker-and-the-future-of-work/Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of March 10th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Watching pirated media? Prepare to be boarded by malware.Medusa petrifies more victims with ransomwareAnd Chinese cybersecurity vendor accused of doing the oppositeAnd John Kindervag joins us for an Ask the Expert segment! Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of March 3rd. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.API keys showing up in AI training dataRussian IT firms hacked by pirates in SPAAAAAAAAAAACE!And a new campaign is using malicious PDFs — and some clever SEOAnd John Kindervag joins us for a Myth Busters segment! Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of February 24th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.Bybit says bye-bye to nearly 1½ billion dollars in record-breaking crypto heistApple devices are getting a lot less private in the U.K.And phishing gangs are reinventing credit card theft for the digital eraAnd Christer Swartz joins us for an Ask the Expert Segment! Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of February 17th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.More DeepSeek Security Concerns — this time from South KoreaCybercriminals visit Virginia Courthouse — but not in the way you were hopingAnd an old Mac Malware Variant Gets a Brand New UpdateAnd Michael Adjei joins us for an Ask the Expert Segment! Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of February 3rd. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- Major vulnerability puts global infrastructure at risk- Microsoft to software developers: check your keys, please - And DeepSeek is in deeper trouble with U.S. lawmakersAnd Christer Swartz joins us for a Boos and Bravos Segment! Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of February 3rd. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- DeepSeek AI sparking deep concerns among security experts- Meta reveals what's up with spyware campaign targeting journalists- And it's code blue for vulnerable hospital-patient monitorsAnd Gary Barlet joins us for an Ask the Expert Segment!  Head to The Zero Trust Hub: hub.illumio.comThe Global Cost of Ransomware Study: https://www.illumio.com/resource-center/cost-of-ransomware

The Monday Microsegment for the week of January 27th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- Trump Tells Key Cybersecurity Board: You're Fired- Critical Flaw Found in Meta's AI Framework- North Korean Spies Posing as U.S. IT Workers Get More AggressiveAnd Gary Barlet joins us for a MythBusters Segment!  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of January 21st. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.-What's up with one of the world's biggest messaging platforms? Targeted attacks, that's what.-While hotel guests were checking in last year, hackers were checking out their personal info-And a new phishing kit bypasses Microsoft 365 two-factor authenticationAnd Gary Barlet and John Kindervag join us for an Agree to Disagree segment. Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of January 13th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- Microsoft has a message for alleged AI hackers: see you in court- Someone is finally thinking of the children. The bad news: it's a ransomware group.- And a new threat actor is using AI to punch above its weight classAnd Christer Swartz joins us for a Boos and Bravos segment.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of January 6th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.-Chinese Hackers Breach Treasury Department Through Vendor API-U.S. Army Soldier Accused of Being the Notorious Kiperphantom-New Year, New DoubleClickjacking Technique And Michael Adjei joins us for an Ask the Expert segment!  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of December 16th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.-North Korean IT workers end up on DoJ naughty list for alleged remote work fraud-'Tis the season for ransomware as victim totals hit new records-And it's Yule-tide trouble as cybergrinches deck the Halls with RDP ExploitsAnd John Kindervag and Gary Barlet join us for an Agree to Disagree segment!  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of December 9th. All the cybersecurity news you need to stay ahead, from Illumio's The Segment podcast.- Crypto thieves tailor Android malware for targeted attacks- A not-so-swift resolution to Chinese telecom hack- And Russian cyber spies acting in concert with rival hackersAnd Raghu Nandakumara joins us for a Boos and Bravos segment!  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of December 2nd. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.- Got $200? You've got enough to launch a new advanced phishing attack- Hackers aren't waiting to exploit the Godot Game Engine- And a high-profile attacker could be operating from a surprise location: a U.S. Army baseAnd Christer Swartz joins us for a Mythbuster segment!  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of November 18th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.- DHS releases AI framework for critical infrastructure- A critical zero-day vulnerability hits Palo Alto firewalls- And grandma gets an AI upgrade in the fight against scam callsAnd John Kindervag joins us for an Ask the Expert segment.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of November 11th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.North Korean hackers target Apple MacOS with new crypto-stealing malware Interlock ransomware group emerges as new threat to healthcare and government And a U.S. government agency tells its staff to stop using mobile phones after Chinese hackAnd Trevor Dearing joins us for a Myth Busting segment.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of Novemeber 4th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Election infrastructure has 'never been more secure,' CISA chief says Cyber saboteur tries to make Disney the hackiest place on earthAnd severe vulnerabilities found in hardware powering many industrial devicesAnd Sudha Iyer joins us for a Tech Tips segment.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

In this episode, host Raghu Nandakumara sits down with Neil Thacker, CISO EMEA at Netskope. Neil joined the show to discuss the evolving role of the CISO, as well as the challenges and opportunities they face in the context of new technologies.  --------“A good friend of mine is a CIO for a very large organization and he shared a great story. Obviously, during the pandemic, everyone was working remotely and they set up this whole Zero Trust principle and policy set to better secure their remote workers. It was interesting, he said, when everyone started coming back into the office, we realized we had better security when everyone was remote because of the changes that we made. So, we wanted to apply those same principles to our internal network and then we realized, can we just get rid of our internal network, our corporate network?”--------Time Stamps (03:14) The role of the CISO and its evolution(07:59) Challenges and opportunities in the CISO role(21:49) Importance of context in security operations(31:54) Simplifying compliance and driving innovation(45:23) Advice for Aspiring CISOs --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Neil on LinkedInIllumio World Tour 

The Monday Microsegment for the week of October 28th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Cisco urges customers to patch their firewalls and VPN software amid active exploitsLockBit copycat targets Apple MacOS systems with new ransomware strainsAnd Microsoft's boss takes a pay cut for a series of security incidentsAnd Raghu Nandakumara joins us for a Boos and Bravos segment.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 21st. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Suspected cyber bandit in data broker breach busted! In Brazil!LockBit dethroned as RansomHub crowned new king of the ransomware arenaAnd Casio races the clock as it struggles in the wake of a ransomware attackAnd Gary Barlet joins us again to talk about election security. Read his piece with the Financial Times: https://www.ft.com/partnercontent/illumio/tackling-election-security-with-zero-trust.htmlHead to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

In this episode, host Raghu Nandakumara sits down with Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, to explore the evolving landscape of cyber threats and the importance of resilience in the face of ransomware. They discuss the changing tactics of threat actors, the critical role of Zero Trust in modern cybersecurity, and the growing influence of AI on both cyber defense and offense. Sherrod also shares insights into balancing objective and subjective assessments in security, emphasizing the need for strong foundational practices and operational resilience.--------“Pre-decision making. If we come under ransom, are we going to pay? A lot of people start spiraling and it's like, wait, do you want to be spiraling now or do you want to be spiraling when we're actually under ransom? Let's spiral now. Let's do that worrying now, so that if something happens in the future, we're ready for that.”--------Time Stamps (04:53) Sherrod's career journey(16:15) Importance of basic security practices in ransomware resilience(18:37) Ransomware: To pay or not to pay?(22:08) Building a culture of ransomware resilience(26:19) Subjectivity of security(29:51) Evolution of threat actors(34:13) Zero Trust's impact on security(46:04) Role of AI in cybersecurity(49:49) Future of threat intelligence --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.Illumio World Tour --------LinksConnect with Sherrod on LinkedIn

The Monday Microsegment for the week of October 14th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Tiny company, massive data breach, and a swarm of lawsuits. New details in NPD bankruptcyThe Wayback Machine moving forward after a series of attacksAnd OpenAI shuts down efforts to use it for AI-powered wrongdoingAnd Gary Barlet to talk about Cybersecurity Awareness Month.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 7th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.China breaches U.S. broadband providers in months long breachIt's double trouble as two flaws put critical networking infrastructure at riskAnd U.S. authorities seize dozens of internet domains tied to Russian hackers.And John Kindervag joins us to talk about the 14 year Zero Trust journey.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour  

In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. --------“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”--------Time Stamps (02:01) Nicole's background (08:31) Responses to breaches and reporting (11:19) Victims of cyber hacks (17:39) Defining cyber equity (24:19) High impact cyber attacks (37:42) Linking Zero Trust to Cyber Equity: Secure-by-design  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Nicole on LinkedInThe Hidden Injustice of Cyberattacks by Nicole Tisdale Illumio World Tour

In this episode, host Raghu Nandakumara sits down with Tristan Morgan, Managing Director Cyber Security at BT Group, and Mark Hendry, Digital Services Partner at Evelyn Partners to discuss DORA regulations and compliance in the financial services sector. They discuss the interplay between regulatory standards like NIS2 and DORA, the importance of proportionality and operational resilience, and the broader adoption of principles such as Zero Trust. Learn more on how to achieve DORA compliance: Illumio.com/dora--------"If you did a search on DORA and looked for the word segmented, ss in micro-segmentation, instantaneous severing of elements of the network in order to contain and what have you, it's in there. It's absolutely in there. So, you just need to know what you're looking for and you'll find it. And Zero Trust will evolve. It might evolve into a different name or a different set of characteristics that we seek to achieve, but DORA should last. And we might find terms like Zero Trust start to pop up in regulatory technical standards or implementing technical standards that accompany it, but it's absolutely in there because it's such a good way to protect our organizations from harm, the types of harm that we've talked about." - Mark "If you were to build something completely separate and ask all businesses to comply with something that was different, not only would there be significant cost, I think actually you get much greater resistance. Whereas, these regulations like DORA actually build upon industry-recognized best practices that many businesses are already adopting to a degree, and it actually is sensible, but it also makes the barrier to compliance less." - Tristan--------Time Stamps (04:22) Current cyber threat landscape (11:02) Operational resilience and cyber resilience(12427) Compliance and regulatory standards (15:22) A historical look at compliance (25:58) The tipping point for the EU to prioritize operational resilience(36:48) What differentiates DORA from other legislation? (44:24) The role of Zero Trust within DORA  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Tristan on LinkedInConnect with Mark on LinkedIn

In this episode, host Raghu Nandakumara sits down with Thomas Mueller-Lynch, Global Director Digital Identities at Siemens to explore Siemens' ambitious zero trust program. They delve into the challenges of implementation and the strategic benefits of zero trust in bolstering product security and streamlining IT architecture. Thomas highlights the essential role of identity management and the importance of collaboration between IT, cybersecurity, and business units in advancing zero trust effectively.--------"You cannot run a Zero Trust program exclusively out of IT. You cannot run it exclusively out of cybersecurity. And also if the business, or at least our organization, which is quite big and lots of different business units, if everybody of these business units starts by their own something, it will also not work. It will only work as teamwork all together. So IT typically brings in the services and the service operational model. Cybersecurity brings in the rules and partly also kind of architecture, as well as IT by the way, and business obviously owns all of these assets. So if you don't have them on the same table, at the same table it won't work at all."--------Time Stamps *(03:56) Thomas' journey at Siemens*(08:59) Challenges in Zero Trust implementation*(16:08) Business benefits of Zero Trust*(27:32) Balancing big vision with tactical steps*(34:06) Identity's role in Zero Trust*(43:10) Collaborating across IT, security, and business for zero trust success*(44:59) How Zero Trust drives competitive advantage --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Thomas on LinkedInDownload your copy of The Forrester Wave for Microsegmentation Solutions: Illumio is a Leader in The Forrester Wave™: Microsegmentation Solutions, Q3 2024.  

In this episode, host Raghu Nandakumara sits down with Indy Dhami, Partner at KPMG UK, to explore the evolution from traditional InfoSec to cyber resilience. They discuss the strategic implementation of Zero Trust, the impact of regulatory pressures, and the challenges posed by AI. Indy emphasizes the critical role of foundational cybersecurity practices in maintaining business continuity and driving innovation.--------"The way I see it with some of these regulations, it's changing the focus of very siloed-based approaches to addressing regulatory requirements, to as I term, it's turning compliance into a team sport. You need to have your Chief Information Security Officer at the table for DORA. However, you also need to have the person that's responsible for all of your human resources or the person that's responsible for your business operations or for your important business services. And the more mature organizations that I'm working with are approaching it in that way. They have all of those key stakeholders at the table. They've understood that there are certain roles to play for each of these functions and they're working together."--------Time Stamps (01:27) Indy's career journey(07:40) The shift to cyber resilience(10:18) Importance of cybersecurity awareness(13:19) Ransomware ethics and initial client concerns(17:10) Evolution of regulations in cybersecurity(27:58) Understanding Zero Trust(35:54) Adoption and implementation of Zero Trust strategy(48:19) Harmonizing risk, security, and fraud(50:55) Future challenges in cybersecurity(53:05) Impact of AI and quantum computing on cybersecurity(55:03) Indy's vision of the future --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Indy on LinkedIn

In this episode, host Raghu Nandakumara sits down with Kyla Guru, a Stanford University student and passionate cybersecurity advocate. Kyla's journey started at the age of 14, leading her to found Bits N' Bytes Cybersecurity Education. She shares the importance of proactive cyber education, insights from her work with government and private sector organizations, and the role of AI in cybersecurity defense. Kyla also emphasizes integrating security into product development and the significance of grassroots community engagement in fostering cybersecurity awareness. --------“Even with artificial intelligence, we should just think about how our defense in depth, our security posture hasn't necessarily changed that much. It has changed in terms of improvement, but it's a cat-and-mouse game and the threat actors are also improving so we have to adapt. It's not just a one-and-done. ‘I've done my security. I'm done with it. I'm not going to think about it.' It's more so, ‘Okay, can we revise this now that the threat actors are evolving? What can we do to just stay ahead of the needle?' And I think as designers, that's a big thing to think about when you're designing a product is like, ‘Okay, if I build this, if I design this this way, how would attackers try and go around it and what is their next move?”--------Time Stamps (00:43) Kyla's background and journey into cybersecurity(08:28) Proactive approaches to cyber education(11:09) Ways to measure cybersecurity education impacts(19:25) Incorporating the zero trust concept into education(25:53) Importance of secure by design(32:52) Significance of user experience in security(35:29) Day-to-day in threat intelligence(38:21) Addressing common and recurring vulnerabilities(42:39) AI's impact on cybersecurity(47:08) Future of cybersecurity and the human element(49:20) Advice to cybersecurity professionals --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Kyla on LinkedInCheck out Bits N' Bytes Cybersecurity EducationLearn more about GirlCon

In this episode, host Raghu Nandakumara sits down with Stephen J. White, the CEO of Viking Technology Advisors to discuss the critical role of Zero Trust Network Access (ZTNA), cloud adoption, and AI in modernizing network security. He emphasizes the importance of visibility, automation, and holistic approaches to enhance operational efficiency and security.--------“It's about making security the enabler for Google, like you just said, it is the enabler, but then it's also making it invisible to the user community, so that it's secured, controlled, managed, but they can do their jobs as effectively no matter where they are. And it's just, this is a really pivotal time." - Steve White--------Time Stamps (04:42) The security challenges of modernization(17:29) Connecting business and security outcomes (29:02) Should cybersecurity and network teams merge? (31:01) What will generative AI bring to security?(49:31) The borderless network and managing the perimeter --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Stephen on LinkedIn

In this episode, host Raghu Nandakumara sits down with Sean Connelly, Former Director of CISA's Zero Trust Initiative, to discuss the evolution of network architectures; why incidents over the past 5 years have catalyzed a greater federal focus on cyber resilience, and specifically Zero Trust; and how CISA is thinking about protecting data in new ways.Timestamps: (04:39) How the nature of the perimeter has changed (12:00) The shift towards being critical-asset focused and how it accelerated cloud adoption(15:36) The process behind drafting recent regulation and EO 14028(36:56) Are agencies making the expected improvements? (41:48) The key challenges moving forward --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Sean on LinkedIn

In this episode, host Raghu Nandakumara sits down with Carlos Buenano, CTO, OT at Armis, to discuss his path to OT security, the importance of Zero Trust in industrial environments, and how to make progress in security while not compromising productivity.--------“They are not in charge of security. Until now they haven't been accountable  to basically provide security. Okay. Of course, they are concerned about being disrupted, the operations being disrupted.” - Carlos Buenano--------Time Stamps:(08:39) How to discuss security with OT practitioners(13:49) Why we have so many legacy systems in OT and OT's perspective on security (24:19) Adoption of Zero Trust in OT environments and challenges (39:23) Pros and cons of the American and European approaches, how to accelerate adoption(44:15) Relevance of AI in the OT space--------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Carlos on LinkedIn

“The more that we distribute, the more that we decentralize, the more that we fragment, the more that we go down pathways of things like no code low code, the more that we go down serverless. We're just creating a distributed environment that is a target rich environment for the bad actors and an incredibly difficult landscape for us to manage from a security standpoint.”  - Richard Bird--------Time Stamps(14:39) Cognitive dissonance in cybersecurity (26:01) The role of Zero Trust in a decentralized world(30:51) Misconceptions about Zero Trust(40:48) What does Zero Trust have to do with API Security?(56:36) The future of Zero Trust and API Security --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Richard on LinkedIn