Podcasts about zero trust architecture

Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

Join Matthias Reinwarth in this special episode of the KuppingerCole Analyst Chat as he welcomes not one but two expert guests: Nitish Deshpande, Research Analyst at KuppingerCole, and Martin Kuppinger, Principal Analyst and Co-Founder of KuppingerCole. Together, they explore the evolution of modern authorization, discussing how far the industry has come since the early days of static entitlements and XML-based policies. From early insights shared back in 2009 to today’s dynamic, AI-enhanced, signal-driven authorization models, this episode unpacks the what, why, and how of modern access control systems.

Send us a textIt's April 3rd and Peaches is back with a fresh pile of Air Force, Space Force, and “what are we even doing anymore?” news.From commanders whining about drone threats and bureaucrats pushing Zero Trust Architecture™ (whatever that means), to Ukraine intel shifts, grounded pregnant pilots, and six B-2 bombers pulling up to the Red Sea like it's a boss level—this Daily Drop has it all.Oh, and in case you missed it: the DoD is still trying to lay off people with pay, we're throwing F-35s into the Middle East blender, and China is officially the “leaked” top threat—because apparently someone needed that in writing.

In this episode Jennifer Franks reveals how Zero Trust Architecture (ZTA) is revolutionising cybersecurity in government. Unlike traditional security models, ZTA eliminates implicit trust by enforcing continuous verification, strict identity authentication, and least privilege access, ensuring robust protection against unauthorised access and data breaches. The discussion highlights critical gaps in inventory and access management faced by federal agencies and emphasises the need for continuous monitoring and cataloging of data and network assets. We also examine how ZTA is an ongoing security process, requiring a phased implementation approach and continuous security awareness training to adapt to emerging cyber threats. Tune in to learn how Zero Trust is transforming cybersecurity into a proactive and resilient defence model for the public sector. Jennifer Franks, Director Center for Enhanced  Cybersecurity, GAO For more great insights head to www.PublicSectorNetwork.co  

February 7, 2025: This is the second episode of the Zero Trust Hospital Series. Tamer Baker, Healthcare CTO for Zscaler, explores how Zero Trust Architecture is revolutionizing hospital security and operations. How does shifting from a legacy, appliance-heavy infrastructure to a streamlined, SaaS-based model allow healthcare organizations to innovate faster? Can removing external attack surfaces truly minimize risk, or does it simply shift the burden elsewhere? With patient experience, security, and operational efficiency at stake, the conversation dives deep into how healthcare leaders can do more with less—without just piling on more work. Want to get your copy of the new book "Zero Trust Hospital: The CXO Vision" by Zscaler?Pre-Order nowDon't miss our webinar after all six Zero Trust Hospital Series episodes! Register now: www.thisweekhealth.com/zerotrustKey Points:04:44 Risk Management in Zero Trust07:39 Operational Efficiency with Zero Trust09:14 Enhancing Patient and Clinician ExperienceSubscribe: This Week HealthTwitter: This Week HealthLinkedIn: This Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer

The Zero Trust Architecture (ZTA) provides a new approach to cybersecurity, and outlines a great model for developers to follow. Like the name implies, you should trust no one, at least initially, and assume that all networks and traffic are potential threats. We know that no network is ever 100% secure, but beginning with this assumption gives you the safest starting point and should reduce the risk of data breaches. ZTA is based on the principle of “least privilege,” which means that users and devices are only granted the permissions they need to perform their specific tasks. To help explain what this means, I spoke to Steve Hanna, a Distinguished Engineer from Infineon Technologies on this week's Embedded Executives podcast.

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

At TechNetCyber24, Francis Rose explored pressing cybersecurity challenges and strategies within the government sector with cyber experts, included ServiceNow's Mike Rohde. Discussions emphasized the need for effective data management and AI integration, the importance of adopting Zero Trust Architecture to combat sophisticated threats, and innovative strategies for retaining skilled cybersecurity professionals. Automation and AI were highlighted as crucial for enhancing efficiency and job satisfaction, while industry collaboration was noted as vital for driving innovation and knowledge transfer. A unified approach to these issues is essential for bolstering cybersecurity resilience across sectors.  Link to YouTube Video: https://youtu.be/fmUXk-enrIg?feature=sharedSee omnystudio.com/listener for privacy information.

At TechNetCyber24, Francis Rose explored pressing cybersecurity challenges and strategies within the government sector with cyber experts, included ServiceNow's Mike Rohde. Discussions emphasized the need for effective data management and AI integration, the importance of adopting Zero Trust Architecture to combat sophisticated threats, and innovative strategies for retaining skilled cybersecurity professionals. Automation and AI were highlighted as crucial for enhancing efficiency and job satisfaction, while industry collaboration was noted as vital for driving innovation and knowledge transfer. A unified approach to these issues is essential for bolstering cybersecurity resilience across sectors.  Link to YouTube Video: https://youtu.be/fmUXk-enrIg?feature=sharedSee omnystudio.com/listener for privacy information.

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

Stevie Caldwell, Senior Engineering Technical Lead at Fairwinds, joins host Priyanka Raghavan to discuss zero-trust network reference architecture. The episode begins with high-level definitions of zero-trust architecture, zero-trust reference architecture, and the pillars of Zero Trust. Stevie describes four open-source implementations of the Zero Trust Reference Architecture: Emissary Ingress, Cert Manager, LinkerD, and the Policy Engine Polaris. Each component is explored to help clarify their roles in the Zero Trust journey. The episode concludes with a look at the future direction of Zero Trust Network Architecture. This episode is sponsored by QA Wolf.

We spoke with Balaji Subramaniam, Head of Global Sales and Strategy at Sattrix Group, a pioneer in cyber security solutions offering AI-driven managed security services to small, mid, and large scale enterprises.  Founded in 2013, Sattrix's core focus is to protect critical assets and sensitive information from cyber threats. Sattrix stays ahead of the curve by leveraging emerging trends like AI and machine learning, Zero Trust Architecture, and cloud security to address the evolving threat landscape...further aiming to deliver top-notch cybersecurity managed and professional services to businesses globally.  We explore the cyber security market dynamic in India and abroad, how customers view their potential impact, consolidation trends, role of multiple technologies, client staging, use cases, and competitive differentiation.  In an environment where cyber security is a "board room decision" - an assessment of such a business is very timely.  Sattrix Information Security, has recently filed its draft red herring prospectus (DRHP) with the BSE SME for an IPO. The issue involves a completely fresh equity sale of 18 lakh shares, with the company aiming to raise around Rs 20 crore. With the IPO, it seeks to further enhance its capabilities and expand its reach.  Hope you enjoy this TRANSFIN. Podcast with Nikhil Arora and Sharath Toopran, where we converse with entrepreneurs and business operators running successful startups, profitable SMEs and family promoted firms on one end, and top investment professionals representing VC/PE/credit funds on the other. The objective is to bring out an "actionable" perspective converging the world of business and investing.   If you're a founder and if you'd like us to drill down your model, feel free to drop us a line at edit@transfin.in 

Zero trust is a buzzword, but what does it actually mean and how will it impact network engineers? Jennifer is here to get us up to speed. First, she gives a general description: It's a security architectural strategy that's progressing toward increased observability and trust inferences. Then she breaks it down for the three main... Read more »

Zero trust is a buzzword, but what does it actually mean and how will it impact network engineers? Jennifer is here to get us up to speed. First, she gives a general description: It's a security architectural strategy that's progressing toward increased observability and trust inferences. Then she breaks it down for the three main... Read more »

On this episode of The Cybersecurity Defenders Podcast, we speak with Kane Narraway, Head of Enterprise Security at Canva, about Zero Trust architecture.Kane brings over a decade of experience to the table, specializing in enterprise security, cloud security, and risk management. He's known for his groundbreaking work in building zero trust architectures at some of the world's largest tech companies, often from scratch during the early days of zero trust when solutions were not readily available.Kane's career is marked by notable achievements, including integrating multi-billion dollar acquisitions and establishing robust security frameworks for regulations like SOC2, PCI-DSS, and HIPAA. He's not only a director who has scaled technology companies from startup to enterprise level but also a passionate leader who has nurtured diverse teams, promoting autonomy and inclusivity. Outside of his direct work, Kane is dedicated to giving back to the community—whether it's sharing cybersecurity insights, mentoring at boot camps, or volunteering at conferences. Join us as we gain insights from his extensive experience and innovative approaches to tackling some of the most complex challenges in cybersecurity today.Kane's blog can be found here.

The Future of Technology in Federal Applications: Insights from Intel's CTO   In this 5G Guys podcast episode, we talk with guest Steve Orrin, the Chief Technology Officer and Senior Professional Engineer for Intel Federal. Steve shares insights from his ten-year tenure at Intel, focusing on helping the government adopt advanced technologies. The conversation covers a wide range of topics, including the impact of AI, cybersecurity, pervasive connectivity, and the role of data in driving technological innovations. Steve provides examples of AI applications in government sectors, such as using drones for forest health monitoring and the benefits of pervasive connectivity in crisis situations. He also touches upon the cybersecurity challenges new technologies present and the importance of Zero Trust Architecture in managing these issues. Additionally, Orrin discusses regulatory policies and the future of technology adoption at the federal level, with implications for consumer technology. The episode offers a comprehensive look at the intersection of government, technology, and security, highlighting the ongoing innovations and challenges in the field.   __________________________ Connect With Our Guest __________________________      Intel Federal Website ➡︎ https://www.intel.com/content/www/us/en/government/public-sector-solutions-overview.html      Steve Orrin on LinkedIn ➡︎ https://www.linkedin.com/in/sorrin/   __________________________ Connect With Our Sponsor __________________________      Vertex Innovations ➡︎ https://vertex-us.com/   __________________________ Connect With Us __________________________      5G Guys Website ➡︎  https://5gguys.com        Social:        ·       Facebook: https://www.facebook.com/5Gguys      ·       LinkedIn: https://www.linkedin.com/groups/12515882      ·       X: https://twitter.com/5gGuys   _______________________________ Submit Your Ideas or Feedback ➡︎ https://5gguys.com/contact-2 _______________________________ Subscribe to the 5G Guys Weekly Newsletter ➡︎ https://mailchi.mp/5gguys/subscribe-to-the-5g-guys _______________________________ ⏰Episode Minute-by-Minute⏰   00:00 Episode Preview 00:29 Introducing the 5G Guys Podcast 01:02 Special Guest: Steve Orrin from Intel Federal 01:29 Steve Orrin's Journey to Intel Federal CTO 03:30 The Broad Impact of Federal Technology Initiatives 04:53 Exploring the Evolution of Technology Trends 05:57 The Convergence of AI, Data, and Connectivity 07:51 Revolutionizing Industries with Advanced Technologies 12:12 The Future of Peer-to-Peer Connectivity and Its Uses 16:41 Cybersecurity in the Age of Pervasive Connectivity 16:58 Navigating the Complex Landscape of Cybersecurity 20:38 Embracing Zero Trust Architecture for Enhanced Security 22:33 The Challenge of Securing IoT Devices 25:03 Leveraging Government and Industry Collaboration for Security 25:57 The Role of Regulatory Policies in Technology Adoption 32:59 Anticipating the Future: AI, 5G, and Smart Infrastructure 33:29 The Potential of AI in Streamlining Business Processes 35:35 The Impact of 5G on Future Applications and Connectivity 37:12 Instrumenting Infrastructure for a Smarter Future 38:23 Reflecting on Intel's Evolution and Future Directions 38:48 Closing Thoughts and Looking Ahead

In this episode, we dive into the latest ransomware incidents impacting organizations in Ascension, Montclair, NJ, and Wichita, KS. We'll explore the rise of Ransomware-as-a-Service (RaaS) and analyze CISA's recent advisory on this growing menace. Discover how implementing Zero Trust Architecture and investing in cyber insurance can bolster your defenses against cyber-attacks. Stay ahead of the curve with insights into the emerging cyber threats of 2024 and learn proactive measures to safeguard your systems. Don't miss this essential discussion on protecting your business from cyber-attacks. Stay informed, stay protected! #SecuritySquawk #CyberSecurity #Ransomware #ZeroTrust #CybersecurityPodcast #CybersecurityExperts

In today's digital age, how can organizations fortify their defenses against the ever-evolving landscape of AI threats and risks? This question sets the stage for a compelling episode of the Tech Talks Daily Podcast, where we sit down with Steve Orrin, Federal CTO at Intel, to delve into the pivotal role of AI in shaping cybersecurity practices and transforming public sector enterprises. Our journey begins with a deep dive into the Zero Trust Architecture—a strategy that's gaining traction across industries as a means to bolster security in an increasingly complex digital world. Steve shares his insights on starting this journey, emphasizing the importance of asset inventory and multi-factor authentication as foundational steps. But the conversation doesn't stop there; we explore how Zero Trust is a continuous path of evolving controls and maturing capabilities, rather than a one-off implementation. Shifting gears, Steve illuminates the transformative power of AI within the public sector. From enhancing mission capabilities through advanced object detection and tracking to optimizing back-end processes, AI's role in government mirrors its impact in the private sector. Yet, the journey to successful innovation with AI demands a strategic approach—understanding customer needs, planning for deployment requirements, and piloting technology in a "Goldilocks Zone" of impact without risking critical systems. As we navigate the conversation towards emerging technologies, Steve introduces us to the concept of AI PCs, which promise to bring native AI acceleration to the edge, where users work. This discussion underscores Intel's commitment to scaling AI and security across diverse environments through innovative computing solutions and custom silicon designs. Throughout the episode, Steve shares invaluable advice for staying ahead in the tech landscape, from leveraging resources like Hacker News to engaging with a community of experts and continuously learning from one's team. As we conclude, we ponder the question: In the pursuit of technological advancement and security, how do we ensure that we're not just reacting to threats but proactively shaping a future where technology serves the greater good? We invite you to share your thoughts and join the conversation. For more insights from Steve Orrin and to explore the topics discussed today, find us and our guests online. Your journey towards understanding and leveraging the latest in AI, cybersecurity, and technology trends begins here.

SwRI engineers have developed a comprehensive cybersecurity method for vehicles. The Zero-Trust Architecture for Automotive Networks is high-level security for computerized vehicle systems, using principles proven to safeguard computers, phones and other information technology (IT) equipment. The zero-trust approach is now hitting the road, offering layers of protection against cyberthreats for vehicle electronics, software and sensors. Listen now as SwRI Engineer and Project Leader Maggie Shipman discusses the emerging field of vehicle cybersecurity and how zero-trust architecture is advancing beyond IT applications to protect drivers.

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this model are. This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-337

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! In this interview, we talk to Chad Cardenas about why he created The Syndicate Group, which operates very differently from the typical VC firm with LPs and a collective fund to draw from. We'll discuss how the investor/startup relationship differs, and what the advantages of this model are. This week, we discuss Island's raise, unicorn status, and what that means for both the enterprise browser market and the cybersecurity market in general. We discuss Censys and the state of the external attack surface management market, or what they're trying to call, "exposure management". We discuss the details of the Okta breach in depth, and why we're worried about the larger impact it could have on the industry and vendor trust in general. Finally, we wrap up with some fun squirrel stories.   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-337

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! Show Notes: https://securityweekly.com/esw-337

In the age of remote and hybrid work, employees are now spending most of their time in the browser or virtual meetings, making the browser an increasingly important part of an enterprise's security strategy. According to Gartner, “By 2030, enterprise browsers will be the core platform for delivering workforce productivity and security software on managed and unmanaged devices for a seamless hybrid work experience.” Learn more about: The browser's role in a business's security strategy How an enterprise browser can support your workforce Zero Trust Architecture and how businesses can enforce context-aware access controls and add customizable data loss prevention Segment Resources: Complimentary Gartner Emerging Tech: Security – The Future of Enterprise Browsers Report Get started with Chrome Enterprise for free Learn about Google's Zero Trust solution, BeyondCorp Enterprise Customer spotlight: Check out the Google Cloud Next recording to hear how Snap is leveraging our secure enterprise browsing solution to protect their workforce How to contact us   This segment was sponsored by Google Chrome Enterprise. Visit https://securityweekly.com/chromeenterprise to learn more! Show Notes: https://securityweekly.com/esw-337

Complexity   Identity Credentials and Access Management  (ICAM)      Toxic Combinations Napoleon Hill once said that a goal is a dream with a deadline.  When it comes to the federal transition to Zero Trust Architecture, the Office of Management and Budget outlines a path for implementing zero-trust architecture by 2024.  Today's discussion gives federal practitioners terrific guidelines on how to accomplish that noble goal. The group is a wonderful mix of federal experience, innovative leaders, and experts who were part of many initial network specifications.  During the discussion three topics were obvious:  how to manage complexity, identity, and unexpected combinations. Complexity During an exchange about “shiny new things” that seem to trap system managers, Josh Brodbent made a fantastic observation when he stated that complexity doesn't always mean effectiveness.  Drilling deeper into the concept of new technology, Frank Bruglio suggests some people will purchase a “shiny new toy” for the sole reason to check a box on a compliance requirement.  ICAM Bryan Rosensteel has spent his career in the world of federal identity management.  His experience leads him to believe that to fulfill the desired transition to zero-trust architecture, application developers must be taken into consideration. His point is simple, if ICAM isn't a part of application development, how can they assure that it will be compliant?  Bolting on compliance brings about delays and unneeded code revisions.  Bryan expands on this concept with his thoughts on abstract authentication and centralized structures. Toxic Combinations Frank Briguglio reminds us that managing Identity Credentials and Access Management must be understood at a much deeper level.  In the discussion, he revives the phrase “toxic combinations.”  This is a reference to granting privileges to users that can create risks in unexpected ways. Automation has its limits, and humans must be part of the package when a federal agency commits to zero-trust-architecture.

In this episode of CyberIntel, Brian Odian walks through the roots of Zero Trust Architecture, and where it may be headed. If you have any questions you want answered on CyberIntel, email us at cyberintel@vikingcloud.com and our experts will be in touch - we may even make it the subject of a future episode! CyberIntel provides a deep dive into the world of cybersecurity and compliance. Hosted by Brian Odian, VikingCloud's Director of Managed Compliance Services APAC, amongst other cybersecurity and compliance expert advisors, we explore the nuances of various compliance standards and the latest in cybersecurity news, trends and threats. New episodes every two weeks! CyberIntel is presented by VikingCloud. VikingCloud is leading the Predict-to-Prevent cybersecurity and compliance company, offering businesses a single, integrated solution to make informed, predictive, and cost-effective risk mitigation decisions - faster. VikingCloud is the one-stop partner trusted by 4+ million customers every day to provide the predictive intelligence and competitive edge they need to stay one step ahead of cybersecurity and compliance disruption to their business. 

A strong foundation for your law firm should be built on sensible cybersecurity policies and procedures. What should that look like? Sharon Nelson and John Simek have a conversation with Mike Maschke about best practices for establishing effective security for your business. Mike walks listeners through a variety of security considerations to be aware of and explains staff training needs, Zero Trust Architecture, keeping software current, encryption protocols, and much more.  Mike Maschke is the chief executive officer and director of cybersecurity and digital forensics at Sensei Enterprises, Inc.

A strong foundation for your law firm should be built on sensible cybersecurity policies and procedures. What should that look like? Sharon Nelson and John Simek have a conversation with Mike Maschke about best practices for establishing effective security for your business. Mike walks listeners through a variety of security considerations to be aware of and explains staff training needs, Zero Trust Architecture, keeping software current, encryption protocols, and much more.  Mike Maschke is the chief executive officer and director of cybersecurity and digital forensics at Sensei Enterprises, Inc.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies. The post IPv6 Buzz 136: IPv6 And Zero Trust Architecture appeared first on Packet Pushers.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies. The post IPv6 Buzz 136: IPv6 And Zero Trust Architecture appeared first on Packet Pushers.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies.

In this episode Tom and Scott explore Zero Trust Architecture (ZTA), where it aligns (and doesn't) with IPv6, and what the future might hold for both technologies. The post IPv6 Buzz 136: IPv6 And Zero Trust Architecture appeared first on Packet Pushers.

Dive into the intriguing world of Zero Trust and Digital Trust with Rebekah Johnson and Dean Coclin, Sr. Director of Business Development and Trust Specialist at DigiCert! Experience the thrilling surge in the adoption of the Zero Trust approach and dive into a discussion that underscores the vital need for a global agreement on trust standards. From the validation of identities in online transactions and emails to a riveting exploration of the Federal Government's push for a Zero-Trust Architecture, we're shedding light on a more secure future!

Compliance, maturity levels, edge computing Some people think the television phrase, “Set it and forget it” applies to Zero Trust. Today's discussion throws that notion out the window. The interview takes a deep dive into how an agency can move to a Zero Trust Architecture.  Three experts discuss compliance, maturity levels, and the role of edge computing. The conclusion is obvious: Zero Trust is a serious, constantly evolving methodology and federal leaders must take advantage of every resource possible to gain a thorough understanding of the process. Jennifer Franks from the GAO points out that Zero Trust is not a new concept and the federal government has all kinds of reference materials to support leaders. She lists information from DISA, NIST, the DoD as well as the OMB. She reminds listeners that there is a maturity model associated with Zero Trust change --  and leaders must be aware of revisions to these documents.  Jennifer reminds the audience of the recent upgrade to the DISA model that adds more maturity levels. Guidance is nice, but where to start? During the interview, Wayne Rogers talks about looking at your respective agency's situation and doing a gap analysis. Once that is complete, then one can set priorities.  For example, when he used this process, his agency identified a weakness in their VPN system.  He prototyped a transition to Secure Access Service Edge and then deployed it across the agency. Probably the best quote from this interview was provided by Akamai's Tony Lauro. He said, “Security has to work despite users.”  He is referring to the base concept behind Zero Trust – an automated system that can identify threats and provision resources with appropriate access levels that can have nothing to do with end users acting themselves.  Ron Popeil's catchphrase may work on television, but not in today's federal government.    Twitter:  @FedInsider LinkedIn:    https://www.linkedin.com/company/fedinsider/ Facebook:   https://www.facebook.com/FedInsiderNews

Zero trust architecture has the potential to improve an enterprise's security posture. There is still considerable uncertainty about the zero trust transformation process, however, as well as how zero trust architecture will ultimately appear in practice. Recent executive orders have accelerated the timeline for zero trust adoption in the federal sector, and many private-sector organizations are following suit. Researchers in the CERT Division at the Carnegie Mellon University Software Engineering Institute (SEI) hosted Zero Trust Industry Days to enable industry stakeholders to share information about implementing zero trust. In this SEI podcast, CERT researchers Matthew Nicolai and Nathaniel Richmond discuss five zero trust best practices identified during the two-day event, explain their significance, and provide commentary and analysis on ways to empower your organization's zero trust transformation. 

 “We already have Zero Trust,” what to do when broke, and Beyond Thunderdome Today, we look at how the DoD is implementing Zero Trust Architecture.  We will see some areas that deployed ZTA before it was mandated; some teams that couldn't afford ZTA, and finally, a look at something called Thunderdome that may allow the department to reduce the adoption time from five years to one year. Rick Simon is the cyber portfolio manager at the Defense Innovation Unit in Mountain View, California. Their mission is to reach out to commercial organizations and seek innovative ways to solve problems in the DoD.  Because of the risk of connecting to outside environments, since its inception, the DIU has always implemented Zero Trust principles before they were released into an initiative.  When you listen to the interview, Robert Kimball describes a group in the Army that wanted to move to Zero Trust because they were constantly failing penetration tests.  They had no money, so they did a “field expedient” and assembled the tools they had and, with this new configuration, managed to resist a red team penetration test. The military never fails to impress with names for projects, DISA's project Thunderdome fits the bill. Rick Simon explains how it is a prototype that combines secure access with a wide range of technologies using Zero Trust as the approach to security.  This project can allow the military to drastically reduce the time to implement Zero Trust. Captain Patrick Thompson from the Coast Guard reinforces the concept that the cloud will give leaders the tools to move to zero trust, allowing people to get their jobs done at the speed of need even in areas of denied movement. The concept of Zero Trust is confusing, listen to the interview to get several approaches; one may work for your agency. Twitter:  @FedInsider LinkedIn:    https://www.linkedin.com/company/fedinsider/ Facebook:   https://www.facebook.com/FedInsiderNews  

Today, Nathan Howe, the VP of Emerging Technology and 5G at Zscaler, makes a return appearance to delve into the increasingly relevant topic of Zero Trust architecture. In an era marked by hybrid workforces, global economic instability, and evolving cybersecurity threats, Nathan explains how Zero Trust architecture serves as more than just a security measure, transforming into a potent business solution delivering resilience, superior performance, and cost reductions. The conversation kicks off with an in-depth discussion on the concept of Zero Trust architecture – the application of least privilege in computing to safeguard business assets, ensuring only authorized entities can access specific applications and data sets. Neil and Nathan then explore why Zero Trust architecture deserves a priority spot on the C-suite agenda and why businesses can ill afford to overlook it. Moving on, Nathan provides fascinating insights into the numerous benefits of adopting Zero Trust architecture for businesses, including enhanced security, improved resilience, boosted performance, and decreased costs. Drawing from Zscaler's experience, he shares real-world examples of how their Zero Trust platform empowered organizations to eliminate inbound VPN services, thus reducing exposure risks. Nathan then delves into the concept of policy-based steering and Zscaler's ability to forge direct paths for workloads, citing key trends in cloud security like the shift towards edge compute and AI usage.  Don't miss out on this insightful exploration of Zero Trust architecture with Nathan Howe. Tune in and stay updated on the latest in emerging technology and cybersecurity trends. If you enjoyed the episode, please rate us on your preferred podcast platform and share it with other tech enthusiasts!

Krista Macomber, Senior Analyst, Data Protection and Security at The Futurum Group explores the importance of SaaS Data Protection and the use of API. We also dive into automating disaster recovery processes, implementing multi-factor authentication, zero trust architecture, and immutability for stronger security.

If you can distill today's cybersecurity recommendations down to one word, that word me be “trust.” We have Executive Orders that talk about “trust” in digital architecture.  Look at the motto for today's enterprise architecture, “Zero Trust Architecture.” The way most of us apply this trust is to garden a variety of humans. This may involve using some kind of a.” system to assure that a person is a human they represent themselves to be. Kevin Bocek from Venafi states machines interact on networks more than humans.   It seems warmer to call them “nonperson entities,” but no matter what nomenclature you use these machines are subject to the same foibles as humans, even something as mundane as not working. During the interview today, Kevin Bocek answers questions federal technology professionals may have when it comes to why they should be concerned.  This is especially true when it comes to working in a cloud-native world. Kevin points out that many may be familiar with a concept like Software Development Lifecycle but may not realize that we also have a Certificate Lifecycle that needs to be managed.  He mentions the popular idea of including cybersecurity concepts early in the development process, what is known as “shift left.” Traditionally, developers are under the gun to produce code in a typical production process.  As a result, it is possible that they may not want to waste time with the laborious manual process of requesting and deploying machine identities. One approach might be to use systems that automate that process before the code is deployed.  Looking at your federal network and considering machine identity can be the first step in a zero-trust journey. Follow John Gilroy on Twitter @RayGilray Follow John Gilroy on LinkedIn  https://www.linkedin.com/in/john-gilroy/ Listen to past episodes of Federal Tech Podcast  www.federaltechpodcast.com  

André Kearthland, Solutions Architect at Netsurit explores the importance of implementing cloud services securely and migrating data to public clouds like Microsoft Azure. Emphasizing the significance of a Zero Trust architecture, he sheds light on common mistakes and the need to verify user identity before granting access.

The Department of Homeland Security's U.S. Citizenship and Immigration Services will be leveraging machine learning to make decisions on trusted users and devices for a more real-time zero trust model. USCIS Chief Information Security Officer Shane Barney said at a recent FedScoop event that his agency is going to be developing a more fluid and adaptive cybersecurity model. At the Zero Trust Summit produced by CyberScoop, Barney joined a panel with CGI's Chris Lavergne moderated by Scoop News Group's Mike Farrell to discuss the evolution of zero trust architecture across government. Executive Order 14028 turns two years old this May. The Biden Administration EO on Improving the Nation's Cybersecurity has been a spark plug for federal agencies to develop formal zero trust architecture implementation plans and to prioritize the adoption of cloud technologies. Also at Zero Trust Summit, Centers for Medicare and Medicaid Services CISO Robert Wood explains how the EO helped shape his organization's cybersecurity strategy. The Daily Scoop Podcast is available every Tuesday and Thursday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Google Podcasts, Spotify and Stitcher. And if you like what you hear, please let us know in the comments.

Cloud Security Podcast - This month we are talking about "Building on the AWS Cloud" and next up on this series, we spoke to Alexis Robinson (Alexis's Linkeidn), Senior Manager, Regulatory Compliance at AWS. FEDRAMP AWS environment can be made easy with the right security assessment framework for your organization. Alexis shared lessons and talk about How AWS Customers can prepare to increase their chances of getting FedRamp certified. Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Alexis Robinson (Alexis's Linkeidn) Podcast Twitter - @CloudSecPod @CloudSecureNews If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security News - Cloud Security BootCamp Spotify TimeStamp for Interview Questions (00:00) Introduction (05:35) A bit about Alexis (08:20) What is FedRAMP and why people care about it? (11:05) Scope of companies included in FedRAMP? (13:12) Zero Trust Architecture and FedRAMP (14:07) The concept of Controlled Inheritance (15:43) Working with Authorising Officials (16:44) Working with Security Control Officers (17:46) AO Checklist to full compliance (20:42) Conflicts in FedRAMP (25:59) Common pitfalls to avoid on FedRAMP Journey (31:38) The anti-patterns in getting FedRAMP Compliant (35:34) FedRAMP is not just GovCloud (38:12) Requirements with FedRAMP (39:48) Where do people fall short with FedRAMP? (41:26) How to make FedRAMP more developer friendly? (44:17) How is FedRAMP different for Govcloud? (47:21) What skillsets do you require in a team for FedRAMP? (49:07) How to learn about FedRAMP (53:09) Fun Questions See you at the next episode!

Work that once required employees to securely check into a building is now widely distributed around the world, as workers log in from local coffee shops and home networks. Traditional cybersecurity is no longer adequate. In response, zero trust architecture is on the rise.Shelby Skrhak chats with Cisco's cybersecurity experts Gauri Khanna, Keyonna Brown and Lundy Shiue about:Zero trust architecture: what it is and what to expectThe industry shift towards zero trustSpecific impacts on government and educationTo join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalkListen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts or Stitcher. Or, tune in on our website.

Jim and Jeff talk with Ken Myers, Director in the Identity Assurance and Trusted Access Division for the GSA, and Ross Foard, IT Specialist in the INFOSEC group of Cybersecurity and Infrastructure Security Agency (CISA), about the GSA & CISA PAM Playbook. Connect with Ken: https://www.linkedin.com/in/idmken/ Connect with Ross: https://www.linkedin.com/in/ross-foard/ Privileged Identity Playbook: https://playbooks.idmanagement.gov/playbooks/pam/ Implementing a Zero Trust Architecture (2nd Preliminary Draft): https://csrc.nist.gov/publications/detail/sp/1800-35/draft Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at idacpodcast.com and follow @IDACPodcast on Twitter.

All links and images for this episode can be found on CISO Series Uggh, just saying "zero trust" sends shivvers down security professionals' spines. The term is fraught with so many misnomers. The most important is who are you going to trust to actually help you build that darn zero trust program? Are you going to look at a vendor that's consolidated solutions and has built programs like this repeatedly or are you going to look for the best solutions yourself and try to figure out how best to piece it together to create that "zero trust" program? This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our sponsored guest is David Chow, global chief technology strategy officer, Trend Micro. Thanks to our podcast sponsor, Trend Micro Trend Micro Cloud One, a security services platform for cloud builders, delivers the broadest and deepest cloud security offering in one solution, enabling you to secure your cloud infrastructure with clarity and simplicity. Discover your dynamic attack surface, assess your risk, and respond with the right security at the right time. Discover more! In this episode: Why is the term “zero trust” fraught with so many misnomers? Is there such a thing as privacy anymore? Do you agree with the term “good enough”, and if so what is a "good enough" factor, what does it entail, and what should we expect from that? Where has the United States done the most to improve national cybersecurity?