The Cyber Kitchen: TrustNet Cybersecurity Podcast

Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz.“Controls aren’t mandatory by default. Justification is.”In this episode, Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 2), Jamie and Trevor build on the foundations introduced in Part 1 and go deeper into how ISO 27001 controls are engineered in modern cloud-first environments. The focus shifts to operational maturity, covering SaaS governance through defined exit strategies, secure CI/CD pipelines with shift-left practices, and continuous validation through dynamic testing and API discovery.From data masking in non-production environments and immutable logging to anomaly-based monitoring, secrets orchestration, and automated key rotation, the conversation highlights how controls must be continuously validated, not just implemented. Take the conversation further:* TrustNetInc.com* https://www.linkedin.com/company/trustnet-inc* https://www.linkedin.com/in/trevorhorwitz/* https://www.linkedin.com/in/jamie-kerem* [email protected] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz.“RSA Conference is always fascinating because you get the marketing on the main stage, but the real insights come from conversations between CISOs trying to solve the same problems.”In this episode, RSAC 2026: The Real GRC Conversations Happening Behind the Booths, Jamie and Trevor unpack the key Governance, Risk, and Compliance themes emerging from RSA beyond the vendor headlines. Drawing from real conversations happening in hallways and side meetings, the discussion highlights how security leaders are shifting their focus from tools to governance, accountability, and enterprise-wide risk.From AI governance and third-party risk to accelerating regulations and identity as the new control layer, the episode explores how organizations are being pushed to rethink how they manage and communicate risk. It also reflects the broader shift of cybersecurity into enterprise risk governance, where decisions are increasingly tied to business impact and board-level visibility.Take the conversation further:* TrustNetInc.com* https://www.linkedin.com/company/trustnet-inc* https://www.linkedin.com/in/trevorhorwitz/* https://www.linkedin.com/in/jamie-kerem* [email protected] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz.“ISO 27001 controls will never make you secure. It’s the discipline behind selecting and operating those controls that will.”In this episode, Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 1), Jamie and Trevor move from theory into the operational reality of ISO 27001 controls. They break down the four control domains and explain how modern security programs translate risk decisions into operational safeguards.From attribute-driven control design and dynamic asset inventories to identity lifecycle management, privileged access, endpoint posture validation, physical access monitoring, vulnerability orchestration, and network segregation, the conversation explores how mature environments actually engineer controls in cloud-first systems.Watch the full PART 1 episode now and keep an eye out for PART 2. Take the conversation further:* TrustNetInc.com* https://www.linkedin.com/company/trustnet-inc* https://www.linkedin.com/in/trevorhorwitz/* https://www.linkedin.com/in/jamie-kerem* [email protected] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

Read supplementary articles on ISO 27001 from TrustNet's blog:ISO 27001: IntroductionISO 27001: RequirementsISO 27001: ImplementationTalk to our ISO 27001 experts: https://trustnetinc.com/iso-27001/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

Welcome to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet's Jamie Kerem with CISO and founder, Trevor Horwitz. In this episode, SOC 2 Cookbook: Recipes for Success, Jamie and Trevor serve up a practical SOC 2 guide for business leaders, covering what SOC reports mean, how Type 1 differs from Type 2, what belongs in your scope, and how to avoid the biggest compliance pitfalls. Packed with clear explanations and real-world insights, this episode turns SOC 2 into a strategic ingredient for trust, growth, and smoother enterprise deals.Take the conversation further: TrustNetInc.comhttps://www.linkedin.com/company/trustnet-inchttps://www.linkedin.com/in/trevorhorwitz/https://www.linkedin.com/in/[email protected] This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com