Zero Trust Journey

In this episode, host Tiernan O'Malley sits down with Rachel Curran, GRC practitioner and founder of Locktivity, to unpack the complexities of Governance, Risk, and Compliance (GRC) in a cloud-first world.We dive deep into why third-party risk management cannot just be a "check-the-box" compliance exercise and how organizations must shift their focus from merely assessing vendors to actively managing how they interact with them.What You’ll Learn:◈ The Fallacy of the Checklist: Why passing an audit doesn't automatically equal operational security.◈ Continuous vs. Point-in-Time: The true value of SOC 2 audits and where continuous monitoring actually needs to step in (like catching missing 2FA).◈ Quantifying Risk for Leadership: How to move beyond dollar amounts and make cyber risk personal and relatable to the C-suite.◈ Silent Attack Vectors: The danger of stale OAuth tokens, unenforced SSO, and secrets left in commit histories.Key Moments:02:40 ➔ The Breach Reality: Why assessing vendors to completely avoid breaches is impossible, and why impact mitigation is the real goal.05:43 ➔ The Snowflake Example: How point-in-time audits often miss critical dynamic configurations like 2FA.10:53 ➔ Personalizing the Threat: How agentic AI integrations exposed a CEO's tax history—and why that changes the security conversation.16:36 ➔ The OAuth Danger: Why leaving unused OAuth tokens active is like leaving your front door open while on vacation.18:34 ➔ Warning Signs: How M&A activity, mass layoffs, and vendor evasiveness can predict upcoming security risks.🎙️ Meet the Guest:Rachel Curran is a GRC practitioner with over a dozen years of experience building SOC 2 and ISO security programs for startups. She is the founder of Locktivity, a platform focused on helping companies understand where their true third-party risk lies and how to proactively limit impact.➔ LinkedIn: Rachel Curran➔ Locktivity: locktivity.comAbout the Host:Host: Tiernan OMalley, Framework SecuritySubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Erin Logue Smith, leader of Governance, Risk, and Cyber Strategy at World Wide Technology (WWT).We dive deep into the dangerous gap between checking the compliance box and achieving actual security, how the regulatory landscape is shifting to hold executives personally accountable, and how a legal background investigating faulty convictions translates into building robust cyber resilience.What You’ll Learn:◈ Compliance vs. Safety: Why having regulatory frameworks in place doesn't automatically mean your organization is secure from a breach.◈ The Executive Friction: How to handle C-suite pushback when security protocols clash with user convenience.◈ The Cyber Insurance Shift: Why brokers are getting smarter, utilizing AI gap analysis, and demanding tabletop exercises before underwriting policies.◈ The Investigative Edge: How analyzing evidence at the Innocence Project directly mirrors uncovering the root causes of a devastating cyber incident.Key Moments:02:49 ➔ The C-Suite Problem: When executives want security on paper but refuse to adopt the friction themselves.05:06 ➔ The Accountability Era: Why the SEC and boards are firing executives for claiming "I didn't know."07:47 ➔ Insurance Brokers Level Up: Why the days of insurers blindly paying out for preventable breaches are over.11:17 ➔ Courtroom to Boardroom: How an investigative legal mindset sets you apart in the cybersecurity industry.🎙️ Meet the Guest:Erin Logue Smith leads Governance, Risk, and Cyber Strategy at World Wide Technology (WWT). With a unique foundation holding a JD and early career experience at the DA's office and the Innocence Project, Erin brings an unparalleled investigative and regulatory perspective to cybersecurity. She previously served as a Field CTO at Dell Technologies specializing in cyber resilience and spent a decade managing international data privacy at PNC.➔ LinkedIn: https://www.linkedin.com/in/erin-logue-smithSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Craig Taylor, former CISO at JP Morgan Chase and Vistaprint, and the founder of Cyber Hoot.We are throwing out the old playbook. If your security awareness program relies on "shocking" or punishing employees for clicking phishing links, you are fighting a losing battle. Craig explains why the future of cyber literacy lies in psychology, gamification, and giving employees the right tools to build muscle memory against AI-powered threats.What You’ll Learn:◈ The Power of Rewards: Why behavioral psychology proves that positive reinforcement and gamification are far more effective than the traditional "three strikes" punishment model.◈ Mastering the P.A.R. Method: How to train your workforce to Pause, Assess, and Report—turning a split-second reaction into a calculated defense mechanism.◈ Solving Human Problems: Why we need to stop applying binary (0/1) IT solutions to complex human behaviors.◈ AI-Powered Phishing: How attackers are using GenAI to create hyper-personalized lures, and why the P.A.R. method is your best defense against flawless social engineering.Key Moments:02:57 ➔ The Effectiveness Gap: Why annual compliance training shows zero correlation with reduced phishing failures.06:07 ➔ The "Dog Training" Analogy: What B.F. Skinner can teach us about using rewards over punishments in cybersecurity.07:11 ➔ THE QUOTE: "We are trying to solve a human problem with zero one binary solutions."12:41 ➔ Building Muscle Memory: How the Pause, Assess, Report (P.A.R.) framework stops AI-generated phishing in its tracks.🎙️ Meet the Guest:Craig Taylor is a seasoned cybersecurity leader and former CISO for organizations like JP Morgan Chase, Vistaprint, and Neoscope. Armed with a background in psychology and decades of IT experience, Craig founded Cyber Hoot, a learning management platform dedicated to re-engineering cyber literacy through positive reinforcement and behavioral science.➔ LinkedIn: https://www.linkedin.com/in/craigmtaylorSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

We dive deep into the dark side of Generative AI, exploring how attackers are leveraging Generative Adversarial Networks (GANs) to bypass authentication, and why defining "AI Security" requires much more than just a buzzword.What You’ll Learn:◈ Weaponized AI: How deepfakes, voice cloning, and AI note-takers are disrupting the identity perimeter and creating new insider threats.◈ The User Burden: Why end-users inevitably bear the brunt of corporate security failures and the rising risk of synthetic identities.◈ Zero Trust for AI: Strategies for isolating anomalies, maintaining visibility, and managing the risks of agentic AI.◈ The AI Security Menu: Breaking down the 5 distinct types of AI security—from consuming commercial LLMs to building proprietary models.Key Moments:01:36 ➔ The Deepfake Threat: Why your voice could be used to bypass security protocols.09:59 ➔ Zero Trust vs. AI: The critical importance of visibility, discoverability, and continuous monitoring.12:26 ➔ Third-Party Risk Management for LLMs: Moving beyond basic vendor checks to test for prompt injection and token manipulation.14:48 ➔ The AI Security Menu: How to classify your AI risk footprint.08:04 ➔ THE QUOTE: "Even if you don't think you have an online presence, you do in some way."Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of the Zero Trust Journey, Dr. Victor Monga is joined by Kayne McGladrey, a veteran systems engineer and CISSP who has spent his career securing high-stakes environments—from American Idol voting systems to defense industrial base firms.We move past the buzzwords to discuss the gritty reality of ripping out legacy "flat" networks and replacing them with Zero Trust architectures that actually improve performance while reducing liability. Kayne breaks down why the private sector continues to struggle with risk and how the rise of Agentic AI is changing the identity landscape in 2026.What You’ll Learn:◈ The "Flat Network" Nightmare: Why open cable trays and unlabeled wires are a recipe for disaster.◈ The Business of Trust: How to use Zero Trust as a competitive advantage to command premium pricing.◈ Redefining "System": Why your web server isn't the system, but your accounts payable process is.◈ AI and the "Circle of Failure": Navigating the FOMO of Agentic AI without giving root access to the unknown.◈ Building Muscle Memory: Why the best incident response teams train like professional athletes.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

What You'll Learn:▶ The "Vibe Coding" Illusion: Why using AI to build end-to-end web applications works perfectly for a month, but ultimately collapses into uncompilable loops under its own complexity.▶ Object-Oriented vs. Functional AI: Understanding why Large Language Models (LLMs) struggle with piecing together complex object-oriented puzzles, and how real engineers use AI for targeted, functional modules instead.▶ AI in Critical Infrastructure: Why blindly deploying AI-generated code into healthcare, financial, or critical systems is professional negligence, and why every single line of code still needs human justification.▶ The Model Context Protocol (MCP) Fad: Why the highly hyped MCP might just be a passing trend destined to fail outside of decentralized utopias, and why traditional REST APIs are here to stay.▶ AI is More Than ChatGPT: A look back at the last 20 years of AI research and why traditional machine learning and automated planning still hold massive, untapped potential outside of the LLM spotlight.This episode is a must-listen for enterprise executives, project managers, and security practitioners looking to separate AI marketing fluff from the actual realities of modern software engineering.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Jamie Fitz-Gerald, VP of Product Management at Okta.We dive deep into why identity has become the new perimeter and why the biggest risk to your organization isn't just a lack of tools—it's the effectiveness of the ones you already have.What You’ll Learn:The Identity Perimeter: Why attackers have stopped "breaking in" and started "logging in."System Resilience: Lessons from electrical engineering on surviving 1, 2, and 3-point failures.Productivity vs. Security: How to balance the "padlock on the door" with a seamless user experience.The Effectiveness Gap: Why having the best tools doesn't mean you're secure if you aren't testing them.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

"Zero Trust is not a journey where you have to spend a lot of money upfront before you can get started. In almost every case, you just need to use what you have better."In this workshop-style episode of the Zero Trust Journey, Dr. Victor Monga sits down with Jason Garbis and Jerry Chapman from Numberline Security. They move beyond the theory to conduct a live Zero Trust assessment of a fictitious company, "Precision Dynamic Manufacturing" (PDM). From "sticky note" admin passwords to flat networks where CNC machines and Wi-Fi guests coexist, Jason and Jerry map out a practical, no-fluff roadmap to maturity.IN THIS EPISODE, WE COVER:The ZTMM+ Framework: Why the standard CISA model needed an upgrade and how "Governance" acts as the critical glue across all five security pillars.The PDM Case Study: A deep dive into an SMB with 200 employees—evaluating the risks of an IT stack built by the "neighbor's kid" and how to secure it before a CMMC audit.MFA is Non-Negotiable: Jerry breaks down the journey from simple SMS codes to phishing-resistant authentication and why it’s the single most important move for identity.Stop Buying, Start Configuring: How to leverage your existing Microsoft Entra ID (Azure AD) stack to achieve Zero Trust principles without a massive capital investment.Network Segmentation for OT: Practical strategies for isolating "crusty" legacy hardware and CNC machines from the rest of the enterprise to stop lateral movement.Building External Trust: How a mature Zero Trust posture directly impacts your ability to secure cyber insurance and win contracts with security-conscious partners.Connect with the Guests:Jason Garbis: https://www.linkedin.com/in/jasongarbisJerry Chapman: https://www.linkedin.com/in/jerrychapmanSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

"We don’t have a tools problem in cybersecurity anymore. We have an effectiveness problem."In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Snehal Antani, CEO and Co-Founder of Horizon3.ai and former CTO at the US Department of Defense. Snehal reveals the shocking data gathered from over 200,000 autonomous pen tests: why enterprises spend $18 billion on endpoint security yet continue to see breaches rise.▶ IN THIS EPISODE, WE COVER:▶ The 1-in-14,000 Risk: How a single misconfigured agent led to a full domain compromise.▶ The "Big 4" EDR Reality Check: Snehal breaks down out-of-the-box effectiveness for CrowdStrike, SentinelOne, Sophos, and Windows Defender.▶ Credential Pivoting vs. Malware: Why 97% of successful "RAT" deployments use harvested credentials, not CVE exploits.▶ The "Monday Morning Battle Rhythm": How to build a continuous validation loop between your Red and Blue teams.▶ Vendor Truth: Why "Professional Services" are often just a band-aid for product design gaps.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Co-Host: Zach Pugh (https://www.linkedin.com/in/zachary-pugh)Co-Host: Steve Turner (https://www.linkedin.com/in/beingageek)What You'll Learn:The SMB Target on Your Back: Why believing you are "too small to be targeted" is a fatal error, and why cybercriminals actively hunt for SMBs with weak defenses.Zero Trust on a Budget: How to implement Zero Trust principles—focusing on identity and context rather than just technology—without needing a massive security team or budget.The First Line of Defense: Why Multi-Factor Authentication (MFA) is the non-negotiable first step for any SMB looking to secure their infrastructure.Compliance vs. Security: Understanding why compliance is just a baseline, and how Zero Trust helps you meet standards while actually securing your assets.Asset Visibility: Why you cannot secure what you don't know you have, and the importance of managing assets to prevent devastating financial loss.This episode is a must-listen for SMB owners, IT generalists, and security practitioners looking to build a resilient security posture that protects against the devastating costs of a data breach.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – Oct 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.cio.gov/zero-trust-data-security-guide-may2025/--| https://www.meritalk.com/articles/pentagon-to-release-updated-zero-trust-strategy-by-end-of-year/--| https://govciomedia.com/federal-zero-trust-forum/--| https://www.cisa.gov/topics/cybersecurity-best-practices/zero-trust--| https://www.securityweek.com/socure-acquires-risk-decisioning-company-effectiv-for-136m/--| https://news.sophos.com/en-us/2024/10/21/sophos-to-acquire-secureworks-to-accelerate-cybersecurity-services-and-technology-for-organizations-worldwide/--| https://therecord.media/pokemon-video-game-developer-game-freak-confirms-data-breach--| https://thehackernews.com/2024/10/cloudflare-thwarts-largest-ever-38-tbps.htmlSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: James Plouffe (https://www.linkedin.com/in/jamesplouffe)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)In this essential episode, host Dr. Victor Monga sits down with James Plouffe, Principal Analyst at Forrester, to tackle the bold claim that "Zero Trust without testing is a lie."James, who also served as a Technical Consultant on the hit TV show Mr. Robot, shares his expert perspective on why security leaders are experiencing Zero Trust fatigue and how they can prove their progress.What You'll Learn:Zero Trust is a Journey, Not a Destination: Why viewing Zero Trust as a project you can "finish" is fundamentally flawed.The Critical Gap: Why continuous security validation and testing controls are the single most important factors in a Zero Trust strategy.Operationalizing MITRE ATT&CK: How to shift away from old audit checklists and use frameworks like MITRE ATT&CK to create demonstrable proof of your defenses.Overcoming the "People Problem": Strategies for getting buy-in from long-time employees and successfully implementing controls like micro-segmentation without causing friction.The Biggest Win for Least Lift: Where security leaders should invest their resources first to achieve the highest impact (Hint: It’s all about Identity and MFA).Hacking Hollywood: James shares his experiences ensuring technical accuracy on the set of Mr. Robot and meeting actor Rami Malek.This episode is a must-listen for CISOs and security practitioners looking to move beyond theory and build a tangible, well-tested, and effective Zero Trust architecture.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

00:00 Introduction to SMB Cybersecurity Challenges02:43 The Importance of Securing SMBs05:32 Lack of In-House Expertise in SMBs08:23 The Cybersecurity Buying Journey for SMBs11:15 Decision-Making in Cybersecurity Purchases14:18 Cost of Inaction vs. Cost of Protection17:03 The Role of AI in Cybersecurity for SMBs20:06 Advice for SMB Leaders on Cybersecurity InvestmentsGuest: Ken Yao (https://www.linkedin.com/in/kennethyao)Guest: Martin Rivera Neuhaus (https://www.linkedin.com/in/martinriveran)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Protect Your Business and Your Partners! Small and Medium Businesses (SMBs) make up 99.9% of US businesses, but 60% lack a dedicated cybersecurity expert. This leaves them vulnerable—and makes them a massive weak link in the global supply chain.In this vital episode of the Zero Trust Journey podcast, Dr. Victor Monga is joined by Martin Rivera, CEO of Enstall Technologies, and Ken Yao, CEO of Cybers, to discuss the unique challenges SMBs face when trying to buy, implement, and manage cybersecurity solutions.This is a must-listen for every SMB owner, CEO, or business leader who handles sensitive data or is part of a larger supply chain. Learn how to make smart, pragmatic security investments even without an in-house CISO.Highlights:--| The Cost of Inaction: Why getting breached is often a death sentence for an SMB, contrasted with the recovery resources available to large enterprises. --| Minimal Viable Security: How SMBs can determine their "good enough" security posture and make strategic bets to stay ahead of threat actors. --| The Buying Lifecycle: Who is the decision-maker for security at a small company (CEO vs. CFO/CTO) and the 5 key factors that drive their purchasing decisions (cost, functionality, UX, compatibility, and support). --| The CISO Communication Gap: Why technical leaders often fail to secure budget from the CEO, and how to quantify risk in simple business terms (e.g., millions in lost revenue) to get buy-in. --| The AI Promise: How AI-driven tools can potentially bridge the massive skill gap and help non-IT trained staff manage complex security tools.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode, we dive deep into the organizational and cultural roadblocks of Zero Trust with Mark Simos, Lead Cybersecurity Architect at Microsoft. Mark, a veteran who has spent over 25 years helping enterprises operationalize security, reveals why failure in Zero Trust often stems not from technical missteps, but from a fundamental misunderstanding of roles, responsibilities, and business incentives. He shares the journey of evolving from a technical expert to a "storyteller" and how that shift is essential for CISOs today.Guest: Mark Simos (https://www.linkedin.com/in/marksimos)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Co-Host: Dr. Victor Monga (https://www.linkedin.com/in/beingageek)Mentioned Resources:Mark Simos on LinkedIn: https://www.linkedin.com/posts/marksimos_security-doesnt-get-better-until-we-correct-activity-7376623700508418048-yEDF?utm_source=share&utm_medium=member_desktop&rcm=ACoAABKQrw8BhNT_WGckKwwZ1zNfi6UkyFkMpZUThe Open Group Security Roles and Responsibilities Standard: https://www.opengroup.org/open-group-july-virtual-event-explore-open-digital-standards-across-industriesMicrosoft Cybersecurity Reference Architecture (MCRA): https://learn.microsoft.com/en-us/security/adoption/mcraHighlights:--| The Two Broken Assumptions: How Zero Trust changes the assumption that the firewall is enough, and—crucially—that security is only the security team's job.--| The CISO's Trap: Why technical CISOs often fail and get rotated out when they talk "speeds and feeds" instead of connecting security to business risk and outcomes.--| Accountability vs. Blame: The critical difference leaders must understand to stop the cycle of finger-pointing and achieve real change.--| The Microsoft SFI Example: How linking executive pay and incentive structures to security metrics drives cultural change across the organization.--| The Role of the Storyteller: Mark's realization that communicating complex technology requires narrative skills to land concepts with business leaders.--| The Future of Jobs: How AI will augment and change tasks, but the fundamental jobs to be done in security (and the need for human expertise) will remain.--| One Key Piece of Advice: The single most important thing a CISO or architect can do to modernize their org structure around Zero Trust.This episode is a must-listen for anyone struggling to move their Zero Trust initiative beyond the technical implementation phase. Mark provides a clear roadmap for embedding security accountability throughout the entire business.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – Aug 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://blog.reemo.io/september-2025-cyber-outlook--| https://industrialcyber.co/cisa/cisa-unveils-zero-trust-guidance-to-safeguard-connected-communities--| https://www.justice.gov/opa/pr/lockergoga-megacortex-and-nefilim-ransomware-administrator-charged-ransomware-attacks--| https://www.meritalk.com/articles/pentagon-to-release-updated-zero-trust-strategy-by-end-of-year--| https://www.swktech.com/swk-cybersecurity-news-recap-september-2025--| https://tech.co/news/data-breaches-updated-list--| https://www.fedinsider.com/hot-topics-in-cybersecurity-day-3-the-importance-of-zero-trust-architecture--| https://www.cisa.gov/news-events/alerts/2025/09/23/widespread-supply-chain-compromise-impacting-npm-ecosystem--| https://www.cisa.gov/news-events/directives/ed-25-03-identify-and-mitigate-potential-compromise-cisco-devices--| https://therecord.media/ohio-ransomware-attack-impacts-45000--| https://www.globenewswire.com/news-release/2025/09/29/3157997/0/en/Rising-Cyber-Risks-Zero-Trust-Adoption-And-Cloud-Delivered-Security-Demand-Are-Driving-Strong-Momentum-In-the-Security-Service-Edge-Market-According-to-Astute-Analytica.htmlSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode, we cut through the marketing hype to reveal the strategic core of Zero Trust with Alex Sharpe, a 30-year cybersecurity veteran from the NSA, Booz Allen, and KPMG who co-authored the foundational "Zero Trust Guiding Principles" for the Cloud Security Alliance.Guest: Alex Sharpe (https://www.linkedin.com/in/alex-sharpe-3rd/)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Mentioned Resources:CSA Zero Trust Guiding Principles: https://cloudsecurityalliance.org/artifacts/zero-trust-principles-v-1-1CSA The Business Value of Zero Trust: https://cloudsecurityalliance.org/blog/2023/10/27/what-is-the-business-value-of-zero-trustHighlights:--| The Two Axes of Zero Trust: How every successful strategy boils down to managing Identity (likelihood) and Segmentation (impact).--| Why the "whack-a-mole" approach of chasing use cases instead of building a strategy is destined to fail.--| The Ransomware Effect: How the "stuff that was too hard" suddenly becomes the top priority after a major breach.--| Why compliance is just "table stakes"—the bare minimum—and is not the same as being secure.--| A clear first step for any organization: Why mastering access control for your most valuable assets is where the journey must begin.--| Beyond defense to true resilience: Shifting the mindset from just preventing breaches to ensuring the business remains viable amidst adversity.This episode is an essential listen for any leader tired of the fluff. It provides a clear, actionable framework for building a Zero Trust program that delivers measurable resilience and business value.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – Aug 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.illumio.com/blog/top-cybersecurity-news-stories-from-august-2025--| https://xage.com/blog/cyber-attack-news-august-2025/--| https://www.cybersecuritydive.com/news/government-zero-trust-migration-black-hat/756985/--| https://thehackernews.com/2025/08/new-rce-vulnerability-api-gateway.html--| https://www.bleepingcomputer.com/news/security/new-chronostealer-malware-bypasses-mfa-and-edr-tools/--| https://cloud.google.com/mandiant/m-trends/apt44-supply-chain-report--| https://krebsonsecurity.com/2025/08/massive-data-scraping-exposes-professional-data/Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode, we bridge the gap between Zero Trust theory and real-world deployment with Norman Wong, a key contributor to NIST's groundbreaking implementation guide (SP 1800-35).Guest: Norman Wong (https://www.linkedin.com/in/gahnormanwong)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)https://csrc.nist.gov/pubs/sp/1800/35/finalHighlights:--| Why the "if it ain't broke, don't fix it" mindset is the biggest barrier to Zero Trust adoption.--| Inside baseball from the NIST NCCoE project: how competitors like Palo Alto Networks, Cisco, and Zscaler collaborated to build a real-world Zero Trust architecture.--| The "crawl, walk, run" method: implementing Zero Trust incrementally without disrupting business operations.--| Beyond the user: why identity is crucial for visibility but isn't the only place to start your journey.--| The biggest trap organizations fall into: creating fragmented "Zero Trust silos" that don't integrate.--| Bringing a knife to a gunfight: How AI is becoming non-negotiable for defending against AI-powered attacks.An essential guide for any leader feeling overwhelmed by Zero Trust, this episode offers a practical roadmap for moving from planning and theory to a mature, measurable program.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode, we take on a candid debate: is Zero Trust a real strategy or just another layer of marketing? Guest Ken Yao challenges the industry’s favorite buzzword while unpacking what truly matters for building security programs.Guest: Ken Yao (https://www.linkedin.com/in/kennethyao)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Highlights:--| Why Ken sees Zero Trust as “Trust but Verify, minus the politeness.”--| The bear-chase analogy: benchmarking against peers instead of chasing perfection.--| Big GRC vs. little gRC—and why compliance alone is never enough.--| The danger of buzzwords overshadowing execution in contracts and programs.--| Why long-term trust, not short-term slogans, should guide strategy.--| Looking ahead: how AI could make security a “solved problem” in the next five years.A rare episode that puts Zero Trust under the microscope, weighing strategy against marketing and forcing us to ask—are we building real security, or just selling stories?Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – July 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.cisa.gov/news-events/alerts/2025/07/29/cisa-releases-part-one-zero-trust-microsegmentation-guidance--| https://thehackernews.com/2025/07/assessing-role-of-ai-in-zero-trust.html--| https://federalnewsnetwork.com/cybersecurity/2025/07/trump-admin-focuses-on-zero-trust-2-0-cybersecurity-efficiencies--| https://atis.org/press-releases/atis-advances-industry-cybersecurity-and-network-resilience-imperatives-in-zero-trust-architecture--| https://www.govtech.com/security/rhode-island-builds-zero-trust-center-of-excellence--| https://www.techradar.com/pro/how-ai-is-finally-erasing-the-security-vs-experience-tradeoff-that-has-plagued-enterprise-it-for-decades--| https://www.itpro.com/cloud/cloud-security/majority-of-engineers-bypass-security-controls-to-do-their-jobSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

00:00 Introduction to Zero Trust and Anupam's Background00:55 Evolving Perspectives on Zero Trust03:04 Common Misconceptions in Zero Trust Implementation05:32 Key Pillars of Zero Trust: Identity, Segmentation, and Control08:59 Cultural Challenges in Adopting Zero Trust11:29 The Role of Centralized Policy in Zero Trust13:32 AI and Automation in Security16:37 Future Security Challenges and the Role of AI18:27 Adapting Zero Trust Principles for AIIn this episode, we unpack how true Zero Trust isn't about controlling everything in one box — it's about creating a single source of policy truth, and pushing that enforcement to where users, devices, and data live.Guest: Anupam Upadhyaya (https://www.linkedin.com/in/anupamupadhyaya)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)Highlights:--| Why Zero Trust and least privilege are not the same thing—and why that matters.--| The three pillars every ZT program must get right: identity posture, segmentation, and security posture.--| Why centralized policy is key, even when enforcement is distributed across users, devices, and apps.--| How point solutions and disconnected consoles are the biggest blocker to Zero Trust success.--| The role of AI in reducing false positives—and why human feedback still matters.--| Future challenges: AI agents, faster ransomware, and the need to adapt ZT principles to emerging threats.Another Zero Trust Journey episode packed with strategic clarity, operational insight, and real-world lessons from the front lines—minus the marketing fluff.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: George Finney (https://www.linkedin.com/in/georgefinney/)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)In this episode, the host sit down with George Finney, CISO at the University of Texas System and bestselling author of Project Zero Trust and Rise of the Machines. George shares why Zero Trust isn’t a product or a marketing term—it’s a long-term security strategy that helps organizations reduce blind spots, shift culture, and stay resilient in the face of evolving threats.From his now-famous “jawbreaker” analogy to the difference between a concept and a true strategy, George breaks down what Zero Trust actually is—and what it’s not. Whether you're building from scratch or evolving your current program, this episode offers actionable insights that go beyond buzzwords.Highlights:--| Why Zero Trust is not just “trust but verify” rebranded—it's a complete shift in mindset.--| The “jawbreaker vs. M&M” metaphor and how to communicate Zero Trust across the org.--| Cultural blockers: why tech isn’t the hard part—people are.--| Measuring success: how to evaluate ZT maturity using visibility, segmentation, and blind spot reduction.--| Protect surface vs. attack surface: what defenders can control—and why it matters.--| A sneak peek into George’s new book, Rise of the Machines, and how AI fits into the Zero Trust future.Another Zero Trust Journey episode full of real-world experience, strategic clarity, and advice you can actually use—minus the vendor hype.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – June 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.techradar.com/pro/live/infosec-europe-2025-were-live-at-the-show-and-heres-everything-weve-seen--| https://federalnewsnetwork.com/cybersecurity/2025/07/trump-admin-focuses-on-zero-trust-2-0-cybersecurity-efficiencies--| https://timesofindia.indiatimes.com/business/cybersecurity/cyber-risks-in-financial-sector-rbi-calls-for-ai-aware-defence-and-zero-trust-approach-warns-of-systemic-threat-from-vendor-lock-ins/articleshow/122164857.cms--| https://www.illumio.com/blog/top-cybersecurity-news-stories-from-june-2025--| https://www.prnewswire.com/news-releases/keeper-security-wins-2025-fortress-cybersecurity-award-for-zero-trust-keeperpam-302471405.html-| https://community.sophos.com/zero-trust-network-access/b/announcements/posts/sophos-ztna-updates-for-june-2025👉 Learn more at: ztjourney.comSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: Jamie Kennedy (https://www.linkedin.com/in/jamiebrookekennedy)Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)🎙️ Thinking about starting a podcast? In this episode, we break down the real talk on launching your own show—without burning a hole in your wallet.From finding your niche to using smart tools and strategies, we cover what most "how to start a podcast" guides leave out. Whether you're just starting or refining your setup, these tips will save you time, money, and a lot of frustration.What you'll learn:--| Why passion and clarity of purpose matter before you hit "record"--| Budget-friendly tools and software that actually work--| How to promote your podcast using SEO, social media, and email lists--| The secret power of good show notes and clickable titles--| Why mistakes aren't failures—they're part of the process--| If you're ready to build something real (not just viral), hit play.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: Ben Tyminski Host: Dr. Victor Monga Co-host: Steve TurnerIn this episode, the hosts are joined by Ben Tyminski, a security architect whose hands-on experience spans from finance to media, and from traditional endpoints to the ever-expanding universe of OT and IoT. Ben breaks down why “endpoint” is a moving target in today’s Zero Trust landscape—covering everything from laptops and servers to containers, appliances, and industrial controls. If you think endpoint security is just about laptops, think again.Highlights: --| The evolution of endpoints: why they now include OT, IoT, containers, and even Fargate. --| Asset management and device posture: what’s actually possible in a hybrid, always-changing environment. --| Microsegmentation, host firewalls, and how real-world Zero Trust controls get deployed. --| Navigating the tension between super user/admin flexibility and organizational risk. --| Cross-industry lessons learned: why working closely with help desk and SOC unlocks smarter security.Another candid “Geek Show” discussion with technical deep-dives and real stories from the front lines of Zero Trust transformation.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: https://www.linkedin.com/in/stahltom/Host: https://www.linkedin.com/in/victorvirtualCo-host: https://www.linkedin.com/in/beingageek/In this episode, the hosts are joined by Tom Stahl, a seasoned Senior Solutions Architect supporting end-user computing in one of the top six U.S. banks. Tom brings a wealth of frontline experience from the trenches of implementing Zero Trust—from mobile to desktop, from networking to identity. If you're an engineer, architect, or admin who's ever been told to “go implement Zero Trust,” this episode is your playbook.Highlights:--| Why enterprise mobility was Zero Trust before Zero Trust was cool.--| Building strong internal and vendor relationships as the key to implementation success.--| Conditional Access, device compliance, and identity: how to align these critical pieces.--| Certificates: useful until they’re not—why PKI planning still matters.--| Tactical advice for prototyping, passwordless, and building your Zero Trust baseline.This episode kicks off our “Field Stories” series—real-world, technical deep-dives from practitioners who’ve had to make Zero Trust work under real constraints.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode, hosts Dr. Victor Monga and Zach Pugh unpack one of the most actionable Zero Trust resources available today—NIST Special Publication 1800-35. Unlike its predecessor SP 800-207, this guide dives deep into the how of Zero Trust, providing lab-tested architectures from 24 vendor collaborators including Microsoft, Palo Alto, and Zscaler.Victor and Zach explore how NIST’s Enhanced Identity Governance (EIG) model and real-world testing—complete with adversary emulations—finally give security leaders the blueprint they’ve been waiting for. They spotlight implementation gaps, integration hurdles, and the importance of continuous validation—not just visibility.Highlights:--| Why SP 1800-35 is the most practical Zero Trust guide to date.--| Enhanced Identity Governance and the identity-first foundation.--| Lessons from 19 tested architectures: what worked and what broke.--| Continuous validation as a Zero Trust necessity.--| Crawl, Walk, Run: Using the NIST maturity model to begin your journey.--| Mapping ZTA to real-world missions and risk-based prioritization.This is not just another framework—it's your implementation playbook. Tune in to understand what’s really required to make Zero Trust work at scale.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Guest: Razi Rais (https://www.linkedin.com/in/razirais)Host: Victor Monga (https://www.linkedin.com/in/victorvirtual)In this episode of the Zero Trust Journey podcast, bestselling author and enterprise strategist Razi Rais joins host Victor Monga to challenge the idea that Zero Trust can be bought. Razi shares the philosophical foundations of Zero Trust, real-world enterprise pitfalls, and how AI is reshaping security strategies faster than most teams can adapt.Highlights:--| Zero Trust is not a tool—it’s an organizational mindset.--| AI and LLMs are adding pressure on already fragile architectures.--| Security posture must match real-world connectivity—not old models.--| Collaboration between dev, ops, and security is non-negotiable.--| Maturity models work—if you know your organization’s appetite for risk.--| Understand your “why” before you start your Zero Trust journey.--| Not every company is ready—or willing—for Zero Trust. And that’s okay.If you’re a cybersecurity leader navigating transformation, AI threats, or just vendor fatigue, this conversation is a roadmap you can’t afford to miss.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – May 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.forbes.com/councils/forbestechcouncil/2025/05/30/the-future-of-cybersecurity-leadership-universal-zero-trust--| https://www.carahsoft.com/blog/palo-alto-networks-from-concept-to-implementation-operationalizing-zero-trust-architecture-in-government-environments-blog-2025--| https://defensescoop.com/2025/05/22/pentagon-cyber-malaise-zero-trust-deadlines-translate-zero-urgency--| https://www.computerweekly.com/opinion/Zero-trust-is-redefining-cyber-security-in-2025--| https://thehackernews.com/expert-insights/2025/05/eliminating-public-ips-case-for-zero.html--| https://www.illumio.com/blog/top-cybersecurity-news-stories-from-may-2025👉 Learn more at: ztjourney.comStay connected with the Zero Trust Journey! Follow us on LinkedIn and subscribe to our YouTube for insights, discussions, and updates. Visit our website for exclusive content and to stay informed on the latest Zero Trust strategies.Disclaimer: The views expressed are those of the speakers.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

00:00 Introduction to Allie Mellen01:29 Allie's Journey in Cybersecurity06:29 Understanding Zero Trust09:30 Zero Trust and Security Operations12:26 Platform vs. Best in Breed17:36 The Role of Identity in Zero Trust30:29 Zero Trust: Buzzword or Necessity?34:31 The Importance of Compromise in SecurityGuest: https://www.linkedin.com/in/hackerxbella/Host: https://www.linkedin.com/in/victorvirtualHost: https://www.linkedin.com/in/beingageekHost: https://www.linkedin.com/in/zachary-pugh/In this episode, the hosts and guest Allie Mellen, Principal Analyst at Forrester, dive deep into the realities of Zero Trust from the lens of security operations, threat detection, and real-world implementation. Allie shares her unconventional path into cybersecurity—from building a card skimmer in college to speaking at Black Hat—and how that hands-on experience shapes her perspective today.Highlights:--| Why ethical hackers often shift to blue team roles.--| The SOC’s role in Zero Trust adoption—beyond buzzwords.--| Platform vs. best-in-breed: what's really best for the analyst?--| Why identity, cloud, and user experience are the new battlegrounds.--| The need for community, practical training, and realistic Zero Trust expectations.--| Why calling it “Zero Trust” can scare executives—and what to say instead.Tune in to hear why Allie doesn’t like the term “perimeter,” how she thinks about identity and cloud, and why compromise—not control—is the real goal of Zero Trust.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Host: Dr. Victor MongaCo-Host: Steve TurnerGuest: Chris Jablonski, Director of CXO Revolutionaries, ZscalerCSA article: https://cloudsecurityalliance.org/blog/2025/01/31/seize-the-zero-moment-of-trustHighlights:--| The Intersection of CTEM and Zero Trust: Discover how Continuous Threat Exposure Management (CTEM) enhances Zero Trust security by dynamically identifying and mitigating risks.--| Executive Buy-in: Chris shares practical advice on communicating Zero Trust’s tangible benefits to secure critical executive support.--| Legacy Coexistence: Understand why gradual transition and coexistence with legacy systems are not only practical but essential during Zero Trust implementation.--| AI and Automation: Learn how AI-driven insights and automation help manage the overwhelming volume of security telemetry, freeing teams to focus on strategic initiatives.--| DevSecOps Integration: Explore how integrating Zero Trust principles into the software development lifecycle helps ensure secure, resilient applications from the ground up.Key Takeaways:--| Start Small and Prove Value: Successful Zero Trust journeys often begin with targeted proof-of-concepts that clearly demonstrate immediate benefits.--| Human Factors Matter: Effective Zero Trust adoption hinges on change management—winning over end-users by clearly articulating direct benefits, not just cost savings.--| Security as Competitive Advantage: Zero Trust enables business agility, accelerates secure M&A activities, and positions your organization ahead of peers stuck in legacy paradigms.--| Security by Design: Addressing security during the development process (DevSecOps) is crucial to managing emerging AI threats and maintaining trustworthy software supply chains.--| Zero Trust Mindset: Embrace Zero Trust not just as technology but as an operational mindset shift critical for managing tomorrow's threats effectively today.Dive into this insightful conversation with Chris Jablonski to gain actionable strategies, cut through buzzwords, and accelerate your practical adoption of Zero Trust.👉 Learn more at: ztjourney.comSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – April 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://www.meritalk.com/articles/disas-thunderdome-achieves-advanced-zero-trust--| https://federalnewsnetwork.com/federal-insights/2025/04/accelerate-together-zero-trust-2025-zscalers-jose-padin-on-how-to-transform-your-agencys-1990s-approach-to-security--| https://www.cio.com/article/3962906/why-81-of-organizations-plan-to-adopt-zero-trust-by-2026.html--| https://cloudsecurityalliance.org/blog/2025/04/17/zero-trust-is-not-enough-evolving-cloud-security-in-2025--| https://www.virtru.com/blog/zero-trust/dod-symposium-2025--| https://www.dafcio.af.mil/News/Article-Display/Article/4164916/office-of-the-chief-information-officer-conducts-zero-trust-update-deep-dive--| https://www.rsa.com/news/press-releases/rsa-zero-trust-has-zero-chance-without-ai--| https://www.illumio.com/blog/top-cybersecurity-news-stories-from-april-2025--| https://www.hpe.com/us/en/newsroom/press-release/2025/04/hewlett-packard-enterprise-redefines-cloud-based-security-with-expansive-solutions-for-zero-trust-networking-and-private-cloud-operations.html--| https://www.elisity.com/blog/rsac-2025-day-1-recap-zero-trust-microsegmentation-and-the-future-of-cybersecurity👉 Learn more at: ztjourney.comStay connected with the Zero Trust Journey! Follow us on LinkedIn and subscribe to our YouTube for insights, discussions, and updates. Visit our website for exclusive content and to stay informed on the latest Zero Trust strategies.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Host: Zach Pugh (LinkedIn)Co-Host Victor Monga (LinkedIn)Guest Jason Garbis (LinkedIn)Highlights:Practical Zero Trust Implementation: Jason emphasizes the importance of adopting a realistic, incremental approach to Zero Trust, urging organizations to leverage existing capabilities before investing in new technologies.Introducing ZTMM+: Discover Jason’s enhancement of the CISA Zero Trust Maturity Model, designed to provide clearer definitions, practical guidance, and address critical gaps like secure internet access and data loss prevention.Simplifying Complexity: Learn how the ZTMM+ framework translates complex Zero Trust maturity assessments into straightforward, actionable questions, promoting collaboration across IT, security, and business teams.Avoiding Vendor Hype: Jason debunks vendor-driven myths and clarifies that no product is inherently "Zero Trust Certified," reinforcing the importance of strategic integration over reliance on vendor solutions.Secure Internet and DLP Strategies: Get insights into why comprehensive secure internet access controls and robust data loss prevention (DLP) strategies are essential yet often overlooked in standard maturity models.Key Takeaways:Start with Practical Steps: Begin your Zero Trust journey by tightening policies around critical business assets, leveraging current technologies, and incrementally building your capabilities.ZTMM+ as an Actionable Tool: Use the enhanced maturity model (ZTMM+) to objectively measure your organization's true Zero Trust maturity and identify realistic improvement areas without overwhelming complexity.Vendor Realities: Recognize that true Zero Trust maturity involves strategic orchestration across existing processes and tools rather than dependency on a single vendor’s solution.Business-Focused Security: Zero Trust initiatives succeed when security leaders deeply align security improvements with clear, direct business benefits—supporting innovation, compliance, and strategic business expansions.Collaboration is Essential: Cross-functional collaboration between security teams, IT, and business stakeholders is critical for identifying real-world security gaps and practical, impactful solutions.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – March 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:https://www.defense.gov/News/News-Stories/Article/Article/4078717/zero-trust-architecture-could-prevent-adversary-data-theft-protect-warfighters/https://www.meritalk.com/articles/dods-ot-zero-trust-strategy-under-review-expected-by-august/https://defensescoop.com/2025/03/11/army-unified-network-plan-2-0-data-zero-trust/https://defensescoop.com/2025/02/19/navy-zero-trust-controls-ot-weapon-systems-platforms/https://statescoop.com/convincing-users-key-for-zero-trust-rollouts-ciso-says/https://www.rcrwireless.com/20250312/security/verizon-zero-trust-securityhttps://www.scworld.com/resource/breaking-with-tradition-at-zero-trust-world-2025https://www.scworld.com/brief/strengthening-cloud-security-with-ai-driven-threat-detection-zero-trust👉 Learn more at: ztjourney.comSubscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

HostSteve Turner (Linkedin)Co-HostZach Pugh (LinkedIn)GuestChase Cunningham, also known as Dr. Zero Trust (Linkedin)Highlights:No Zero Trust Certified Product: Chase debunks the myth of a one-size-fits-all, certified solution—exposing vendor hype and unrealistic promises.Red Teaming as the Foundation: Learn why actionable red team assessments are critical for uncovering vulnerabilities and accelerating your security journey.Simplifying Micro Segmentation: Discover how modern policy engines and ZTNA are transforming a once complex concept into practical, scalable security measures.Small Business Cybersecurity: Understand why every organization—regardless of size—is a target, and explore budget-friendly, high-impact strategies.Portfolio Over Platform: Explore the benefits of integrated, API-enabled best-of-breed solutions versus monolithic vendor platforms.Key Takeaways:Operational Over Compliance: A real Zero Trust strategy focuses on continuous, threat-based validation rather than merely ticking compliance checklists.Red Teaming Delivers ROI: Proactive testing and real-world assessments not only expose gaps but can also recover budgets tied up in redundant security solutions.Practical Strategies for Every Business: From centralized identity management to optimized asset inventories, start small and build a resilient security posture over time.Debunking Vendor Myths: With no certified Zero Trust product on the market, focus on proven operational tactics rather than buzzwords.Cyber Warfare Awareness: Recognize that in today’s digital battlefield, every asset—from your enterprise network to IoT devices—is valuable to adversaries, making proactive defense a must.Dive into this unfiltered conversation with Chase Cunningham to get real-world insights and actionable strategies that cut through industry buzz and prepare you for the realities of cyber warfare.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

HostZach Pugh (https://www.linkedin.com/in/zachary-pugh/)Co-HostVictor Monga (https://www.linkedin.com/in/victorvirtual/)GuestDrinor Selmanaj (https://www.linkedin.com/in/drinor-selmanaj-5bb28185/)Highlights:Vulnerable vs. Exploitable: Distinguishing between a known vulnerability and a realistic exploitation path is essential for smart security decisions.Return on Effort: Focus on the security measures that provide the greatest risk reduction for the time and resources invested.Continuous Validation: Embrace adversary emulation, red-teaming, and regular testing to ensure your Zero Trust controls remain effective against evolving threats.Reducing Reachability: Minimize network, credential, and device reachability to cut down attackers’ lateral movement and protect critical assets.Practical Zero Trust Framework: Break down Zero Trust into manageable steps—start with asset inventories, least-privilege policies, and ongoing security education.Key Takeaways:Zero Trust Is a Journey: It’s not a one-time project. Continuous assessment and adaptation are vital to keep pace with evolving threats.Define Your Own Zero Trust: There is no official Zero Trust certification, so each organization must clarify what Zero Trust means in the context of its unique business objectives.Continuous Security Validation: Regular testing (e.g., adversary emulation, red teaming) is key to security maturity and helps ensure Zero Trust controls work as intended.Adapt to Emerging Threats & AI: As attackers’ methods evolve—particularly with AI—organizations must keep refining and updating their Zero Trust strategies.Practical Application Matters: Beyond theory, Zero Trust relies on hands-on experience, clear asset inventories, and least-privilege principles to minimize the attack surface.Education & Culture: A security-first mindset, leadership support, and team-wide training are essential for successful Zero Trust adoption at scale.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, host Zach Pugh talks with Nemi George, an experienced information security executive, about the practical realities of implementing Zero Trust in a busy organization—especially where patient care and time-sensitive workflows collide with security needs. Nemi shares real-world strategies for starting small with critical assets, streamlining multi-factor authentication, and addressing legacy systems without disrupting business operations. The discussion underscores how Zero Trust should enable the organization by prioritizing user experience, cultural alignment, and clear leadership support.HighlightsBalancing Security & User Experience: Why understanding workflows—especially in clinical settings—is crucial to successful Zero Trust.Starting Small, Thinking Big: How focusing on critical data and systems first can reduce complexity and risk.Adaptive Authentication & MFA: Strategies for right-sizing multifactor requirements without bringing business to a halt.Zero Standing Privileges: Using just-in-time access and least privilege principles to lock down user accounts.Legacy Systems & Micro-Segmentation: Practical ways to incorporate older or specialized devices into a modern Zero Trust framework.Key TakeawaysKnow Your Assets: Accurate asset inventory is the foundation of any effective security program.User-Centric Security: Security should align with user workflows, minimizing friction while maintaining strong protections.Leadership Buy-In: Zero Trust initiatives are more successful when presented as business enablers rather than “controls.”Passwordless Future?: Long passphrases, biometrics, and context-based access can reduce both risk and user frustration.Culture & Technology: Zero Trust is a shift in mindset, not just a collection of tools—successful adoption requires both process optimization and stakeholder engagement.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, host Victor Monga is joined by Snehal Antani, CEO and co-founder of Horizon3.ai, to break down the complexities of Zero Trust and the practical steps organizations can take to reduce network reachability and minimize the blast radius of cyberattacks. Snehal shares insights from his career spanning Fortune 500 companies, the Department of Defense, and his current role as a cybersecurity innovator, emphasizing the importance of continuous security validation and understanding the difference between vulnerable and exploitable systems.Snehal offers actionable advice on how to prioritize security efforts based on return on effort (ROE) and how organizations can shift their focus from simply buying tools to adopting methodical, measurable approaches to risk reduction. Whether you're starting your Zero Trust journey or refining your strategy, this episode delivers real-world lessons to help you build a resilient security program.What You’ll Learn in This Episode:Vulnerable vs. Exploitable: Why understanding this difference is crucial for smart security decisions.Reducing Reachability: How limiting network, credential, and device reachability minimizes risk.Return on Effort (ROE): Prioritizing high-impact actions that deliver maximum risk reduction with minimal effort.Continuous Security Validation: Why regular pen testing is vital to understanding your exploitable attack surface.Zero Trust as an Evolution: How Zero Trust is an evolution of existing security practices—not a product or one-size-fits-all solution.Key Takeaways:Start with Reachability: Focus on reducing network, credential, and device reachability as a foundation for Zero Trust.Continuous Validation Matters: Regular testing ensures your controls are effective over time.Prioritize High-Impact Fixes: Maximize your return on effort by focusing on what reduces the most risk with the least effort.Cultural Shifts Are Critical: Successful Zero Trust requires aligning technology, processes, and people.Measure and Evolve: Zero Trust is a continuous journey—track progress and adapt as needed.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to I Zero Trust What You’re Saying – February 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape.Stay informed, stay secure, and as always, Zero Trust everything!🔗 News Links:--| https://executivegov.com/2024/12/nist-zero-trust-architecture-guidance-feedback/--| https://securityboulevard.com/2024/12/making-zero-trust-architecture-achievable/--| https://www.itpro.com/cloud/cloud-security/understanding-nis2-directives-the-role-of-sase-and-zero-trust--| https://www.globenewswire.com/news-release/2024/12/05/2992083/0/en/Zscaler-Finds-Over-87-of-Cyberthreats-Hide-in-Encrypted-Traffic-Reinforcing-Need-For-Zero-Trust.html--| https://www.zscaler.com/resources/industry-reports/threatlabz-encrypted-attacks-report.pdf--| https://www.arnnet.com.au/article/3617743/home-affairs-opens-consultation-on-zero-trust-principles.html--| https://federalnewsnetwork.com/cme-event/federal-executive-forum/dec-federal-executive-forum-zero-trust-strategies-in-government-progress-and-best-practices-2024/--| https://www.microsoft.com/en-us/security/blog/2024/11/11/dod-zero-trust-strategy-proves-security-benchmark-years-ahead-of-schedule-with-microsoft-collaboration/--| https://www.cyber.gov.au/resources-business-and-government/maintaining-devices-and-systems/outsourcing-and-procurement/cyber-supply-chains/choosing-secure-and-verifiable-technologies👉 Learn more at: ztjourney.comDisclaimerThe views and opinions expressed in this episode are those of the speakers and do not necessarily reflect the official policy or position of any affiliated organization. This content is provided for informational purposes only.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, hosts Victor Monga and Steve are joined by Zach Pugh, a seasoned cybersecurity product manager, to explore why government agencies are leading the charge on Zero Trust initiatives—and how the private sector can catch up. They delve into overcoming cultural resistance, dissecting vendor myths, and understanding why even the humble web browser deserves a serious seat at the Zero Trust table.Zach shares tactical advice from his hands-on experience, emphasizing how organizations can start small, focus on business goals, and avoid the common pitfalls of “one-size-fits-all” vendor solutions. Whether you’re mapping out your first Zero Trust strategy or fine-tuning an existing program, this conversation provides practical insights to help you succeed in today’s dynamic threat landscape.What You’ll Learn in This EpisodeGovernment First? Why federal agencies adopted Zero Trust faster than many private organizations—and what we can learn from them.Vendor Myths vs. Reality: Spotting red flags and ensuring your Zero Trust strategy isn’t hijacked by product pitches.Cultural Buy-In: How to articulate Zero Trust’s value to non-technical stakeholders and overcome resistance to change.Browser as an Asset: Why ignoring browser security can undermine your entire Zero Trust posture.Continuous Evolution: Understanding that Zero Trust is an ongoing journey, not a one-time implementation.Key TakeawaysBusiness Alignment: Start with executive buy-in and align Zero Trust initiatives to broader organizational goals.Practical Progress: Small, well-defined protect surfaces are easier to secure, test, and iterate on.Realistic Expectations: No single product can deliver Zero Trust—prioritize people, processes, and technology in tandem.Ongoing Validation: Regularly revisit your Zero Trust framework to adapt to evolving threats and changes in your environment.Whether you’re a security leader or just beginning your Zero Trust journey, this episode provides practical insights to strengthen your strategy, reduce risk, and gain buy-in across your organization.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, hosts Victor Monga and Zach Pugh sit down with Jose Barajas, Vice President of Global Sales Engineering at AttackIQ to explore what it truly takes to implement and sustain Zero Trust security beyond the buzzwords.Jose shares first-hand insights from years of helping organizations validate their security controls, revealing the biggest misconceptions, common pitfalls, and the real challenges that teams face when moving Zero Trust from theory to practice. From breaking down resistance to change to securing executive buy-in, this episode delivers practical strategies for making Zero Trust work—no matter where you are in the journey.What You’ll Learn in This Episode:✔ The Validation Gap – Why 90% of organizations assume their Zero Trust controls work, but nearly half fail security testing.✔ Beyond Compliance – How Zero Trust is a security strategy, not just a checkbox for regulations.✔ Breaking Cultural Barriers – Overcoming resistance from teams who feel “Zero Trust means you don’t trust them.”✔ Securing Executive Buy-In – “I've gotta find a way to position Zero Trust as a revenue driver or at least to offset the protection of assets in the business.”✔ The Role of Continuous Testing – Why Zero Trust isn’t a one-and-done initiative, but an evolving process requiring ongoing validation.Victor and Zach dive into real-world Zero Trust adoption stories, exposing the biggest roadblocks organizations face—including why many Zero Trust projects fail before they start. Jose shares actionable ways to validate security controls, iterate on implementations, and gain leadership support to drive Zero Trust forward.Key Takeaways:🔹 Zero Trust isn’t complicated—it’s just hard. Cultural shifts and executive mandates are critical for success.🔹 Validation matters—if you don’t test security controls regularly, they likely aren’t working as intended.🔹 Zero Trust isn’t about mistrust—it’s about verifying digital actions, not distrusting employees.🔹 Align Zero Trust with business goals—position it as a risk-reducing, revenue-protecting strategy to gain leadership support.🔹 Start small, iterate, and automate—Zero Trust isn’t all or nothing, it’s a process of continuous improvement.Whether you’re a security leader or just beginning your Zero Trust journey, this episode provides practical insights to strengthen your strategy, reduce risk, and gain buy-in across your organization.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, hosts Victor Monga and Steve Turner are joined by Zero Trust experts from Microsoft Clay Taylor and Tarek Dawoud to discuss how Zero Trust strategies can secure today’s expansive digital estates. They share insights from Microsoft’s Zero Trust Workshop and their collaboration with NIST, offering a practical guide for navigating the challenges of implementation.Clay and Tarek reveal how organizations can move from overwhelmed to action-ready by breaking down silos, aligning teams, and leveraging practical tools. They emphasize that Zero Trust is not a product or a one-time fix—it’s a continuous journey of strengthening security and enabling business outcomes.What You’ll Learn in This Episode:Securing your digital estate: How to protect identities, apps, devices, and data in an increasingly complex environment.Breaking silos for success: Aligning identity, device, and application teams for cohesive Zero Trust strategies.Insights from NIST collaboration: Lessons from Microsoft’s contribution to the industry-standard Zero Trust reference architecture.Practical workshop tools: How Microsoft’s Zero Trust Workshop simplifies implementation and tracks progress.Balancing security with user experience: Implementing robust security controls without disrupting productivity.Victor and Steve dive into the real-world obstacles organizations face, from navigating vendor hype to addressing misconceptions about Zero Trust. Clay and Tarek share how the pandemic accelerated adoption, why federal government initiatives are leading the charge, and how to overcome internal barriers to Zero Trust success.Key Takeaways:Zero Trust is about building on your current investments, not starting from scratch.Practical tools like Microsoft’s Zero Trust Workshop can simplify deployment and help organizations track progress over time.Collaboration is essential—breaking silos across teams ensures a unified approach to security.Effective Zero Trust frameworks enhance security while enabling seamless business operations.Whether you’re a security leader or new to Zero Trust, this episode offers actionable advice to strengthen your strategy, reduce risk, and navigate the complexities of today’s cybersecurity landscape.Stay connected with Zero Trust Journey! Follow us on LinkedIn, subscribe on YouTube, and visit our website for exclusive content and resources to help advance your Zero Trust journey.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, host Victor Monga is joined by Steve Turner, a former Forrester analyst and current Microsoft expert, to explore the realities of Zero Trust in today's evolving cybersecurity landscape. They tackle the myths, challenges, and strategies surrounding Zero Trust and provide actionable guidance to help organizations build effective architectures and align them with business goals.From discussing why perimeter-based security models are no longer sufficient to exposing the "blinky box" marketing gimmicks of vendors, this episode offers a no-nonsense, practical approach to Zero Trust. Steve and Victor dive deep into the key elements of a Zero Trust strategy, emphasizing that it is not a product or quick fix but a framework to enhance organizational security by leveraging what you already have.What You’ll Learn in This Episode:Why perimeter-based security is outdated: Understand the failures of traditional perimeter defenses and why Zero Trust offers a more robust approach.The pitfalls of vendor hype: Learn how to evaluate vendor claims, hold them accountable, and reject solutions that overpromise but underdeliver.Using what you already have: Discover how to build on existing security investments like MFA, SAML, and least privilege to create a Zero Trust architecture.The business value of Zero Trust: Translate technical jargon into business terms to secure buy-in from leadership and align security efforts with organizational goals.Training and continuous improvement: Explore strategies for upskilling teams and fostering a culture of ongoing learning and adaptation in Zero Trust.Victor and Steve stress that Zero Trust is a journey, not a destination. It’s about taking inventory of your current security efforts, aligning them with core Zero Trust principles, and integrating them into a tailored architecture that supports your organization’s unique needs. They highlight the importance of a collaborative approach, where vendors become partners in building a seamless and transparent Zero Trust ecosystem, rather than pushing a one-size-fits-all solution.Key Takeaways:Avoid throwing out what already works; instead, enhance your security by weaving Zero Trust principles into ongoing projects.Focus on practical, measurable outcomes that align security efforts with business goals.Leverage free resources, such as guidance from NIST and CSA, to benchmark progress and avoid vendor lock-in.Remember that user experience matters—effective Zero Trust should improve security without creating unnecessary friction for employees.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, host Victor Monga welcomes Jay Mar-Tang, Field CISO at Pantera, for a lively discussion about the real-world application of Zero Trust principles. Taking inspiration from Stone Cold Steve Austin’s mantra, “Don’t Trust Anybody,” they dive deep into the mindset shift needed to embrace Zero Trust as a framework and philosophy.Through candid stories and real-world examples, Victor and Jay tackle some of the most pressing questions about Zero Trust:What does Zero Trust truly mean, beyond the marketing buzz?Why is it a continuous process, not a one-time project?How can businesses avoid common missteps, like relying on flashy "Zero Trust certified" tools?What role do validation, granular access control, and business alignment play in a successful Zero Trust journey?How can organizations balance the technical, process, and human elements required to make Zero Trust effective?This episode also emphasizes the importance of foundational security hygiene, such as multi-factor authentication and asset visibility, while addressing why focusing on business objectives is critical to Zero Trust's success.Packed with actionable insights, expert advice, and even some nostalgic wrestling references, this episode is a must-listen for anyone navigating the complexities of modern cybersecurity. Tune in to discover how Zero Trust can empower your organization to reduce risk, protect critical assets, and evolve with confidence.Ready to start—or refine—your Zero Trust journey? Join the conversation now!Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

In this episode of Zero Trust Journey, the hosts and guests from the Department of Defense (DOD) share their firsthand experiences with implementing Zero Trust in high-security environments. The discussion explores the challenges, insights, and real-world applications of adopting a Zero Trust security framework, focusing on the steps necessary to achieve a successful Zero Trust journey.Key Topics Covered:The Business-Driven Zero Trust Strategy:The episode emphasizes that organizations must define their Zero Trust strategy from within, rather than being led by vendor-driven solutions. Zero Trust is not a one-size-fits-all solution but should be tailored to meet business needs.The Zero Trust Mindset:The guests discuss the core principle behind Zero Trust: never trusting anything or anyone by default. This mindset of constant verification of users, devices, and applications strengthens security and fosters continuous vigilance.Zero Trust as a Cultural Shift:Zero Trust requires more than just new tools; it demands a cultural transformation. The episode explores how adopting Zero Trust requires a shift in how organizations approach cybersecurity, necessitating collaboration between security, IT, and business teams.Collaboration and Breaking Down Silos:One of Zero Trust’s key benefits is its ability to break down organizational silos. The guests share how collaboration across security, network, and IT teams ensures security is integrated into all areas of the business from the start.Overcoming Resistance to Change:Implementing Zero Trust often challenges established practices. The guests discuss overcoming resistance from teams, particularly system administrators and developers. Leadership and clear communication are crucial to help employees understand and embrace Zero Trust.Zero Trust in the DOD Sector:The guests provide insights into applying Zero Trust within the DOD sector, where securing sensitive data is critical. The discussion covers how to overcome the challenges of implementing Zero Trust across large, complex organizations with legacy systems.Legal and Regulatory Alignment:The episode explains how Zero Trust aligns with legal, regulatory, and compliance requirements. The guests discuss how adopting Zero Trust can help meet evolving data protection and privacy standards, positioning it as a strategic business move.Takeaways and Key Lessons:Listeners will learn that Zero Trust is an ongoing journey. The episode emphasizes continuous refinement, collaboration, and integrating Zero Trust principles into all business layers. The guests recommend starting small, assessing current security, and gradually building upon existing systems to ensure long-term success.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.

Welcome to the first episode of the Zero Trust Journey Podcast, where host Victor Monga sits down with cybersecurity and compliance expert Erin Logue Smith to pull back the curtain on what Zero Trust truly means—and what it doesn’t. Zero Trust is everywhere in the industry’s vocabulary, but for many, it remains a buzzword heavy on aspiration and light on tangible guidance. If you’ve ever wondered why you can’t just buy a product labeled “Zero Trust” and call it a day, or if you’ve struggled to break through organizational barriers that resist meaningful security changes, this is the conversation you need to hear.In this candid conversation, Victor and Erin discuss why Zero Trust can’t simply be achieved by purchasing a “blinky box” solution or ticking a compliance checkbox. It’s a philosophy that requires aligning technology, people, and processes. Rather than treating Zero Trust as an isolated project, they explore how it fits into a broader cybersecurity ecosystem: one that includes data backups, incident response plans, and a resilience strategy robust enough to withstand modern threats.Erin offers unique insights from both a legal and a cybersecurity perspective, emphasizing that Zero Trust goes hand in hand with regulatory readiness and data protection. Whether you’re dealing with sensitive customer information, proprietary business data, or remote work environments, Zero Trust principles ensure every user and device must continuously prove their legitimacy.Victor and Erin also address the cultural challenges organizations face. Implementing Zero Trust often means changing long-standing habits and confronting initial resistance from executives and staff accustomed to minimal authentication steps. Communication is key—explaining the “why” behind these measures helps foster buy-in, encouraging everyone to embrace a more secure posture rather than viewing it as an inconvenient hurdle.For those just starting their journey, this episode provides practical guidance. Begin by focusing on fundamentals: understand your existing architecture, know where your data resides, and clarify your incident response approach. Then, piece by piece, incorporate tools and policies that support ongoing authentication, authorization, and validation. Partner with trusted advisors who can help you navigate complexity without losing sight of Zero Trust’s core principles.Instead of racing toward a final endpoint, recognize Zero Trust as a continuous evolution. Over time, these efforts build a stronger, more agile security framework—one that protects your organization, meets regulatory expectations, and stands ready against future threats. It’s not about one product or a quick fix, but about committing to the journey and reaping the long-term rewards of genuine security transformation.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.https://ztjourney.comLinkedIn YouTubeDisclaimer: The views expressed are those of the speakers.