Sign up to save your podcasts
Or
Share How to ACTUALLY Implement Zero Trust
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
How to ACTUALLY Implement Zero Trust
How to ACTUALLY Implement Zero Trust | Enterprise Tech Playbook
Episode Summary
In this masterclass episode of Enterprise Tech Playbook, host Matt Ashby sits down with Matthew Hackling, Director of Cyber Shield and 25-year cybersecurity veteran, to demystify Zero Trust implementation. They dive deep into the practical realities of transforming enterprise networks from traditional castle-and-moat architectures to modern Zero Trust frameworks.
Matthew shares his real-world experience leading a Zero Trust transformation at an oil and gas company, revealing the critical prerequisites, common pitfalls, and pragmatic strategies that make the difference between success and failure. The conversation covers everything from the business case for Zero Trust to specific technical implementations, with a focus on knowledge workers and gradual, low-impact rollouts.
Key topics include the importance of CMDB data quality, identity governance, microsegmentation strategies, and the shift from VPN appliances to Zero Trust Network Access (ZTNA) solutions. Matthew emphasizes that perfection is the enemy of progress and provides actionable advice for CISOs and IT leaders looking to make Zero Trust a reality in their organizations.
Video Chapters
00:00 - Introduction: The Zero Trust Challenge
Making Zero Trust a reality - moving from theory to implementation
00:28 - Welcome & Guest Introduction
Meet Matthew Hackling, 25-year cybersecurity veteran and Director of Cyber Shield
01:26 - Forging a Leader's Philosophy
"Be honest, do your best, deliver value, you are only as good as your last job"
04:34 - The Business Case: Why an Oil & Gas Giant Invested
Life safety drivers and critical infrastructure protection as catalysts for transformation
11:45 - The Playbook: A Gradual, Low-Impact Rollout
First three tangible steps for implementing Zero Trust without disrupting operations
23:07 - Your First 3 Steps (The Action Plan)
Start with visibility of flows between users and applications
Replace VPN appliances with ZTNA solutions
Focus on crown jewel applications first
33:19 - Lessons from the Field: The #1 Mistake to Avoid
Why "boiling the ocean" kills Zero Trust initiatives and how to avoid it
36:33 - The Future: Advice for the Next Generation of Leaders
Essential skills and certifications for aspiring Zero Trust architects
51:55 - Cybersecurity for Good & Your Next Step
Cyber Shield's mission to protect nonprofits and community organizations
Key Takeaways
✅ Prerequisites for Success:
Quality CMDB (Configuration Management Database) data
Identity Governance Administration solution for crown jewel apps
Clear strategy with defined outcomes
✅ Implementation Strategy:
Start with knowledge worker use cases
Focus on crown jewel applications first
Use monitor mode before enforcement
Drive security ownership to application teams
✅ Technology Stack:
Zero Trust Network Access (ZTNA) to replace VPNs
Microsegmentation for lateral movement prevention
Identity-driven security policies
Security Service Edge (SSE) solutions
✅ Common Pitfalls:
Trying to protect every application equally
Lack of organizational buy-in
Poor CMDB data quality
Treating it as purely a technology problem
Resources Mentioned
Forrester Zero Trust Strategist Certification
Microsoft Cyber Security Reference Architecture
Entra ID Conditional Access Policies
Security Service Edge (SSE) vendors
Connect with Matthew Hackling
LinkedIn: https://www.linkedin.com/in/mhackling/
Website: cybershieldnonprofit.com
About Enterprise Tech Playbook
Empowering IT professionals with actionable wisdom and a collaborative community, making their next stride in enterprise tech one that truly leads with impact.
Subscribe for more deep dives into enterprise technology, cybersecurity, and IT leadership.
#ZeroTrust #Cybersecurity #EnterpriseTech #ZTNA #Microsegmentation #ITSecurity #CISO #NetworkSecurity #CloudSecurity #DigitalTransformation
View all episodes
By Matt AshbyHow to ACTUALLY Implement Zero Trust | Enterprise Tech Playbook
Episode Summary
In this masterclass episode of Enterprise Tech Playbook, host Matt Ashby sits down with Matthew Hackling, Director of Cyber Shield and 25-year cybersecurity veteran, to demystify Zero Trust implementation. They dive deep into the practical realities of transforming enterprise networks from traditional castle-and-moat architectures to modern Zero Trust frameworks.
Matthew shares his real-world experience leading a Zero Trust transformation at an oil and gas company, revealing the critical prerequisites, common pitfalls, and pragmatic strategies that make the difference between success and failure. The conversation covers everything from the business case for Zero Trust to specific technical implementations, with a focus on knowledge workers and gradual, low-impact rollouts.
Key topics include the importance of CMDB data quality, identity governance, microsegmentation strategies, and the shift from VPN appliances to Zero Trust Network Access (ZTNA) solutions. Matthew emphasizes that perfection is the enemy of progress and provides actionable advice for CISOs and IT leaders looking to make Zero Trust a reality in their organizations.
Video Chapters
00:00 - Introduction: The Zero Trust Challenge
Making Zero Trust a reality - moving from theory to implementation
00:28 - Welcome & Guest Introduction
Meet Matthew Hackling, 25-year cybersecurity veteran and Director of Cyber Shield
01:26 - Forging a Leader's Philosophy
"Be honest, do your best, deliver value, you are only as good as your last job"
04:34 - The Business Case: Why an Oil & Gas Giant Invested
Life safety drivers and critical infrastructure protection as catalysts for transformation
11:45 - The Playbook: A Gradual, Low-Impact Rollout
First three tangible steps for implementing Zero Trust without disrupting operations
23:07 - Your First 3 Steps (The Action Plan)
Start with visibility of flows between users and applications
Replace VPN appliances with ZTNA solutions
Focus on crown jewel applications first
33:19 - Lessons from the Field: The #1 Mistake to Avoid
Why "boiling the ocean" kills Zero Trust initiatives and how to avoid it
36:33 - The Future: Advice for the Next Generation of Leaders
Essential skills and certifications for aspiring Zero Trust architects
51:55 - Cybersecurity for Good & Your Next Step
Cyber Shield's mission to protect nonprofits and community organizations
Key Takeaways
✅ Prerequisites for Success:
Quality CMDB (Configuration Management Database) data
Identity Governance Administration solution for crown jewel apps
Clear strategy with defined outcomes
✅ Implementation Strategy:
Start with knowledge worker use cases
Focus on crown jewel applications first
Use monitor mode before enforcement
Drive security ownership to application teams
✅ Technology Stack:
Zero Trust Network Access (ZTNA) to replace VPNs
Microsegmentation for lateral movement prevention
Identity-driven security policies
Security Service Edge (SSE) solutions
✅ Common Pitfalls:
Trying to protect every application equally
Lack of organizational buy-in
Poor CMDB data quality
Treating it as purely a technology problem
Resources Mentioned
Forrester Zero Trust Strategist Certification
Microsoft Cyber Security Reference Architecture
Entra ID Conditional Access Policies
Security Service Edge (SSE) vendors
Connect with Matthew Hackling
LinkedIn: https://www.linkedin.com/in/mhackling/
Website: cybershieldnonprofit.com
About Enterprise Tech Playbook
Empowering IT professionals with actionable wisdom and a collaborative community, making their next stride in enterprise tech one that truly leads with impact.
Subscribe for more deep dives into enterprise technology, cybersecurity, and IT leadership.
#ZeroTrust #Cybersecurity #EnterpriseTech #ZTNA #Microsegmentation #ITSecurity #CISO #NetworkSecurity #CloudSecurity #DigitalTransformation