The Segment: A Zero Trust Leadership Podcast

The Monday Microsegment for the week of Novemeber 4th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.

Election infrastructure has 'never been more secure,' CISA chief says 

Cyber saboteur tries to make Disney the hackiest place on earth

And severe vulnerabilities found in hardware powering many industrial devices

And Sudha Iyer joins us for a Tech Tips segment. 

Head to The Zero Trust Hub: hub.illumio.com

Illumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

In this episode, host Raghu Nandakumara sits down with Neil Thacker, CISO EMEA at Netskope. Neil joined the show to discuss the evolving role of the CISO, as well as the challenges and opportunities they face in the context of new technologies. 

 

--------

“A good friend of mine is a CIO for a very large organization and he shared a great story. Obviously, during the pandemic, everyone was working remotely and they set up this whole Zero Trust principle and policy set to better secure their remote workers. It was interesting, he said, when everyone started coming back into the office, we realized we had better security when everyone was remote because of the changes that we made. So, we wanted to apply those same principles to our internal network and then we realized, can we just get rid of our internal network, our corporate network?”

--------

Time Stamps 

(03:14) The role of the CISO and its evolution

(07:59) Challenges and opportunities in the CISO role

(21:49) Importance of context in security operations

(31:54) Simplifying compliance and driving innovation

(45:23) Advice for Aspiring CISOs

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

--------

Links

Connect with Neil on LinkedIn

Illumio World Tour 

The Monday Microsegment for the week of October 28th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.

Cisco urges customers to patch their firewalls and VPN software amid active exploits

LockBit copycat targets Apple MacOS systems with new ransomware strains

And Microsoft’s boss takes a pay cut for a series of security incidents

And Raghu Nandakumara joins us for a Boos and Bravos segment. 

Head to The Zero Trust Hub: hub.illumio.com

Illumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 21st. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.

Suspected cyber bandit in data broker breach busted! In Brazil!

LockBit dethroned as RansomHub crowned new king of the ransomware arena

And Casio races the clock as it struggles in the wake of a ransomware attack

And Gary Barlet joins us again to talk about election security. Read his piece with the Financial Times: https://www.ft.com/partnercontent/illumio/tackling-election-security-with-zero-trust.html

Head to The Zero Trust Hub: hub.illumio.com

Illumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

In this episode, host Raghu Nandakumara sits down with Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, to explore the evolving landscape of cyber threats and the importance of resilience in the face of ransomware. They discuss the changing tactics of threat actors, the critical role of Zero Trust in modern cybersecurity, and the growing influence of AI on both cyber defense and offense. Sherrod also shares insights into balancing objective and subjective assessments in security, emphasizing the need for strong foundational practices and operational resilience.

--------

“Pre-decision making. If we come under ransom, are we going to pay? A lot of people start spiraling and it's like, wait, do you want to be spiraling now or do you want to be spiraling when we're actually under ransom? Let's spiral now. Let's do that worrying now, so that if something happens in the future, we're ready for that.”

--------

Time Stamps 

(04:53) Sherrod's career journey

(16:15) Importance of basic security practices in ransomware resilience

(18:37) Ransomware: To pay or not to pay?

(22:08) Building a culture of ransomware resilience

(26:19) Subjectivity of security

(29:51) Evolution of threat actors

(34:13) Zero Trust's impact on security

(46:04) Role of AI in cybersecurity

(49:49) Future of threat intelligence

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

Illumio World Tour 

--------

Links

Connect with Sherrod on LinkedIn

The Monday Microsegment for the week of October 14th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.

Tiny company, massive data breach, and a swarm of lawsuits. New details in NPD bankruptcy

The Wayback Machine moving forward after a series of attacks

And OpenAI shuts down efforts to use it for AI-powered wrongdoing

And Gary Barlet to talk about Cybersecurity Awareness Month. 

Head to The Zero Trust Hub: hub.illumio.com

Illumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 7th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.

China breaches U.S. broadband providers in months long breach

It’s double trouble as two flaws put critical networking infrastructure at risk

And U.S. authorities seize dozens of internet domains tied to Russian hackers.

And John Kindervag joins us to talk about the 14 year Zero Trust journey. 

Head to The Zero Trust Hub: hub.illumio.com

Illumio World Tour Registration: https://www.illumio.com/illumio-world-tour 
 

In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. 

--------

“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”

--------

Time Stamps 

(02:01) Nicole’s background 

(08:31) Responses to breaches and reporting 

(11:19) Victims of cyber hacks 

(17:39) Defining cyber equity 

(24:19) High impact cyber attacks 

(37:42) Linking Zero Trust to Cyber Equity: Secure-by-design 

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

--------

Links

Connect with Nicole on LinkedIn

The Hidden Injustice of Cyberattacks by Nicole Tisdale 

Illumio World Tour

In this episode, host Raghu Nandakumara sits down with Tristan Morgan, Managing Director Cyber Security at BT Group, and Mark Hendry, Digital Services Partner at Evelyn Partners to discuss DORA regulations and compliance in the financial services sector. They discuss the interplay between regulatory standards like NIS2 and DORA, the importance of proportionality and operational resilience, and the broader adoption of principles such as Zero Trust. 

Learn more on how to achieve DORA compliance: Illumio.com/dora

Learn strategies for DORA compliance in this ebook: https://www.illumio.com/resource-center/zero-trust-segmentation-dora 

--------

"If you did a search on DORA and looked for the word segmented, ss in micro-segmentation, instantaneous severing of elements of the network in order to contain and what have you, it's in there. It's absolutely in there. So, you just need to know what you're looking for and you'll find it. And Zero Trust will evolve. It might evolve into a different name or a different set of characteristics that we seek to achieve, but DORA should last. And we might find terms like Zero Trust start to pop up in regulatory technical standards or implementing technical standards that accompany it, but it's absolutely in there because it's such a good way to protect our organizations from harm, the types of harm that we've talked about." - Mark 

"If you were to build something completely separate and ask all businesses to comply with something that was different, not only would there be significant cost, I think actually you get much greater resistance. Whereas, these regulations like DORA actually build upon industry-recognized best practices that many businesses are already adopting to a degree, and it actually is sensible, but it also makes the barrier to compliance less." - Tristan

--------

Time Stamps 

(04:22) Current cyber threat landscape 

(11:02) Operational resilience and cyber resilience

(12427) Compliance and regulatory standards 

(15:22) A historical look at compliance 

(25:58) The tipping point for the EU to prioritize operational resilience

(36:48) What differentiates DORA from other legislation? 

(44:24) The role of Zero Trust within DORA 

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

--------

Links

Connect with Tristan on LinkedIn

Connect with Mark on LinkedIn

In this episode, host Raghu Nandakumara sits down with Thomas Mueller-Lynch, Global Director Digital Identities at Siemens to explore Siemens' ambitious zero trust program. They delve into the challenges of implementation and the strategic benefits of zero trust in bolstering product security and streamlining IT architecture. Thomas highlights the essential role of identity management and the importance of collaboration between IT, cybersecurity, and business units in advancing zero trust effectively.

--------

"You cannot run a Zero Trust program exclusively out of IT. You cannot run it exclusively out of cybersecurity. And also if the business, or at least our organization, which is quite big and lots of different business units, if everybody of these business units starts by their own something, it will also not work. It will only work as teamwork all together. So IT typically brings in the services and the service operational model. Cybersecurity brings in the rules and partly also kind of architecture, as well as IT by the way, and business obviously owns all of these assets. So if you don't have them on the same table, at the same table it won't work at all."

--------

Time Stamps 

*(03:56) Thomas' journey at Siemens

*(08:59) Challenges in Zero Trust implementation

*(16:08) Business benefits of Zero Trust

*(27:32) Balancing big vision with tactical steps

*(34:06) Identity's role in Zero Trust

*(43:10) Collaborating across IT, security, and business for zero trust success

*(44:59) How Zero Trust drives competitive advantage

 --------

Sponsor

Assume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. 

Learn more at illumio.com.

--------

Links

Connect with Thomas on LinkedIn

Download your copy of The Forrester Wave for Microsegmentation Solutions: Illumio is a Leader in The Forrester Wave™: Microsegmentation Solutions, Q3 2024.