RunAs Radio

Zero Trust Adoption Guidance with Nicolas Blank

Nov 29, 2023

Nicolas Blank, expert in developing the Zero Trust Adoption Framework, discusses the importance of focusing on people and practices over products when adopting a zero trust approach. They explore the challenges of running an Exchange server, using Active Directory, and preparing for and preventing security breaches. The podcast also emphasizes the human side of breaches and the importance of device trust solutions.

40:19

Creator website

Episode guests

Nicolas Blank

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Zero Trust is about prioritizing people and processes, not just buying products.

Risk modeling and scenario evaluation are crucial for effective security measures.

Deep dives

Importance of Zero Trust Adoption and Framework

Nicholas Blank discusses the importance of adopting a Zero Trust approach to cybersecurity. He explains that Zero Trust is not just about buying specific products, but rather a mindset and a set of practices that prioritize security. Blank emphasizes that organizations should focus on people and processes first, and then consider the products as a distant third priority. He highlights the need for rigorous hygiene, including measures like multi-factor authentication and regular patching, to prevent the majority of attacks. Blank also mentions the Zero Trust adoption framework, which provides guidance on transitioning to a more secure posture and aligning with compliance requirements.

Introduction

2min

Challenges of Running an Exchange Server and the Risks of Spam Emails

2min

Challenges of Using Active Directory

4min

Prioritizing People and Practices over Products

9min

Exploring the Human Side of Company Breaches and the Importance of Device Trust Solutions

4min

Preparing for and Preventing Security Breaches

19min

We're all using zero trust - but are we using it well? Richard talks to Nicolas Blank about his work helping to develop the Zero Trust Adoption Framework. Nicolas talks about resisting the buzzword effect and avoiding looking at zero trust as a set of products because it isn't - it's really about the people and processes in your organization that keep things secure. The conversation also digs into the tabletop exercises needed to create priorities for security - not everything in your organization needs the same level of protection or effort. It pays to work through scenarios!

Links:

Recorded October 12, 2023

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

RunAs Radio

Zero Trust Adoption Guidance with Nicolas Blank

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Importance of Zero Trust Adoption and Framework

Risk Modeling and Security Doctrines

Employee Awareness and Education

Incremental Hardening and Continuous Improvement

Remember Everything You Learn from Podcasts