CISO Series Podcast Everyone Has a Zero-Trust Plan Until They Get Punched in the Face
9 snips
Jul 23, 2024 
Danny Jenkins, CEO of ThreatLocker, shares his insights on Zero Trust endpoint security, emphasizing its importance in combatting cyber threats. He discusses the challenges of implementing a Zero Trust model within legacy systems and the need for effective penetration testing strategies. Jenkins highlights the balance between strong security measures and business functionality, particularly for remote logins. Finally, he underscores the vital skills for cybersecurity professionals, stressing the significance of authentic communication in fostering trust.
AI Snips
Chapters
Transcript
Episode notes
Penetration Testing Recommendations for SMBs
- When outsourcing penetration testing, leverage your network for recommendations, especially if you lack prior relationships with pen testing companies.
- Ask fellow CISOs about their positive and negative experiences to avoid potential issues.
Penetration Testing Catastrophes
- Mike Johnson recounts witnessing penetration testers bring down entire networks by testing out-of-scope systems.
- This highlights the importance of clear communication and scope definition during penetration tests.
Balancing Security and Business Needs
- Prioritize business continuity when making security decisions, considering the impact on operations.
- Weigh the risks and benefits of each option, like allowing remote logins versus blocking all foreign access.