John Kindervag, the mind behind the zero trust model, joins Rick Howard for an insightful discussion. They delve into the origins of zero trust, sparked by frustrations with traditional security methods. The conversation shifts to the evolution of this framework, highlighting the necessity for a trust paradigm shift to combat modern threats. Kindervag underscores the importance of differentiating identities, devices, and software in network security. The duo also navigates the practical steps for transitioning to a zero trust strategy, emphasizing a deny-all approach to safeguard critical resources.

Join John Kindervag, Chief Evangelist at Illumio and the visionary behind the Zero Trust security model, as he shares his journey from farming to shaping cybersecurity. He reveals the origins of Zero Trust, critiquing outdated security paradigms and emphasizing the need for continuous verification. With a discussion on federal initiatives and the cultural shift towards a Zero Trust framework, John highlights the importance of tailored strategies to combat evolving cyber threats. Tune in for insights that could revolutionize your security approach!

Season two, episode 15: We talk ZT History and API security with the godfather of Zero Trust, Dr Zero Trust, and Richard Bird. Catch this episode on YouTube, Apple, Spotify, Amazon, or Google. You can read the show notes here. In the past few years, supply chain attacks and their impacts have or will soon overtake that of the damage done by ransomware. It’s of no surprise then that APIs are a critical attack vector that threat actors like to exploit, yet many organizations do not have a good understanding of how many doors they have running into their data. This week we chat with the godfather of Zero Trust, Dr. Zero Trust, and a chief security officer about the current state of API security maturity. Considering our guests, we, of course, also took the opportunity to chat a bit about Zero Trust's history. This week we have three very special guests: John Kindervag, the creator (godfather) of Zero Trust Chase Cunningham, AKA Dr Zero Trust, and the now VP of Market Research for G2 Richard Bird, Traceable AI’s Chief Security Officer Key Takeaways Like any other cybersecurity concept, APIs must have an asset inventory There is enough margin of error tied to the intended use of APIs that require continuous monitoring/verification There is a current maturity gap associated with securing the use of APIs in the name of speed and innovation, and often there is not a well-established owner Editors Note We will be taking a publishing break for the month of September as my daughter has arrived, and I will need to catch up on all the sleep I can get. We should be back in October and run through until the holiday break before we wrap season two. I’m also working on a few experimental podcast series during my parental leave, so stay tuned. At least one in particular should be of interest to our audience here. Also, if you work for a cybersecurity org and are interested in launching a podcast, slide into my inbox if you need a hand.