The Segment: A Zero Trust Leadership Podcast

The Monday Microsegment for the week of October 14th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Tiny company, massive data breach, and a swarm of lawsuits. New details in NPD bankruptcyThe Wayback Machine moving forward after a series of attacksAnd OpenAI shuts down efforts to use it for AI-powered wrongdoingAnd Gary Barlet to talk about Cybersecurity Awareness Month.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 7th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.China breaches U.S. broadband providers in months long breachIt’s double trouble as two flaws put critical networking infrastructure at riskAnd U.S. authorities seize dozens of internet domains tied to Russian hackers.And John Kindervag joins us to talk about the 14 year Zero Trust journey.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour  

In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. --------“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”--------Time Stamps (02:01) Nicole’s background (08:31) Responses to breaches and reporting (11:19) Victims of cyber hacks (17:39) Defining cyber equity (24:19) High impact cyber attacks (37:42) Linking Zero Trust to Cyber Equity: Secure-by-design  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Nicole on LinkedInThe Hidden Injustice of Cyberattacks by Nicole Tisdale Illumio World Tour

In this episode, host Raghu Nandakumara sits down with Tristan Morgan, Managing Director Cyber Security at BT Group, and Mark Hendry, Digital Services Partner at Evelyn Partners to discuss DORA regulations and compliance in the financial services sector. They discuss the interplay between regulatory standards like NIS2 and DORA, the importance of proportionality and operational resilience, and the broader adoption of principles such as Zero Trust. Learn more on how to achieve DORA compliance: Illumio.com/doraLearn strategies for DORA compliance in this ebook: https://www.illumio.com/resource-center/zero-trust-segmentation-dora --------"If you did a search on DORA and looked for the word segmented, ss in micro-segmentation, instantaneous severing of elements of the network in order to contain and what have you, it's in there. It's absolutely in there. So, you just need to know what you're looking for and you'll find it. And Zero Trust will evolve. It might evolve into a different name or a different set of characteristics that we seek to achieve, but DORA should last. And we might find terms like Zero Trust start to pop up in regulatory technical standards or implementing technical standards that accompany it, but it's absolutely in there because it's such a good way to protect our organizations from harm, the types of harm that we've talked about." - Mark "If you were to build something completely separate and ask all businesses to comply with something that was different, not only would there be significant cost, I think actually you get much greater resistance. Whereas, these regulations like DORA actually build upon industry-recognized best practices that many businesses are already adopting to a degree, and it actually is sensible, but it also makes the barrier to compliance less." - Tristan--------Time Stamps (04:22) Current cyber threat landscape (11:02) Operational resilience and cyber resilience(12427) Compliance and regulatory standards (15:22) A historical look at compliance (25:58) The tipping point for the EU to prioritize operational resilience(36:48) What differentiates DORA from other legislation? (44:24) The role of Zero Trust within DORA  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Tristan on LinkedInConnect with Mark on LinkedIn

Thomas Mueller-Lynch, the Global Director of Digital Identities at Siemens, dives into the ambitious zero trust program at Siemens. He shares insights from his journey in semiconductor development to leadership in IT and security. The conversation highlights the challenges of implementing zero trust in a large organization, emphasizing collaboration between IT, cybersecurity, and business units. Thomas also discusses the critical role of identity management in enhancing cybersecurity and driving competitive advantages in product development.

Indy Dhami, a partner at KPMG UK specializing in cybersecurity practices, engages in an insightful discussion about the evolution towards cyber resilience. He highlights the importance of foundational cybersecurity practices in ensuring business continuity and driving innovation. The conversation dives into the strategic implementation of Zero Trust, the complexities of navigating regulatory pressures, and the ethical dilemmas posed by ransomware. Indy stresses the need for a collaborative approach across various business functions to effectively manage cybersecurity risks.

Kyla Guru, a passionate cybersecurity advocate and founder of Bits N' Bytes Cybersecurity Education, discusses the evolution of proactive cyber education. She highlights the importance of integrating security into product design and the role of AI in defense strategies. Kyla emphasizes that cybersecurity is a continuous process, adapting to evolving threats, and stresses grassroots community engagement to foster awareness. Aiming to inspire the next generation, she advocates for mandatory security courses in computer science programs to build a safer digital landscape.

Stephen J. White, CEO of Viking Technology Advisors, discusses the critical role of Zero Trust Network Access (ZTNA), cloud adoption, and AI in modernizing network security. Emphasizing visibility, automation, and holistic approaches, he explores the challenges of modernization, connecting business and security outcomes, generative AI in security, and managing the borderless network perimeter.

Former Director of CISA’s Zero Trust Initiative, Sean Connelly, discusses the shift towards critical-asset focus, acceleration of cloud adoption, drafting regulations, agency improvements post-incidents, and challenges moving forward in protecting data. Sponsored by Illumio.

Carlos Buenano, the CTO of OT at Armis, shares his insights into the world of operational technology security. He discusses how accountability in security has evolved, particularly in industrial settings. The conversation touches on the challenges of integrating Zero Trust principles amid legacy systems and the distinct philosophies of IT and OT. Carlos also explores the transformative yet risky role of AI in enhancing security, highlighting the need for a balanced approach to leverage its potential effectively.