In this conversation, Dr. Zero Trust discusses various cybersecurity incidents, including the Norwegian dam hack, retail data breaches, and the challenges posed by data brokers. He emphasizes the importance of proactive security measures and the need for better regulations in the digital age. The discussion also touches on leadership changes at Cyber Command, emerging cybersecurity startups, and ethical considerations in the industry. Takeaways The Norwegian dam hack highlights the risks of weak...
Jun 27, 2025•36 min
In this episode, Dr. Zero Trust discusses a record-breaking data breach involving 16 billion exposed passwords, the implications of cyber warfare in current geopolitical conflicts, and the challenges surrounding digital sovereignty in Europe. The conversation highlights the need for better cybersecurity practices and the evolving nature of warfare in the digital age. Takeaways 16 billion passwords exposed in a massive data breach. The data breach raises questions about the accuracy of reported f...
Jun 20, 2025•18 min
In this conversation, Dr. Chase Cunningham and Eric Krohn discuss the evolving landscape of cybersecurity, particularly focusing on the impact of AI and Zero Trust principles. They explore the challenges small and medium businesses face in adopting new technologies, the importance of risk management, and the need for a collaborative approach between technology and business strategies. The discussion also touches on the recent funding trends in cybersecurity startups and the role of AI in enhanci...
Jun 12, 2025•33 min
How does a company deal with AI sprawl? What is the "oh shit" moment when an enterprise realizes how much risk AI is introducing? Where can we fix this issue? Why was Reco 4 years ahead of the problem, and what have they learned as they took their solution to market? Lots of insight on this one with the co-founder of Reco!
Jun 10, 2025•11 min
In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses various aspects of cybersecurity, focusing on recent data breaches, the implications for businesses, and the challenges faced by small and medium-sized enterprises (SMBs). He highlights the Victoria's Secret data breach as a case study, examines vulnerabilities in water utilities, and critiques the government's approach to cybersecurity funding and information sharing. The discussion also touches on the market dy...
Jun 07, 2025•31 min
In this conversation, Dr. Chase Cunningham and Michael Shieh from Mammoth Cyber discuss the evolution of Zero Trust security, focusing on browser security and AI's role in enhancing security measures. They explore the concept of data-first security, the significance of mobile security, and the future of Zero Trust in the context of increasing cyber threats. Michael emphasizes the need for a browser-centric approach to security, which allows for better control and visibility over user behavior an...
Jun 02, 2025•23 min
In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses various pressing issues in cybersecurity, including the recent leadership changes at CISA, NATO's proposal for cybersecurity spending, market trends in cybersecurity IPOs, and the alarming number of exposed credentials. He emphasizes the importance of cybersecurity in business growth and critiques the healthcare sector's approach to cybersecurity investments. The conversation also touches on emerging threats and ...
May 30, 2025•29 min
In this conversation, Dr. Chase Cunningham and Omer from Legit Security discuss a significant vulnerability discovered in GitLab Duo, an AI assistant integrated into GitLab. They explore how prompt injection techniques can be exploited to manipulate the AI into leaking sensitive source code and other confidential information. The discussion highlights the implications of AI context in security, the responsibility of companies to manage these risks, and the evolving landscape of AI-related attack...
May 28, 2025•20 min
In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses various aspects of cybersecurity, including the impact of ransomware attacks on businesses, the importance of strong password practices, and the emerging threats posed by ransomware as a service operations like Dragon Force. He highlights recent data breaches in retail, the significance of red teaming in cybersecurity, and the security risks associated with Chinese-made solar inverters. The conversation also touc...
May 15, 2025•24 min•Season 5Ep. 26
In this conversation, Dr. Zero Trust shares his experiences from the RSA show, discussing the overall atmosphere, vendor interactions, and the introduction of the 10 Ring app for vendor reviews. He highlights certain vendors' threats and emphasizes the importance of data-driven analysis. The discussion also covers insights from a recent Gartner report on security controls and various cybersecurity incidents, concluding with reflections on the industry's future. Takeaways RSA was interesting but ...
May 09, 2025•25 min•Season 5Ep. 26
In this conversation, Derek Maki, head of product at Veracode, discusses the evolving landscape of application security, the impact of AI on code security, and the importance of prevention in the future of security practices. He shares insights from the RSA Conference and highlights Veracode's innovations in securing applications and managing risks in the software development lifecycle. Takeaways Veracode has been a leader in application security since 2006. The rise of AI has not improved the s...
May 07, 2025•12 min•Season 5Ep. 25
🚨 RSA Attendees, Let's Shake Things Up! 🚨 Ever been frustrated that your voice isn't heard at big tech events? Me too. That's why I built 10 ring —the app where YOU rate vendors, anonymously if you prefer, and help drive real transparency and accountability. No fluff. No selling your emails. Just honest feedback, community-driven rankings, and heck—I’ll even toss $100 cash daily to whoever reviews the most vendors. I put my own money where my mouth is because change doesn’t happen by accident—...
Apr 24, 2025•12 min•Season 5Ep. 23
In this conversation, Chase Cunningham and Dave Rand discuss the concept of Zero Trust security and how Faction Networks is innovating in this space. They explore the challenges of securing IoT devices, the unique approach of Faction in avoiding central key repositories, and the importance of encryption. The discussion also touches on the future of cybersecurity, the integration of AI, and the user experience in implementing these security measures. Takeaways Zero Trust is essential for modern c...
Apr 10, 2025•27 min•Season 5Ep. 20
In this conversation, Dr. Chase Cunningham and Scott Aldridge discuss the principles of the Visible Ops methodology and its application in cybersecurity. Scott shares his extensive background in IT and cybersecurity, emphasizing the importance of understanding and managing IT assets through effective change and configuration management. They explore practical techniques for implementing cybersecurity best practices, the significance of leadership support, and the challenges organizations face in...
Apr 07, 2025•23 min•Season 5Ep. 19
In this conversation, Dr. Zero Trust analyzes a recent incident involving the leak of tactical action plans by high-ranking officials through unsecured communication channels. He discusses the implications of this leak on national security, the classification of information, and the accountability of government officials. The conversation highlights the discrepancies in how classified information is treated among different individuals and the need for integrity and accountability in leadership r...
Mar 27, 2025•17 min•Season 5Ep. 18
In this conversation, Dr. Chase Cunningham, also known as Dr. Zero Trust, discusses the intersection of cybersecurity and finance, focusing on market trends, vulnerabilities, and the implications of recent cybersecurity incidents. He emphasizes the importance of understanding the financial aspects of cybersecurity, including stock performance and investment strategies, while also addressing the challenges faced by government programs and the ongoing threats from ransomware and state-sponsored at...
Mar 20, 2025•20 min•Season 5Ep. 18
In this conversation, Dr. Chase Cunningham and Barry Mainz, CEO of Forescout, discuss the pressing issues surrounding cybersecurity, particularly in critical infrastructure, legacy systems, and the importance of a zero trust approach. They critique the Netflix series 'Zero Day' for its portrayal of cybersecurity threats and explore the current state of security in various sectors, including healthcare and airports. The discussion emphasizes the need for compliance, business continuity, and the i...
Mar 17, 2025•34 min•Season 5Ep. 15
Summary In this conversation, Dr. Zero Trust discusses various cybersecurity topics, including active malware campaigns, the risks associated with Veterans Affairs data, and the implications of recent data breaches. He also highlights legislative efforts to improve cybersecurity in the agricultural sector and the importance of cybersecurity for law firms. Additionally, he shares insights on investment strategies related to cybersecurity breaches and concludes with his upcoming travel plans and a...
Feb 28, 2025•24 min•Season 5Ep. 12
In this conversation, Dr. Zero Trust discusses the current state of cybersecurity, focusing on leadership appointments, the confusion surrounding cyber threat naming, emerging threats, and the intersection of espionage and cybercrime. He critiques the lack of operational expertise in cybersecurity leadership, highlights the challenges posed by evolving cyber threats, and emphasizes the importance of understanding the implications of AI in cybersecurity operations. The discussion also touches on ...
Feb 24, 2025•29 min•Season 5Ep. 11
In this conversation, Dr. Zero Trust discusses the current state of cybersecurity, focusing on leadership appointments, the confusion surrounding cyber threat naming, emerging threats, and the intersection of espionage and cybercrime. He critiques the lack of operational expertise in cybersecurity leadership, highlights the challenges posed by evolving cyber threats, and emphasizes the importance of understanding the implications of AI in cybersecurity operations. The discussion also touches on ...
Feb 18, 2025•29 min•Season 5Ep. 9
In this conversation, Dr. Zero Trust, Anne Saunders, and Jack discuss the complexities of cybersecurity, particularly in the context of IoT and operational technology. They explore the vast attack surface presented by IoT devices, the challenges of securing these devices, and the importance of embedding security into the design of technology. The discussion also touches on regulatory frameworks, investment trends in cybersecurity, and the future of IoT security solutions. Takeaways IoT represent...
Feb 06, 2025•43 min•Season 5Ep. 7
In this conversation, Dr. Zero Trust discusses various aspects of cybersecurity, including recent ransomware threats, the implications of AI and deepfake technology, and the importance of adopting a Zero Trust security framework. He also critiques the Biden administration's cybersecurity measures and highlights the ongoing challenges posed by stolen credentials and cyber threats. The discussion emphasizes the need for better security practices and the potential future risks associated with cyber...
Jan 22, 2025•29 min•Season 5Ep. 4
In this conversation, Dr. Zero Trust discusses various aspects of cybersecurity, focusing on ransomware attacks, their impact on educational institutions, challenges in the cybersecurity workforce, emerging startups, government initiatives, financial implications of data breaches, and the effectiveness of cybersecurity labeling programs. The discussion highlights the need for proactive measures in cybersecurity and the importance of addressing non-human identity security challenges. Takeaways Ra...
Jan 13, 2025•32 min•Season 5Ep. 2
In this conversation, Dr. Zero Trust reflects on the state of cybersecurity as the new year begins, discussing the persistent issues of phishing, social engineering, and weak passwords that continue to plague the industry. He reviews significant cyber incidents from the previous year, including data breaches and legal developments, while also sharing personal reflections on his own goals and challenges faced in 2024. The discussion emphasizes the need for a strategic shift in cybersecurity pract...
Jan 03, 2025•22 min•Season 5Ep. 1
In this conversation, I discussed various aspects of cybersecurity, including the manipulation of narratives through social media, the implications of leadership structures within Cyber Command and the NSA, personal liability for cybersecurity leaders, emerging trends for 2025, and significant supply chain vulnerabilities. The discussion also reflects on the challenges faced by cybersecurity professionals and highlights key incidents from the past year. Takeaways Social media can easily manipula...
Dec 13, 2024•27 min•Season 4Ep. 54
In this conversation, I discussed various cybersecurity reports, highlighting the increasing risks associated with AI, human behavior, and organizational vulnerabilities. He emphasizes the need for better security practices, the implications of recent data breaches, and the importance of updated cybersecurity legislation. The conversation also touches on the failures of government agencies to secure communications and the need for accountability in cybersecurity funding. Takeaways Fridays are a ...
Dec 09, 2024•28 min•Season 4Ep. 53
In this conversation, I discussed the ongoing cybersecurity talent crisis, highlighting qualified individuals seeking employment and the systemic issues contributing to the hiring problem. He delves into recent cybersecurity incidents, their financial implications, and the impact of identity security on consumer behavior. The discussion also touches on government regulations and the need for innovative practices in cybersecurity, emphasizing the importance of proactive measures and collaboration...
Dec 01, 2024•26 min•Season 4Ep. 51
In this conversation, Dr. Zero Trust and Kevin Brink discuss the challenges and innovations in implementing Zero Trust security frameworks, particularly within the Department of Defense (DoD). Kevin shares insights on the need for automation in Zero Trust assessments to overcome the limitations of manual processes, emphasizing the importance of empirical data for continuous evaluation. They explore the cost and scalability of Zero Trust solutions, as well as the value of assessing existing secur...
Nov 22, 2024•17 min•Season 4Ep. 50
In this conversation, I discussed various aspects of cybersecurity, including recent TSA regulations, stock market trends related to cybersecurity companies, emerging threats from AI-driven phishing scams, the importance of veteran employment in the cybersecurity field, rising salaries and stress levels among cybersecurity professionals, and the need for organizations to address vulnerabilities and improve their security measures. The discussion emphasizes the importance of proactive measures in...
Nov 08, 2024•27 min•Season 4Ep. 48
In this episode of the Dr. Zero Trust podcast, hosts James Pham and Oz Wasserman from Opsin discuss the implications of generative AI in the context of cybersecurity and Zero Trust principles. They explore the evolution of AI, the risks associated with generative AI, and how Opsin aims to secure sensitive data while leveraging AI for productivity. The conversation highlights the importance of understanding the security landscape as generative AI becomes more integrated into enterprise environmen...
Nov 07, 2024•27 min•Season 4Ep. 47
