The UNSECURITY Podcast – Episode 80 Show Notes – Zero Trust
We write our show notes either at the end of the week (Friday) or at the very beginning of the next (Sunday). It’s easier to remember the things that happened during the week on Friday than Sunday, that’s for sure! Only one day away (Saturday), and it’s easy to forget all that we did.
Most weeks are crazy, for us at FRSecure and SecurityStudio, and for people in general.
Are you feeling like things are slowly returning to normal? I am, and it’s great news! Personally, I don’t like the term “new normal”. I think I don’t like it because I feel like people have twisted it to serve their own desires and/or opinions without any factual basis. Normal is normal, and the greatest abnormality (in my opinion) has been our lack of in-person contact. We’ve been built, or wired, for analog personal interaction. Digital, online interaction will never substitute for it, and the longer we go without it, the more mentally unhealthy we become.
Last week was a great week! Four cool things stand out in particular:
- Last week’s podcast was awesome! I love every opportunity to chat with Brad, and it’s a blessing to hang out every Monday morning. Recording episode 79 was a great way to kick things off last week. If you missed it, we talked about information security in K12, and you should go catch it.
- We made great progress in helping state governments last week! Had a great conversation with Minnesota’s CISO, Rohit Tandon, on Wednesday as we discussed third-party information security risk management. This was followed by the scheduling of a similar meeting with the State of New Mexico and joining the National Association of State CIOs (NASCIO) Cybersecurity Committee on Thursday.
- Chris Roberts, Ryan Cloutier, and I did Episode #1 of The Security Shit Show on Thursday night. It was a ton of fun hanging out with these guys! We’re planning to do our episodes/shows live every Thursday night at 10pm CDT, record them for future playback, and use he audio for our podcast. It’s definitely entertaining for our viewers/listeners and therapeutic for us. Be sure to tune in if you can!
- The Daily inSANITY Check-ins are still going strong, and this past week was great! People supporting each other and helping where we can is what it’s all about. Come join us when you can.
There were many great things about last week, but these were the four that came to mind when I sat down to write these show notes.
Speaking of show notes, let’s get to it! Today we’re going to talk about Zero Trust; what it is, why it’s a hot topic today, and what you should be doing about it.
SHOW NOTES – Episode 80
Date: Monday, May 18th, 2020
Episode 80 Topics
- Catching Up (as per usual)
- Zero Trust
- Wrapping Up – Shout outs
[Evan] Hey everyone! Welcome to the UNSECURITY Podcast. This is episode 80, the date is May 18th, 2020, and I’m Evan Francen. With me today is my co-host, Brad Nigh. Good morning Brad!
[Brad] We’ll see what sort of mood Brad is in this morning…
[Evan] We’ve got a good show planned today! There’s this thing called “zero trust” that people are talking about, and I thought it’d be good for you and I to discuss it. Personally, I’ve received a lot of questions about it, and I’m sure you have too Brad. Like always, before we dig in, let’s catch up. What were some highlights for you from last week and how was your weekend?
Quick discussion about last week, last weekend, COVID-19, life, and other stuff.
[Evan] A simple Google search of Zero Trust turns up “About 691,000,000 results”. A Google search of “Zero Trust” (with quotes) turns up “About 1,940,000 results“. So, clearly there are a lot of people who know what it means, right? Here’s some returns from the first page of search results:
- A VMWare link tops the list reading “Enable Zero Trust Security | Move to a New Security Model” – NOTE: Gated content, whitepaper titled “To Enable Zero Trust, Rethink Your Firewall Strategy”.
- This followed by an Ad from Octa (“Getting Started with Zero Trust: Never trust, always verify | Okta“, also gated content, a whitepaper titled “Getting Started with Zero Trust: Never trust, always verify”), and ad from Guardicore (“Zero Trust – What It Means | How to Get There | guardicore.com“, never heard of these guys before, but more gated content, a whitepaper titled “Zero Trust: What it Means and How to Get There Faster”), and ad from AppGate (“Become a Zero Trust Hero | Invisibility, Strength & Speed“)
- Then there are a bunch of and “normal” search results with titles like “What is Zero Trust? A model for more effective security”, “What is Zero Trust?”, “Zero Trust Security | What’s a Zero Trust Network?”. etc.
The fact that there are so many “what is zero trust?” search returns might be a hint that people are confused. Let’s tackle this!
Zero Trust Discussion
Let’s try to clear some of the confusion:
- What is Zero Trust?
- Is it really new?
- Is Zero Trust possible?
- If I want Zero Trust, what do I need to do?
- What common mistakes should I look out for?
[Evan] Alright. Good talk Brad. Thanks for sharing your insight! I think our listeners have a clearer picture of Zero Trust and what it means to them. If they have additional questions or comments, they can always contact us for more!
[Evan] News stuff! What the heck happened in the world last week? Let’s see…
I found four articles that caught my attention. Let’s talk about them!
- REvil hackers leaks email conversation on Trump amid ransom demand – https://www.hackread.com/revil-hackers-leaks-email-conversation-on-trump/
- Experts reported the hack of several supercomputers across Europe – https://securityaffairs.co/wordpress/103358/cyber-crime/supercomputers-hacked-across-eu.html
- Coronavirus-themed attacks May 10 – May 16, 2020 – https://securityaffairs.co/wordpress/103348/cyber-crime/coronavirus-themed-attacks-may-10-may-16-2020.html
- Chrome will soon block resource-draining ads. Here’s how to turn it on now – https://arstechnica.com/information-technology/2020/05/chrome-will-soon-block-resource-draining-ads-heres-how-to-turn-it-on-now/
Wrapping Up – Shout outs
[Evan] Never a shortage of things to talk about in this industry is there? Well, episode 80 of the UNSECURITY Podcast is just about a wrap. Brad, you have any shoutouts?
[Brad] Maybe he does, maybe he doesn’t…
[Evan] Here’s mine…
[Evan] Can’t say enough thanks to our listeners! Crazy how we run into you in all sorts of places. Stay safe and let us know how we can help you. Send things to us by email at firstname.lastname@example.org. If you’re the social type, socialize with us on Twitter, I’m @evanfrancen and Brad’s @BradNigh. Thinking about coming to hang out at the Daily inSANITY Check-in? You can follow this on Twitter too at @InSanityIn.
There you go, have a great week!