Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 35: The Critical Role of Testing in Zero Trust
Guest: James Plouffe (https://www.linkedin.com/in/jamesplouffe)
Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual)
In this essential episode, host Dr. Victor Monga sits down with James Plouffe, Principal Analyst at Forrester, to tackle the bold claim that "Zero Trust without testing is a lie."
James, who also served as a Technical Consultant on the hit TV show Mr. Robot, shares his expert perspective on why security leaders are experiencing Zero Trust fatigue and how they can prove their progress.
What You'll Learn:
- Zero Trust is a Journey, Not a Destination: Why viewing Zero Trust as a project you can "finish" is fundamentally flawed.
- The Critical Gap: Why continuous security validation and testing controls are the single most important factors in a Zero Trust strategy.
- Operationalizing MITRE ATT&CK: How to shift away from old audit checklists and use frameworks like MITRE ATT&CK to create demonstrable proof of your defenses.
- Overcoming the "People Problem": Strategies for getting buy-in from long-time employees and successfully implementing controls like micro-segmentation without causing friction.
- The Biggest Win for Least Lift: Where security leaders should invest their resources first to achieve the highest impact (Hint: It’s all about Identity and MFA).
- Hacking Hollywood: James shares his experiences ensuring technical accuracy on the set of Mr. Robot and meeting actor Rami Malek.
This episode is a must-listen for CISOs and security practitioners looking to move beyond theory and build a tangible, well-tested, and effective Zero Trust architecture.
Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.
Disclaimer: The views expressed are those of the speakers.
