Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 39: ZTMM+ How to Assess and Roadmap Zero Trust
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
"Zero Trust is not a journey where you have to spend a lot of money upfront before you can get started. In almost every case, you just need to use what you have better."
In this workshop-style episode of the Zero Trust Journey, Dr. Victor Monga sits down with Jason Garbis and Jerry Chapman from Numberline Security. They move beyond the theory to conduct a live Zero Trust assessment of a fictitious company, "Precision Dynamic Manufacturing" (PDM). From "sticky note" admin passwords to flat networks where CNC machines and Wi-Fi guests coexist, Jason and Jerry map out a practical, no-fluff roadmap to maturity.
IN THIS EPISODE, WE COVER:
- The ZTMM+ Framework: Why the standard CISA model needed an upgrade and how "Governance" acts as the critical glue across all five security pillars.
- The PDM Case Study: A deep dive into an SMB with 200 employees—evaluating the risks of an IT stack built by the "neighbor's kid" and how to secure it before a CMMC audit.
- MFA is Non-Negotiable: Jerry breaks down the journey from simple SMS codes to phishing-resistant authentication and why it’s the single most important move for identity.
- Stop Buying, Start Configuring: How to leverage your existing Microsoft Entra ID (Azure AD) stack to achieve Zero Trust principles without a massive capital investment.
- Network Segmentation for OT: Practical strategies for isolating "crusty" legacy hardware and CNC machines from the rest of the enterprise to stop lateral movement.
- Building External Trust: How a mature Zero Trust posture directly impacts your ability to secure cyber insurance and win contracts with security-conscious partners.
Connect with the Guests:
Jason Garbis: https://www.linkedin.com/in/jasongarbis
Jerry Chapman: https://www.linkedin.com/in/jerrychapman
Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.
Disclaimer: The views expressed are those of the speakers.
