Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 44: Stop Punishing, Start Rewarding: Mastering the P.A.R. Method for Phishing Defense
Use Left/Right to seek, Home/End to jump to start or end. Hold shift to jump forward or backward.
In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Craig Taylor, former CISO at JP Morgan Chase and Vistaprint, and the founder of Cyber Hoot.
We are throwing out the old playbook. If your security awareness program relies on "shocking" or punishing employees for clicking phishing links, you are fighting a losing battle. Craig explains why the future of cyber literacy lies in psychology, gamification, and giving employees the right tools to build muscle memory against AI-powered threats.
What You’ll Learn:
◈ The Power of Rewards: Why behavioral psychology proves that positive reinforcement and gamification are far more effective than the traditional "three strikes" punishment model.
◈ Mastering the P.A.R. Method: How to train your workforce to Pause, Assess, and Report—turning a split-second reaction into a calculated defense mechanism.
◈ Solving Human Problems: Why we need to stop applying binary (0/1) IT solutions to complex human behaviors.
◈ AI-Powered Phishing: How attackers are using GenAI to create hyper-personalized lures, and why the P.A.R. method is your best defense against flawless social engineering.
Key Moments:
02:57 ➔ The Effectiveness Gap: Why annual compliance training shows zero correlation with reduced phishing failures.
06:07 ➔ The "Dog Training" Analogy: What B.F. Skinner can teach us about using rewards over punishments in cybersecurity.
07:11 ➔ THE QUOTE: "We are trying to solve a human problem with zero one binary solutions."
12:41 ➔ Building Muscle Memory: How the Pause, Assess, Report (P.A.R.) framework stops AI-generated phishing in its tracks.
🎙️ Meet the Guest:
Craig Taylor is a seasoned cybersecurity leader and former CISO for organizations like JP Morgan Chase, Vistaprint, and Neoscope. Armed with a background in psychology and decades of IT experience, Craig founded Cyber Hoot, a learning management platform dedicated to re-engineering cyber literacy through positive reinforcement and behavioral science.
➔ LinkedIn: https://www.linkedin.com/in/craigmtaylor
Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges.
Disclaimer: The views expressed are those of the speakers.
