Enterprise Security Weekly Subscribe

Putting the Zero Back Into Zero-Trust – Sharon Goldberg – ESW #263

March 3, 2022

We'll cover the cutting-edge recommendations in the US federal governments January 2022 memo on their "transition to zero trust". Then we'll talk about what the standard definition of "zero-trust" means in our industry, and why it doesn't mean "trust zero things". Finally, we'll chat about architectures that can get us closer to actually trusting zero things.

Segment Resources: Analysis of the federal government's zero trust memo: https://www.bastionzero.com/blog/i-read-the-federal-governments-zero-trust-memo-so-you-dont-have-to

https://www.bastionzero.com/blog/bashing-vpns-for-fun-and-profit

Zero trust security models https://docs.bastionzero.com/product-docs/home/security-model

Full episode and show notes

Announcements

We're always looking for great guests for all of the Security Weekly shows! Submit your suggestions by visiting https://securityweekly.com/guests and completing the form!

Guest

Sharon Goldberg

CEO and Co-Founder at BastionZero Inc

Dr. Sharon Goldberg is the CEO and cofounder of BastionZero, an infrastructure cybersecurity startup, and a tenured computer science professor at Boston University. She has taught courses in cybersecurity for over a decade and has published over 30 peer-reviewed research papers on infrastructure security and cryptography. She is a contributor to security of BGP, NTP, DNS, Bitcoin, Ethereum and IETF cryptography standards, and is an author of the 2015 attacks on NTP. Lately, she spends most of her time thinking about zero trust, bastion hosts and why perimeter VPNs are just not a good idea.

Hosts

Adrian Sanabria

Principal Researcher at The Defenders Initiative

https://adriansanabria.com

Katie Teitler-Santullo

Product Marketer and Content Strategist at OX Security

Director of Offensive Security & Research at Trimarc Security, Founder & CEO at Dark Element

http://darkelement.io/

Related

Security Architecture

Hacker Heroes – Haroon Meer – PSW Vault

December 25, 2024

Unraveling Cybersecurity Complexity: A Conversation with Haroon Meer Haroon Meer, an influential figure in the world of cybersecurity, takes center stage in this podcast interview. With a deep reservoir of knowledge and a track record of tackling complex security challenges, Haroon has established himself as a key player in the InfoSec domain. ...

Compliance & Privacy – SWN Vault

December 24, 2024

Josh Marpet and Doug talk about Compliance and Privacy for about 30 minutes but it could have been a lot more.

Asset Management

Say Easy, Do Hard, Minimum Viable Security – Part 1 – Jon Fredrickson – BSW Vault

December 23, 2024

Check out this episode from the BSW Vault, hand picked by main host Matt Alderman! This segment was originally published on January 3, 2023. With the current macro economic head winds, 2023 budgets are either frozen or are flat. Where should CISOs focus these limited budgets to maximize the most out of their security program? In this segment, we i...