The Cyber Kitchen: TrustNet Cybersecurity Podcast

TrustNet

Welcome to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Led by TrustNet's CISO and founder, Trevor Horwitz, each episode breaks down the real recipe for success for CISOs and industry professionals navigating today’s threat landscape, one ingredient at a time. trustnetinc.substack.com

Episodes

  1. The Cyber Kitchen Episode 006 - Penetration Testing: What’s Really Cooking Behind The Scenes

    May 15

    The Cyber Kitchen Episode 006 - Penetration Testing: What’s Really Cooking Behind The Scenes

    Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by Jamie Kerem with CISO and founder, Trevor Horwitz. “A vulnerability without exploitation is just a hypothesis.” In this episode, Penetration Testing: What’s Really Cooking Behind the Scenes, Jamie and Trevor break down penetration testing from the inside out, moving beyond checkbox compliance and into the realities of adversarial security validation. The conversation walks through the full lifecycle of a penetration test, from scoping and reconnaissance to exploitation, lateral movement, post-exploitation, remediation, and continuous testing. Along the way, they unpack how attackers actually think, move through environments, chain vulnerabilities together, and exploit the gaps between security controls. They also explore: * Vulnerability scanning vs penetration testing * Black box, gray box, and white box testing * Cloud, API, network, and application security testing * Phishing, MFA fatigue, and human-layer attacks * Business logic abuse and identity-based attack paths * AI-assisted remediation and continuous security validation * Why modern organizations are shifting from annual testing to continuous testing integrated into CI/CD and DevSecOps workflows Take the conversation further: * TrustNetInc.com * https://www.linkedin.com/company/trustnet-inc * https://www.linkedin.com/in/trevorhorwitz/ * https://www.linkedin.com/in/jamie-kerem * info@TrustNetInc.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    38 min
  2. The Cyber Kitchen Episode 005 - Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 2)

    Apr 17

    The Cyber Kitchen Episode 005 - Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 2)

    Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz. “Controls aren’t mandatory by default. Justification is.” In this episode, Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 2), Jamie and Trevor build on the foundations introduced in Part 1 and go deeper into how ISO 27001 controls are engineered in modern cloud-first environments. The focus shifts to operational maturity, covering SaaS governance through defined exit strategies, secure CI/CD pipelines with shift-left practices, and continuous validation through dynamic testing and API discovery. From data masking in non-production environments and immutable logging to anomaly-based monitoring, secrets orchestration, and automated key rotation, the conversation highlights how controls must be continuously validated, not just implemented. Take the conversation further: * TrustNetInc.com * https://www.linkedin.com/company/trustnet-inc * https://www.linkedin.com/in/trevorhorwitz/ * https://www.linkedin.com/in/jamie-kerem * info@TrustNetInc.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    18 min
  3. The Cyber Kitchen Episode 004 - RSAC 2026: The Real GRC Conversations Happening Behind the Booths

    Mar 30

    The Cyber Kitchen Episode 004 - RSAC 2026: The Real GRC Conversations Happening Behind the Booths

    Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz. “RSA Conference is always fascinating because you get the marketing on the main stage, but the real insights come from conversations between CISOs trying to solve the same problems.” In this episode, RSAC 2026: The Real GRC Conversations Happening Behind the Booths, Jamie and Trevor unpack the key Governance, Risk, and Compliance themes emerging from RSA beyond the vendor headlines. Drawing from real conversations happening in hallways and side meetings, the discussion highlights how security leaders are shifting their focus from tools to governance, accountability, and enterprise-wide risk. From AI governance and third-party risk to accelerating regulations and identity as the new control layer, the episode explores how organizations are being pushed to rethink how they manage and communicate risk. It also reflects the broader shift of cybersecurity into enterprise risk governance, where decisions are increasingly tied to business impact and board-level visibility. Take the conversation further: * TrustNetInc.com * https://www.linkedin.com/company/trustnet-inc * https://www.linkedin.com/in/trevorhorwitz/ * https://www.linkedin.com/in/jamie-kerem * info@TrustNetInc.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    29 min
  4. The Cyber Kitchen Episode 003 - Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 1)

    Mar 20

    The Cyber Kitchen Episode 003 - Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 1)

    Welcome back to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet‘s Jamie Kerem with CISO and founder, Trevor Horwitz. “ISO 27001 controls will never make you secure. It’s the discipline behind selecting and operating those controls that will.” In this episode, Inside the ISO 27001 Kitchen: Engineering Security Beyond the Recipe (Part 1), Jamie and Trevor move from theory into the operational reality of ISO 27001 controls. They break down the four control domains and explain how modern security programs translate risk decisions into operational safeguards. From attribute-driven control design and dynamic asset inventories to identity lifecycle management, privileged access, endpoint posture validation, physical access monitoring, vulnerability orchestration, and network segregation, the conversation explores how mature environments actually engineer controls in cloud-first systems. Watch the full PART 1 episode now and keep an eye out for PART 2. Take the conversation further: * TrustNetInc.com * https://www.linkedin.com/company/trustnet-inc * https://www.linkedin.com/in/trevorhorwitz/ * https://www.linkedin.com/in/jamie-kerem * info@TrustNetInc.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    37 min

  5. Feb 19

    The Cyber Kitchen Episode 002 - Inside the ISO 27001 Kitchen: What Happens Before the Oven Turns On

    Read supplementary articles on ISO 27001 from TrustNet's blog: ISO 27001: Introduction ISO 27001: Requirements ISO 27001: Implementation Talk to our ISO 27001 experts: https://trustnetinc.com/iso-27001/ This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    40 min
  6. The Cyber Kitchen Episode 001 - SOC 2 Cookbook: Recipes for Success

    Jan 9

    The Cyber Kitchen Episode 001 - SOC 2 Cookbook: Recipes for Success

    Welcome to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Hosted by TrustNet's Jamie Kerem with CISO and founder, Trevor Horwitz. In this episode, SOC 2 Cookbook: Recipes for Success, Jamie and Trevor serve up a practical SOC 2 guide for business leaders, covering what SOC reports mean, how Type 1 differs from Type 2, what belongs in your scope, and how to avoid the biggest compliance pitfalls. Packed with clear explanations and real-world insights, this episode turns SOC 2 into a strategic ingredient for trust, growth, and smoother enterprise deals. Take the conversation further: TrustNetInc.com https://www.linkedin.com/company/trustnet-inc https://www.linkedin.com/in/trevorhorwitz/ https://www.linkedin.com/in/jamie-kerem info@TrustNetInc.com This is a public episode. If you would like to discuss this with other subscribers or get access to bonus episodes, visit trustnetinc.substack.com

    31 min
  • 6 Episodes

About

Welcome to The Cyber Kitchen where cybersecurity gets sliced, diced, and served up with just enough spice to keep things interesting. Led by TrustNet's CISO and founder, Trevor Horwitz, each episode breaks down the real recipe for success for CISOs and industry professionals navigating today’s threat landscape, one ingredient at a time. trustnetinc.substack.com

Information