DrZeroTrust

Dr. Chase Cunningham
  • 5.0 (8)
  • TECHNOLOGY
  • UPDATED WEEKLY

Unlock the future of cybersecurity with the "Dr. Zero Trust Podcast" on all podcasting platforms! Join me as we delve into Zero Trust Security, redefining how we protect data and networks. Explore frameworks, threat prevention, identity management, exclusive interviews, and emerging tech. Whether you're a pro or just curious, trust me– this podcast is where those who value honesty and real insights go for their cybersecurity insights! Tune in on Spotify, Google, or ITunes now. #DrZeroTrustPodcast #Cybersecurity #ZeroTrust

  1. 12/31/2025

    The Cost of Complacency: Cybersecurity Lessons from 2025

    In this conversation, I break down the state of cybersecurity heading into 2025—and it’s not pretty. Ransomware isn’t “ramping up,” it’s eating the market alive, while too many organizations are still betting their future on outdated controls, checkbox compliance, and the fantasy that perimeter security is a strategy. I call out the continued failure of traditional security models, the uncomfortable reality of high-profile vendor missteps, and the industry’s habit of confusing tool sprawl with actual risk reduction.My bottom line is simple: Zero Trust isn’t a buzzword; it’s the only approach that aligns with how modern environments actually operate—cloud-first, identity-driven, and constantly under attack. If you want real improvement, start treating identity like the control plane, tighten your cloud and endpoint fundamentals, get serious visibility into what’s connecting and what’s executing, and stop pretending “prevention” alone is a plan. Initial access is going to happen—so engineer for containment and resiliency. I wrap up with practical steps you can apply immediately to harden posture and quit treating cyber defense like a yearly renewal rather than a continuous operational discipline.TakeawaysRansomware incidents surged in 2025, impacting critical infrastructure.Traditional defenses are failing to contain ransomware attacks.Using a password manager is essential for security.Cybercrime costs are projected to reach $10 trillion by 2025.Misconfigurations in cloud services are a major risk factor.Identity management is a solvable problem that needs attention.Vendors in cybersecurity are not immune to breaches.Organizations should partner with service providers for cybersecurity.Research and data should guide cybersecurity strategies.A proactive approach is necessary to mitigate cyber threats.

    28 min
  2. AI SoC and SMB's in 2025, Where are We?

    12/18/2025

    AI SoC and SMB's in 2025, Where are We?

    In this episode, we take a hard look at how AI is being integrated into cybersecurity—and where the narrative often diverges from reality. The discussion spans offensive and defensive use cases, the structural challenges facing SMBs, and why open-source cyber threat intelligence (CTI) remains a critical foundation despite aggressive vendor marketing. We also explore the economic pressures shaping today’s security market, including broken pricing models, unrealistic expectations placed on small teams, and the growing gap between compliance optics and real risk reduction. The episode concludes with a forward-looking discussion on applied machine learning, mathematical modeling, and how these approaches can meaningfully support incident responders in the field. Practical applications of AI in cybersecurity operations Offensive vs. defensive AI tradeoffs The SMB security gap and market failure Open-source CTI as a force multiplier Pricing models and market distortion Applied ML and mathematics for real-world incident response Product direction and long-term vision 00:00 — Introduction and company overview 38:10 — Pricing models, market dynamics, and systemic issues 39:26 — Future plans, roadmap, and strategic vision 52:00 — AI in offensive and defensive cybersecurity operations 58:54 — Open-source CTI and applied AI capabilities Key Topics CoveredChapters

    38 min

  3. 12/15/2025

    Small Business Cybersecurity: A Crisis of Confidence

    In this conversation, I discuss the latest findings from the Identity Theft Resources Center's Business Impact Report. He highlights alarming cybersecurity trends, particularly the rise of AI-powered attacks and their financial implications for small businesses. The discussion covers the disconnect between perceived security preparedness and actual security measures, as well as best practices for improving cybersecurity resilience. Takeaways Cyber attacks are a near-universal threat, especially for small businesses. The financial cost of cybercrime is being passed directly to consumers, creating a hidden 'cybertax'. Business leaders' confidence in their cybersecurity preparedness has significantly declined. There is a dangerous disconnect between the perception of risk and the adoption of basic security controls. Small business leaders have mixed opinions on the role of AI in cybersecurity. AI-powered attacks are a significant threat, accounting for over 40% of incidents. Cyber insurance is becoming less reliable, forcing businesses to find alternative recovery methods. Loss of customer trust and employee turnover are significant consequences of cyber attacks. Training alone is not sufficient to prevent cybersecurity breaches. Mastering foundational cybersecurity practices is essential for resilience.

    16 min

  4. 12/09/2025

    Rethinking Identity in the Age of AI

    Hard truth: if you’re shipping AI and haven’t rethought identity, you’re not “innovating” — you’re just building a faster, prettier fraud engine. In this conversation with Heather Dahl, we dig into what identity in the age of AI really means — and why mutual authentication is now the minimum entry fee for doing business online. A few blunt takeaways: AI changes the economics of scams — this isn’t “50 cents here, a dollar there” anymore, it’s industrialized fraud at AI speed. A slick AI experience on top of a weak identity is just a scam delivery platform. If you burn a customer with a security failure, you don’t get a second chance. They move on. Every dollar you put into AI without strong identity and mutual authentication is risk capital for the attacker, not innovation spend. If your systems can’t prove who they are to the customer, and your customers can’t prove who they are to you, your “AI strategy” is really just an attack surface with good branding. 🔗 Watch the full episode + bring this to your next board or exec conversation about “AI investments” and “digital experience.” If identity and mutual auth aren’t on the slide — the strategy is incomplete. #ZeroTrust #AI #Identity #MutualAuthentication #CyberSecurity #DigitalTrust #FraudPrevention #CustomerExperience #VerifiableCredentials #ScamsAtScale

    35 min

  5. 11/20/2025

    AI: The Double-Edged Sword in Cybersecurity

    In this conversation, I discuss the evolving landscape of cybersecurity, particularly the impact of #ai on #cyberattacks. I highlight a recent AI-driven #cybersecurity campaign, its implications for businesses, and the importance of robust cybersecurity measures. The discussion also covers vendor security in the financial sector, lessons learned from a ransomware attack in Nevada, government cybersecurity strategies, and the recent Cloudflare outage. The conversation concludes with insights into new threat intelligence tools and the need for continuous vigilance in cybersecurity practices.TakeawaysAI models have become genuinely helpful for cybersecurity operations.The first documented case of a large-scale cyber attack executed with minimal human intervention has emerged.Businesses must take cybersecurity seriously as threats become more commoditized.Phishing training alone is insufficient as a cybersecurity control.Lateral movement and privilege escalation are critical cybersecurity vulnerabilities.Government strategies need to focus on shaping adversary behavior and public-private partnerships.The recent Cloudflare outage highlights systemic issues in internet infrastructure.New threat intelligence tools are emerging to help organizations stay secure.Cybersecurity is a shared responsibility that requires vigilance from all stakeholders.The landscape of cyber threats is evolving rapidly, necessitating continuous adaptation.

    26 min

  6. 10/15/2025

    Leadership in Cybersecurity: Authenticity and Innovation with Karim Toubba

    I sat down with Karim Toubba, CEO of LastPass, to discuss the challenges and triumphs of navigating cybersecurity in today's digital landscape, especially the issues we face when we have been breached. This is a masterclass in how to handle #cybersecurity crisis!In this episode, Karim shares insights into LastPass's response to significant security breaches, the importance of authentic #leadership, and the evolving role of password management in a networkless world. Tune in for a candid conversation about resilience, change, and the future of cybersecurity.Takeaways: Leadership in Crisis: Karim Toubba emphasizes the importance of authentic leadership and taking responsibility, even when new to a role, as a key factor in navigating crises effectively.Security as a Priority: LastPass has made significant investments in security infrastructure and culture, highlighting the necessity of a sustained commitment to cybersecurity at all organizational levels.Cultural Shift: The implementation of security measures like Yubikeys and the focus on changing employee mindsets underscore the need for a cultural shift in cybersecurity practices.Challenges of Attribution: The difficulty in attributing cyberattacks to specific actors is discussed, with an acknowledgment of the sophisticated nature of the threats faced.Evolving Cyber Landscape: The conversation touches on the evolving nature of cybersecurity threats and the need for continuous adaptation and investment to stay ahead.Product Innovation: LastPass's expansion beyond password management to include products like SAS Monitor and SAS Protect demonstrates their commitment to addressing broader security challenges.User-Centric Security: The importance of making security measures user-friendly and front-and-center is highlighted as a critical factor in improving overall cybersecurity.

    30 min

  7. 10/07/2025

    Securing the Digital Metropolis

    🚨 Identity is one of the many links in the #cybersecurity kill chain. If you think your perimeter is going to save you, you’re already compromised.In this episode, I sit down with Tim Prendergast to rip apart the myths of identity management in 2025. We’re talking:🔹 Why re-engineering identity security isn’t optional—it’s survival.🔹 How Zero Trust changes the way we think about foundational #security .🔹 The balancing act: usability vs. airtight controls.🔹 Why privileged access is the real battleground in every org today.The hard truth? Every business on the planet is facing the same identity chaos. Zero Trust isn’t some buzzword—it’s the operating system for the modern enterprise.👊 No sales pitches. No hand-waving. Let's get real about how to build security that actually works.

    26 min

  8. 09/16/2025

    AI is moving faster than your security program — and that should scare you.

    In this episode, I sit down with Ofer Klein to dig into the messy truth about #ai governance, “shadow AI,” and why most CISOs are already behind the curve. We’re talking about the reality that AI isn’t just a shiny new tool — it’s a #cybersecurity #threat vector, a compliance nightmare, and the next accelerant for both attackers and defenders.If your organization thinks it can “wait and see,” you’ve already lost. Visibility, governance, and proactive strategy aren’t optional anymore — they’re survival.Tune in and find out why AI will either accelerate your business or dismantle it — and why your security leadership better decide which side of that equation they’re on.

    11 min
See All (227)

Ratings & Reviews

5
out of 5
8 Ratings

About

Unlock the future of cybersecurity with the "Dr. Zero Trust Podcast" on all podcasting platforms! Join me as we delve into Zero Trust Security, redefining how we protect data and networks. Explore frameworks, threat prevention, identity management, exclusive interviews, and emerging tech. Whether you're a pro or just curious, trust me– this podcast is where those who value honesty and real insights go for their cybersecurity insights! Tune in on Spotify, Google, or ITunes now. #DrZeroTrustPodcast #Cybersecurity #ZeroTrust

Information

  • Creator
    Dr. Chase Cunningham
  • Years Active
    2021 - 2025
  • Episodes
    227
  • Rating
    Explicit
  • Copyright
    © Dr. Chase Cunningham
  • Show Website
    DrZeroTrust

You Might Also Like