Zero Trust Journey

Victor Monga
  • 5.0 (4)
  • TECHNOLOGY

Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way. Here’s what we do: Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!

  1. 3D AGO

    Episode 42: Stop Thinking Servers, Start Thinking Systems

    In this episode of the Zero Trust Journey, Dr. Victor Monga is joined by Kayne McGladrey, a veteran systems engineer and CISSP who has spent his career securing high-stakes environments—from American Idol voting systems to defense industrial base firms. We move past the buzzwords to discuss the gritty reality of ripping out legacy "flat" networks and replacing them with Zero Trust architectures that actually improve performance while reducing liability. Kayne breaks down why the private sector continues to struggle with risk and how the rise of Agentic AI is changing the identity landscape in 2026. What You’ll Learn: ◈ The "Flat Network" Nightmare: Why open cable trays and unlabeled wires are a recipe for disaster. ◈ The Business of Trust: How to use Zero Trust as a competitive advantage to command premium pricing. ◈ Redefining "System": Why your web server isn't the system, but your accounts payable process is. ◈ AI and the "Circle of Failure": Navigating the FOMO of Agentic AI without giving root access to the unknown. ◈ Building Muscle Memory: Why the best incident response teams train like professional athletes. Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    16 min

  2. 3D AGO

    Episode 41: AI's Role in Software Development: Opportunities and Risks

    What You'll Learn: ▶ The "Vibe Coding" Illusion: Why using AI to build end-to-end web applications works perfectly for a month, but ultimately collapses into uncompilable loops under its own complexity. ▶ Object-Oriented vs. Functional AI: Understanding why Large Language Models (LLMs) struggle with piecing together complex object-oriented puzzles, and how real engineers use AI for targeted, functional modules instead. ▶ AI in Critical Infrastructure: Why blindly deploying AI-generated code into healthcare, financial, or critical systems is professional negligence, and why every single line of code still needs human justification. ▶ The Model Context Protocol (MCP) Fad: Why the highly hyped MCP might just be a passing trend destined to fail outside of decentralized utopias, and why traditional REST APIs are here to stay. ▶ AI is More Than ChatGPT: A look back at the last 20 years of AI research and why traditional machine learning and automated planning still hold massive, untapped potential outside of the LLM spotlight. This episode is a must-listen for enterprise executives, project managers, and security practitioners looking to separate AI marketing fluff from the actual realities of modern software engineering. Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    18 min

  3. FEB 16

    Episode 40: Over-provisioning access is a common issue

    In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Jamie Fitz-Gerald, VP of Product Management at Okta. We dive deep into why identity has become the new perimeter and why the biggest risk to your organization isn't just a lack of tools—it's the effectiveness of the ones you already have. What You’ll Learn: The Identity Perimeter: Why attackers have stopped "breaking in" and started "logging in."System Resilience: Lessons from electrical engineering on surviving 1, 2, and 3-point failures.Productivity vs. Security: How to balance the "padlock on the door" with a seamless user experience.The Effectiveness Gap: Why having the best tools doesn't mean you're secure if you aren't testing them.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    26 min

  4. FEB 13

    Episode 39: ZTMM+ How to Assess and Roadmap Zero Trust

    "Zero Trust is not a journey where you have to spend a lot of money upfront before you can get started. In almost every case, you just need to use what you have better." In this workshop-style episode of the Zero Trust Journey, Dr. Victor Monga sits down with Jason Garbis and Jerry Chapman from Numberline Security. They move beyond the theory to conduct a live Zero Trust assessment of a fictitious company, "Precision Dynamic Manufacturing" (PDM). From "sticky note" admin passwords to flat networks where CNC machines and Wi-Fi guests coexist, Jason and Jerry map out a practical, no-fluff roadmap to maturity. IN THIS EPISODE, WE COVER: The ZTMM+ Framework: Why the standard CISA model needed an upgrade and how "Governance" acts as the critical glue across all five security pillars.The PDM Case Study: A deep dive into an SMB with 200 employees—evaluating the risks of an IT stack built by the "neighbor's kid" and how to secure it before a CMMC audit.MFA is Non-Negotiable: Jerry breaks down the journey from simple SMS codes to phishing-resistant authentication and why it’s the single most important move for identity.Stop Buying, Start Configuring: How to leverage your existing Microsoft Entra ID (Azure AD) stack to achieve Zero Trust principles without a massive capital investment.Network Segmentation for OT: Practical strategies for isolating "crusty" legacy hardware and CNC machines from the rest of the enterprise to stop lateral movement.Building External Trust: How a mature Zero Trust posture directly impacts your ability to secure cyber insurance and win contracts with security-conscious partners. Connect with the Guests: Jason Garbis: https://www.linkedin.com/in/jasongarbis Jerry Chapman: https://www.linkedin.com/in/jerrychapman Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    41 min

  5. FEB 8

    Episode 38: Bridging the Cybersecurity Effectiveness Gap

    "We don’t have a tools problem in cybersecurity anymore. We have an effectiveness problem." In this episode of the Zero Trust Journey, Dr. Victor Monga sits down with Snehal Antani, CEO and Co-Founder of Horizon3.ai and former CTO at the US Department of Defense. Snehal reveals the shocking data gathered from over 200,000 autonomous pen tests: why enterprises spend $18 billion on endpoint security yet continue to see breaches rise. ▶ IN THIS EPISODE, WE COVER: ▶ The 1-in-14,000 Risk: How a single misconfigured agent led to a full domain compromise. ▶ The "Big 4" EDR Reality Check: Snehal breaks down out-of-the-box effectiveness for CrowdStrike, SentinelOne, Sophos, and Windows Defender. ▶ Credential Pivoting vs. Malware: Why 97% of successful "RAT" deployments use harvested credentials, not CVE exploits. ▶ The "Monday Morning Battle Rhythm": How to build a continuous validation loop between your Red and Blue teams. ▶ Vendor Truth: Why "Professional Services" are often just a band-aid for product design gaps. Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    25 min

  6. 12/28/2025

    Episode 37: Zero Trust is essential for SMBs, not a luxury

    Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual) Co-Host: Zach Pugh (https://www.linkedin.com/in/zachary-pugh) Co-Host: Steve Turner (https://www.linkedin.com/in/beingageek) What You'll Learn: The SMB Target on Your Back: Why believing you are "too small to be targeted" is a fatal error, and why cybercriminals actively hunt for SMBs with weak defenses.Zero Trust on a Budget: How to implement Zero Trust principles—focusing on identity and context rather than just technology—without needing a massive security team or budget.The First Line of Defense: Why Multi-Factor Authentication (MFA) is the non-negotiable first step for any SMB looking to secure their infrastructure.Compliance vs. Security: Understanding why compliance is just a baseline, and how Zero Trust helps you meet standards while actually securing your assets.Asset Visibility: Why you cannot secure what you don't know you have, and the importance of managing assets to prevent devastating financial loss.This episode is a must-listen for SMB owners, IT generalists, and security practitioners looking to build a resilient security posture that protects against the devastating costs of a data breach.Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    24 min

  7. 11/10/2025

    Episode 36: I Zero Trust What You’re Saying – Oct 2025

    Welcome to I Zero Trust What You’re Saying – Oct 2025 Edition! In this episode, we break down the latest Zero Trust news, trends, and updates that matter to security practitioners. No hype—just real insights to help you navigate the evolving cybersecurity landscape. Stay informed, stay secure, and as always, Zero Trust everything! 🔗 News Links: --| https://www.cio.gov/zero-trust-data-security-guide-may2025/ --| https://www.meritalk.com/articles/pentagon-to-release-updated-zero-trust-strategy-by-end-of-year/ --| https://govciomedia.com/federal-zero-trust-forum/ --| https://www.cisa.gov/topics/cybersecurity-best-practices/zero-trust --| https://www.securityweek.com/socure-acquires-risk-decisioning-company-effectiv-for-136m/ --| https://news.sophos.com/en-us/2024/10/21/sophos-to-acquire-secureworks-to-accelerate-cybersecurity-services-and-technology-for-organizations-worldwide/ --| https://therecord.media/pokemon-video-game-developer-game-freak-confirms-data-breach --| https://thehackernews.com/2024/10/cloudflare-thwarts-largest-ever-38-tbps.html Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    16 min

  8. 11/04/2025

    Episode 35: The Critical Role of Testing in Zero Trust

    Guest: James Plouffe (https://www.linkedin.com/in/jamesplouffe) Host: Dr. Victor Monga (https://www.linkedin.com/in/victorvirtual) In this essential episode, host Dr. Victor Monga sits down with James Plouffe, Principal Analyst at Forrester, to tackle the bold claim that "Zero Trust without testing is a lie." James, who also served as a Technical Consultant on the hit TV show Mr. Robot, shares his expert perspective on why security leaders are experiencing Zero Trust fatigue and how they can prove their progress. What You'll Learn: Zero Trust is a Journey, Not a Destination: Why viewing Zero Trust as a project you can "finish" is fundamentally flawed.The Critical Gap: Why continuous security validation and testing controls are the single most important factors in a Zero Trust strategy.Operationalizing MITRE ATT&CK: How to shift away from old audit checklists and use frameworks like MITRE ATT&CK to create demonstrable proof of your defenses.Overcoming the "People Problem": Strategies for getting buy-in from long-time employees and successfully implementing controls like micro-segmentation without causing friction.The Biggest Win for Least Lift: Where security leaders should invest their resources first to achieve the highest impact (Hint: It’s all about Identity and MFA).Hacking Hollywood: James shares his experiences ensuring technical accuracy on the set of Mr. Robot and meeting actor Rami Malek. This episode is a must-listen for CISOs and security practitioners looking to move beyond theory and build a tangible, well-tested, and effective Zero Trust architecture. Subscribe to our LinkedIn to never miss news, updates, and quizzes to earn digital badges. https://ztjourney.com LinkedIn YouTube Disclaimer: The views expressed are those of the speakers.

    34 min
See All (42)

Ratings & Reviews

5
out of 5
4 Ratings

About

Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way. Here’s what we do: Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!

Information

  • Creator
    Victor Monga
  • Years Active
    2024 - 2026
  • Episodes
    42
  • Rating
    Explicit
  • Copyright
    © 2026 Zero Trust Journey
  • Show Website
    Zero Trust Journey