How to ACTUALLY Implement Zero Trust | Enterprise Tech PlaybookEpisode SummaryIn this masterclass episode of Enterprise Tech Playbook, host Matt Ashby sits down with Matthew Hackling, Director of Cyber Shield and 25-year cybersecurity veteran, to demystify Zero Trust implementation. They dive deep into the practical realities of transforming enterprise networks from traditional castle-and-moat architectures to modern Zero Trust frameworks.Matthew shares his real-world experience leading a Zero Trust transformation at an oil and gas company, revealing the critical prerequisites, common pitfalls, and pragmatic strategies that make the difference between success and failure. The conversation covers everything from the business case for Zero Trust to specific technical implementations, with a focus on knowledge workers and gradual, low-impact rollouts.Key topics include the importance of CMDB data quality, identity governance, microsegmentation strategies, and the shift from VPN appliances to Zero Trust Network Access (ZTNA) solutions. Matthew emphasizes that perfection is the enemy of progress and provides actionable advice for CISOs and IT leaders looking to make Zero Trust a reality in their organizations.Video Chapters00:00 - Introduction: The Zero Trust ChallengeMaking Zero Trust a reality - moving from theory to implementation00:28 - Welcome & Guest IntroductionMeet Matthew Hackling, 25-year cybersecurity veteran and Director of Cyber Shield01:26 - Forging a Leader's Philosophy"Be honest, do your best, deliver value, you are only as good as your last job"04:34 - The Business Case: Why an Oil & Gas Giant InvestedLife safety drivers and critical infrastructure protection as catalysts for transformation11:45 - The Playbook: A Gradual, Low-Impact RolloutFirst three tangible steps for implementing Zero Trust without disrupting operations23:07 - Your First 3 Steps (The Action Plan)Start with visibility of flows between users and applicationsReplace VPN appliances with ZTNA solutionsFocus on crown jewel applications first33:19 - Lessons from the Field: The #1 Mistake to AvoidWhy "boiling the ocean" kills Zero Trust initiatives and how to avoid it36:33 - The Future: Advice for the Next Generation of LeadersEssential skills and certifications for aspiring Zero Trust architects51:55 - Cybersecurity for Good & Your Next StepCyber Shield's mission to protect nonprofits and community organizationsKey Takeaways✅ Prerequisites for Success:Quality CMDB (Configuration Management Database) dataIdentity Governance Administration solution for crown jewel appsClear strategy with defined outcomes✅ Implementation Strategy:Start with knowledge worker use casesFocus on crown jewel applications firstUse monitor mode before enforcementDrive security ownership to application teams✅ Technology Stack:Zero Trust Network Access (ZTNA) to replace VPNsMicrosegmentation for lateral movement preventionIdentity-driven security policiesSecurity Service Edge (SSE) solutions✅ Common Pitfalls:Trying to protect every application equallyLack of organizational buy-inPoor CMDB data qualityTreating it as purely a technology problemResources MentionedForrester Zero Trust Strategist CertificationMicrosoft Cyber Security Reference ArchitectureEntra ID Conditional Access PoliciesSecurity Service Edge (SSE) vendorsConnect with Matthew HacklingLinkedIn: https://www.linkedin.com/in/mhackling/Website: cybershieldnonprofit.comAbout Enterprise Tech PlaybookEmpowering IT professionals with actionable wisdom and a collaborative community, making their next stride in enterprise tech one that truly leads with impact.Subscribe for more deep dives into enterprise technology, cybersecurity, and IT leadership.#ZeroTrust #Cybersecurity #EnterpriseTech #ZTNA #Microsegmentation #ITSecurity #CISO #NetworkSecurity #CloudSecurity #DigitalTransformation

Ver todos los episodios