Zero Trust Journey
Zero Trust Journey isn’t about taking sides—it’s about real conversations, sharing research, and learning together. Our goal is to explore Zero Trust from every angle and help cybersecurity practitioners make sense of it in a practical, no-fluff way. And yes, we do love to chat about coffee and listen to the occasional dad joke along the way.
Here’s what we do:
- Conversations with Experts: We chat with subject matter experts who share their opinions, experiences, and Zero Trust journeys.
- Research and Product Insights: We explore Zero Trust products and solutions in the market that may fit into a Zero Trust architecture.
- A Zero Trust Architecture: We’re building and refining an ever-growing architecture focused solely on the needs of cybersecurity practitioners.
- CSA CCZT Study Group: We host a study group for the Cloud Security Alliance (CSA) Certificate of Competence in Zero Trust (CCZT).
If you’re a cybersecurity professional looking for honest discussions, practical insights, and tools that evolve with your Zero Trust strategy (plus the occasional coffee tip), Zero Trust Journey is for you. Join us!
Zero Trust Journey
Episode 10: Micro-Segmentation and Macro Impact – A Practitioner's Guide to Zero Trust
In this episode of Zero Trust Journey, host Zach Pugh talks with Nemi George, an experienced information security executive, about the practical realities of implementing Zero Trust in a busy organization—especially where patient care and time-sensitive workflows collide with security needs. Nemi shares real-world strategies for starting small with critical assets, streamlining multi-factor authentication, and addressing legacy systems without disrupting business operations. The discussion underscores how Zero Trust should enable the organization by prioritizing user experience, cultural alignment, and clear leadership support.
Highlights
- Balancing Security & User Experience: Why understanding workflows—especially in clinical settings—is crucial to successful Zero Trust.
- Starting Small, Thinking Big: How focusing on critical data and systems first can reduce complexity and risk.
- Adaptive Authentication & MFA: Strategies for right-sizing multifactor requirements without bringing business to a halt.
- Zero Standing Privileges: Using just-in-time access and least privilege principles to lock down user accounts.
- Legacy Systems & Micro-Segmentation: Practical ways to incorporate older or specialized devices into a modern Zero Trust framework.
Key Takeaways
- Know Your Assets: Accurate asset inventory is the foundation of any effective security program.
- User-Centric Security: Security should align with user workflows, minimizing friction while maintaining strong protections.
- Leadership Buy-In: Zero Trust initiatives are more successful when presented as business enablers rather than “controls.”
- Passwordless Future?: Long passphrases, biometrics, and context-based access can reduce both risk and user frustration.
- Culture & Technology: Zero Trust is a shift in mindset, not just a collection of tools—successful adoption requires both process optimization and stakeholder engagement.
Stay connected with the Zero Trust Journey! Follow us on LinkedIn and subscribe to our YouTube for insights, discussions, and updates. Visit our website for exclusive content and to stay informed on the latest Zero Trust strategies.
Disclaimer: The views expressed are those of the speakers.
