5 Zero Trust Insights from Bishop Fox’s Rob Ragan

Vice President, Industry Strategy

June 7, 2023

23 min. read

Cybersecurity professionals are required to have a very different skillset than they did even five years ago, largely due to the changing nature of cyberattacks. No longer are security teams focused solely on preventing breaches. It’s now inevitable that breaches will happen, and “assuming breach” is essential.

This means security leaders must be able to answer questions like “Do you understand the nature of threat?” and “Do you understand how an attacker is going to progress through the network?” According to Rob Ragan, Principal Researcher at Bishop Fox, a Zero Trust security model helps answer these questions and address the challenges presented by an increasingly dynamic threat landscape.

‍Zero Trust initiatives drive interest in vulnerability testing

In this week’s episode of The Segment: A Zero Trust Leadership Podcast (hosted live from RSA Conference 2023!), Rob explains that he’s seeing more and more organizations invest in Zero Trust initiatives – and have a greater interest in testing their Zero Trust environments proactively – to build cyber resilience.

“I’m seeing a lot of folks are willing to adopt more proactive testing and continuous testing,” said Rob. “We’re helping our customers have a better understanding of what their indicators of exposure and vulnerability are.”

In this episode, Rob joined me to explore different types of threats, offensive security trends, and how to continuously find new opportunities to improve cyber resilience.

Haven’t heard my other episodes with the Zero Trust experts? Listen here. ‍

The Segment episode 9: Rob Ragan, Principal Research Analyst at Bishop Fox

Bishop Fox is a leader in offensive security and penetration testing. At Bishop Fox, Rob focuses on pragmatic solutions for clients and technology. He oversees the company's strategy for continuous security automation. With over a decade of cyber experience, Rob previously held various software engineering roles with Hewlett-Packard and SPI Dynamics.

Here are my top 5 takeaways from our discussion:

2:23: Learning the wrong ways to build applications
6:31: Securing IoT/OT and national critical infrastructure
15:36: Zero Trust and offensive security
19:27: Maturing faster with more testing
24:32: TCO and ROI

Read the full episode transcript here.

Listen to the next episode on June 21

Be the first to listen! Subscribe to The Segment: A Zero Trust Leadership Podcast on Spotify, Apple Podcasts, or wherever you get your podcasts to be notified when new episodes are released.