What CISOs want for Christmas are better security tools — that solve problems rather than just finding them, work like modern developer tools, consolidate functionality, cover complex environments, and help teams scale.

Where is your organization really in your zero trust journey, and how much further do you have to do? Implementing a true zero trust architecture is more aspirational than achievable.

I interviewed 57 security leaders and asked them “What sucks in security?” Their top pain points were inconsistent access management, vulnerability prioritization and remediation, and obtaining SaaS logs in case of an incident.

Rather than a security tool alerting the security team (in Slack), who then needs to find the right person to ping (also in Slack) — what if the tool just short circuited that and went right to the source (in Slack, of course)?

No organization has successfully implemented a fully zero trust architecture. Many proponents of zero trust, including the US government, have ignored devices as a key component of BeyondCorp.

I’m burnt out. If you’re reading this, there’s a strong chance you’re burnt out too. We’re about to have, uh, a moment, so brace yourself.