
Hosted by Virtru · EN

In this episode of Hash It Out podcast, Virtru CMO Matt Howard interviews Dave Brown, CISO and CIO at Andesite.ai, about making cybersecurity a true business advantage. Brown shares his journey from military cybersecurity to startup leadership and discusses his book 'Bootstrapping Cybersecurity and Startup.' The conversation covers the importance of aligning cybersecurity strategy with business priorities rather than just following frameworks like NIST. They explore data protection challenges, including the balance between securing sensitive information and enabling business operations through controlled data sharing. Brown explains Andesite's approach to maintaining 18 compliance standards and over 500 controls with continuous monitoring. The discussion delves into AI security governance, data sovereignty requirements, and the evolving role of CISOs as business enablers rather than cost centers. Brown emphasizes the importance of partnerships between security teams and business units, especially as AI adoption increases the demand for accessible yet secure data. The episode concludes with Brown explaining Andesite's human-in-the-loop approach to AI-powered security operations and his positive experience using Virtru for data protection and government compliance requirements.

In this episode of Hash It Out, Matt Howard hosts a conversation with zero trust creator John Kindervag from Illumio and implementation expert Don Jeske from Virtru. They discuss why organizations continue struggling with zero trust adoption despite its clear benefits for national security and data protection. Kindervag explains how zero trust shifts focus from products to policy and protection, emphasizing the concept of 'protect surfaces' - identifying what specifically needs protection rather than trying to protect everything at once. Jeske shares his experience implementing zero trust at DHS and the Department of Navy, highlighting how government agencies often turn cybersecurity into acquisition problems and checklist exercises rather than focusing on strategic data protection. The conversation covers the journey nature of zero trust implementation, the importance of starting small with practice protect surfaces, and how AI is forcing organizations to finally address data classification and governance challenges they've long avoided. Both experts emphasize that successful zero trust requires understanding what data you're protecting, who needs access to it, and building incremental capabilities around people, process, and finally products.

This episode of Hash It Out explores ACP 240, a new standard for data centric security that enables better interoperability among coalition partners. Host Matt Howard speaks with Jimmy Lemkemeyer from Virtru and David 'Flash' Flanagan from Everfox about the evolution from network-centric to data-centric security approaches. They discuss how ACP 240, developed by the Five Eyes CCEB organization, creates a standardized framework for protecting data at the most granular level using Zero Trust Data Format (ZTDF). The conversation covers the challenges of sharing sensitive information across domain boundaries in today's dynamic mission environments, where partnerships can be temporal and ephemeral. The experts emphasize that data centric security builds upon rather than replaces network security, enabling fine-grained access control through data tagging and attribute-based policies that travel with the data. They provide practical advice for architects and program managers beginning their zero trust journey, highlighting the importance of proper data governance, tagging frameworks, and understanding that this represents a mindset shift rather than a single technology solution.

Fewer than 600 organizations worldwide have achieved CMMC Level 2 certification—and in this episode, you'll hear from Maya HTT, one that did, along with the consultant who prepared them and the lead assessor who certified them. Join Virtru's Andrew Lynch, Jonathan Bieber (IT Director & CISO at Maya HTT), Christopher Augoustis (CMMC Registered Practitioner at StreamScan), and Brendan Kenney (Lead CMMC Certified Assessor at Forvis Mazars) for the conversation you wish you had before starting your CMMC journey: the real gaps that trip up most organizations, why documentation matters more than technology, how to avoid costly mistakes like unnecessary GCC High migrations, and what actually makes an assessment go smoothly. Whether you're just starting or already deep in preparation, get the insider perspective from all three sides of the certification table and gain tactical, honest insights you won't find in the compliance guides.

In this episode of Hash It Out, Virtru CMO Matthew Howard interviews Stuart Itkin, chief security evangelist at FutureFeed, about CMMC (Cybersecurity Maturity Model Certification) requirements for the Defense Industrial Base. They discuss the upcoming QECON conference in Florida where Itkin will moderate a panel on architectural approaches to CMMC compliance. The conversation covers the challenges facing small businesses in the DIB, which make up over 80% of defense contractors but often lack IT expertise and resources. Itkin explains that organizations starting from scratch typically need 12-18 months to achieve compliance, requiring a balanced approach of people, process, and technology. The discussion emphasizes that CMMC is fundamentally about security and protecting controlled unclassified information (CUI) rather than just checking compliance boxes. They explore various solutions including managed service providers, prebuilt tools, and architectural choices that can help reduce complexity and cost for defense contractors on their CMMC journey.

In this podcast episode, data security experts delve into the pressing cyber threats faced by Ukraine and Taiwan, emphasizing the importance of innovation and public-private collaboration. They highlight how both nations have modernized their digital infrastructures to combat these threats, with Ukraine's rapid digital transformation during the invasion serving as a key example. The discussion underscores the existential nature of cyber defense for both countries, as they navigate complex geopolitical landscapes and the need for strategic partnerships. The speakers, Gulsana Mamtieva and Jason Shu, share insights on the critical role of trust and collaboration in building resilience against cyber attacks. Ultimately, the episode calls for urgent action and preparedness in the face of evolving threats.

In this episode of Hash It Out, Tim Clayton and Dan Morris delve into the concept of data-centric zero trust, particularly in the context of modern missions and the challenges posed by legacy networks. They discuss the importance of agility in data operations, especially when collaborating with non-coalition partners, and highlight the significance of the Mission Partner Environment (MPE) initiated by the DOD CIO. The conversation emphasizes the need for adaptive data-centric systems and the role of policy as a gatekeeper in implementing these technologies. With a focus on the Indo-Pacific region and the evolving landscape of data security, the episode underscores the necessity of proper information sharing and the potential of data-centric security to enhance mission effectiveness.

In this episode of Hash It Out, Wayne Chung (former FBI, NSA) and Don Yeske (former DHS, Navy)—now both employees at Virtru—sit down with Shannon Vaughn, Virtru Federal General Manager, to explore how exceptional products and cutting-edge technology are reshaping talent acquisition across all industries, with a special focus on the federal government. From navigating bureaucratic hurdles to fostering a genuine culture of innovation, they discuss the strategies that drive workforce excellence in the defense and tech sectors.

In the latest episode of Hash It Out, Virtru's VP of Solutions Engineering, Trevor Foskett, sits down with Dan Nickolaisen, Solutions Architect Manager at Abnormal AI, and Ryan Ogden, Senior Director of Information Security at SpotOn. They tackle the shortcomings of traditional Secure Email Gateways and explain how pairing Virtru and Abnormal AI delivers a modern, powerful, and comprehensive email security strategy.We explore:How the combination of Abnormal (inbound) and Virtru (outbound) provide better protection than legacy SEGsThe cost of continuing to rely on legacy solutions and why modernization is worth pursuingHow can organizations achieve "frictionless security" that protects sensitive data without disrupting user workflowsWhat the implementation considerations are when replacing a legacy SEG with modern, cloud-native alternativesHow security leaders balance compliance requirements with the need for efficient, seamless collaborationDon't miss this engaging discussion where you will learn how modern solutions from Abnormal AI and Virtru are addressing the gaps that traditional gateways leave behind, with AI-powered detection for inbound threats and zero-friction encryption for outbound data control.

This episode of the Virtru Hash-it-Out podcast brings together Adam Healy, CEO of Station 70, and Chris Pierson, CEO of BlackCloak, for a critical discussion on the rapidly evolving intersection of digital and physical security in the world of cryptocurrency.We explore:The recent Coinbase data breach and how hackers bribed employees to steal customer data and facilitate targeted attacksHow the global proliferation of digital assets is blurring traditional boundaries between cyber and real-world threatsWhy the anonymity and liquidity of crypto assets make them attractive targets for both cyber and physical criminalsWhy organizations should have a dual focus: strengthening physical security protocols for executives and advancing robust, data-centric digital protectionsYou won't want to miss this insightful conversation where you will gain a nuanced understanding of why the line between digital and physical risk is vanishing in the crypto era-and why comprehensive, layered security strategies are now essential for safeguarding both assets and lives.