DrZeroTrust

Most venture-backed cybersecurity companies are doomed from the start. The math is rigged so only 5-10% of startups survive—and they have to return hundreds of millions, or even billions, to satisfy investors. The result? Exploding tools, premature scaling, vaporware, and a cybersecurity industry obsessed with quick exits rather than real defense. In this eye-opening episode, I pull back the curtain on how the VC funding model distorts cybersecurity innovation. You’ll discover how an industry designed to fail is fueling massive failures like IronNet’s $3 billion valuation crashing in just two years, Lacework’s $8 billion valuation shrinking to $200 million, and Cyber Reason’s 90% valuation collapse in 12 months. These aren’t coincidences—they’re the predictable consequences of a broken system that prizes scale over substance.

I break down:

* The real math behind “unicorn” valuations and their astronomical burn rates
* Why premature scaling kills startups before they can build effective security
* How VC incentives favor feature bloat, AI washing, and vaporware over genuine innovation
* The ugly truth about the flood of tools that make SOCs worse, not better
* Proven models like customer-funded R&D — exemplified by Palantir — that produce real, effective security products without sacrificing integrity

If you’re a security buyer tired of bloated tools and false promises, or a founder questioning the current VC-driven chaos, this episode is your wake-up call. The industry is at a crossroads: continue chasing mythical “unicorns” or build resilient, purpose-driven solutions that actually defend us against modern threats. The stakes couldn’t be higher. Because if we keep funding the same flawed cycle, our cybersecurity defenses will remain weak—and the threat actors will keep winning. But there’s hope. Some companies are bucking the trend, proving that profitability and genuine innovation are possible outside the VC model. This is essential listening for security professionals, founders, and investors ready to rethink what really works. Share if you’re fed up with the status quo—because the future of cybersecurity depends on it.

The conversation covers the introduction of Silos and SpyAlert, the concept of ephemeral endpoints, solving Windows 10 compatibility issues, biometric identity and network isolation, AI-enabled tools and vulnerability mitigation, expanding perimeter and endpoint security, impact on the endpoint security market, compliance and identity access management, frictionless security and user experience, continuous biometric authentication, integration with identity and access management, real-time security operations and analytics, endpoint security and biometric authentication, acquisition and technology integration, zero trust journey and implementation, statelessness and device management, and camera requirements and flexibility.

Takeaways
Ephemeral Endpoints
Zero Trust Operating System

Chapters
00:00 Camera Requirements and Flexibility

Your kids’ education is under attack—and the damage goes far beyond data breaches. Schools have become prime targets for hackers, not just because of the valuable student information they hold, but because their interconnected digital systems make them vulnerable to ransomware, data theft, and operational shutdowns that threaten safety and learning at every level. If you think cyber threats are just an IT problem, think again—this is a crisis of safety, trust, and our collective future.

In this eye-opening episode, I expose the alarming realities of cybersecurity in America's schools. From massive breaches of platforms like Canvas and PowerSchool to ransomware attacks disabling vital systems like emergency notifications, security cameras, and HVAC controls, the stakes couldn’t be higher. He reveals how adversaries exploit legacy tech, lax access controls, and vendor vulnerabilities, turning school networks into playgrounds for cybercriminals. The consequences? Loss of instruction time, compromised student identities, and even direct threats to safety—issues that can last for years.

You'll discover:
How cyber breaches in schools impact everything from classroom learning to emergency response systems
The systemic risks created by centralized edtech platforms and third-party vendors
Why traditional cybersecurity approaches fall short and what a true Zero Trust model for schools looks like
Practical questions parents and school boards should be asking about MFA, data segmentation, vendor contracts, and incident response
The urgent need to treat school cybersecurity as a matter of public safety and resilience
This episode exposes the flawed assumptions and complacency that perpetuate one of the most critical vulnerabilities in our infrastructure—our children’s education system. With billions of records at stake, and long-lasting consequences for identity and safety, it’s clear: cybersecurity in schools isn’t optional, it’s essential.
Whether you're a parent, educator, administrator, or concerned citizen, this conversation will radically change your perspective on what’s really at risk—and how we can safeguard the future. If we fail to act, the fallout could disrupt learning, safety, and trust for generations.
Prepare to be informed, inspired, and compelled to demand change. Schools are more than just buildings—they’re the backbone of our society. Protecting them is protecting our future.

Most cybersecurity talks about infrastructure miss the real game-changer: ephemerality and programmatic network defense. A team of military veteran experts and I unveil how they’re turning traditional models inside out—a move that’s not just innovative but essential for modern security.

Imagine a network that’s invisible, constantly moving, and virtually unbreakable—built on military-grade principles like active failover, dynamic segmentation, and ephemeral identities. This isn’t theoretical; it’s real technology tested in top US banks and critical OT environments, now available for everyday users and small businesses for as little as $10 a month. They’re redefining zero trust with a simple, scalable approach that slashes costs, reduces risk, and defeats threats before they even begin.

You’ll discover:

How the “dark architecture” creates a network that only exists during sessions—eliminating persistent attack surfaces.
The revolutionary concept of automated moving target defense (AMTD) that keeps your data and identity shielded by constantly shifting network paths.
The difference between VPN and ephemeral private networks (EPN): why ephemeral is the future for individual users and SMBs.
How this approach simplifies integration with existing infrastructure using open standards, drastically cutting deployment times and costs—up to 50% below vendors like Zscaler.
Why small businesses and consumers are the next frontier in cybersecurity, gaining enterprise-grade protection at a fraction of the price.
In a world where hackers increasingly target the “easy wins,” missing out on this radical shift could leave your digital assets vulnerable. This episode is vital listening for anyone who’s tired of patchwork fixes, costly vendors, or slow-moving cybersecurity solutions. The future belongs to those who act now—embrace ephemerality, reduce your attack surface, and stay steps ahead of cyber adversaries with a network that defends itself.

Perfect for security professionals, SMB owners, and tech enthusiasts eager to understand the next wave of cyber defense—this episode might just change how you think about protecting your digital life.

Most cybersecurity conferences have become echo chambers filled with repetitive buzzwords and the same problems dressed up in new clothes—until now. At RSA 2023, Chase Cunningham and industry insiders peel back the hype, revealing why much of what’s marketed as revolutionary is just a rehash of old issues with a shiny AI layer. They expose the industry's broken system, the deluge of vendors pushing features over real solutions, and the absurdity of AI washing across booths.

You'll discover how the cybersecurity industry is fundamentally broken—sold and purchased like healthcare, with vendors cashing in on the chaos. Chase highlights what’s really valuable on the show floor, distinguishing between blind VC pump-and-dump tactics and genuine game-changing innovations. He breaks down why AI, despite the hype, is exposing long-standing vulnerabilities rather than creating new solutions, and how the race to be the loudest often masks the lack of substance.

We break down the political landscape of cybersecurity conferences: RSA vs. Black Hat vs. DEF CON—what they reveal about the industry's focus, and why the most meaningful conversations happen in smaller, more intimate settings. Chase warns of the coming AI hype backlash and warns CISOs to resist being lured into buying solutions that won’t deliver. Instead, he advocates returning to fundamentals—doing the basics well with clarity and focus—while leveraging AI to enhance, not replace, core security practices.

Why does this matter? Because the current cycle is setting organizations up for disappointment and missed opportunities. Yet, amid the noise, there’s genuine innovation, a shift in community dynamics, and a growing recognition that cybersecurity’s true future depends on embracing the basics again. This episode is essential listening for leaders tired of the hype and hungry for real strategy, honest conversations, and practical solutions in a rapidly evolving landscape.

Want to understand what’s really happening behind the corporate curtain at RSA? Curious about why the AI frenzy might do more harm than good? Or looking for how to cut through the noise and get back to what works? Tap in now—this episode is your strategic reset.