Send us Fan Mail

Too many organizations still treat compliance as a one-time audit exercise: get the certification, satisfy the customer, and move on.

In this episode of Musings from the Cyber Trench, I sit down with Sarah Lynn, a seasoned IT, cybersecurity, GRC, advisory, and audit preparation leader, to discuss why that mindset breaks down fast.

We talk about what happens when compliance is treated as “paperwork,” where programs usually fail first, and why people, process, and technology all have to work together for compliance to become part of daily operations.

Sarah also shares practical insights on:

• Why undocumented processes are a major red flag
• How leaders can move from checklist compliance to security maturity
• Where organizations underinvest and overspend in compliance programs
• Why buying a tool before understanding the process usually backfires
• AI’s role in compliance, automation, meeting notes, artifact collection, and risk
• Why CMMC, SOC 2, ISO, FedRAMP, and other frameworks require continuous effort
• How trusted advisors and peer groups can help leaders avoid reinventing the wheel

The core message: compliance is not something you “get through.” Done right, it becomes a habit, a management discipline, and a foundation for stronger security.

Guest: Sarah Lynn brings 25+ years across IT, cybersecurity, GRC, audit readiness, risk, continuity, and technology operations, helping SaaS/IaaS-driven organizations turn compliance into practical, business-aligned security.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Send us Fan Mail

Energy is the upstream of everything

In this episode we explore how energy infrastructure has become one of the most critical and vulnerable systems in the modern world

From power grid attacks to systemic risks this conversation reveals why cyber threats to energy impact entire nations

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Send us Fan Mail

This episode explores the leadership and design challenges behind modern cybersecurity failures.

Morgan Reed, CTO of Transbridge, shares how traditional approaches to security focused on controls, compliance, and restriction often ignore the most critical variable: human behavior.

The discussion reframes cybersecurity as a design and leadership problem, where usability, context, and adaptability determine effectiveness.

You’ll learn: - Why leadership decisions shape security outcomes - How excessive controls create friction and risk - The gap between security policy and real world behavior - Why human centered design is critical in cybersecurity - How AI can support adaptive, context aware systems - What leaders must change to build resilient security environments

This episode is ideal for executives, CISOs, and technology leaders focused on improving security, reducing risk, and building systems that actually work in practice.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech