The Zero Trust Hub

Trends, insights, and resources for today's cybersecurity leaders. Updated weekly.

Subscribe on LinkedIn
Weekly Podcast

The Monday Microsegment

NEWS

Checkmate by Algorithm: How Artificial Intelligence Is Shifting Cyber Offense and Defense

In CPO Magazine, Trevor Dearing explores how cybercriminals are wielding AI to automate reconnaissance, refine attacks in real time, and scale cybercrime as a service. He argues that containment through segmentation is the advantage defenders need to stay a move ahead.

NEWS

The Cloud’s Major Blind Spot: Why We’re Still Losing the Visibility War to Attackers

Cloud environments were supposed to simplify security, but instead, they’ve become the biggest source of visibility gaps in IT. In Business Reporter, Andrew Rubin explains why defenders keep falling behind and why the future of cybersecurity depends on AI-powered security graphs.

Weekly Briefing

From Beanie Babies to Breaches: Why Trust Is the Real Attack Surface

A headshot of Brett Johnson
Brett Johnson, former U.S. most wanted cybercriminal (turned good guy)

One of Brett Johnson’s earliest scams was selling a dyed Beanie Baby on eBay for $1,500.  

The elephant was supposed to be royal blue. His version looked like it had mange. But the buyer trusted the platform, trusted the photo, and most of all, trusted the idea of the deal.

That’s the formula for most cybercrime:

  1. Find someone who wants something.
  2. Build just enough trust to get them to act emotionally.
  3. Make it look legitimate.
  4. Exploit.

A few weeks ago, I sat down with Brett, once dubbed the “Original Internet Godfather” by the U.S. Secret Service and formerly one of America’s most-wanted cybercriminals. How often do you get the chance to have an open conversation with someone who built the infrastructure of modern cybercrime — then helped tear it down?

What struck me most in our conversation was how plainly he explained something we tend to overcomplicate in cybersecurity: trust. Or, more accurately, the way criminals exploit it.

Let’s talk about what trust really means to an attacker and what that means for how we defend against them.

Cybercriminals don’t hack you. They exploit your trust.

“The perception of reality is more important than reality itself.”

That’s Brett’s mantra. And it should scare every security leader reading this.

From his point of view, breaching a system isn’t about technical brilliance. It’s about psychological manipulation. He doesn’t need to know your network inside out or be an infrastructure genius. He just needs to convince your help desk he’s your CFO.

Trust, he told me, is the true attack surface. In a digital world built on convenience and connectivity, that surface is massive.

The perception of reality is more important than reality itself.

Today, criminals exploit your trust in devices, in browser tabs, in voices on Zoom calls. Deepfake a CEO and ask payroll to wire money? Easy. Spoof a known phone number with a SOCKS5 proxy? Common. Register a lookalike domain? Child’s play.

The attacker’s mindset is simple: if it looks real, it is real.  

Zero Trust is a response to criminal logic

What would have stopped Brett back then? What stops attackers now?

Zero Trust.  

“Every new engagement should be from a Zero Trust standpoint,” he told me. “Don’t just assume someone’s who they say they are — verify. Then verify again.”

Think about what that looks like in action:

  • Don’t trust a cookie. Inspect the context around it — device, IP, behavior.
  • Don’t trust a voice or face on a video call. Validate offline.
  • Don’t trust a credential just because it worked yesterday. Challenge it anew.

To attackers, friction is failure. The more layers they hit, the more likely they are to give up and move on.  

That’s why Zero Trust works. Not because it’s airtight, but because it makes attacks cost more and succeed less.

Criminals collaborate. So should we.

Another thing that stuck with me: Brett said threat actors are winning because they share better.

“We were more of a society than you are,” he told me, referring to his days running ShadowCrew, an online cybercrime forum.

Criminals trade tips, tools, and tactics. They help each other, mentor, and share failures and successes. Meanwhile, defenders too often stay siloed — by industry, regulation, or fear.  

That needs to change. If cybercriminals can treat crime like a community project, then cybersecurity must become a team sport.

Rebuilding trust when deception is the default

Brett ended our conversation with a warning and a challenge.

We’re heading toward a future where we won’t be able to trust anything we see or hear online. There will be more and more real-time deepfakes, AI-generated scams, and impersonations so good you won’t spot the difference.

If perception can be faked, and truth no longer matters, then trust must be rebuilt — not granted. And that means rethinking everything from authentication to awareness.

Zero Trust isn’t just a defensive strategy. It’s a mindset shift for an era where deception is the default.

Let’s shift with it.

STATSHOT

Hacking Human Nature

While human error still drives most breaches, third-party involvement is catching up — doubling in just a year, according to the 2025 Data Breach Investigations Report. Attackers are capitalizing on exposed credentials in shared environments, which can leave IT environments vulnerable for months. Espionage-driven breaches are also on the rise, usually enabled by unpatched systems. And in a striking shift, a growing share of state-sponsored attacks now appear financially motivated, blurring the line between espionage and cybercrime.

Zero Trust Resources

eBook

Strategies for DORA Compliance: Key Role of Zero Trust Segmentation

Is your organization ready for the January 2025 DORA deadline? Discover key strategies for cyber resilience and how Illumio Zero Trust Segmentation simplifies compliance.

GUIDE

Zero Trust Segmentation for Dummies

Breaches are inevitable, but the damage isn’t. Zero Trust Segmentation for Dummies simplifies how to stop threats from spreading, protecting your organization before they cause harm.

REPORT

2025 Global Cost of Ransomware Study

Some 88% of organizations were hit by ransomware in the last year. Are your defenses ready to stand up to today’s ransomware threat? Uncover the real impact of ransomware and strategies to stay resilient against the next inevitable attack.

Introducing Illumio Insights:
AI Cloud Detection and Response

Get an early look at the first cloud detection and response (CDR) solution built on an AI security graph. Watch the on-demand webinar now.

Top contributors

John Kindervag

Chief Evangelist

Raghu Nandakumara

Head of Industry Solutions

Gary Barlet

Public Sector CTO

Trevor Dearing

Director of Critical Infrastructure Solutions

Michael Adjei

Director, Systems Engineering

Christer Swartz

Director of Industry Solutions

Scott Smith

Analyst Relations Director