Too many organizations still treat compliance as a one-time audit exercise: get the certification, satisfy the customer, and move on.

In this episode of Musings from the Cyber Trench, I sit down with Sarah Lynn, a seasoned IT, cybersecurity, GRC, advisory, and audit preparation leader, to discuss why that mindset breaks down fast.

We talk about what happens when compliance is treated as “paperwork,” where programs usually fail first, and why people, process, and technology all have to work together for compliance to become part of daily operations.

Sarah also shares practical insights on:

•  Why undocumented processes are a major red flag 
•  How leaders can move from checklist compliance to security maturity 
•  Where organizations underinvest and overspend in compliance programs 
•  Why buying a tool before understanding the process usually backfires 
•  AI’s role in compliance, automation, meeting notes, artifact collection, and risk 
•  Why CMMC, SOC 2, ISO, FedRAMP, and other frameworks require continuous effort 
•  How trusted advisors and peer groups can help leaders avoid reinventing the wheel 

The core message: compliance is not something you “get through.” Done right, it becomes a habit, a management discipline, and a foundation for stronger security.

Guest: Sarah Lynn brings 25+ years across IT, cybersecurity, GRC, audit readiness, risk, continuity, and technology operations, helping SaaS/IaaS-driven organizations turn compliance into practical, business-aligned security.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Energy is the upstream of everything

In this episode we explore how energy infrastructure has become one of the most critical and vulnerable systems in the modern world

From power grid attacks to systemic risks this conversation reveals why cyber threats to energy impact entire nations

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

This episode explores the leadership and design challenges behind modern cybersecurity failures.

Morgan Reed, CTO of Transbridge, shares how traditional approaches to security focused on controls, compliance, and restriction often ignore the most critical variable: human behavior.

The discussion reframes cybersecurity as a design and leadership problem, where usability, context, and adaptability determine effectiveness.

You’ll learn: - Why leadership decisions shape security outcomes - How excessive controls create friction and risk - The gap between security policy and real world behavior - Why human centered design is critical in cybersecurity - How AI can support adaptive, context aware systems - What leaders must change to build resilient security environments

This episode is ideal for executives, CISOs, and technology leaders focused on improving security, reducing risk, and building systems that actually work in practice.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

 In this episode of Musings From the Cyber Trench, Vishal Masih speaks with cybersecurity expert Edwin Covert about the evolution of cyber risk management.

Edwin explains why traditional qualitative risk models fail to support business decision making and how organizations can adopt risk quantification to measure probability and financial impact.

The conversation explores how cybersecurity teams can better communicate with business leaders, align with enterprise risk management, and make more effective decisions based on data.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Cybersecurity expert Robert Siciliano joins Vishal Masih on Musings from the Cyber Trench to discuss why cybersecurity is ultimately a human behavior challenge.

Robert explains why traditional compliance training often fails, how cybercriminals exploit human trust, and why organizations must focus on building a human firewall rather than relying solely on technology.

Robert Siciliano is a private investigator, Certified Speaking Professional (CSP), CEO of Protect Now, LLC, and creator of The Strategic Human Firewall™. He is widely recognized as one of the leading experts on cybercrime and identity theft, with more than 500 television appearances, 1,000 radio contributions, and 3,000+ media features.

The conversation explores how companies can build stronger cybersecurity cultures by helping employees understand that protecting company data also protects their own identity and security.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Vishal Masih and Craig Taylor explore why cybersecurity awareness programs fail despite mandatory compliance requirements.

This episode focuses on phishing threats, behavioral psychology, gamification, and how organizations can build real cyber literacy instead of checkbox training.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

CMMC is not new. It is enforcement.

In this full episode of Musings from the Cyber Trench, we break down the real operational impact of CMMC inside the Defense Industrial Base.

Our guest brings over 25 years of experience across enterprise GRC, defense programs, and federal cybersecurity.

We discuss:

• Why CMMC was long overdue • Level 1 vs Level 2 and what “basic hygiene” really means • Reactive vs predictive risk culture • The true cost drivers behind CMMC assessments • CCA scarcity and pricing pressure • Tech stack decisions: AWS vs Microsoft vs Google • Why veterans thrive in cybersecurity missions

If you operate inside the DoD ecosystem, this conversation gives you clarity on what matters and what does not.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Welcome to Musings from the Cyber Trench, the podcast that goes beyond surface-level conversations to explore the real-world challenges shaping public sector cybersecurity.

In this episode, host Vishal Masih is joined by Vishal Goyal, Vice President of Enterprise Architecture, for a deep dive into enterprise architecture, Zero Trust, and the realities of securing complex public-sector environments. With nearly two decades of international experience across consulting, engineering, and operations, Vishal Goyal shares how architecture decisions directly impact resilience, scalability, and security outcomes.

The conversation explores how cybersecurity strategy has evolved, why Zero Trust must be practical rather than theoretical, and how organizations can better align cloud, network, and security architectures. This episode also touches on stakeholder alignment, decision-making at scale, and what it takes to modernize legacy systems while maintaining trust and continuity. If you work in cybersecurity, enterprise architecture, or public-sector technology — or you’re navigating complex security transformations — this episode offers grounded insights from the front lines.

⏱️ Timestamps

00:00 – Welcome to Musings from the Cyber Trench

00:25 – Podcast mission and focus on public sector cybersecurity

00:41 – Introducing today’s guest, Vishal Goyal

01:28 – Vishal’s role and scope in enterprise architecture

02:43 – Career journey and international consulting experience

05:12 – Evolution of enterprise architecture in cybersecurity

08:34 – Why Zero Trust matters in public sector environments

12:06 – Practical challenges implementing Zero Trust

16:18 – Cloud, network, and security architecture alignment

20:47 – Managing legacy systems in modern environments

25:31 – Stakeholder communication and architectural consensus

30:02 – Balancing innovation with operational stability

34:18 – Lessons learned from large-scale transformations

38:56 – Advice for architects and security leaders

42:10 – Closing thoughts on resilience and future readiness

👉 Subscribe for more conversations with leaders shaping cybersecurity strategy.

🔗 Share this episode with your architecture or security team.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Government contracting is facing unprecedented change. How do you grow when everything feels uncertain? Melissa Slinker, President of Corbett Marine & Corbett Shield (Gold Belt subsidiaries), shares her 20+ year journey and the strategies that keep her thriving.

What You'll Learn:

✅ The 5-year gut check strategy for career growth

✅ How to own your destiny in cyclical industries

✅ Mission-first leadership philosophy

✅ Building resilient teams during uncertainty

✅ Networking strategies that actually work

✅ Balancing work-life integration as a leader

✅ Why community-focused companies create better outcomes

Timestamps:

00:00 - Introduction to Melissa Slinker

02:23 - Unprecedented Times in Defense Contracting

04:53 - The 5-Year Gut Check Philosophy

08:11 - Defining Personal and Professional Growth

13:05 - Mission-First, People-Second Leadership

18:26 - Personal Mission: Raising Resilient Adults

23:44 - When Your Mission Doesn't Align Anymore

29:00 - Navigating 2025's Government Contracting Landscape

34:22 - AI Adoption: Opportunities and Complications

42:13 - Gold Belt's Community-First Approach

46:13 - Growing Up in San Diego

51:43 - Why East Tennessee? The Relocation Story

56:14 - Beekeeping: Finding Center in Chaos

1:00:09 - Networking Advice for Uncertain Times

About Our Guest:

Melissa Slinker brings over 20 years of government contracting experience across DoS, USDA, DHS, and DOT. As President of Corbett Marine and Corbett Shield (Gold Belt Inc. subsidiaries), she leads with a mission-first philosophy while maintaining work-life integration on her Tennessee homestead.

Leadership Lessons:

🎯 Five-year cycles define government contracting—plan accordingly

💡 Own your destiny: Don't wait for contracts to end

🤝 Mission alignment is non-negotiable for long-term success

📊 Growth isn't just revenue—it's team development and capability expansion

🌱 Regular gut checks prevent comfortable stagnation

⚖️ Work-life balance evolves—reassess every five years

🏔️ Find centering activities (like beekeeping!) to manage leadership stress

Current Market Insights:

📉 Government shutdown impacts and customer engagement challenges

🔄 Rapid policy changes requiring unprecedented agility

⚡ Speed and innovation becoming critical differentiators

🤖 AI adoption requires measured, strategic implementation

🎯 Community-focused companies weather storms better

Gold Belt Connection:

Gold Belt is a tribal urban corporation serving Juneau, Alaska shareholders through government contracting profits that fund cultural heritage preservation and tourism initiatives. Learn more about their community-first mission!

Connect with Melissa Slinker:

Email: melissa.slinker@goldbeltfed.com

CPM Website: cpm-gb.com

LinkedIn: Melissa Slinker

Related Topics: #GovernmentContracting #Leadership #DefenseIndustry #WomenInBusiness #CareerGrowth #BusinessStrategy #GoldBelt #CorbettMarine #FederalContracting #Cybersecurity #GovCon

🔔 SUBSCRIBE for public sector leadership insights!

👍 LIKE if you're navigating change in your career!

💬 COMMENT How do you handle uncertainty in your industry?

📤 SHARE with leaders in government contracting!

About Musings from the Cyber Trench:

Musings from the Cyber Trench goes beyond surface-level talk to uncover real challenges and breakthroughs in public sector cybersecurity. Host Vishal Masih features fearless leaders and visionary experts reshaping security strategies in complex environments.

#CyberTrench #PublicSector #GovCon #Leadership #CareerDevelopment

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Students chasing certifications. AI is advancing at a faster rate than the curriculum. Entry-level roles demanding 5 years of experience. Organizations are unsure how to onboard junior talent. And a cybersecurity landscape expanding into psychology, forensics, OT, IAM, and beyond.

This conversation with Tejas Shroff, Senior Director of Managed Security Services at NTT DATA and Adjunct Professor at UT Dallas, digs into what the next generation truly needs to thrive in cybersecurity—and what leaders must rethink to prepare them.

We talk about AI as a double-edged sword, the real meaning of “innovation” for early-career professionals, why mentorship still matters, why students shouldn’t chase a rainbow of certifications, and how companies can safely bring in junior talent without putting production at risk.

Key Discussion Points

00:00 – Setting the stage: who Tejas is and why the next-gen conversation matters

03:08 – How AI is reshaping cybersecurity careers

06:25 – Students relying too heavily on AI for learning

09:10 – Will AI replace Tier 1 SOC analysts?

12:45 – How early-career professionals can “innovate” themselves

15:28 – Cybersecurity as the broadest career spectrum in IT

17:45 – Where psychology, philosophy & forensics fit into cyber

20:40 – The fastest-growing areas in cybersecurity

23:20 – Why depth is greater than breadth early in your career

25:15 – Mentorship: the missing link for young professionals

28:05 – How early exposure (CyberPatriot, Scouts, etc.) shapes careers

32:20 – The certification overload problem

36:10 – AI + immigration limits: can AI fill the skills gap?

40:15 – Why junior talent struggles to get hired

44:00 – Using Zero Trust + automation to safely onboard beginners

46:10 – “AI bot mentors” for junior analysts

47:50 – What teaching real-world cyber consulting looks like

50:40 – Academia vs reality — are universities keeping up?

54:20 – Where IAM is heading next

58:00 – How fresh perspectives strengthen veteran teams

1:00:45 – Switching gears: Tejas’ childhood & moving from Mumbai to Dallas

1:05:10 – Life in Dallas then vs now

1:08:15 – Advice for anyone entering cybersecurity today

1:11:40 – Where to find Tejas

1:13:30 – Closing thoughts

If you care about workforce development, future-proofing careers, or creating more intentional pathways into cyber, this one will hit home.

Don’t forget to:

👍 Like if you want to empower the next generation of cyber professionals

🔔 Subscribe for more human-first cybersecurity conversations

💬 Share your biggest insight from this episode

🔗 Pass it along to someone exploring a path in cybersecurity

#CybersecurityCareers #FutureOfCyber #AICybersecurity #NextGenTalent #CyberEducation #IdentityAccessManagement #PublicSectorCyber #CyberWorkforce #MentorshipMatters #TechLeadership #CybersecurityPodcast #MusingsFromTheCyberTrench

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Host Vishal Masih sits down with Chris Curwood, Senior Solution Architect for Cyber Systems and a former U.S. Marine, to discuss how accountability, agility, and integrity shape the future of cybersecurity.

From the defense sector to the digital enterprise, Chris shares how mission-first leadership and adaptive thinking drive transformation.

Discover how to build rapid feedback loops and why the speed of consuming feedback matters more than deployment speed. And why “business as usual” has no place in the modern cyber landscape.

Key insights include:

Breaking free from outdated, process-heavy cultures

The evolution toward Zero Trust and cloud-native operations

The role of DevSecOps, SBOMs, and agile engineering in resilience

How AI, automation, and quantum computing will redefine defense

Lessons from the Marine Corps that build stronger teams and systems

A must-listen for cybersecurity leaders, architects, and innovators committed to building systems that are smarter, faster, and future-ready.

Connect with Chris Curwood

Email: ccurwood@sabresystems.com | christopher.curwood@gmail.com Company: SABRE Systems, LLC

#CyberSecurity #DigitalTransformation #ZeroTrust #DevSecOps #AI #QuantumComputing #CyberResilience #Leadership #PublicSectorInnovation #GetRealGetBetter

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

In this powerful episode of Musings from the Cyber Trench, host Vishal Masih welcomes Rajeev, Senior Principal Architect at Accenture Federal Services, for a deep-dive into what Zero Trust really means — beyond the hype.

Together, they explore how Zero Trust architecture is transforming public sector cybersecurity, driving modernization, and reshaping how organizations defend critical infrastructure and mission systems. From AI and automation to human-centered design, this episode breaks down the real challenges and real wins in implementing Zero Trust at scale.

Whether you’re a cyber leader, federal technologist, or security strategist, this conversation delivers practical insights on building trust in an untrusted world.

⏱️ Timestamps:

00:00 – Welcome to Musings from the Cyber Trench

01:12 – Meet Rajeev: From architect to public sector strategist

03:05 – What Zero Trust really means in today’s cybersecurity landscape

06:48 – Moving from traditional perimeter models to continuous verification

09:22 – Real-world lessons from Zero Trust adoption in federal environments

12:15 – How AI and automation are changing cyber defense

15:37 – Overcoming organizational resistance and silos

18:44 – Building culture and communication around Zero Trust principles

22:19 – The balance between technology, people, and policy

25:06 – Future trends: Mission resilience and proactive cyber posture

28:40 – Key takeaways for cybersecurity leaders

30:12 – Final thoughts: Why Zero Trust is a mindset, not a milestone

🎯 Key Themes:

Turning Zero Trust from theory into mission impact

The evolving role of AI in federal cybersecurity

Breaking silos through collaboration and transparency

Why culture is as critical as technology in cyber transformation

💡 Call to Action:

If you’re passionate about cybersecurity, modernization, and mission impact — this is the conversation you don’t want to miss.

👉 Watch, subscribe, and share to stay updated with future episodes of Musings from the Cyber Trench.

Join the movement redefining how we secure the future.

#Cybersecurity #ZeroTrust #AccentureFederal #DigitalDefense #CyberResilience #MusingsFromTheCyberTrench #PublicSector #AITechnology

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech

Welcome to the inaugural episode of Musings from the Cyber Trench, a podcast that goes beyond surface-level talk to reveal real challenges and breakthroughs in public sector cybersecurity. Hosted by Vishal Masih (with producer Nick), this series brings fearless leaders and visionary experts from large organizations to share honest perspectives, practical insights, and actionable strategies to build stronger, smarter, and more resilient security programs. If you care about enterprise security, cyber hygiene, trusted AI, and effective risk management in complex environments, you’re in the right trench.

What you’ll hear in this episode:

An introduction to Musings from the Cyber Trench: purpose, approach, and who the show is for

Why cybersecurity matters to everyone with an online presence, not just government or banks

Core benefits for listeners: honest opinions, diverse problem-solving approaches, and insight into future trends

The guest mix: CISOs, CTOs, CEOs, presidents, and security leaders from large organizations

Defining “large organization” in this show (e.g., teams 500+ people)

Hands-on topics vs. high-level policy: practical, real-world security improvements

Concrete topics you’ll encounter: password management, secure access, and cyber hygiene best practices

The two main focus areas for episodes: (1) trust, verification, and a holistic view of security (user, device, data, application), and (2) the evolving role of AI in defense and its dual-use risks (deepfakes, AI-enabled attacks)

Real-world challenges in AI-assisted security: data handling, AI agents, and safeguarding confidential information

Why the host started the podcast: personal conversations to share knowledge, help others, and raise the bar for safety in day-to-day life

Chapters

00:00 – 00:24: Introduction to the show and purpose

00:24 – 00:39: Meet the host and producer

00:39 – 01:08: What this podcast is about

01:08 – 01:38: The podcast name and mission

01:38 – 02:01: Cyber is everyone’s concern

02:01 – 02:27: Cyber hygiene for individuals and businesses

02:27 – 03:21: Who will be the guests (CISOs, CTOs, CEOs, leaders)

03:21 – 04:50: What teams define “large organization”

04:50 – 05:04: Listener benefits

05:04 – 06:34: Episode format: honest stories and practical insights

06:34 – 07:32: Potential topics: threats, espionage, current events

07:32 – 08:04: Everyday topics like password management

08:04 – 08:42: Hands-on vs policy discussions

08:42 – 09:15: Favorite topics: “trust, verify” and holistic security

09:15 – 10:16: The AI angle in security

10:16 – 11:04: AI threats and defenses

11:04 – 11:32: Why the podcast exists

11:32 – 12:00: Closing remarks

Key Takeaways:

Public sector cybersecurity is not just for government entities; it impacts anyone connected to the internet.

A strong security program blends practical, hands-on measures with high-level policy guidance.

Trust and verification across people, devices, data, and applications are foundational to modern security.

AI accelerates defense capabilities but also expands attack surfaces; proactive risk management and governance are essential.

Subscribe to Musings from the Cyber Trench for future episodes featuring frontline security leaders. Leave a comment with topics you’d like to see covered (e.g., password hygiene, zero trust, AI security). Share this episode with colleagues who are responsible for security in large teams or public sector organizations.

Responsible for ICAM, Zero Trust, or identity security in a federal agency, prime, or large regulated enterprise?

If you’re trying to move from strategy to execution, start with Zephon’s Zero Trust Readiness Assessment: zephon.tech/zt

Questions or guest ideas? Email defend@zephon.tech