Topic Guide
What Is It operations?
It operations is a subject covered in depth across 1 podcast episode in our database. Below you'll find key concepts, expert insights, and the top episodes to listen to — all distilled from hours of conversation by leading experts.
Key Concepts in It operations
Zero trust
A security model that verifies everything by default, granting the least amount of privileges necessary for users and applications to perform their job functions, rather than implicitly trusting entities within the network perimeter (35:24, 35:54). This episode presents it as a paradigm shift from traditional “castle-and-moat” security, offering superior protection against internal threats and sophisticated attacks by making trust explicit and continually validated.
Deny by default
An approach within Zero Trust where all applications and actions are blocked unless explicitly allowed by an authorized administrator (15:02, 36:56). Danny Jenkins highlights its importance as a fundamental change in security philosophy, making it effective against unknown malware and ransomware by preventing unauthorized execution rather than just detecting known threats, effectively turning application execution into a firewall-like function.
What Experts Say About It operations
- 1.Ransomware attacks can be devastating, exemplified by a manufacturing company’s entire network of 250 servers and 350 endpoints being encrypted in 15 minutes by the Kanti gang, leading to a three-week business shutdown (04:05, 05:09, 10:23, 11:25).
- 2.Traditional antivirus and EDR solutions may not be sufficient to stop sophisticated ransomware, as one company found Malwarebytes enterprise platform “wasn’t really doing the job that we’d hoped” (13:33).
- 3.The “deny by default” or “Zero Trust” security model, implemented by ThreatLocker, blocks all applications from running unless explicitly approved, acting like a firewall for applications rather than a router (15:02, 36:56).
- 4.Zero Trust is not about saying “no” but granting the least privilege necessary for job functions, contrasting with “detection and response” models that only block detected anomalies (35:54).
- 5.Layered security (defense in depth) is crucial; ThreatLocker successfully stopped a ransomware attack at a hospital even after a threat actor gained full domain admin access via compromised VPN credentials because MFA was not implemented (21:03, 22:53, 23:26).
- 6.The effectiveness of ThreatLocker is supported by Danny Jenkins' claim that among 70,000 companies using the product, there has never been a ransomware case where policies were correctly followed, emphasizing its preventative power (43:53, 44:37).