Events
,
Governance & Risk Management
,
RSAC Conference
Zero Trust Creator John Kindervag on Barriers to Security Success Beyond Tech
Despite significant technological advancements in zero trust capabilities, many organizations struggle with implementation because of misaligned incentives rather than technical limitations. The necessary tools exist, but organizational cultures often discourage security professionals from taking positive action.
See Also: AI vs. AI: The New Cybersecurity Battlefield
“I would argue what we have is not a technological problem. The technology is here. It’s an incentive problem, and we’re not incentivizing people to do the right thing for their organization,” said John Kindervag, chief evangelist at Illumino. “Being able to talk [to boards] beyond firewalls and technology and microsegmentation and everything into ‘what is your business objective?’ ‘What is your mission?’ That helps them understand what they need to do, and properly incentivize their teams to get better security outcomes.”
In this video interview with Information Security Media Group at RSAC Conference 2025, Kindervag also discussed
- How proper incentives rather than technology are key to cybersecurity success;
- The partnership with Nvidia bringing zero trust capabilities to OT environments;
- Why organizations spend more time discussing zero trust than implementing it.
Kindervag is widely recognized as the creator of the Zero Trust Model of Cybersecurity. He was the field CTO at Palo Alto Networks and was a vice president and principal analyst at Forrester Research. With a background as a security consultant and penetration tester, he has particular expertise in secure network design.