A few years back, I had the privilege of joining a fireside chat at CyberArk Impact 2023—an event that brought together some of the brightest minds in cybersecurity. At the time, I was with Banyan Security, deep in the trenches of Zero Trust, access management, and rethinking how organizations protect their users, data, and apps. That conversation marked a turning point for me, crystallizing many of the ideas that have since shaped my approach to cybersecurity—and ultimately led me to found 909 Cyber.
As I reflect on that experience and where we are today, a lot has changed. But the fundamental challenges remain. Security teams are still overwhelmed, budgets are tighter than ever, and the threats keep evolving at a pace most organizations struggle to keep up with. What’s needed isn’t just another tool—it’s a new mindset. That’s exactly what we’re building at 909 Cyber.
From Trust But Verify to Never Trust, Always Verify
During the CyberArk chat, I shared my journey of implementing Zero Trust at scale—first at Adobe, then at Cisco.
Back then, the big hurdle was mindset. Security wasn’t just about firewalls and VPNs anymore; it was about identity, context, and continuous verification. We moved from the old “trust but verify” mentality to one where trust is never implicit.
Fast forward to today, and Zero Trust has become a buzzword. But as I tell every CISO I talk to: buzzword or not, the principles are sound. Identity is the new perimeter. Devices are often untrusted. Access needs to be dynamic and adaptive.
These aren’t trends—they’re table stakes.
The Talent Gap and the Burnout Crisis
One of the things I touched on at CyberArk Impact 2023 was the burnout crisis. Security teams are tired. Analysts are drowning in alerts. Everyone’s running at 110%, trying to hold things together. And this isn’t just a technology problem—it’s a human problem.
That’s one of the reasons I started 909 Cyber. I’ve spent years seeing teams pushed to the breaking point. We wanted to create something that makes defenders’ lives easier, not harder. Our model focuses on delivering autonomous cybersecurity services that lighten the load, extend your team, and give security leaders peace of mind that things are under control—even when they’re not in the room.
Why Autonomy Is the Future
At CyberArk Impact 2023, I was asked where I saw security going over the next five years. My answer: automation, AI, and autonomy. We’re now living that reality. 909 Cyber is built on the belief that cybersecurity needs to be smarter, faster, and more self-sufficient.
We focus on vCISO services, security consulting, and talent recruitment, but everything we do is about helping organizations build a more autonomous security posture. Whether that’s guiding them through Zero Trust adoption, helping them find and retain top talent, or providing advisory leadership, the goal is to ease the pressure on internal teams while delivering real security outcomes.
Lessons I Carry Forward
Here are a few takeaways from that CyberArk fireside chat—and the years of experience since—that continue to shape my philosophy:
- Start with identity. Your users and their devices are your new perimeter. Get that right, and everything else gets easier.
- Simplify, simplify, simplify. Complexity is the enemy of security. Whether it’s tool sprawl or complicated processes, look for ways to streamline.
- Empower your people. Tech alone doesn’t solve problems. People do. Invest in your team’s well-being and make their jobs more sustainable.
- Plan for autonomy. The future belongs to organizations that can run security with less friction and more automation.
Looking Ahead
I’m grateful for the opportunity I had at CyberArk Impact 2023. Reflecting on that experience is a reminder of how far we’ve come—and how far we still have to go. At 909 Cyber, we’re focused on helping organizations meet today’s challenges while building for the future. If you’re a security leader feeling stretched thin, we’re here to help.
Let’s take this journey toward autonomous security together.
.svg)
.svg){kind=icon}
