
Why Cybersecurity Policies Fail And How to Fix Them
From The Security Strategist by EM360Tech
May 12, 2026 · 29 min · Season 1 · Episode 119
About this episode
The episode discusses the failures of cybersecurity policies and how to improve them with insights from industry experts.
Policy is the backbone of every effective cybersecurity framework. It defines how an organisation protects its data, governs access to critical resources, and dictates the rules that every firewall, endpoint, and identity system must enforce. Yet for most organisations, policy management is the one discipline they consistently get wrong. In this episode of The Security Strategist , Chief Research Analyst Richard Stiennon sits down with Jody Brazil , CEO of FireMon , and John Kindervag , Chief Evangelist at Illumio and the father of Zero Trust, to dissect why cybersecurity policies fail, where the rot begins, and what it genuinely takes to build a security posture that holds. Policy as the foundation of security architecture Every discussion of cybersecurity eventually circles back to one uncomfortable truth, which is that technical controls are only as good as the policies that drive them. Firewalls, intrusion detection systems, and endpoint agents all execute instructions someone wrote down. If those instructions are incorrect, outdated, or in conflict, the tools become liabilities rather than defences. Stiennon opened the…
People in this episode
Host: Richard Stiennon
Guests: Jody Brazil, John Kindervag
Topics covered
- cybersecurity
- policy management
- Zero Trust
- data protection
- security architecture
Keywords
- cybersecurity policies
- policy management
- Zero Trust
- data protection
- firewall rules
Mentioned in this episode
Organizations: FireMon, Illumio
More episodes of The Security Strategist
- Will AI Kill Policy-Based Data Security? · June 10, 2026 · 23 min
- How Agentic AI Is Reshaping Cybersecurity · June 4, 2026 · 29 min
- The New Cyber Battlefield: AI vs AI and the Rise of Autonomous Security Systems · June 3, 2026 · 28 min
- Thinking Like an Attacker: How to Strengthen Modern Cyber Defence Strategies · May 28, 2026 · 21 min
- Are Your AI Agents a Hidden Attack Surface? Rethinking Identity and Access in the Agent Era · May 26, 2026 · 17 min
- The Cybersecurity Blind Spot Leaders Are Missing, and Why It’s About to Get Worse · May 13, 2026 · 41 min
Explore listener stats, chart rankings, contacts and more on the The Security Strategist podcast page.