Episode 99: Access Control Reimagined — Why Identity, Devices, and Zero Trust Must Converge
In this landmark 99th episode of the Cybersecurity Readiness Podcast Series, Dr. Dave Chatterjee is joined by Denny LeCompte—CEO of Portnox (https://www.portnox.com/) and a former SolarWinds executive—to examine one of cybersecurity’s oldest yet most persistently exploited challenges: access control.
Despite decades of investment in passwords, MFA, and perimeter defenses, breaches rooted in access failures continue to dominate headlines. Drawing on firsthand experience—including lessons learned from the SolarWinds Sunburst breach—LeCompte explains why password-centric security models are fundamentally misaligned with human behavior and modern digital environments.
Together, Chatterjee and LeCompte argue for a decisive shift toward passwordless, device-centric, zero-trust access models that assume human fallibility, eliminate implicit trust, and dramatically reduce attack surfaces. Framed through Dr. Chatterjee’s Commitment–Preparedness–Discipline (CPD) lens, the episode reframes access control not as an IT configuration issue, but as a core pillar of cybersecurity governance, business resilience, and competitive survival.
To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-99-access-control-reimagined-why-identity-devices-and-zero-trust-must-converge/
In this landmark 99th episode of the Cybersecurity Readiness Podcast Series, Dr. Dave Chatterjee is joined by Denny LeCompte—CEO of Portnox (https://www.portnox.com/) and a former SolarWinds executive—to examine one of cybersecurity’s oldest yet most persistently exploited challenges: access control.
Despite decades of investment in passwords, MFA, and perimeter defenses, breaches rooted in access failures continue to dominate headlines. Drawing on firsthand experience—including lessons learned from the SolarWinds Sunburst breach—LeCompte explains why password-centric security models are fundamentally misaligned with human behavior and modern digital environments.
Together, Chatterjee and LeCompte argue for a decisive shift toward passwordless, device-centric, zero-trust access models that assume human fallibility, eliminate implicit trust, and dramatically reduce attack surfaces. Framed through Dr. Chatterjee’s Commitment–Preparedness–Discipline (CPD) lens, the episode reframes access control not as an IT configuration issue, but as a core pillar of cybersecurity governance, business resilience, and competitive survival.
Time Stamps
00:49 — Episode framing and the persistence of access control failures
03:15 — Why passwords remain fundamentally broken
05:54 — Enterprise vs. consumer passwordless realities
09:25 — SolarWinds breach lessons and access control failures
17:52 — Zero trust explained without the buzzwords
23:07 — Device identity, IoT risk, and network visibility
28:02 — Why identity and device controls must converge
35:52 — How leaders should assess access control maturity
42:52 — Designing security for human behavior
43:30 — Closing reflections
To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-99-access-control-reimagined-why-identity-devices-and-zero-trust-must-converge/
Connect with Host Dr. Dave Chatterjee
LinkedIn: https://www.linkedin.com/in/dchatte/
Website: https://dchatte.com/
Books Published
Cybersecurity Readiness: A Holistic and High-Performance Approach
Articles Published
Chatterjee, D. and Leslie, A. (2024). “Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness,” Business Horizons, Accepted on Oct 29, 2024.
Chatterjee, D. (2023). “Mission critical – How American Cancer Society successfully and securely migrated to the cloud amid the pandemic,” I by IMD, March 13, 2023.
Chatterjee, D. (2022). “Preventing security breaches must start at the top,” I by IMD, September 28, 2022, Institute for Management Development, Lausanne, Switzerland
Benz, M. and Chatterjee, D. (2020). “Calculated Risk? A Cybersecurity Evaluation Tool for SMEs,” Business Horizons, available online from May 4, 2020
Chatterjee, D. (2019). “Should Executives Go To Jail Over Cyber Attacks,” Journal of Organizational Computing and Electronic Commerce, Vol 29, Issue 1, pp. 1-3.
Abraham, C., Chatterjee, D., and Sims, R. (2019). “Muddling through cybersecurity: Insights from the U.S. healthcare industry,” Business Horizons, July 2019.
