Brand Stories Podcasts

The focus is on HITRUST assessments, specifically the e1 certification, which provides an entry-level approach to cybersecurity compliance. The session emphasizes that compliance is an ongoing process and highlights the HITRUST e1 framework's adaptability to evolving threats. It also discusses the value proposition of the e1 certification, its affordability, and its suitability for low-risk organizations, as well as its synergies with existing SOC2 and ISO certifications.A-LIGN was founded in 2009 by CEO Scott Price to help companies like yours navigate the complexities of cybersecurity and compliance by offering customized solutions that align specifically with each organization’s unique goals and objectives. We believe your business can reach its fullest potential by aligning compliance objectives with strategic objectives. Working with small businesses to global enterprises, A‑LIGN’s experts coupled with our proprietary compliance management platform, A‑SCEND, are transforming the compliance experience.A-LIGN is the leading provider of high-quality, efficient cybersecurity compliance programs. Combining experienced auditors and audit management technology, A-LIGN provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI. A-LIGN is the number one issuer of SOC 2 and HITRUST and a top three FedRAMP assessor.Learn more about A-LIGN: https://itspm.ag/a-lign-uz1wNote: This story contains promotional content. Learn more.Guest: Shreesh Bhattarai, Director of HITRUST, A-LIGN [@aligncompliance]On LinkedIn | https://www.linkedin.com/in/shreesh-bhattarai-cisa-ccsk-hitrust-ccsfp-chqp-5a052837/ResourcesLearn more and catch more stories from A-LIGN: https://www.itspmagazine.com/directory/a-lignLearn more about HITRUST: https://itspm.ag/itsphitwebLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The latest episode of 7 Minutes on ITSPmagazine, recorded during the Black Hat Sector 2024 event in Toronto, Canada, brings insights from the dynamic world of cybersecurity training and education. Hosted by Sean Martin, the discussion features Rushmi Hasham, Director of Strategic Partnerships, and Vasu Daggupaty, Manager of Strategic Partnerships and Investments, both from Rogers Cybersecure Catalyst.Rogers Cybersecure Catalyst, a non-profit organization operated by Toronto Metropolitan University, serves as the university’s national hub for cyber education. The organization’s focus spans three primary areas: training individuals to become cybersecurity professionals, helping organizations to bolster their cyber safety measures, and assisting cybersecurity founders in bringing their innovative solutions to the market.Vasu Daggupaty explains that the Catalyst’s training programs certify individuals with the necessary credentials to be employable in the cybersecurity field. Moreover, organizations receive guidance on enhancing their incident response strategies and other critical safety practices. An essential part of their mission is also supporting innovators in launching new cybersecurity products and services.The episode highlights a compelling story of Gina, a former nurse transitioning into a cybersecurity analyst role. This transformation exemplifies the success of the Catalyst’s Accelerated Rapid Training Program. Rushmi Hasham elaborates on the program’s design, which caters to mid-life career changers, providing a seven-month intensive course in collaboration with the SANS Institute. The program equips participants with hands-on skills, transitioning knowledge, and career development, ensuring they are job-ready upon completion.Additionally, the Catalyst’s corporate training services include non-technical tabletop exercises to prepare executives for real-life cyber threats. They also offer a cyber range where clients can safely engage with live malware to elevate their technical response capabilities. This comprehensive approach is instrumental in addressing Canada’s cybersecurity skills shortage and enhancing the nation’s defensive posture. The episode concludes with an invitation to explore the Catalyst's investment initiatives aimed at fortifying cybersecurity innovations and talent development across Canada.Learn more about Rogers Cybersecure Catalyst: https://itspm.ag/rogershxbpNote: This story contains promotional content. Learn more.Guests: Rushmi Hasham, Director of Strategic Partnerships, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/rushmi-hasham-9523554/Vasu Daggupaty, Manager, Partnerships & Investment, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/vdaggupaty/ResourcesLearn more and catch more stories from Rogers Cybersecure Catalyst: https://www.itspmagazine.com/directory/rogers-cybersecure-catalystLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Schellman, founded in 2002 as SAS 70 Solutions, was originally focused on just one audit standard; the SAS 70 (subsequently replaced by SOC 2). As the client base grew so did the request to perform other audits outside of the SAS 70. Schellman grew its offerings over the past 20+ years by identifying client needs and then determining if we have the skillset and expertise to deliver high quality work. We have always stayed true to our core strengths and expertise, which is why Schellman is the only Top 100 CPA firm that specializes in IT Audit and Cybersecurity.Schellman provides full-spectrum cybersecurity third-party audits, assessments, and certifications. In a marketplace with growing cybersecurity compliance needs, organizations are struggling to incorporate additional framework and regulations in an efficient and effective way. At Schellman we harnesses our expertise and deep knowledge across the compliance standards to roadmap audits throughout the year that promotes the highest return on evidence collection and subject matter expert time.By performing specific assessments in a staggered or parallel fashion, Schellman is able to collect once and test many; both in terms of information from subject matters experts and evidence from business stakeholders. The broad range of our compliance offerings, along with our combined audit approach and depth of expertise sets Schellman apart. Schellman's approach was built to provide expertise and quality work while valuing and respecting the time and stress assessments/audits place on an organization.Learn more about Schellman: https://itspm.ag/schellman9a6vNote: This story contains promotional content. Learn more.Guests:Michael Parisi, Head of Client Acquisition, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/michael-parisi-4009b2261/Ryan Meehan, Director, Schellman [@Schellman]On LinkedIn | https://www.linkedin.com/in/ryan-meehan-cisa-cissp-ccsfp-iso-lead-cipp-71a5939ResourcesLearn more and catch more stories from Schellman: https://www.itspmagazine.com/directory/schellmanLearn more about HITRUST: https://itspm.ag/itsphitwebLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this 7 Minutes on ITSPmagazine Short Brand Story recorded during Black Hat SecTor 2024, host Sean Martin sits down with Michael Mychalczuk, Director of Product Management for ArcSight at OpenText, to dissect the complexities of multi-cloud environments. Hosted during Black Hat SecTor 2024 in Toronto, they share invaluable insights into why businesses are increasingly finding themselves managing multiple cloud services.Mychalczuk explains that while many organizations initially hoped to stick with a single cloud provider, factors such as mergers, acquisitions, and specific technological pushes from giants like Microsoft and Google have made multi-cloud unavoidable. This proliferation presents unique challenges, particularly in maintaining security across varied platforms. He highlights the critical need for collaboration between security operations and IT operations teams. “No one person can know all of this,” Mychalczuk notes, emphasizing the importance of teamwork and specialization. He advises focusing on essential areas like identity management and automation to minimize human error and ensure consistent and secure deployments.Sean Martin and Michael Mychalczuk also discuss the importance of leveraging technologies such as Kubernetes and container security to manage and secure multi-cloud environments effectively. Mychalczuk stresses the value of robust monitoring tools like ArcSight to detect and respond to threats across these diverse systems, ultimately enabling businesses to succeed securely in today’s fast-paced world. In closing, the emphasis on understanding one’s maturity as a security operations team and aligning efforts accordingly stands out as a key takeaway.Note: This story contains promotional content. Learn more.Guest: Michael Mychalczuk, Director of Product Management at OpenText [@opentext]On LinkedIn | https://www.linkedin.com/in/michaelmychalczuk/ResourcesLearn more and catch more stories from OpenText: https://www.itspmagazine.com/directory/opentextLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Retailers today continue to grapple with unforeseen issues as supply chain attacks become more common and vulnerabilities from third-party sources emerge as major threats.Of the 1,050 C-suite and senior executives surveyed, 86% of respondents anticipate that dynamic computing will enhance operational performance within the next three years, especially in AI strategy development and leveraging sophisticated supply chains. However, 82% acknowledge the increased exposure to risk.In this age of dynamic computing, retail organizations encounter both significant opportunities and risks. With traditional security boundaries fading and conventional security measures proving inadequate, retail leaders must adopt a comprehensive approach to ensure overall cyber resilience.To better achieve cyber resilience in the retail industry, LevelBlue shares five specific steps that can be applied across industries, directly in response to these findings: identify the barriers to cyber resilience; be secure by design; align cyber investment with business; build a support ecosystem; and transform cybersecurity strategies.To learn more, download the complete findings of the 2024 LevelBlue Futures Report: Cyber Resilience in Retail here:https://itspm.ag/levelbjk57Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Emergence of Innovative Partnerships: As AI becomes increasingly integral across industries, healthcare is at the forefront of adopting these technologies to improve patient outcomes and streamline services. Sean Martin emphasizes the collaboration between StackAware and Embold Health, setting the stage for a discussion on how they leverage HITRUST to enhance healthcare solutions.A Look into StackAware and Embold Health: Walter Haydock, founder and CEO of StackAware, shares the company's mission to support AI-driven enterprises in measuring and managing cybersecurity compliance and privacy risks. Meanwhile, Steve Dufour, Chief Security and Privacy Officer of Embold Health, describes their initiative to assess physician performance, guiding patients toward top-performing providers.Integrating AI Responsibly: A key theme throughout the conversation is the responsible integration of generative AI into healthcare. Steve Dufour details how Embold Health developed a virtual assistant using Azure OpenAI, ensuring users receive informed healthcare recommendations without long-term storage of sensitive data.Assessment Through Rigorous Standards: Haydock and Dufour also highlight the importance of ensuring data privacy and compliance with security standards, from conducting penetration tests to implementing HITRUST assessments. Their approach underscores the need to prioritize security throughout product development, rather than as an afterthought.Navigating Risk and Compliance: The conversation touches on risk management and compliance, with both speakers emphasizing the importance of aligning AI initiatives with business objectives and risk tolerance. A strong risk assessment framework is essential for maintaining trust and security in AI-enabled applications.Conclusion: This in-depth discussion not only outlines a responsible approach to incorporating AI into healthcare but also showcases the power of collaboration in driving innovation. Sean Martin concludes with a call to embrace secure, impactful technologies that enhance healthcare services and improve outcomes.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guests: Walter Haydock, Founder and CEO, StackAwareOn LinkedIn | https://www.linkedin.com/in/walter-haydock/Steve Dufour, Chief Security & Privacy Officer, Embold HealthOn LinkedIn | https://www.linkedin.com/in/swdufour/ResourcesLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustView all of our HITRUST Collaborate 2024 coverage: https://www.itspmagazine.com/hitrust-collaborate-2024-information-risk-management-and-compliance-event-coverage-frisco-texasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

SecTor, Canada’s largest cybersecurity conference, today announced the release of its full schedule of Summits for SecTor 2024. The live, in-person event will take place from October 22 to October 24 at the Metro Toronto Convention Centre in downtown Toronto. Summits will take place on Tuesday, October 22 and include:SecTor Executive Summit – This Summit will offer CISOs and other cybersecurity executives an opportunity to hear from industry experts helping to shape the next generation of information security strategy. Sponsors include: Armis, Sysdig, Cyera, and Trend Micro. To apply, please visit blackhat.com/sector/2024/executive-summit.html.Inaugural AI Summit at SecTor – This Summit will take place as part of The AI Summit Series, a global conference and expo series focusing on practical applications of AI technologies. This Summit will underscore the importance of artificial intelligence (AI) as an organization’s newest and greatest weapon within the ever-evolving cybersecurity landscape. Passes can be purchased here: blackhat.com/sector/2024/ai-summit.html.Cloud Security Summit at SecTor – This Summit is Canada’s leading cloud security event featuring keynote speakers, panel discussions, and networking opportunities, and provides an invaluable opportunity for every security professional to engage with leaders and discuss the future of cloud security. Sponsors include: CrowdStrike, Cyera, Kyndryl, Okta, OpenText, StrongDM, Sysdig, and Lookout. Passes can be purchased here: blackhat.com/sector/2024/cloud-summit.html.Note: This story contains promotional content. Learn more.ResourcesLearn more and catch more stories from SecTor Cybersecurity Conference Toronto 2024: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canadaLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

HITRUST, leader in information security and third-party risk management (TPRM), has announced significant enhancements to its HITRUST Assessment XChange. This comprehensive solution addresses longstanding challenges in TPRM by integrating with leading TPRM platforms to streamline vendor risk management processes. These integrations solve the "last mile" challenge by enabling organizations to efficiently capture, consume, and analyze detailed assurance data.The HITRUST Assessment XChange operationalizes third-party risk management through end-to-end workflows that cover the entire vendor lifecycle—from initial evaluation to results analysis. This approach significantly improves information security risk capabilities, reducing time, costs, and complexity. It also allows organizations to manage risk with updated threat-adaptive controls, broad assessment options, and real-time updates on risk mitigation.Legacy approaches to TPRM have proven inefficient, with many organizations relying on outdated methods like spreadsheets or self-assessment questionnaires. In contrast, HITRUST’s solution offers a practical, effective, and comprehensive approach, making TPRM more manageable and secure across industries.HITRUST’s first planned integration with ServiceNow’s TPRM solution is set for release by the end of 2024, allowing users to leverage HITRUST's capabilities within the ServiceNow platform. This integration marks a new era in operationalizing information security TPRM, providing organizations with unprecedented visibility into vendor risk.Learn more about and stay up to date by visiting hitrustalliance.net/news.Note: This story contains promotional content. Learn more.ResourcesLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

HITRUST has announced the launch of HITRUST Continuous Assurance, a new strategic evolution aimed at enhancing security sustainability and outcomes through continuous control monitoring. This initiative builds upon the proven HITRUST ecosystem, providing organizations with an efficient way to manage security and compliance risks in the face of evolving cyber threats. Traditional approaches that prioritize compliance over security are increasingly inadequate, especially in the era of generative AI and sophisticated cyber-attacks.Continuous Assurance minimizes the risk of evidence decay by enabling organizations to monitor security controls continuously, ensuring that security requirements remain relevant and reliable. Key features of this initiative include automated evidence collection, a continuous monitoring taxonomy integrated with the HITRUST CSF, and enhanced workflows in HITRUST’s MyCSF platform. The system also supports integration with Governance, Risk, and Compliance (GRC) systems, ensuring streamlined risk management.HITRUST's Continuous Assurance will leverage its extensive certification framework, which has shown significant success. Notably, the 2024 HITRUST Trust Report highlighted that 99.4% of HITRUST-certified organizations did not report a breach over the past two years. Continuous Assurance offers new capabilities that further solidify HITRUST’s role as a leader in information security risk management.Learn more about and stay up to date by visiting hitrustalliance.net/news.Note: This story contains promotional content. Learn more.ResourcesRead the Press Release: https://hitrustalliance.net/press-releases/hitrust-announces-continuous-assurance-through-the-proven-hitrust-ecosystemLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

HITRUST will launch its AI Security Certification in December 2024, addressing the unique security risks of artificial intelligence systems. As AI reshapes the cybersecurity landscape, existing control frameworks, including HITRUST CSF, do not fully address new and evolving threats. The certification offers prescriptive controls to help secure AI deployments effectively.Targeted at AI platform and product providers, this certification is an optional extension to HITRUST CSF validated assessments. It addresses AI-specific threats alongside traditional cybersecurity risks, focusing on security practices for AI/ML deployments, including generative AI.The certification integrates with third-party risk management (TPRM) platforms, enabling more efficient workflows for managing AI solution security. This helps organizations manage AI risk, adopt AI solutions with confidence, and reduce complexity, time, and costs.Designed to enhance third-party AI risk management, the certification allows organizations to identify shared security responsibilities between AI providers and users. It ensures greater trust and security across AI deployments, helping businesses stay ahead of emerging AI threats.The draft certification specification is open for public comment until October 17, 2024.To learn more and to provide feedback visit: https://www.manula.com/manuals/hitrust/ai-security-certification-requirements-draft/1/en/topic/aboutLearn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guest: Jeremy Huval, Chief Innovation Officer, HITRUST [@HITRUST]On LinkedIn | https://www.linkedin.com/in/jeremyhuval/ResourcesLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode, hosts Sean Martin and Marco Ciappelli welcome Lebin Cheng from Imperva to discuss the ever-important topic of API security. As the head of the API security team at Imperva, Lebin Cheng offers a nuanced view into the challenges and solutions involved in protecting sensitive data facilitated by APIs. A central theme of the discussion revolves around API security's complexity due to APIs' role in digital transformation, cloud migration, and data integration. APIs act as a gateway for data interaction and integration, offering flexibility but also introducing significant security risks.Cheng underscores that as APIs provide open access to critical data, they become prime targets for sophisticated cyber threats. These threats exploit vulnerabilities in API deployments, making robust security measures indispensable. Cheng highlights the importance of securing APIs not as a one-time effort but as an ongoing process. He discusses how Imperva employs real-time monitoring and behavioral analysis to enhance API security. By establishing a baseline of what constitutes normal behavior, Imperva can quickly detect and respond to anomalies. This approach goes beyond traditional, static security measures, which often fall short against dynamic threats that evolve alongside technology.Additionally, the conversation touches on the notion of 'security by design.' Cheng advocates for integrating security considerations from the earliest stages of API development. This results in more resilient applications capable of withstanding sophisticated attacks. The discussion also notes the growing trend of DevSecOps, which emphasizes the collaboration between development, security, and operations teams to embed security throughout the software development lifecycle. Real-world applications of these principles are evident in various sectors, including open banking.Cheng explains how open banking initiatives, which allow smaller financial institutions to access larger banks' data via APIs, highlight the necessity of strong API security. A breached API could expose sensitive financial data, leading to significant financial and reputational damage. The hosts and Cheng also explore how Imperva's innovation in API security involves leveraging artificial intelligence and machine learning. These technologies help in identifying and mitigating potential risks by analyzing vast amounts of data to detect unusual patterns that might indicate a security threat.In closing, Cheng emphasizes the importance of continuous innovation and vigilance in the field of API security. He invites organizations to adopt a proactive stance, continuously updating their security measures to protect their data assets effectively. This episode serves as a compelling reminder of the critical role API security plays in today's interconnected digital world.Learn more about Imperva: https://itspm.ag/imperva277117988Note: This story contains promotional content. Learn more.Guest: Lebin Cheng, VP, API Security, Imperva [@Imperva]On LinkedIn | https://www.linkedin.com/in/lebin/ResourcesLearn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In 7 Minutes on ITSPmagazine, Sean Martin chats with Chris Pierson, CEO and Co-founder of BlackCloak, about their latest milestone in digital executive protection. BlackCloak, a pioneer in protecting executives, senior leaders, high-net-worth individuals, and family offices, has secured $17 million in a Series B funding round led by Baird Capital, with contributions from Blue Heron, TDF, and Tech Operators.Chris explains that the new funds will focus on scaling the company's operations, building proprietary cybersecurity and privacy technologies, and enhancing their concierge-level services. The goal is to provide specialized protection and remediation for corporate executives, board members, and high-profile individuals, including those in their families' personal lives.The conversation touches on the increasing need for digital executive protection against breaches, privacy risks, and identity theft. Chris highlights how recent attacks on home environments have accelerated the demand for robust digital security solutions. Investors are drawn to BlackCloak's unique approach and market potential.Looking ahead, Chris envisions a day in the life of a protected digital executive as one where privacy enhancements and proactive, intelligence-driven alerts become standard. BlackCloak aims to make managing personal cybersecurity seamless, offering reactive support and expert advice along the way. With this fresh investment, the company is poised to capture significant growth in this critical space.Learn more about BlackCloak:https://itspm.ag/itspbcwebNote: This story contains promotional content. Learn more.Guest: Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonResourcesLearn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakBlackCloak Raises $17M Series B Funding Round to Enhance Personal Cybersecurity Protections for Corporate Executives, High Net Worth Individuals, and Family Offices: https://blackcloak.io/news-media/blackcloak-raises-17m-series-b-personal-cybersecurity-protections-corporate-executives-high-networth-individuals-family-offices/Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

BlackCloak, the Pioneer in Digital Executive Protection for executives and senior leaders, high-net-worth individuals, and family offices, has successfully closed a $17 Million Series B funding round led by Baird Capital with significant investments from Blue Heron Capital and continued support from existing investors, TDF Ventures and TechOperators. This brings BlackCloak’s total equity financing to over $30 Million.BlackCloak will use its new funding to prioritize technology investments in cutting edge platform expanding products and intelligence as the company continues its mission to protect the personal digital lives of highly targeted individuals.Trusted by Fortune 50 companies, financial institutions, public officials, and top talent management firms, BlackCloak shields its members from diverse threats, including deepfakes, social engineering, cyber-extortion, and doxxing. BlackCloak understands that cybersecurity isn’t just about technology. It’s about people.As a business partner, BlackCloak works with security leaders as an extension of their team, securing the personal digital lives of their executives and families to ensure that bad actors are unable to access the company’s sensitive data and systems.What sets BlackCloak apart is its Concierge Support. It offers personalized services tailored to fit every members’ unique needs. Whether you’re a busy executive, a concerned parent, or a small business owner, BlackCloak provides the support you need to stay safe online.With BlackCloak, you can enjoy peace of mind knowing that your digital life is secure. Don’t wait until it’s too late. Take control of your cybersecurity today.Note: This story contains promotional content. Learn more.ResourcesRead the Press Release: https://blackcloak.io/news-media/blackcloak-raises-17m-series-b-personal-cybersecurity-protections-corporate-executives-high-networth-individuals-family-offices/Learn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakLearn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Semperis, a pioneer in identity-driven cyber resilience has published the results of its global ransomware study of nearly 1,000 IT and security professionals at organisations spanning multiple industries across the US, UK, France, and Germany. The study aims to understand the prevalence, frequency and costs of ransomware attacks—in both ransom payments and collateral damage. The results highlight an alarming trend toward multiple, sometimes simultaneous attacks, forcing business leaders to re-evaluate their cyber resilience strategies to address common points of failure, including inadequate identity system backup and recovery practices. Organisations must ensure they have appropriate controls to withstand attacks where possible, however assume a mindset that at some point they will have to recover from a catastrophic outage and therefore have a tried and tested plan to recover business operations. Given the criticality of Active Directory, firms need a dedicated means of backing up and recovering Active Directory to recover from attacks with integrity and at speed. However, according to our survey, just 23% of UK respondents stated that they have dedicated, Active Directory–specific backup systems.Now, more than ever, modernised threats require modernised defences prioritised on the most critical assets – which is the identity platform - and for most organisations this is Active Directory. Semperis is a pioneer in managing and protecting the identity credentials of enterprises' hybrid environments and was purpose-built for securing AD. Semperis provide a portfolio of products including a free tool - Purple Knight - which organisations use to uncover unknown vulnerabilities, communicate security posture to leaders and other teams, compensate for lack of inhouse AD skills, prepare for other assessments including pen tests, and garner more resources for AD security improvements.The full ransomware study, which includes breakdowns of responses by vertical market and by country, is available at https://itspm.ag/semper6u3wLearn more about Semperis: https://itspm.ag/semperis-1rooNote: This story contains promotional content. Learn more.Guest: Simon Hodgkinson, Strategic Advisor, Semperis [@SemperisTech]On LinkedIn | https://www.linkedin.com/in/simon-hodgkinson-6072623ResourcesLearn more and catch more stories from Semperis: https://www.itspmagazine.com/directory/semperisLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

With the rapid pace of cloud adoption, less time is spent ensuring that systems are built and operated effectively and with proper cyber hygiene. As a result, continuous controls monitoring (CCM) has emerged as indispensable for ensuring both security and regulatory compliance. Travis will discuss how CCM: transforms reactive security measures into a proactive stance; strengthens security protocols and embeds compliance within cloud operations; and streamlines the protection of digital assets in an ever-evolving landscape.With systems becoming increasingly cloud-native and ephemeral, manual approaches no longer work, can’t scale, and are not timely enough to manage risk. Continuous Controls Monitoring (CCM) is needed to allow cloud adoption in highly regulated industries without sacrificing security. The speed of the cloud, AI development, and digital transformation is quickly reaching a point where human-based risk and compliance business processes cannot keep up. A modern, compliance-as-code approach is needed via CCM platforms to ensure risk and compliance processes can execute in real-time to keep pace with modern cloud technology.Embracing compliance-as-code to allow business processes to execute at machine speed, generate self-updating paperwork, and leverage AI and mini-robot automations to validate and assess the results. Consider more sophisticated DevOps approaches leveraging CI/CD software factories to push security from code to cloud. The new CCM approach is to shift security processes left across every layer of the application lifecycle.Learn more about RegScale: https://itspm.ag/regscaksfbNote: This story contains promotional content. Learn more.Guest: Travis Howerton, Co-Founder and CEO, RegScale, [@RegScale]On LinkedIn | https://www.linkedin.com/in/travishowerton/ResourcesLearn more and catch more stories from RegScale: https://www.itspmagazine.com/directory/regscaleLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

As cyber threats grow more sophisticated and target various aspects of businesses across digital assets and surfaces, a common practice is to increase the number of security layers a company uses, often tasked to an MSP. However, this approach has led to a new dilemma: MSPs are now dealing with managing a plethora of disparate point solutions simultaneously. These solutions generate an overwhelming amount of data, information, and alerts that demand attention. As SMBs often lack dedicated personnel and resources to handle these alerts, the task falls on MSPs. This leaves MSPs struggling to manage the flood of information effectively.Guardz empowers MSPs and IT service providers to protect their clients effectively and efficiently, offering a unified platform with automated detection and response, which ensures digital assets, emails, endpoints, data and cloud directories are secure, allowing businesses to focus on growth. The Guardz platform is tailor-made for MSPs, simplifying cybersecurity management for SMBs and the MSPs that serve them. Leveraging the power of AI, Guardz automates threat detection and response, reducing false alerts and focusing on real threats. It provides scalable solutions for MSPs, comprehensive coverage for SMBs, and a user-friendly interface, ensuring robust protection and proactive security measures like regular vulnerability assessments and continuous monitoring.Guardz is transforming the future of cybersecurity by streamlining security management and enhancing efficiency. By unifying disparate solutions into a single platform that unifies detection from its own security stack and automates the response utilizing AI,Guardz empowers MSPs to significantly reduce complexity and operational burdens as they secure their SMB customers. AI-driven threat detection and automated response capabilities minimize false alerts and ensure rapid remediation of threats, allowing MSPs to focus on strategic tasks rather than being overwhelmed by data. The scalability of Guardz’s solutions means that even small businesses can access enterprise-quality security, fostering a more secure business environment overall. This transformation leads to better-prepared MSPs, more resilient SMBs, and a more secure digital landscape.Learn more about Guardz: https://itspm.ag/guardzrgigNote: This story contains promotional content. Learn more.Guest: Dor Eisner, CEO and Co-Founder, Guardz [@GuardzCyber]On LinkedIn | https://www.linkedin.com/in/dor-eisner-17067744/ResourcesLearn more and catch more stories from Guardz: https://www.itspmagazine.com/directory/guardzFor a free 14 day trial of Guardz’s platform please visit https://itspm.ag/guardzgvu3 .Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Black Hat USA 2024, the spotlight is on redefining and rethinking security, as discussed in this Brand Story episode with Resecurity. Sean Martin, Christian Lees, and Shawn Loveland share the mic to explore the cutting-edge innovations shifting paradigms within the cybersecurity domain. Christian Lees and Shawn Loveland from Resecurity dive deep into the substance of their work and its impact on modern security teams. The primary focus is Resecurity's approach towards threat intelligence and how it aids organizations in proactively mitigating risks.The discussion kicks off with an overview of Resecurity's approach to threat intelligence. Unlike conventional models that operate from within the firewall, Resecurity adopts an outside-in perspective, helping clients understand what attackers might know about their infrastructure. Shawn Loveland emphasizes this unique viewpoint by illustrating how Resecurity helps organizations identify potential breaches and vulnerabilities from the attacker's perspective, well before any threats materialize.One intriguing point discussed by Lees and Loveland is Resecurity's comprehensive data sourcing from the dark web. Resecurity does not simply rely on common threat intel from visible websites but digs deep into exclusive, invitation-only forums and other obscure corners of the web. This meticulous venture results in a much more profound understanding of potential threats, minimizing blind spots and the risk of data inaccuracies or AI hallucinations. By drawing on diverse data sources, Resecurity promises more significant and accurate insights into the motives and methods of cybercriminals.Moreover, Loveland highlights the technologically sophisticated tactics employed by Resecurity, combining AI to convert unstructured data into structured, actionable intelligence for security teams. This automation not only boosts efficiency but also empowers analysts to make more informed decisions swiftly. AI in Resecurity's arsenal is not a standalone entity but integrates deeply with the human-driven aspects of threat intelligence, enriching the overall analytic experience with contextual understanding and tangible evidence.The guests also touch on Resecurity's AI capabilities, illustrating this through scenarios where AI accelerates threat detection and response. By transforming vast amounts of data into comprehensible formats, and even summarizing complex situations into actionable insights, AI significantly reduces the ordeal for security analysts while enhancing precision.In conclusion, Resecurity’s state-of-the-art threat intelligence solutions, emphasized by the knowledgeable insights from Christian Lees and Shawn Loveland, represent a proactive and innovative approach to modern cybersecurity.Learn more about Resecurity: https://itspm.ag/resecurb51Note: This story contains promotional content. Learn more.Guests: Christian Lees, CTO, Resecurity [@RESecurity]On LinkedIn | https://www.linkedin.com/in/christian-lees-72886b3/Shawn Loveland, Chief Operating Officer, Resecurity [@RESecurity]On LinkedIn | https://www.linkedin.com/in/shawn-loveland/ResourcesLearn more and catch more stories from Resecurity: https://www.itspmagazine.com/directory/resecurityView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In 7 Minutes on ITSPmagazine Short Brand Story recorded on location during Black Hat USA 2024, Sean Martin had a fascinating conversation with Snehal Antani, CEO and Co-Founder of Horizon3.ai. The discussion revolved around the innovative strides Horizon3.ai is making in autonomous penetration testing and continuous security posture management.Snehal Antani shared his journey from being a CIO to founding Horizon3.ai, highlighting the critical gaps in traditional security measures that led to the inception of the company. The main focus at Horizon3.ai is to continuously verify security postures through autonomous penetration testing, essentially enabling organizations to "hack themselves" regularly to stay ahead of potential threats. Antani explained the firm's concept of “go hack yourself,” which emphasizes continuous penetration testing. This approach ensures that security vulnerabilities are identified and addressed proactively rather than reacting after an incident occurs.A significant portion of the discussion centered around the differentiation between application and infrastructure penetration testing. While application pen testing remains a uniquely human task due to the need for identifying logic flaws in custom code, infrastructure pen testing can be effectively managed by algorithms at scale. This division allows Horizon3.ai to implement a human-machine teaming workflow, optimizing the strengths of both.Antani likened its functionality to installing ring cameras while conducting a pen test, creating an early warning network through the deployment of honey tokens. These tokens are fake credentials and sensitive command tokens designed to attract attackers, triggering alerts when accessed. This early warning system helps organizations build a high signal, low noise alert mechanism, enhancing their ability to detect and respond to threats swiftly.Antani emphasized that Horizon3.ai is not just a pen testing company but a data company. The data collected from each penetration test provides valuable telemetry that improves algorithm accuracy and offers insights into an organization’s security posture over time. This data-centric approach allows Horizon3.ai to help clients understand and articulate their security posture’s evolution.A compelling example highlighted in the episode involved a CISO from a large chip manufacturing company who utilized Horizon3.ai’s rapid response capabilities to address a potential vulnerability swiftly. The CISO was able to identify, test, fix, and verify the resolution of a critical exploit within two hours, showcasing the platform's efficiency and effectiveness.The conversation concluded with a nod to the practical benefits such innovations bring, encapsulating the idea that effective use of Horizon3.ai’s tools not only promotes better security outcomes but also enables security teams to perform their roles more efficiently, potentially even getting them home earlier.Learn more about Horizon3.ai: https://itspm.ag/horizon3ai-bh23Note: This story contains promotional content. Learn more.Guest: Snehal Antani, Co-Founder & CEO at Horizon3.ai [@Horizon3ai]On LinkedIn | https://www.linkedin.com/in/snehalantani/On Twitter | https://twitter.com/snehalantaniResourcesLearn more and catch more stories from Horizon3.ai: https://www.itspmagazine.com/directory/horizon3aiView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode recorded during Black Hat USA 2024, host Sean Martin sat down with Mark Lambert of ArmorCode to discuss the evolving challenges and innovative strategies in application security and vulnerability management.ArmorCode stands out in its field by not being just another scanner but by integrating with an organization's existing tool ecosystem. Lambert explains that their platform connects with over 250 different source tools, from threat modeling to endpoint security, to provide comprehensive visibility and risk scoring. This integration is crucial for automating remediation workflows downstream and supporting various use cases, including vulnerability management and software supply chain security.One of the core strengths of ArmorCode's platform is its ability to ingest data from a multitude of sources, normalize it, and contextualize the risk for better prioritization. Lambert notes that understanding both the technical and business context of vulnerabilities is essential for effective risk management. This dual approach helps organizations avoid the 'fire drill' mentality, focusing instead on business-critical assets first.The conversation also touches on the breadth of ArmorCode's integrations, which include not just technical tools but also commercial and open-source threat intelligence feeds. This variety allows for a robust and nuanced understanding of an organization’s security posture. By correlating data across different tools using AI, ArmorCode helps in identifying vulnerabilities and weaknesses that could otherwise remain hidden.Lambert emphasizes the platform's ability to streamline interactions between security and development teams. By bringing together data from various sources and applying risk scoring, ArmorCode aids in engaging development teams effectively, often leveraging integrations with tools like Jira. This engagement is pivotal for timely remediation and reducing organizational risk.One of the exciting developments Lambert shares is ArmorCode's recent launch of AI-driven remediation capabilities. These capabilities aim to provide not just immediate fixes but strategic insights for reducing future risks. He explains that while fully automated remediation may still involve human oversight, AI significantly reduces the time and effort required for resolving vulnerabilities. This makes the security process more efficient and less burdensome for teams.The episode concludes with Lambert discussing the significant adoption of AI functionalities among ArmorCode's customer base. With over 90% adoption of their AI correlation features, it's clear that businesses are seeing real-world benefits from these advanced capabilities. Lambert believes that the integration of AI into security practices is moving past the hype phase into delivering meaningful outcomes.This insightful episode underscores the importance of comprehensive, AI-driven solutions in today’s security landscape. With experts like Mark Lambert at the helm, ArmorCode is leading the charge in making application security more integrated, intelligent, and efficient.Learn more about ArmorCode: https://itspm.ag/armorcode-n9tNote: This story contains promotional content. Learn more.Guest: Mark Lambert, Chief Product Officer, ArmorCode [@code_armor]On LinkedIn | https://www.linkedin.com/in/marklambertlinkedin/ResourcesLearn more and catch more stories from ArmorCode: https://www.itspmagazine.com/directory/armorcodeView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

During Black Hat USA 2024 in Las Vegas, Sean Martin engages in a Brand Story conversation with TK Keanini from DNSFilter to explore the pivotal role DNSFilter plays in safeguarding networks around the world. DNSFilter operates by leveraging the Domain Name System (DNS), an essential component of the internet. As TK Keanini shares, the company's primary mission is to filter out malicious traffic and allow legitimate traffic to pass through, thereby providing an effective layer of security that is both accessible and user-friendly.The applicability of DNSFilter spans globally, reflecting the nature of cyber threats, which are not confined by geographic borders. One critical aspect discussed is DNSFilter's ability to manage approximately 130 billion DNS requests daily, blocking between three to four billion potentially harmful requests. This impressive scale underscores the importance of DNSFilter in preventing cyberattacks and protecting users from inadvertently accessing malicious sites.From coffee shops to large enterprises, the relevance and ease of deploying DNSFilter stand out. For businesses, the practical uses of DNSFilter are numerous.Keanini explains that the technology is effortless to set up and can be integrated directly into various levels of IT infrastructure, including Wi-Fi routers in coffee shops and public Wi-Fi in retail settings. This straightforward setup enables even those with minimal technical expertise to implement robust cybersecurity measures easily.The conversation also highlights DNSFilter's effectiveness in addressing global issues, such as Child Sexual Abuse Material (CSAM), reinforcing the company's commitment to making the internet safer for everyone. The firm’s blocking capabilities are not limited to phishing and ransomware; they extend to other harmful content categories, ensuring comprehensive protection.Moreover, for Chief Information Security Officers (CISOs) and organizations with established cybersecurity programs, DNSFilter offers an invaluable addition to their security suite. With DNSFilter, policies can be set with a single click, streamlining the process for schools, businesses, and managed service providers alike. Keanini points out that this level of usability ensures that even those without extensive cybersecurity experience can effectively manage and implement necessary protections.Additionally, Keanini emphasizes the importance of DNSFilter's role in protecting everyday users on public Wi-Fi networks and its affordability for public-use scenarios. DNSFilter's technology integrates smoothly into existing security frameworks, providing peace of mind to users and IT administrators that their networks are secure. For individuals and organizations looking to enhance their online security, DNSFilter presents a compelling solution. With its easy setup, global reach, and comprehensive protection against a wide range of cyber threats, DNSFilter stands as a vital tool in the arsenal of modern cybersecurity solutions.Learn more about DNSFilter: https://itspm.ag/dnsfilter-1g0fNote: This story contains promotional content. Learn more.Guest: TK Keanini, CTO, DNSFilter [@DNSFilter]On LinkedIn | https://www.linkedin.com/in/tkkeaninipub/ResourcesLearn more and catch more stories from DNSFilter: https://www.itspmagazine.com/directory/dnsfilterView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Black Hat Hacker Summer Camp: A Meeting Ground for Security MindsAs Sean Martin and Willy Leichter kick off the discussion, nostalgia sets in as they recount their years of attending the Black Hat Hacker Summer Camp. The perennial themes of security, new technology, and ever-evolving threats always seem to find their way back into the conversation, no matter how much the landscape changes.Returning to Basics: The Unending Challenge of SecuritySean points to the recurring themes in security, to which Willy responds with a reflective acknowledgment of the cyclical nature of the industry. "It's back to figuring out how to manage all of this," he states, highlighting that while new technologies emerge, the essential task of managing them effectively remains unchanged.Introducing AppSoc: The New Kid on the BlockSean and Willy then dive into the heart of their discussion—AppSoc. Founded by serial entrepreneur Pravin Kothari, AppSoc is positioned in the Application Security Posture Management (ASPM) space. Willy elaborates on the company's mission: to consolidate, normalize, and prioritize security data from various point solutions to reduce noise and enhance actionable intelligence.The Importance of Prioritization and Orchestrated RemediationWilly explains how AppSoc’s "secret sauce" lies in prioritizing critical alerts among the plethora of security vulnerabilities. The goal is to transform a seemingly unmanageable thousand alerts into twenty high-priority ones that demand immediate attention. He emphasizes that detection without action is futile; hence, AppSoc also focuses on orchestrated remediation to bring the right information to the right teams seamlessly.Leveraging AI for Better Prioritization and Security PostureThe use of AI in AppSoc is multifaceted. The company employs AI not only to streamline security processes but also to protect AI systems—a burgeoning field. Willy suggests that the explosion of AI applications and large language models (LLMs) has opened new attack surfaces. Thus, the role of AppSoc is to safeguard these tools while enabling their efficient use in security practices.Real-world Applications: A Day in the Life with AppSocWilly shares a compelling success story about a CISO from an insurance company who managed risk across different departments using AppSoc's platform. This real-time, continuous monitoring solution replaced the less efficient, bi-annual consultant reports, demonstrating AppSoc’s efficacy in providing actionable insights promptly.The Shift-Left Strategy and DevSecOps CollaborationThe conversation shifts to the importance of integrating DevOps and DevSecOps teams. Willy points out that while specializations are valuable, it's crucial to have "connective tissue" to get the bigger picture. This holistic view is essential for understanding how threats impact various departments and teams.ConclusionSean Martin wraps up the enriching conversation with Willy Leichter, expressing his excitement for the future of AppSoc. The episode underscores the critical importance of effective application security and how innovations like AppSoc are paving the way for a more secure digital landscape.Learn more about AppSOC: https://itspm.ag/appsoc-z45xNote: This story contains promotional content. Learn more.Guest: Willy Leichter, Chief Marketing Officer, AppSOC [@appsoc_inc]On LinkedIn | https://www.linkedin.com/in/willyleichter/ResourcesLearn more and catch more stories from AppSOC: https://www.itspmagazine.com/directory/appsocView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Welcome to another insightful story from ITSPmagazine, where we bring you exclusive content directly from Hacker Summer Camp at Black Hat Las Vegas 2024. This year, Sean Martin had the pleasure of sitting down with Tom Tovar, CEO of Appdome, to explore the company’s innovative approach to mobile app security.A Dynamic Presence at Black HatBlack Hat 2024 is buzzing with energy, and Appdome's vibrant booth has become a focal point for many attendees. Tom credits his marketing team for creating an engaging and visually striking presence that truly reflects Appdome’s mission. A standout feature is a unique widescreen shot setup that, although not yet shared on social media, perfectly encapsulates Appdome's vision for mobile app security.The Origin of AppdomeDuring the conversation, Sean Martin asked Tom to share the origin story of Appdome. Tom, who began his career as a corporate and securities lawyer during the tech boom, later transitioned to roles in security and operations at NetScreen. His journey took a pivotal turn after teaching himself to code and recognizing the need for a more efficient way to secure mobile applications. Driven by frustration with existing solutions and encouraged by a venture capitalist friend, Tom set out to create Appdome, aiming to simplify and automate mobile app security.Revolutionizing Mobile App Security with AppdomeAppdome’s approach integrates security into the mobile app development process through machine learning, making it easier to incorporate essential functions like encryption and anti-tampering. Over time, the platform has evolved to include advanced features such as malware detection and fraud prevention. By automating these processes, Appdome reduces friction for developers and users alike, offering a streamlined path to robust mobile app security.Embracing Generative AI for User EmpowermentA highlight of the interview was the discussion around Appdome’s adoption of Generative AI (Gen AI). This cutting-edge technology offers automated support to users facing mobile app security threats, providing real-time guidance to resolve issues independently. This not only enhances cybersecurity but also raises awareness, helping users become more informed and vigilant.Appdome’s Expanding Influence in CybersecurityWith over 144,000 applications utilizing its platform and more than 11,000 builds handled daily, Appdome has established itself as a leader in mobile app security. Its widespread adoption across diverse industries underscores the platform’s scalability and versatility.Looking Ahead: The Future of Mobile App SecurityTom Tovar also shared Appdome’s vision for the future, including the introduction of AI-driven recommendations to further streamline security integration. The ultimate goal is to achieve an auto-defend capability, making mobile app security more intuitive and effortless for users worldwide.ConclusionThis exclusive interview with Tom Tovar at Black Hat 2024 highlights how Appdome is at the forefront of mobile app security, driving innovation and automation in a rapidly evolving landscape. As mobile threats continue to grow, Appdome’s solutions will be essential in ensuring secure, seamless experiences for users everywhere.For more insights and updates from the cybersecurity world, keep following ITSPmagazine.Learn more about Appdome: https://itspm.ag/appdome-neuvNote: This story contains promotional content. Learn more.Guest: Tom Tovar, CEO, Appdome [@appdome]On LinkedIn | https://www.linkedin.com/in/tom-tovar-9b8552/ResourcesLearn more and catch more stories from Appdome: https://www.itspmagazine.com/directory/appdomeView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode as part of the On Location Podcast series, Sean Martin speaks with Rupesh Chokshi, who leads the application security business at Akamai. Connecting directly from Black Hat in Las Vegas, the discussion provides an in-depth look into the world of application security, APIs, and the challenges organizations face in today's technology-driven environment.Rupesh Chokshi starts by highlighting Akamai's evolution from an innovative startup focused on improving internet experiences to a global leader in powering and protecting online activities. He emphasizes that Akamai handles trillions of transactions daily, underlining the massive scale and importance of their operations.The conversation shifts to the pivotal role of APIs in the digital economy. With every company now being an 'app company,' APIs have become the lifeline of digital interactions, from financial services to entertainment. Chokshi points out that many organizations struggle with cataloging and discovering their APIs, a critical step for ensuring security. Akamai assists in this by employing scanning capabilities and data flow analysis to help organizations understand and protect their API landscape.A significant part of the discussion focuses on the security challenges associated with APIs. Chokshi details how attackers exploit APIs for data breaches, financial fraud, and other malicious activities. He cites real-world examples to illustrate the impact and scale of these attacks. Chokshi also explains how attackers use APIs for carding attacks, turning businesses into unwitting accomplices in validating stolen credit cards.Chokshi emphasizes the importance of proactive measures like API testing, which Akamai offers to identify vulnerabilities before code deployment. This approach not only bolsters the security of APIs but also instills greater confidence in the enterprise ecosystem.The discussion also touches on the broader implications of API security for CISOs and their teams. Chokshi advises that the first step is often discovery and cataloging, followed by ongoing threat intelligence and posture management. Using insights from Akamai's extensive data, organizations can identify and mitigate threats more effectively.The episode concludes with Chokshi reinforcing the importance of data-driven insights and AI-driven threat detection in safeguarding the API ecosystem. He notes that Akamai's vast experience and visibility into internet traffic allow them to provide unparalleled support to their clients across various sectors.For anyone looking to understand the complexities of API security and how to address them effectively, this episode offers valuable insights from two leaders in the field. Akamai's comprehensive approach to application security, bolstered by real-world examples and expert analysis, provides a robust framework for organizations aiming to protect their digital assets.Learn more about Akamai: https://itspm.ag/akamaievkiNote: This story contains promotional content. Learn more.Guest: Rupesh Chokshi, SVP & General Manager, Application Security, Akamai [@Akamai]On LinkedIn | https://www.linkedin.com/in/rupeshchokshi/ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode of On Location, hosts Sean Martin and Marco Ciappelli sit down with Chris Pierson, Founder and CEO of BlackCloak, a digital executive protection company. Throughout their conversation, they explore the intersection of personal privacy, digital security, and the unique challenges faced by high-profile individuals in protecting their digital lives. Chris Pierson discusses the importance of proactive measures in digital security, emphasizing the need for executives and public figures to safeguard their personal information just as rigorously as their corporate data.The dialogue covers various critical topics, including the rising threats of deep fakes and the implications for personal and professional security. Pierson explains how these convincing digital forgeries can be used maliciously and provides strategies to identify and combat them. Additionally, the conversation delves into common cyber threats like phishing and business email compromise, with Pierson detailing practical strategies for mitigating these risks.Pierson also highlights the evolving landscape of privacy threats and the role of education in empowering individuals to take control of their digital presence. He shares insights on balancing security with usability, pointing out the vulnerabilities that can be overlooked by even the most tech-savvy individuals. Reflecting on his experience building BlackCloak, Pierson discusses key lessons learned while developing solutions tailored to the needs of high-net-worth and high-profile clients.The episode underscores the criticality of a tailored approach to digital security, addressing both technical defenses and user behaviors. Listeners are encouraged to think about their own digital habits and consider how they can better protect their personal information in an increasingly interconnected world.Learn more about BlackCloak:https://itspm.ag/itspbcwebNote: This story contains promotional content. Learn more.Guest: Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonResourcesLearn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Welcome to Hacker Summer Camp Sean Martin kicks off the episode with his signature enthusiasm, welcoming listeners to another live broadcast from the renowned Hacker Summer Camp—Black Hat USA 2024 in Las Vegas. He introduces Theresa Lanowitz, a prominent figure in cybersecurity, who shares the latest developments and insights from her venture, Level Blue.Sean Martin: “Welcome to a new episode coming to you from Hacker Summer Camp. We’re here in Las Vegas for Black Hat USA 2024, and I’m thrilled to be joined by Theresa Lanowitz. Theresa, how are you?”Simplifying Cybersecurity with Level Blue Theresa discusses the origins and mission of Level Blue, a collaborative initiative between AT&T and World Gem Ventures. She outlines how Level Blue serves as a strategic extension to organizations, simplifying cybersecurity through consulting, managed security services, and innovative threat intelligence via Level Blue Labs.Theresa Lanowitz: “We aim to simplify cybersecurity by helping you protect your business intelligence through our consulting services, predict your security investments through managed services, and mitigate risk with our Level Blue Labs threat intelligence team.”The conversation shifts to how Level Blue addresses the complexities in IT, offering practical solutions and actionable intelligence to meet these challenges head-on.Key Insights from the Level Blue Futures Report Theresa reveals exciting updates about their flagship thought leadership piece, the Level Blue Futures Report. Launched at RSA in May, this report anchors their yearly research agenda. Additionally, she introduces the C-suite Accelerator, focusing on the evolving roles of CIOs, CISOs, and CTOs in fostering cyber resilience.Collaboration Among CIO, CTO, and CISO Sean and Theresa explore the dynamics between the CIO, CTO, and CISO roles. Theresa elaborates on how, despite their shared objectives, these roles often face conflicting priorities. She highlights the importance of these roles being equal partners within an organization to ensure cohesive responses during critical events, thereby enhancing overall organizational resilience.Theresa Lanowitz: “The CIO, the CISO, and the CTO must be equal partners. If they’re not, achieving cyber resilience becomes very difficult.”The Pandemic's Impact on Cybersecurity Reflecting on the pandemic’s effects, Theresa notes how it accelerated digital transformation, underscoring the crucial need for resilient cybersecurity measures. Despite some progress, she observes that cybersecurity often remains siloed, underfunded, and secondary in many organizations. She stresses the importance of aligning cybersecurity goals with business objectives to create a more integrated and effective approach.Proactive vs. Reactive Budgets Theresa emphasizes the significance of proactive budgeting in cybersecurity, contrasting it with the more common reactive approach. Proactive budgets, she argues, allow for better alignment of cybersecurity initiatives with business goals, which is vital for preempting breaches and addressing regulatory compliance.Theresa Lanowitz: “If you can align cybersecurity initiatives with business goals, you’re going to be proactive rather than reactive.”The Role of Trusted Third-Party Advisors Theresa advocates for the involvement of trusted third-party advisors, such as consulting and managed security services. These advisors bring valuable external perspectives and experience, which are crucial for driving innovation and ensuring robust security measures.Sean Martin: “By working with a trusted partner, you’re not giving up your creative ideas but rather ensuring they play out effectively and securely.”The Human Element in Cybersecurity As the discussion winds down, Sean and Theresa agree that, at its core, cybersecurity is about people. Theresa underscores the need for cross-functional communication within organizations and with trusted third-party advisors to achieve comprehensive and effective cybersecurity.Sean Martin: “It always comes back to the people, doesn’t it?”Conclusion The episode wraps up with Sean expressing gratitude for Theresa’s insights and encouraging continued exploration of research and innovation across various sectors. He invites the audience to explore the Level Blue Accelerator Report for actionable insights.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz

In this On Location episode Brand Story, Sean Martin speaks with Artyom Poghosyan at the Black Hat conference in Las Vegas about Britive, a cloud privileged access management platform. They explore how Britive assists medium to large enterprises in tackling identity management and security issues across multi-cloud and hybrid environments.Sean and Artyom discuss the complexities that organizations face with cloud adoption, where traditional lift-and-shift approaches no longer suffice. Artyom outlines how the incorporation of new processes and tools, such as DevOps automation, complicates identity and access management in cloud environments. Britive's approach emphasizes the need for dynamic, scalable solutions that align with the speed and agility of cloud-based development while ensuring robust security controls.A key focus is the balance between granting necessary access for operational efficiency and minimizing security risks from overprivileged accounts. Artyom describes Britive's method of dynamically granting and revoking access based on justified needs, ensuring that temporary elevated access is appropriately controlled and removed post-use.Additionally, the conversation highlights the challenges of managing identities across multiple cloud platforms (AWS, GCP, Azure, etc.) and the diverse technologies used in modern enterprises. Artyom explains Britive's capability to provide a unified identity and access management approach that simplifies and secures these varied environments.The episode also emphasizes Britive’s potential to significantly reduce the time required for onboarding DevOps engineers, streamlining the process from days to mere minutes through automation. This not only improves operational efficiency but also vastly reduces risk by limiting standing privileges, a key security vulnerability often exploited by cybercriminals.Finally, they touch upon how Britive fits within broader organizational security strategies, particularly Zero Trust initiatives. By eliminating standing access risks and offering integration with existing security processes, Britive supports the implementation of comprehensive identity security programs that align with modern security frameworks.Sean closes the episode by encouraging listeners to engage with Artyom and the Britive team to see how their solutions can enhance identity management and security within their organizations.Learn more about Britive: https://itspm.ag/britive-3fa6Note: This story contains promotional content. Learn more.Guest: Artyom Poghosyan, Co-Founder, Britive [@britive1]On LinkedIn | https://www.linkedin.com/in/artyompoghosyan/ResourcesLearn more and catch more stories from Britive: https://www.itspmagazine.com/directory/britiveView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Black Hat 2024 in Las Vegas, Sean Martin from On Location interviews Dror Liwer of Coro, uncovering the impressive strides Coro has made in creating a truly cohesive cybersecurity platform. This conversation reveals how Coro distinguishes itself in an industry saturated with buzzwords and inadequate solutions, particularly for smaller and mid-sized businesses.Meeting in VegasSean Martin starts the conversation by appreciating the vibrant atmosphere at the Black Hat Business Hall. The colorful Coro booth, coupled with the energetic team, sets the perfect backdrop for a discussion centered on platform innovation.Sean Martin: "Here we are, Dror. Fantastic seeing you here in Vegas."Dror Liwer: "It's where we meet."The Platform BuzzThe term “platform” has become a buzzword in the cybersecurity industry. Dror explains that many companies claim to offer platforms, but these so-called platforms often result from the integration of various point solutions, which don't communicate effectively with each other.Dror Liwer: “We built Coro as a platform and have been a platform for 10 years. It's kind of funny to see everybody now catching up and trying to pretend to be a platform.”Dror criticizes how companies use “platform” to create market confusion, explaining that a true platform requires seamless integration, a single endpoint agent, and a unified data lake.Defining a True PlatformDror and Sean delve deep into what makes Coro's platform genuinely innovative. Dror emphasizes that a real platform collects and processes data across multiple modules, providing a single pane of glass for operators. He contrasts this with other solutions that merely integrate various tools, resulting in operational complexity and inefficiencies.Dror Liwer: "A real platform is an engine that has a set of tools on top of it that work seamlessly together using a single pane of glass, a single endpoint agent, and a single data lake that shares all of the information across all of the different modules."The Role of DataData integration is a cornerstone of Coro’s platform. Dror explains that each module in Coro functions as both a sensor and protector, feeding data into the system and responding to anomalies in real-time.Dror Liwer: "The collection of data happens natively at the sensor. They feed all the data into one very large data lake."This unified approach allows Coro to eliminate the time-critical gap between event detection and response, a significant advantage over traditional systems that often rely on multiple disparate tools.Supporting MSPs and Mid-Market BusinessesOne of Coro's key missions is to support Managed Service Providers (MSPs) and mid-market businesses, sectors that have been largely overlooked by larger cybersecurity firms. By offering a more manageable and less costly platform, Coro empowers these providers to offer comprehensive cybersecurity services without the high operational costs traditionally associated with such tasks.Dror Liwer: “We are changing that economic equation, allowing MSPs to offer full cybersecurity solutions to their customers at an affordable price.”Fulfilling New RequirementsDror also sheds light on how Coro helps businesses comply with new regulatory requirements or cybersecurity mandates, often dictated by their position in the supply chain.Dror Liwer: "When this guy comes to you and says, ‘Hey, I need to now comply with this or do that,’ this is an opportunity to tell them, ‘Don't worry. I got you covered. I have Coro for you.’”ConclusionDror Liwer's insights during Black Hat 2024 highlight how Coro is not only addressing but revolutionizing the cybersecurity needs of small to mid-sized businesses and their MSP partners. By creating a true platform that reduces complexity and operational costs, Coro sets a new standard in the cybersecurity industry.Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode, Sean Martin gets to chat with Vivek Ramachandran, Co-Founder and CEO of SquareX, at the Black Hat USA conference in Las Vegas. The discussion centers around SquareX’s innovative approach to browser security and its relevance in today’s cybersecurity landscape.Vivek explains that SquareX is developing a browser-native security product designed to detect, mitigate, and hunt threats in real-time, specifically focusing on the online activities of enterprise employees. This solution operates entirely within the browser, leveraging advanced technologies like WebAssembly to ensure minimal impact on the user experience.The conversation shifts to the upcoming DEF CON talk by Vivek, titled “Breaking Secure Web Gateways for Fun and Profit,” which highlights the seven sins of secure web gateways and SASE SSE solutions. According to Vivek, these cloud proxies often fail to detect and block web attacks due to inherent architectural limitations. He mentions SquareX's research revealing over 25 different bypasses, emphasizing the need for a new approach to tackle these vulnerabilities effectively.Sean and Vivek further discuss the practical implementation of SquareX's solution. Vivek underscores that traditional security measures often overlook browser activities, presenting a blind spot for many organizations. SquareX aims to fill this gap by providing comprehensive visibility and real-time threat detection without relying on cloud connectivity.Vivek also answers questions about the automatic nature of the browser extension deployment, ensuring it does not disrupt day-to-day operations for users or IT teams. Additionally, he touches on the importance of organizational training and awareness, helping security teams interpret new types of alerts and attacks that occur within the browser environment.Towards the end of the episode, Vivek introduces a new attack toolkit designed for organizations to test their own secure web gateways and SASE SSE solutions, empowering them to identify vulnerabilities firsthand. He encourages security leaders to use this tool and visit a dedicated website for practical demonstrations.Listeners are invited to connect with Vivek and the SquareX team, especially those attending Black Hat and DEF CON, to learn more about this innovative approach to browser security.Learn more about SquareX: https://itspm.ag/sqrx-l91Note: This story contains promotional content. Learn more.Guest: Vivek Ramachandran, Founder, SquareX [@getsquarex]On LinkedIn | https://www.linkedin.com/in/vivekramachandran/ResourcesLearn more and catch more stories from SquareX: https://www.itspmagazine.com/directory/squarexView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode as part of the Black Hat Event Coverage featuring Sean Martin and Marco Ciappelli, guest Art Poghosyan, co-founder of Britive, discusses the evolution and challenges of identity and access management (IAM) in the modern technological landscape. Sean and Marco engage Art in a conversation that covers everything from the significance of effective IAM for businesses to the innovative solutions Britive is bringing to the market.Art shares the story behind the foundation of Britive and its journey from conception to a leading provider of cloud-native privileged access management solutions. He highlights the shift from static to dynamic identities, emphasizing the importance of automating and authorizing access in real time to meet the needs of modern DevOps and cloud environments.The conversation also touches on how traditional security measures are adapting to new cloud-based infrastructures, highlighting the growing complexity and necessity for advanced IAM solutions. Marco brings in a critical perspective on the changing nature of technology and security, questioning how modern companies can sustain their operations amid rapid technological changes.Art shares insight into the convergence of new ideas and the maturity of contemporary technologies, suggesting that today's advancements provide unique opportunities for innovative solutions. Sean and Marco steer the conversation to practical applications, with Art providing real-world examples of how Britive's technologies are being implemented by enterprises facing complex security challenges. He explains how Britive's API-first approach aids in operationalizing security without imposing on performance or user experience.Furthermore, the episode sets the stage for an upcoming deeper conversation at the Black Hat event, where Art, Sean, and Marco will continue exploring IAM and the critical role Britive plays in shaping the industry's future. Listeners also get information on how to connect with Art and the Britive team at the event.Learn more about Britive: https://itspm.ag/britive-3fa6Note: This story contains promotional content. Learn more.Guest: Art Poghosyan, Co-Founder, Britive [@britive1]On LinkedIn | https://www.linkedin.com/in/artyompoghosyan/ResourcesCloud PAM: https://itspm.ag/britivxya3Learn more and catch more stories from Britive: https://www.itspmagazine.com/directory/britiveView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join the On Location Podcast co-hosts, Sean Martin and Marco Ciappelli, as they kick off an engaging conversation with Dror Liwer, Co-Founder of Coro, discussing SMB cybersecurity and preparations for Black Hat 2024.Dror emphasizes Coro’s excitement about participating in Black Hat for the second year, where they will be showcasing their offerings at booth 4734. He contrasts Black Hat with other conferences, noting its unique focus on cybersecurity practitioners and those who carry the weight of their organizations' security.Throughout the discussion, Dror tackles the buzzwords and trends in the cybersecurity industry. This year, the buzzword is "platform," and Dror provides insight into what truly constitutes a cybersecurity platform. He distinguishes between various types of platforms, such as those built from multiple vendors, internally developed ones like Cisco and Palo Alto, and Coro's own from-the-ground-up modular platform. He also discusses the advantages of a unified and seamless approach to cybersecurity.The conversation covers the practical benefits of Coro’s platform for service providers and end customers. Dror mentions how Coro simplifies cybersecurity by allowing easy onboarding and flexible licensing. He highlights Coro’s data governance capabilities and modular design, which enable users to scale their security needs up or down efficiently.Dror also teases his upcoming talk at Black Hat, titled “Platformization, Consolidation, and Other Buzzwords Debunked,” promising a comprehensive framework to help organizations evaluate and select the right cybersecurity platforms for their needs.The episode closes with Sean and Marco expressing their enthusiasm for continuing the conversation at Black Hat and encouraging listeners to connect with Coro’s energetic team. They also invite the audience to stay tuned for more updates and insights from the event.Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Welcome to another edition of Brand Stories, part of our On Location coverage of Black Hat Conference 2024 in Las Vegas. In this episode, Sean Martin and Marco Ciappelli chat with Jeswin Mathai, Chief Architect at SquareX, one of our esteemed sponsors for this year’s coverage. Jeswin brings his in-depth knowledge and experience in cybersecurity to discuss the innovative solutions SquareX is bringing to the table and what to expect at this year’s event.Getting Ready for Black Hat 2024The conversation kicks off with Marco and Sean sharing their excitement about the upcoming Black Hat USA 2024 in Las Vegas. They fondly recall their past experiences and the anticipation that comes with one of the most significant cybersecurity events of the year. Both hosts highlight the significance of the event for ITSP Magazine, marking ten years since its inception at Black Hat.Introducing Jeswin Mathai and SquareXJeswin Mathai introduces himself as the Chief Architect at SquareX. He oversees managing the backend infrastructure and ensuring the product’s efficiency and security, particularly as a browser extension designed to be non-intrusive and highly effective. With six years of experience in the security industry, Jeswin has made significant contributions through his work published at various conferences and the development of open-source tools like AWS Goat and Azure Goat.The Birth of SquareXSean and Marco delve deeper into the origins of SquareX. Jeswin shares the story of how SquareX was founded by Vivek Ramachandran, who previously founded Pentester Academy, a cybersecurity education company. Seeing the persistent issues in consumer security and the inefficacy of existing antivirus solutions, Vivek decided to shift focus to consumer security, particularly the visibility gap in browser-level security.Addressing Security GapsJeswin explains how traditional security solutions, like endpoint security and secure web gateways, often lack visibility at the browser level. Attacks originating from browsers go unnoticed, creating significant vulnerabilities. SquareX aims to fill this gap by providing comprehensive browser security, detecting and mitigating threats in real time without hampering user productivity.Innovative Security SolutionsSquareX started as a consumer-based product and later expanded to enterprise solutions. The core principles are privacy, productivity, and scalability. Jeswin elaborates on how SquareX leverages advanced web technologies like WebAssembly to perform extensive computations directly on the browser, ensuring minimal dependency on cloud resources and optimizing user experience.A Scalable and Privacy-Safe SolutionMarco raises the question of data privacy regulations like GDPR in Europe and the California Consumer Privacy Act (CCPA). Jeswin reassures that SquareX is designed to be highly configurable, allowing administrators to adjust data privacy settings based on regional regulations. This flexibility ensures that user data remains secure and compliant with local laws.Real-World Use CasesTo illustrate SquareX’s capabilities, Jeswin discusses common use cases like phishing attacks and how SquareX protects users. Attackers often exploit legitimate platforms like SharePoint and GitHub to bypass traditional security measures. With SquareX, administrators can enforce policies to block unauthorized credential entry, perform live analysis, and categorize content to prevent phishing scams and other threats.Looking Ahead to Black Hat and DEF CONThe discussion wraps up with a look at what attendees can expect from SquareX at Black Hat and DEF CON. SquareX will have a booth at both events, and Jeswin previews some of the talks on breaking secure web gateways and the dangers of malicious browser extensions. He encourages everyone to visit their booths and attend the talks to gain deeper insights into today’s cybersecurity challenges and solutions.ConclusionIn conclusion, the conversation with Jeswin Mathai offers a comprehensive look at how SquareX is revolutionizing browser security. Their innovative solutions address critical gaps in traditional security measures, ensuring both consumer and enterprise users are protected against sophisticated threats. Join us at Black Hat Conference 2024 to learn more and engage with the experts at SquareX.Learn more about SquareX: https://itspm.ag/sqrx-l91Note: This story contains promotional content. Learn more.Guest: Jeswin Mathai, Chief Architect, SquareX [@getsquarex]On LinkedIn | https://www.linkedin.com/in/jeswinmathai/ResourcesLearn more and catch more stories from SquareX: https://www.itspmagazine.com/directory/squarexView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of persona

In this Brand Story conversation, Sean Martin sat down with Brooke Motta, CEO and co-founder of RAD Security, to discuss a game-changing shift in cloud security: moving from signature-based to behavioral-based detection and response within the Cloud Workload Protection Platform (CWPP).The What: RAD Security is pioneering the future of cloud security with its state-of-the-art behavioral cloud detection and response (CDR) solution. Unlike traditional CWPP and container detection systems that depend on signatures, RAD Security employs advanced techniques to create behavioral fingerprints based on unique good behavior patterns. This innovative approach aims to eliminate the risks associated with zero-day attacks and apply zero trust principles while ensuring real-time posture verification.The How: RAD Security's approach stands out in multiple ways. By setting behavioral baselines reflecting a system's normal operations, the platform can detect deviations that indicate potential threats earlier in the attack lifecycle. Integrated real-time identity and infrastructure context further sharpens its threat detection capabilities. This not only allows for proactive defenses but also enhances shift-left strategies and posture management, making cloud environments more resilient against emerging threats.Key Points Discussed:Behavioral Detection vs. Signature-Based Methods:Brooke emphasized the limitations of signature-based detection in addressing modern cloud security challenges. RAD Security's shift to behavioral detection ensures early identification of zero-day attacks, addressing both runtime and software supply chain vulnerabilities.Enhanced Capabilities for Real-Time Response:The platform provides automated response actions such as quarantining malicious workloads, labeling suspicious activities, and terminating threats. It leverages machine learning and large language models to classify detections accurately, aiding security operations centers (SOC) in quicker and more effective remediation.Recognition and Impact:RAD Security’s innovative approach has earned it a finalist spot in the prestigious Black Hat Startup Spotlight Competition, signifying industry acknowledgment of the need to move beyond traditional, reactive signatures to a proactive, behavioral security approach. They were also recognized during RSA Conference, one of the only startups to garner such a position.Supply Chain Security:Brooke highlighted the importance of analyzing third-party services and APIs at runtime to get a comprehensive threat picture. RAD Security’s verified runtime fingerprints ensure a defense-ready posture against supply chain attacks, exemplified by its response to the recent XZ Backdoor vulnerability.Future of Cloud Security:As security teams navigate increasingly complex cloud environments, the legacy method of relying on signatures is no longer viable. RAD Security's behavioral approach represents the future of cloud detection and response, offering a robust, resilient solution against novel and evolving threats.RAD Security is leading the charge in transforming cloud security through its innovative, signatureless behavioral detection and response platform. By integrating real-time identity and infrastructure context, RAD Security ensures swift and accurate threat response, laying the groundwork for a new standard in cloud native protection.For more insights and to learn how RAD Security can help enhance your organization's cloud security resilience, tune into the full conversation.Learn more about RAD Security: https://itspm.ag/radsec-l33tzNote: This story contains promotional content. Learn more.Guest: Brooke Motta, CEO & Co-Founder, RAD Security [@RADSecurity_]On LinkedIn | https://www.linkedin.com/in/brookemotta/On Twitter | https://x.com/brookelynz1ResourcesA Brief History of Signature-Based Threat Detection in Cloud Security: https://itsprad.io/radsec-4biOpen Source Cloud Workload Fingerprint Catalog: https://itsprad.io/radsec-kroLearn more and catch more stories from RAD Security: https://www.itspmagazine.com/directory/rad-securityView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Last month, Sevco unveiled new capabilities in the Sevco platform to help manage and remediate risks for a new asset class – software vulnerabilities (think CVEs) and environmental vulnerabilities (think missing security tools, EOL systems, and IT hygiene issues). Sevco’s exposure management capabilities centralize known and surface previously unknown vulnerabilities in one place, prioritize the most critical issues across the environment (based on technical severity and nearly unlimited business context derived from Sevco’s asset intelligence), automate the remediation to fix priority issues and validate that remediation efforts are completed. With the help of these new capabilities in the Sevco platform, CISOs gain quantifiable insights to manage remediation programs, highlighting where efforts are working and where they aren't.Why does this matter: The systems that typically track and report CVEs, don’t report on vulnerabilities in categories such as cloud, identity, system misconfigurations, and more. Those have to be uncovered from data found within different (typically siloed) tools. This visibility issue has caused CISOs to drown in vulnerabilities without the ability to identify the ones that present the highest risk to an organization. With asset intelligence as the foundation, the Sevco platform’s exposure management capabilities help CISOs and security teams solve this challenge by proactively prioritizing, automating, and validating the remediation of all types of exposures, including software and environmental vulnerabilities. Additionally, the Sevco platform validates the successful completion of vulnerability remediation when it’s observed on the asset itself, not just when a ticket is closed. This enables Sevco to highlight actionable metrics that allow CISOs to see what’s working and what’s not working in their remediation programs and break down cross-department silos that can cause visibility issues in the first place.How does it work: Sevco's approach to vulnerability prioritization differs from existing tools because the Sevco platform integrates with existing security tools to aggregate, correlate, and deduplicate the data in those sources to surface important context and assess the risk and business impact for each asset. With this knowledge, Sevco can automatically detect and proactively alert an organization’s security team to vulnerabilities in their environment, including software vulnerabilities (CVEs), missing or misconfigured security controls (security gaps), and IT hygiene issues (unpatched devices and shadow IT). Additionally, Sevco helps to prioritize the CVEs, missing endpoint agents, and other IT hygiene vulnerabilities so our customers are always working on the highest risk issues first based on their specific business needs. Sevco's remediation management workflow helps to reduce risk dramatically with automation, key integrations that allow for collaboration and visibility across IT and security teams, and validation that remediation happened -- no matter the ticket status. Additionally, Sevco provides reports on remediation metrics that arm CISOs with the knowledge needed to understand the utilization of specific IT and security teams.Learn more about Sevco: https://itspm.ag/sevco250d8eNote: This story contains promotional content. Learn more.Guest: J.J. Guy, CEO and Co-Founder, SevcoOn LinkedIn | https://www.linkedin.com/in/jjguy/On Twitter | https://x.com/jjguy?lang=enResourcesState of the Cybersecurity Attack Surface (June 2024 Report): https://itspm.ag/sevco-l9blLearn more and catch more stories from Sevco: https://www.itspmagazine.com/directory/sevcoView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ISMS.online has released its ‘State of Information Security’ report which surveyed 502 people in the UK (over 1500 globally) who work in information security across 10 sectors including technology, manufacturing, education, energy and utilities and healthcare. The main findings that it exposed are: 79% of businesses have been impacted due to an information security incident caused by a third-party vendor or supply chain partner. Over 99% of UK businesses received hefty fines for data breaches or violation of data protection rules over the last year Deepfakes now rank as the second most common information security incident for UK businesses and have been experienced by over a third of organisations.What does all of this mean? As data breaches continue to surge, government entities and trade bodies are in turn, trying to meet these challenges with updates and implementation of regulations and compliance mandates. Listen in as Luke speaks to IT managers about the need to build robust and effective information security foundations, invest in securing their supply chains and increasing employee awareness and training.Learn more about ISMS.online: https://itspm.ag/ismsonline08ab81Note: This story contains promotional content. Learn more.Guest: Luke Dash, CEO, ISMS.onlineOn LinkedIn | https://www.linkedin.com/in/luke-dash-33867b25/ResourcesThe State of Information Security Report 2024: https://itspm.ag/ismsonlinef56b77Learn more and catch more stories from ISMS.online: https://www.itspmagazine.com/directory/isms-onlineView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the latest Brand Story episode, host Sean Martin chats with Brian Reed, Mobile Security Evangelist, and Chris Roeckl, Chief Product Officer at AppDome, during the OWASP Global AppSec event in Lisbon. The episode dives into pivotal aspects of mobile app security and consumer expectations.Brian Reed articulates how AppDome collaborates with OWASP to tackle mobile app security challenges. He underscores the significant role consumers play in these endeavors. According to AppDome's annual survey, consumer feedback is indispensable, revealing that a staggering 97% of consumers would abandon a brand after an insecure app experience, while 95% would advocate for a brand offering a secure experience. This highlights the stark consequences of neglecting mobile security.Chris Roeckl elaborates on how AppDome’s annual survey, spanning four years, has amassed data from over 120,000 consumers across 12 countries. This wealth of information provides a clear trend: consumers increasingly prioritize security, particularly in banking, e-wallet, healthcare, and retail apps. Interestingly, while social media is not at the forefront of security concerns, it is rapidly becoming a focus area as users grow more conscious of account security and privacy.The discussion brings to light how brands can effectively communicate their security protocols to consumers. Reed and Roeckl suggest transparency through dedicated web pages, direct email outreach, and in-app notifications. This communication helps build trust and reassures consumers that their security concerns are being addressed.The conversation also touches on the integration of security into the development lifecycle. Developers often face the challenge of ensuring robust security without compromising the user experience. Reed mentions the importance of making security processes seamless and non-invasive for developers. By leveraging machine learning and AI, AppDome aims to automate many security tasks, allowing developers to focus on creating innovative, user-friendly applications.Moreover, Roeckl points out that a holistic approach is essential. This means incorporating input from various teams within an organization - from product leaders focusing on user engagement to engineers ensuring crash-free applications and cybersecurity teams safeguarding data integrity. This collaborative effort ensures that the final product not only meets but exceeds consumer expectations.The insights shared in the episode are a call to action for businesses to prioritize mobile security. With six billion humans using mobile apps globally, the stakes are higher than ever. Brands must recognize the direct correlation between secure mobile experiences and customer loyalty. By investing in robust security measures and effectively communicating these efforts, businesses can foster a secure and trustworthy environment for their users.Listeners are encouraged to download the full AppDome report for a deeper understanding of consumer attitudes towards mobile app security. This empathetic report offers valuable insights that can help developers, product managers, and cybersecurity teams align their strategies with consumer expectations, ultimately leading to safer and more secure mobile applications.Learn more about Appdome: https://itspm.ag/appdome-neuvNote: This story contains promotional content. Learn more.Guests: Brian Reed, SVP AppSec & Mobile Defense, Appdome [@appdome]On LinkedIn | https://www.linkedin.com/in/briancreed/Chris Roeckl, Chief Product Officer, Appdome [@appdome]On LinkedIn | https://www.linkedin.com/in/croeckl/ResourcesLearn more and catch more stories from Appdome: https://www.itspmagazine.com/directory/appdomeView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Rogier Fischer, co-founder and CEO of Hadrian, to delve into the evolving landscape of cybersecurity. The discussion navigates through the intricacies of modern cybersecurity challenges and how Hadrian is providing innovative solutions to tackle these issues. Sean Martin sets the stage by emphasizing the importance of operationalizing cybersecurity strategies to manage risk and protect revenue. Rogier Fischer shares his journey from an ethical hacker working with Dutch banks and tech companies to co-founding Hadrian, a company that leverages advanced AI to automate penetration testing.Fischer highlights the limitations of traditional cybersecurity tools, noting they are often too passive and fail to provide adequate visibility. Hadrian, on the other hand, offers a proactive approach by simulating hacker behavior to identify vulnerabilities and exposures. The platform provides a more comprehensive view by combining various aspects of offensive security, enabling organizations to prioritize their most critical vulnerabilities.One of the key points Fischer discusses is Hadrian's event-driven architecture, which allows the system to detect changes in real-time and reassess vulnerabilities accordingly. This ensures continuous monitoring and timely responses to new threats, adapting to the ever-changing IT environments. Another significant aspect covered is Hadrian's use of AI and machine learning to enhance the context and flexibility of security testing. Fischer explains that AI is selectively applied to maximize efficiency and minimize false positives, thus allowing for smarter, more effective security assessments.Fischer also shares insights on how Hadrian assists in automated risk remediation. The platform not only identifies vulnerabilities but also provides clear guidance and tools to address them. This is particularly beneficial for smaller security teams that may lack the resources to handle vast amounts of raw data generated by traditional vulnerability scanners. Additionally, Hadrian's ability to integrate with existing security controls and workflows is highlighted. Fischer notes the company's focus on user experience and the need for features that facilitate easy interaction with different stakeholders, such as IT teams and security engineers, for efficient risk management and remediation.In conclusion, Rogier Fischer articulates that the true strength of Hadrian lies in its ability to offer a hacker’s perspective through advanced AI-driven tools, ensuring that organizations not only identify but also effectively mitigate risks. By doing so, Hadrian empowers businesses to stay ahead in the ever-evolving cybersecurity landscape.Top Questions AddressedWhat drove the creation of Hadrian, and what gaps in the cybersecurity market does it fill?How does Hadrian's event-driven architecture ensure continuous risk assessment and adaptation to changing environments?How does Hadrian leverage AI and machine learning to improve the effectiveness of penetration testing and risk remediation?Learn more about Hadrian: https://itspm.ag/hadrian-5eiNote: This story contains promotional content. Learn more.Guest: Rogier Fischer, Co-Founder and CEO, Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/rogierfischer/ResourcesView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this episode of the On Location, host Sean Martin engages in an insightful conversation with Francesco Cipollone, Co-founder and CEO of Phoenix Security, at the OWASP AppSec Global conference in Lisbon. They delve into the evolving landscape of application security, focusing on the pressing challenges and innovative solutions that are shaping the industry today.The discussion begins by exploring the potential and pitfalls of artificial intelligence (AI) in cybersecurity. Francesco highlights the dual role of AI as both a tool and a target within security frameworks. He emphasizes the importance of proper prompt engineering and specialized training data to avoid common issues, such as AI-generated libraries that don't actually exist. This leads to a broader conversation about how Phoenix Security utilizes AI to intelligently categorize and prioritize vulnerabilities, allowing security teams to focus on the most critical issues.The conversation then shifts to the concept of maturity models in vulnerability management. Francesco explains that many organizations are still struggling with basic security tasks and describes how Phoenix Security helps these organizations to quickly enhance their maturity levels. This involves automating the scanning process, aggregating data, and providing clear metrics that align security efforts with executive expectations.A significant portion of the episode is dedicated to the importance of collaboration and communication between security and development teams. Francesco stresses that security should be integrated into the spring planning process, helping developers to prioritize tasks in a way that aligns with overall risk management strategies. This approach fosters a culture of cooperation and ensures that security initiatives are seen as a valuable part of the development cycle, rather than a hindrance.Francesco also touches on the role of management in security practices, underscoring the need for aligning business expectations with engineering practices. He introduces the vulnerability maturity model that Phoenix Security uses to help organizations mature their security programs effectively. This model, which maps back to established OWASP frameworks, provides a clear path for organizations to improve their security posture systematically.The episode concludes with Francesco reflecting on the persistent basic security issues that organizations face and expressing optimism about the future. He is confident that Phoenix Security's approach can help businesses intelligently address these challenges and scale their security practices effectively.Learn more about Phoenix Security: https://itspm.ag/phoenix-security-sx8vNote: This story contains promotional content. Learn more.Guest: Francesco Cipollone, CEO & Founder at Phoenix Security [@sec_phoenix]On LinkedIn | https://www.linkedin.com/in/fracipo/On Twitter | https://twitter.com/FrankSEC42ResourcesLearn more and catch more stories from Phoenix Security: https://www.itspmagazine.com/directory/phoenix-securityView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

We are in the era of dynamic computing – and while that gives way to innovation, it also escalates the risks every business faces. Computing no longer occurs solely within the perimeter, and cybersecurity threats are increasingly more sophisticated. In fact, organizations today operate in a climate where entire systems can be taken offline in just a few short hours – and leaders need to be prepared for recovery from an interruption to the networks, systems, or data that underpin their business. With the advent and proliferation of new technologies, there is more pressure than ever to secure organizations’ computing. Ultimately, the evolution of computing has forced businesses into a paradox of innovation and risk. They must balance technology with security and business resilience, which requires a new way of thinking.Conduct a thorough assessment of risk areas to understand the barriers across your IT estate.Assess your organization’s dynamic computing initiatives and design security measures from the outset of implementation to ensure compliance and mitigate future risks.Allocate resources strategically to align cybersecurity initiatives with business objectives across silos.Forge partnerships with external collaborators to augment your organization’s security expertise.Regularly adapt your approach to meet the demands of an evolving computing landscape and expanding attack surface.Learn more about LevelBlue: https://itspm.ag/levelblue266f6c Note: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Earlier this year, the NSA released updated zero-trust guidance in which microsegmentation is listed as a daunting, advanced endeavor, only suitable to the most mature organizations. Zero Networks is committed to challenging this sentiment. While some may hesitate, thinking microsegmentation is beyond their reach, we urge organizations to reconsider. Waiting is not an option when it comes to securing your network against evolving threats. By prioritizing microsegmentation, you're taking a proactive stance against unauthorized lateral movement, thwarting advanced attacks, and effectively blocking ransomware. Zero Networks has helped organizations of all sizes, maturity, and complexity levels to deploy our radically simple microsegmentation solution in a click, without breaking anything, and with little to no effort.As ransomware attacks double, microsegmentation has been hailed by Gartner, Forrester, the NSA, and leading security trade media outlets, as the most promising solution for halting lateral movement and satisfying zero trust guidelines. You can’t have a zero trust architecture without microsegmentation – but you also need to implement a solution quickly, without breaking anything, and without extensive costs and complexities. Zero Networks offers exactly this solution. Zero Networks' microsegmentation solution locks down lateral movement, effectively stranding hackers and preventing them from spreading ransomware. For an added layer of security, we apply MFA authentication to the network layer, allowing organizations to protect assets that could not be easily protected by MFA before: legacy applications, databases, OT/IoT devices, mainframes, on-prem VMs, and IaaS VMs. Our just-in-time MFA also applies an additional layer of security to privileged remote admin protocols like RDP, SSH, and WinRM – commonly exploited by attackers. This also supports organizations with compliance needs. “Never trust, always verify” comes automatically with Zero Networks.Zero Networks' microsegmentation solution provides agentless, automated, and multi-factor authentication (MFA) powered architecture. By monitoring and learning all network connections over a 30-day period, Zero Networks creates precise firewall rules that are centrally applied to all assets. This agentless architecture ensures that every asset, whether on-premises or in the cloud, including OT/IoT devices, is segmented without disrupting normal operations. One of the key challenges with traditional microsegmentation solutions is their complexity and associated costs. Forrester highlights the difficulty in quantifying the business benefits of microsegmentation due to its indirect impact on productivity and user experience. A global independent investment bank, Evercore, was undergoing the major challenge of effectively responding to an incident when a workstation was compromised, and a threat actor was able to gain access to their network to move laterally. They had firewalls, whitelists, blacklists and other measures that could slow them down but nothing that could immediately shut them down. Chris Turek, CIO of Evercore, said “Zero Networks is creating a new sphere of security capabilities.See the platform for yourself - reach out to us at zeronetworks.com for a demo.Learn more about Zero Networks: https://itspm.ag/zeronet-al2d2Note: This story contains promotional content. Learn more.Guest: Benny Lakunishok, Co-Founder and CEO, Zero Networks [@ZeroNetworks]On LinkedIn | https://www.linkedin.com/in/bennyl/On Twitter | https://x.com/lakunishokResourcesLearn more and catch more stories from Zero Networks: www.itspmagazine.com/directory/zero-networksLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this BlackCLoak Brand Story, hosts Sean Martin and Marco Ciappelli engage in an in-depth conversation with Founder Chris Pierson, Chief Information Security Officer Ryan Black, and Product Manager Matt Covington. The discussion explores the company’s dedication to protecting security and privacy for CISOs, executives, and high-net-worth individuals.The episode kicks off with Martin and Ciappelli extending a warm welcome to Pierson, Black, and Covington while highlighting the mission-driven approach of BlackCloak. Pierson elaborates on BlackCloak’s unique focus on protecting not just organizations but also extending security measures to the personal lives of executives and their families. This connection underscores the significance of safeguarding home environments, which are increasingly becoming targets for cyberattacks.Covington shares his intriguing journey from having a master's degree in literary theory to becoming involved in cybersecurity, emphasizing the importance of empathy in product development. He explains how BlackCloak's technology seeks to scale its services efficiently by automating repetitive tasks, thereby allowing their experts to focus on critical problem-solving for clients.Throughout the conversation, Ryan Black describes the flexible, personalized concierge service that BlackCloak offers, aimed at addressing the unique security needs of individuals outside the corporate framework. He emphasizes that their approach goes beyond traditional enterprise security, focusing on protecting personal devices and networks that executives use at home.The episode also touches on the emotional and psychological aspects of cybersecurity, illustrating how personal experiences with phishing attacks have driven both Black and Covington in their professional paths. The hosts and guests also discuss the personal side of cybersecurity, addressing behavioral vulnerabilities and the integration of user-friendly technology in personal security measures.Finally, the session highlights the collaborative and proactive culture at Black Cloak, where team members are committed to going above and beyond to protect their clients. This episode offers listeners valuable insights into how BlackCloak is pioneering an empathetic and comprehensive approach to cybersecurity.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests: Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonRyan Black, Chief Information Security Officer, BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/ryancblack/Matt Covington, VP of Product, BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/mecovington/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebBlackCloak welcomes Ryan Black: https://www.linkedin.com/posts/blackcloak_personalcybersecurity-cybersecurity-executiveprotection-activity-7198293889777098752-Bd5zAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Here we are, once again from the bustling show floor at Infosecurity Europe 2024 in London, situated at the Excel Centre. Sean Martin of ITSP Magazine is your host, and he's joined by Dror Liwer, co-founder of CORO Security. Both are excited to dive deep into how CORO is expanding its focus into the European market.Day Three: Nonstop Conversations and PresentationsFrom the get-go, Dror shares his enthusiasm about being part of this prestigious event for the first time. With a primary presence in the U.S., CORO is now aggressively moving into EMEA, starting right here in London. This move is in response to increasing demand from small to medium-sized enterprises (SMEs) in Europe who need robust cybersecurity solutions.Addressing the Security Needs of SMEsSean recalls the comprehensive capabilities of CORO discussed in previous episodes. CORO provides multiple layers of security tailored to an organization’s specific needs, such as regulatory requirements, budget, and staffing capabilities. Sean encourages everyone to revisit those insightful seven-minute chats from RSA Conference to get an in-depth view.Dror emphasizes that CORO is unique in targeting the mid-market from the ground up, unlike other companies that retrofit enterprise solutions to fit smaller businesses. With a focus on simplicity and powerful protection, CORO ensures that its solutions are manageable even for lean IT teams.Navigating the Complexities of EuropeOne of the significant discussions revolves around the differences between the U.S. and European markets. While Sean and Dror acknowledge the similar types of cyber threats faced globally, operational nuances like data residency and privacy regulations differ widely across Europe. CORO has established a data center in Germany to comply with local data residency requirements, ensuring that email and file inspections stay within the EU boundaries.Real-World Applications and ChallengesSean drives the conversation into the specific challenges CORO has faced and the different attack scenarios in Europe compared to the U.S. Dror mentions that while SME awareness of being targets has been prevalent in the U.S. for a while, European SMEs are just beginning to realize the same. As a result, CORO is educating this market about the imminent threats and how to efficiently protect against them without becoming overwhelmed.The Importance of AffordabilityDror and Sean discuss the financial challenges faced by SMEs, such as difficult decisions on whether to invest in cybersecurity or other critical needs like educational resources. Dror emphasizes that CORO has priced its suite of security solutions to remove this barrier, making comprehensive coverage affordable for even the smallest enterprises.Team and Technology: The Backbone of COROThe conversation takes a moment to appreciate CORO’s dedicated team. Sean praises the high energy and mutual support visible at CORO’s booth. Dror points out that customer reviews often highlight how easy it is to work with CORO—a testimony to the company’s dedication to protecting overlooked small and mid-sized businesses.The Future of SME CybersecurityCORO aims to remove the guesswork ("threat roulette”) for SMEs by providing an all-encompassing platform that is accessible and easy to manage. This approach ensures that small businesses can protect themselves comprehensively without the need to prioritize between different threat vectors due to budget constraints.CORO’s MissionAs the conversation winds down, Dror reiterates CORO's mission to protect SMEs globally and make cybersecurity as effortless as possible. Sean encourages attendees of Infosecurity Europe to visit CORO's dynamic and innovative booth, and for those who cannot make it, to check out CORO online. For more information, visit CORO's website at Coro.netThanks to everyone for joining us. Expect more exciting updates from CORO, possibly next time from Las Vegas!Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the dynamic and ever-changing world of cybersecurity, it is crucial to remain at the forefront of addressing vulnerabilities, implementing innovative solutions, and getting to know companies that are making a differences in this industry. At Infosecurity Europe 2024 in London, Sean Martin sits down with Francesco Cipollone, co-founder of Phoenix Security, to discuss the company’s journey, achievements, and unique value propositions, highlighting their significant impact within the cybersecurity community.Setting the StageThe bustling environment of Infosecurity Europe 2024 serves as the backdrop for an engaging conversation about the latest cybersecurity trends. Martin and Cipollone delve into Phoenix Security’s origins as an internal project at HSBC, aimed at addressing engineer burnout by improving communication and prioritization in vulnerability management.Phoenix Security’s Journey and VisionCipollone explains how Phoenix Security was created to help engineers avoid burnout, originally focusing on solving communication and prioritization challenges in vulnerability management. This initiative quickly evolved into a comprehensive solution that bridges the gap between security and engineering teams by providing actionable risk assessments and automating decision-making processes.Innovative Solutions for Modern Cybersecurity ChallengesPhoenix Security stands out by offering powerful tools that streamline vulnerability management across enterprise systems. Their platform allows for better scheduling of workloads and prioritization of tasks, significantly reducing the time it takes to address vulnerabilities from hours to just minutes. This efficiency not only prevents engineer burnout but also ensures that security measures are implemented effectively.Success Stories and Client FeedbackCipollone shares success stories from clients like ClearBank, who have benefited from real-time, up-to-date asset inventory and operational insights. By using Phoenix Security, these organizations can engage in informed risk-based decision-making, enabling security teams to focus on high-impact vulnerabilities and maximize risk reduction.Expanding Reach Through Strategic PartnershipsHighlighting the importance of collaboration, Cipollone mentions Phoenix Security’s recent partnership with Booncheck. This partnership integrates advanced threat intelligence into the Phoenix platform, offering clients access to a wealth of vulnerability data and enabling more effective risk management strategies.ConclusionThe conversation concludes with insights into future security trends and Phoenix Security’s commitment to innovation and community-driven solutions. Cipollone emphasizes that Phoenix Security aims to simplify decision-making processes, giving engineers and security professionals more time to focus on what truly matters.We encourage all ITSPmagazine viewers and listeners to connect with the Phoenix team, download their new book, and stay tuned for more updates from Infosecurity Europe 2024.Learn more about Phoenix Security: https://itspm.ag/phoenix-security-sx8vNote: This story contains promotional content. Learn more.Guest: Francesco Cipollone, CEO & Founder at Phoenix Security [@sec_phoenix]On LinkedIn | https://www.linkedin.com/in/fracipo/On Twitter | https://twitter.com/FrankSEC42ResourcesLearn more and catch more stories from Phoenix Security: https://www.itspmagazine.com/directory/phoenix-securityView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Welcome to a brand-new episode of On Location with Sean Martin and Marco Ciappelli at Infosecurity Europe 2024 in London. Today, Sean hosts a very special guest, Richard Meeus, Director of Security Technology and Strategy, EMEA at Akamai, who will provide us with valuable insights into cybersecurity resilience and the evolving landscape of distributed denial of service (DDoS) attacks.The High Energy at Infosecurity Europe 2024Sean Martin kicks off the conversation by highlighting the vibrant atmosphere at Infosecurity Europe. With a bustling crowd and high energy, it's the perfect setting to look and discuss pressing cybersecurity topics. Richard Meeus appreciates the opportunity to be part of this lively event and shares his excitement for the discussions ahead.The Importance of ResilienceIn recent months, Sean has noticed a growing emphasis on the concept of resilience in cybersecurity conversations. Notably, both Chief Information Security Officers (CISOs) and Chief Information Officers (CIOs) are prioritizing resilience to safeguard their organizations. Richard shares his perspective, emphasizing the critical importance of resilience, especially in Europe. He points out that new legislations like NIST 2 and DORA are driving organizations to focus on maintaining the availability of their systems.The Rise in DDoS AttacksTransitioning to the main topic, Sean and Richard discuss the alarming increase in DDoS attacks observed in EMEA (Europe, the Middle East, and Africa). Over the past few years, there has been a significant surge in such attacks, with notable activity driven by hacktivists rather than traditional criminal actors. Richard explains that hacktivists use DDoS attacks to make a statement, often targeting high-profile organizations to maximize their impact.The Role of Akamai in Protecting Against DDoSRichard explains Akamai's pivotal role in defending against DDoS attacks. He highlights Akamai's extensive cloud protection service, boasting a global network with 2,400 points of presence (PoPs). This vast infrastructure allows Akamai to protect some of the world's largest and most prominent brands.Richard explains the importance of shifting the burden of DDoS defense to the cloud to handle the massive attack traffic. Akamai's scrubbing centers, strategically located worldwide, meticulously clean the incoming traffic, ensuring only legitimate requests reach the client's systems.Evolution of DDoS AttacksSean invites Richard to provide an overview of how DDoS attacks have evolved over the years. While some traditional tactics like sin floods remain prevalent, there has been a resurgence of older techniques like water torture attacks targeting DNS. Richard emphasizes that organizations must protect their entire infrastructure, including APIs, which are increasingly becoming the target of such attacks.The Financial Sector: A Prime TargetThe financial sector is frequently targeted by DDoS attacks, according to Richard. He stresses that the trust customers place in financial institutions is heavily reliant on the availability of their digital services. Any disruption can erode this trust and have a significant material impact on the organization's reputation and customer confidence.Comprehensive Protection StrategyRichard underscores the importance of a comprehensive protection strategy for organizations facing the threat of DDoS attacks. By leveraging Akamai's global network and sophisticated scrubbing techniques, organizations can effectively mitigate the impact of these attacks. The combination of automated defenses and skilled SOC teams ensures real-time protection and rapid response to evolving threats.In this conversation, Sean and Richard reiterate the significance of maintaining trust and resilience in the face of growing cyber threats. With the right strategies, partnerships, and technologies, organizations can safeguard their digital presence and continue to deliver reliable services to their customers.For more in-depth insights, be sure to check out Akamai's latest report and explore their extensive back catalog of valuable cybersecurity resourcesLearn more about Akamai: https://itspm.ag/akamaievkiNote: This story contains promotional content. Learn more.Guest: Richard Meeus, Director, Security Technology and Strategy, Akamai [@Akamai]On LinkedIn | https://www.linkedin.com/in/richard-meeus/ResourcesFighting the Heat: EMEA’s Rising DDoS Threats: https://itspm.ag/akamaievkiLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

SMBs and Mid Market companies make up 63% of the GDP, and over 70% of employment - making them the backbone of the economy. The entire cybersecurity industry is focused on the enterprise market, paying lip service to the SMB SME segments, leaving them vulnerable to cyber attacks. Coro decided to change the status quo and built a platform that was designed from day one for the overlooked SMB and SME segments - because we believe they deserve the best protection there is so they can focus on growing their businesses, and not cyber threats.There were three barriers to SMBs getting adequate protection: The need for multiple tools to get end to end protection, the extreme labor intensiveness of managing these platforms, and the overall cost. What Coro did was create a platform that removes all three barriers. 1) It's a single platform with one dashboard and one endpoint agent that covered all of the cybersecurity needs. 2) The platform uses smart automation to offload workloads from people to machines, dramatically reducing the need to chase and remediate security events manually, and 3) Provide all of that for a price point that any SMB could easily afford.Visit the Coro website and schedule a call with our Cyber Experts to see how we can help.Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coro2024 SME Security Workload Impact Report -- https://www.coro.net/sme-security-workload-impact-reportLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Innovation Unveiled: SquareX's Vision at RSA Conference 2024During RSA Conference 2024, SquareX emerged as a source of fresh innovation, revolutionizing the cybersecurity landscape with their cutting-edge solutions. Hosted by Sean Martin, this episode of "On Location" takes you on a journey through the insights and revelations brought to light by key figures at SquareX.Introducing SquareX: Meet the VisionariesThe episode turn on the microphones at the Square X booth, where Sean Martin introduces the audience to Dakshitaa Babu and Shourya Pratap Singh, pivotal figures driving innovation at SquareX. Dakshitaa, the product evangelist, and Shourya, the principal software engineer, shed light on their roles and the impact of SquareX's work on the industry.The Passion Behind the InnovationDakshitaa shares her perspective on the privilege of contributing to a company that drives meaningful change in the industry, emphasizing SquareX's commitment to innovation. Shourya echoes this sentiment, highlighting the satisfaction of solving complex problems and witnessing their solutions making a tangible impact on customers.Pushing the Boundaries: A Glimpse Into SquareX's TechnologySean Martin delves into the intricacies of SquareX's technology, discussing AI-generated images and reverse engineering techniques employed to uncover hidden threats within images. Shourya elaborates on the challenges posed by malicious files and the innovative approaches adopted by SquareX to enhance cybersecurity.Addressing Customer Concerns: SquareX's Value PropositionSean Martin probes Dakshitaa and Shourya on the key concerns voiced by prospects and customers at the conference. They shed light on how SquareX addresses the gap in endpoint security solutions, providing customers with insightful data and a comprehensive understanding of cyber threats.Empowering Organizations: The SquareX DifferenceThe episode concludes with Sean Martin underscoring the significance of visibility at the web browser level and commending SquareX for empowering organizations to proactively tackle cybersecurity challenges. Dakshitaa extends her gratitude to visitors at the booth, emphasizing the value of SquareX's solutions for a secure digital environment.Learn more about SquareX: https://itspm.ag/sqrx-l91Note: This story contains promotional content. Learn more.Guests: Dakshitaa Babu, Security Researcher, SquareXOn LinkedIn | https://www.linkedin.com/in/dakshitaababu/Shourya Pratap Singh, Principal Software Engineer, SquareXOn LinkedIn | https://www.linkedin.com/in/shouryaps/ResourcesLearn more and catch more stories from SquareX: https://www.itspmagazine.com/directory/squarexView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In a constantly changing cybersecurity landscape, staying ahead of the curve is not just a competitive advantage; it's a necessity. Recently, we had the privilege of diving into the insights of the LevelBlue Futures Report, a comprehensive annual thought leadership report that offers a glimpse into the future of cybersecurity and resilience. Join us as we unravel the key takeaways and implications of this groundbreaking report.Exploring the LandscapeThe LevelBlue Futures Report covers the core challenges and opportunities faced by organizations when it comes to cybersecurity and resilience. In a candid conversation between Theresa Lanowitz, Chief Evangelist of ATT Cybersecurity and Agent of LevelBlue, and Sean Martin, the stage is set for an enlightening discussion on the pressing issues at hand.Key Insights and Findings: A Closer LookAs the conversation unfolds, we are introduced to critical findings from the report. From the changing role of the economic buyer to the imperative of aligning cybersecurity with business objectives, each insight sheds light on the evolving dynamics of the cybersecurity landscape.Challenges and Barriers: Addressing the RealityOne of the stark revelations from the report is the prevailing challenges and barriers that hinder organizations from achieving cyber resilience. From the lack of a formalized incident response plan to the reactive nature of cybersecurity practices, the report highlights the urgent need for proactive and intentional cybersecurity measures.Looking Toward the Future: A Call to ActionDespite the hurdles and complexities inherent in cybersecurity, the LevelBlue Futures Report serves as a guidance for organizations seeking to bolster their cybersecurity posture. By leveraging the insights and recommendations laid out in the report, organizations can embark on a journey towards enhanced cyber resilience and strategic alignment with business goals.Empowering Change: The Role of Strategic Planning and CollaborationA key theme that emerges from the report is the pivotal role of strategic planning and collaboration in driving cybersecurity innovation and resilience. By engaging third-party advisors, fostering cross-functional communication, and realigning cybersecurity investments with business objectives, organizations can pave the way for transformative change in their cybersecurity practices.With the LevelBlue Futures Report one thing becomes abundantly clear: the future of cybersecurity lies in proactive, business-aligned strategies that prioritize resilience and innovation. By heeding the insights and recommendations put forth in the report, organizations can chart a course towards a more secure and resilient future.In an era where cybersecurity threats loom large and innovations abound, armed with knowledge, foresight, and a commitment to change, organizations can forge a path towards a brighter, more secure tomorrow.Learn more about LevelBlue: https://itspm.ag/levelblue266f6c Note: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLevelBlue Futures Report: https://itspm.ag/att-cy8awvLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This Brand Story Podcast comes to you from the RSA Conference Broadcast Alley and features an insightful discussion between Sean Martin, the host, and Siân John, the Chief Technology Officer at NCC Group. The conversation dives deep into the complex world of cybersecurity, shedding light on critical issues and trends impacting organizations globally. Siân John, in her role as the Chief Technology Officer at NCC Group, brings a wealth of experience and knowledge to the table. She discusses the challenges faced by organizations in the rapidly evolving cybersecurity landscape.From insights to innovation, threat intelligence to research, her role encompasses a wide range of responsibilities aimed at enhancing cybersecurity capabilities. One of the key highlights of the episode is the discussion around the shift in regulatory dynamics driven by citizen advocacy. Siân John emphasizes how the push for regulations, especially in areas like online safety and data privacy, is now coming from the citizens themselves. This shift signifies a growing awareness and concern among the general public regarding cybersecurity issues.The conversation also touches upon the importance of bridging the gap between business and cybersecurity. Sean Martin and Siân John discuss how organizations need to align their security strategies with business objectives to effectively manage cyber risks. By emphasizing the need for a business-driven approach to cybersecurity, they underscore the significance of integrating security into the fabric of the organization. Furthermore, the episode explores emerging technology trends that are reshaping the cybersecurity landscape. Siân John highlights the importance of consolidation, simplification, and automation in security operations.The discussion underscores the need for organizations to adapt to new technologies while ensuring a streamlined and resilient cybersecurity posture. As the conversation unfolds, Sean Martin and Siân John stress the importance of strategic planning and gradual implementation in cybersecurity initiatives. They caution against hasty decisions driven by urgency, advocating for a methodical approach to security transformation. By drawing parallels with failed IT projects, they emphasize the need for careful planning and execution in cybersecurity endeavors.Ultimately, the episode offers valuable insights into the evolving cybersecurity landscape and the role of key stakeholders in driving security transformation. Sean Martin and Siân John bring a wealth of knowledge and expertise to the table, offering practical advice and strategic guidance for organizations navigating the complex cybersecurity terrain.To learn more about the latest cybersecurity trends and best practices, connect with Sean John and the team at NCC Group and explore the cutting-edge solutions they offer to enhance cybersecurity resilience and protect against evolving threats.Learn more about NCC Group: https://itspm.ag/ncc-gr1ajhNote: This story contains promotional content. Learn more.Guest: Siân John, Chief Technology Officer, NCC GroupOn LinkedIn | https://www.linkedin.com/in/sian-john/ResourcesLearn more and catch more stories from NCC Group: https://www.itspmagazine.com/directory/ncc-groupView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the fast-paced world of cybersecurity, staying ahead of threats and protecting sensitive data is a top priority for organizations of all sizes. However, small businesses and mid-market companies often face unique challenges when it comes to implementing comprehensive cybersecurity solutions due to limited resources and expertise. That's where Coro comes in, revolutionizing cybersecurity for smaller enterprises with its innovative approach.Unveiling Coro: A Purpose-Built PlatformThe conversation between Sean Martin, host of the Redefining Cybersecurity Podcast on ITSPmagazine, and Dror Liwer, sheds light on the groundbreaking solutions offered by Coro. Positioned as the first purpose-built platform for the mid-market and small businesses, Coro addresses the cybersecurity needs of organizations that are often overlooked by traditional enterprise-focused solutions.Understanding the Threat LandscapeDror Liwer highlights the evolving threat landscape faced by small businesses and mid-market companies. Attackers are increasingly targeting these organizations due to their vulnerabilities and limited protection measures. With Coro, businesses can gain comprehensive control and protection at an affordable cost, tailored to their specific needs.Simplifying Cybersecurity ManagementOne of the key benefits of Coro is its simplicity and ease of use. Unlike traditional cybersecurity solutions that require extensive configuration and management, Coro streamlines the deployment process, allowing businesses to be up and running within an hour for all 14 modules. By consolidating protection measures into one platform, Coro eliminates the need for multiple endpoint agents and ensures seamless integration across different modules.Peace of Mind and AssuranceCoro's approach to cybersecurity is not just about protection; it's about providing peace of mind to business owners and executives. Automatic updates, simplified dashboards, and detailed reports give stakeholders the confidence to know that their systems are secure and compliant. Additionally, Coro's emphasis on transparency and accountability positions businesses to easily obtain cyber insurance by demonstrating their commitment to cybersecurity best practices.Affordable and Comprehensive SolutionsCoro offers five suites tailored to different business needs, including endpoint protection, email protection, network and access, essential suite, and core complete. With competitive pricing starting at $6 per user per month, businesses can access a wide range of cybersecurity features without breaking the bank. The core complete suite, priced at $15 per user per month, provides a comprehensive package of security measures that cover all bases.The Future of Cybersecurity is HereAs the cybersecurity landscape continues to evolve, solutions like Coro are paving the way for smaller businesses to achieve robust protection without the complexities and high costs associated with traditional enterprise solutions. By empowering organizations to focus on their core operations and leaving the cybersecurity heavy lifting to Coro, businesses can embrace a future where cybersecurity is no longer a headache but a seamless part of their operations.Coro's innovative approach to cybersecurity is setting a new standard for small businesses and mid-market companies. By providing affordable, comprehensive, and user-friendly solutions, Coro is ensuring that cybersecurity is no longer a luxury but a necessity for all organizations. Embrace the future of cybersecurity with Coro and protect your business from ever-evolving threats.Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

7 Minutes Conversation at RSA ConferenceAs the Senior Director of Product Marketing, Bill Basinas brings a wealth of experience and knowledge as he sits down with Sean Martin for a new episode of "7 Minutes on ITSP Magazine" live from the RSA Conference. Bill shared insights into how Infinidat is redefining the landscape of storage solutions.Bridging the Gap with InfiniSafe TechnologyBill's discussion shed light on how Infinidat's InfiniSafe technology is leading the industry in cyber resilience and data protection. In a world where cyber attacks are becoming increasingly prevalent, organizations need robust solutions to safeguard their critical data assets. Infinidat's platform not only ensures uninterrupted operations but also builds a bridge between cyber security measures and data storage.Meeting the Evolving Needs of CustomersIn the conversation, Bill highlighted how customers are constantly evolving, moving towards cloud-based solutions, and generating vast amounts of data. In response to these changing dynamics, Infinidat is continuously adapting its strategies to meet the evolving needs of its clientele.Looking Towards the FutureAs the discussion continues, Bill teased upcoming developments at Infinidat, hinting at new announcements that will further revolutionize the industry. With a focus on orchestrating end-to-end data protection and recovery processes, Infinidat is set to unveil groundbreaking solutions that will redefine data security.Connecting with InfinidatFor those intrigued by Infinidat's cutting-edge technology and commitment to cyber resilience, Bill shared insights on how to connect with the company. Through webinars, live demos, and product demonstrations, individuals can delve deeper into the world of Infinidat and explore the innovative solutions they offer.This conversation with Bill Basinas provided a fascinating glimpse into the world of enterprise storage solutions and cyber resilience. Infinidat's dedication to pushing boundaries and delivering unmatched customer experiences sets them apart in a competitive industry.Stay tuned for more updates from Infinidat as they continue to lead the way in secure data storage and cyber resilience.Learn more about Infinidat: https://itspm.ag/infini3o5dNote: This story contains promotional content. Learn more.Guest: Bill Basinas, Sr. Director Product Marketing, Infinidat [@Infinidat]On LinkedIn | https://www.linkedin.com/in/billbasinas/ResourcesLearn more and catch more stories from Infinidat: https://www.itspmagazine.com/directory/infinidatView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

One company at the forefront of redefining IT security is Dispersive, led by the visionary CEO, Rajiv Pimplaskar. In a recent discussion with Sean Martin of ITSP Magazine at the RSA Conference, Rajiv shared insights into Dispersive's cutting-edge approach to network security and how they are revolutionizing the industry.Unveiling Dispersive's Stealth NetworkingAt the heart of Dispersive's network security strategy lies the concept of Dispersive Stealth Networking. Rajiv Pimplaskar, with over 25 years of experience in the industry, revealed that Dispersive is a DARPA-incubated network security company with 53 patents granted. Their approach leverages spread spectrum technology from the radio frequency domain to secure cloud and internet communications effectively. By enabling customers to hide in plain sight while ensuring the integrity of their critical systems, Dispersive offers a unique solution in the cybersecurity landscape.The Evolution of Network SecurityRajiv emphasized the shift from legacy SD WAN solutions to a more cloud-native approach, highlighting the challenges faced by businesses in ensuring security and privacy in today's distributed workforce model. The conversation with Sean shed light on the need for a more resilient and efficient networking infrastructure that can adapt to the evolving demands of modern businesses.Use Cases and Success StoriesThrough real-world examples with customers like Ovzon and Endeavour Energy, Rajiv illustrated how Dispersive's solutions are driving transformation in sectors such as satellite communications and sustainable infrastructure. By providing secure and efficient network connectivity across geographically dispersed assets, Dispersive is empowering organizations to meet the demands of the digital age without compromising on security.Looking Towards the FutureAs the conversation delved deeper into the intricacies of network security, Rajiv expressed optimism for the future of cybersecurity. Embracing principles like zero trust and automated moving target defense, Dispersive aims to stay ahead of the curve in protecting critical assets and resources from evolving cyber threats.In a rapidly changing digital landscape where cybersecurity is non-negotiable, companies like Dispersive and leaders like Rajiv Pimplaskar are paving the way for a more secure and resilient network infrastructure. By combining innovative technology with a collaborative approach, Dispersive is redefining the art of network security in the digital age.With Dispersive's disruptive approach to stealth networking, businesses can navigate the digital landscape with confidence, knowing that their critical systems are protected and secure.Learn more about Dispersive: https://itspm.ag/dispermlwtNote: This story contains promotional content. Learn more.Guest: Rajiv Pimplaskar, President & CEO, DispersiveOn LinkedIn | https://www.linkedin.com/in/rajiv1p/ResourcesLearn more and catch more stories from Dispersive: https://www.itspmagazine.com/directory/dispersiveView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.