Redefining CyberSecurity

Guests: John Swanson, Director, Security Strategy, GitHub [@github]On LinkedIn | https://www.linkedin.com/in/swannysec/On Twitter | https://twitter.com/swannysec____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco are joined by John Swanson, the Director of Security Strategy at GitHub. The conversation revolves around the challenges and importance of implementing two-factor authentication (2FA) for developers on the GitHub platform.John shares insights into the role of GitHub in protecting developers and the software ecosystem, emphasizing the need for collaboration and involving various perspectives in the project team. The discussion touches on the guiding principles that rallied the team and the importance of balancing security outcomes with usability. They explore the role of culture in driving effective security practices and creating a safe and healthy environment. John highlights the need to build and maintain a healthy culture around security, ensuring two-way trust between internal employees and customers.The conversation also explores how to measure success through traditional metrics and indicators, as well as the importance of team engagement and positivity. The hosts express their excitement for John's upcoming presentation at the Black Hat conference, where he will discuss 2FA for 100 million developers on the GitHub platform. The conversation provides valuable insights into the challenges and successes of implementing security technologies while considering the human factor, offering a glimpse into the real-world implementation of 2FA and the efforts made by GitHub to improve security without compromising usability.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesI Was Tasked With Enrolling Millions of Developers in 2FA - Here's What Happened: https://www.blackhat.com/us-23/briefings/schedule/#i-was-tasked-with-enrolling-millions-of-developers-in-fa---heres-what-happened-32925For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Pedro Adão, Associate Professor, Instituto Superior Técnico, Universidade de Lisboa [@istecnicoOn Linkedin | https://www.linkedin.com/in/pedro-ad%C3%A3o-b5b792/?Marco Squarcina, Senior Scientist, TU Wien [@tu_wien]On Linkedin | https://www.linkedin.com/in/squarcina/?originalSubdomain=atWebsite | https://minimalblue.com/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco are joined by guests Pedro and Marco to explore the vulnerabilities and challenges of web security. The conversation begins with an explanation of the Double Submit and Synchronized Token patterns used to protect against CSRF (cross site request forgery) attacks. They discuss the limitations of these patterns, particularly when it comes to the integrity of cookies.The guests highlight the potential for attackers to modify cookies and the need for better solutions. The conversation then unpacks the complexities of web security, including the difficulties of maintaining backward compatibility and the challenges of multiple components and parties involved in web development, delivery, and operations. They address the importance of revising the security of subdomains and implementing security mechanisms like HSTS (HTTP strict transport security) with the inclusive domain directive.The conversation also raises philosophical questions about the responsibility of companies and the development community in addressing web security, as well as the role of legislation in this space. The group emphasizes the need for better platforms and frameworks that prioritize security from the start.The conversation concludes with a discussion on the importance of ongoing research, reporting vulnerabilities to developers, and finding solutions to improve the overall security of web applications. Listeners can expect to gain a deeper understanding of web security challenges and the ongoing efforts to address vulnerabilities and improve the security of the internet ahead of Pedro's and Marco's research presentation at Black Hat USA 2023.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesCookie Crumbles: Unveiling Web Session Integrity Vulnerabilities: https://blackhat.com/us-23/briefings/schedule/#cookie-crumbles-unveiling-web-session-integrity-vulnerabilities-32551For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Steve Luczynski, Senior Manager / Critical Infrastructure Security, Accenture Federal Services [@Accenture] and Chairman of the Board for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/steveluczynski/On Twitter | https://twitter.com/cyberpilot22Lillian Ash Baker, Product Security Engineer, Boeing and Call for Papers Organizer for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/zap-bang/____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of the ITSPmagazine podcast, hosts Sean and Marco are joined by guests Steve Luczynski and Lillian Ash Baker to discuss the Aerospace Village 2023 at DEF CON during Hacker Summer Camp in Las Vegas. The conversation highlights the diverse range of topics covered in the village, including CubeSat resilience, ransomware resilience, and attack chains for low orbit satellites.The guests emphasize the involvement of government agencies like the White House and TSA, as well as industry giants like Boeing and Lockheed. The hosts express their excitement for the hands-on activities at the village, such as capture the flag events, and the opportunity to learn from experts in the field.They also discuss the importance of inspiring and promoting cybersecurity in the aviation and space sector, particularly for students and newcomers. The presence of SpaceX and their partnership with the village is highlighted as well. Listen to get a comprehensive overview of the Aerospace Village, showcasing the intersection of cybersecurity, aviation, and space, and the opportunity for attendees to engage with experts and participate in hands-on activities.The conversation also take a trip down memory lane, looking at the history of the village and its evolution over the years, highlighting the increasing number of submissions and the involvement of government agencies. The guests discuss their respective roles in the village and share their perspectives on the importance of cybersecurity in the aerospace industry. The hosts express their enthusiasm for the presentations and the chance to connect with professionals in the field. They also reflect on the growth and impact of the village, noting the increasing interest and participation from students and researchers. ____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllQZ9kSG7X7grrP_PsH3q3T3ITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesAerospace Village (Website): https://www.aerospacevillage.org/defcon-31____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Johannes Willbold, Doctoral Student, Ruhr University Bochum [@ruhrunibochum]On Linkedin | https://www.linkedin.com/in/jwillbold/On Twitter | https://twitter.com/jwillboldWebsite | https://jwillbold.com/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco invite Johannes Willbold to discuss the security of low Earth orbit (LEO) satellites. Johannes shares his research on satellite vulnerabilities and the challenges in securing satellite systems. They discuss security by obscurity and the lack of standardized protocols in satellite technology.Johannes emphasizes the importance of addressing security concerns in space technology and the need for organizations like NASA and the European Space Agency (ESA) to come together to address these challenges. They spend time looking into the difficulties of implementing security measures on satellites and the slow adoption of fixes due to the time-consuming nature of satellite testing and deployment.The trio also touch on the lack of everyday defenses and mitigating controls for satellite security, as well as the challenges of monitoring and responding to threats while satellites are in orbit. Johannes highlights ongoing efforts by organizations like ESA to improve security in space and host workshops to encourage research in this area.The hosts also cover some of the points from Johannes's upcoming talk at Black Hat USA, where he will share more details about his research. Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesHouston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites: https://www.blackhat.com/us-23/briefings/schedule/index.html#houston-we-have-a-problem-analyzing-the-security-of-low-earth-orbit-satellites-32468Space Odyssey research paper: https://jwillbold.com/paper/willbold2023spaceodyssey.pdfFor more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast episode, as part of our Black Hat USA conference coverage, hosts Sean Martin and Marco Ciappelli connect with Brian Kenyon, the Chief Strategy Officer at Island, to unpack the intricate world of enterprise browsers. Together, they explore the pressing need for robust web security and the challenges that orbit it. As the conversation unfurls, they navigate the evolution of browsers, their pivotal role in today's work operations, and how modern frameworks like Chromium have replaced relics like Flash and Silverlight, simplifying web backend and significantly enhancing a consistent user experience.The trio brings to light the persistent problem of technical debt within enterprise environments, where the existence of outdated applications and frameworks continues to be a daunting issue. They assert the need for an enterprise browser capable of maintaining compatibility with older systems while simultaneously keeping pace with the advancements of the digital era. In addition, the dialogue expands to include the integration of browser technologies in cloud-based applications like Salesforce and ServiceNow, and the challenges inherent in applying policies and ensuring data security within such environments.The pivotal value of an enterprise browser emerges strongly throughout the discussion, highlighting its ability to augment productivity and provide unique cybersecurity solutions. The conversation orbits around the value of an enterprise browser integrating with an organization's identity and access management systems, yielding granular control over access and actions within applications. Furthermore, Brian draws attention to the deployment flexibility of an enterprise browser, with its ability to be utilized across an entire organization or targeted towards specific departments or teams.In a concluding note, Sean, Marco, and Brian emphasize the pivotal role of end-user experience in enhancing productivity and the transformative role browsers play in this scenario. They discuss the additional functionality that an enterprise browser can offer - such as built-in copy and paste palettes, PDF editors, and password managers — and caution about potential risks tied to browser extensions, underscoring the need for visibility, governance, and control in this area while allowing the end-users to drive the requests to ensure they get their work done.A secure enterprise browser, such as the one offered by Island.io, is pivotal in transforming the business narrative, where security ceases to be a mere protective measure and becomes a business enabler. By ensuring a seamless and secure web browsing experience, it aligns with the company's strategic objectives, directly contributing to desired outcomes and fostering an environment where safety and efficiency coexist, driving the business towards new heights of digital innovation.Ultimately, this episode provides valuable insights into the challenges and benefits of leveraging an enterprise browser within the evolving digital landscape, offering a thought-provoking, informative, and practical discourse for organizations striving to enhance their web security and improve end-user experiences.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: Brian Kenyon, Chief Strategy Officer at Island [@island_io]On LinkedIn | https://www.linkedin.com/in/brianmkenyon/ResourcesLearn more about Island.io and their offering: https://itspm.ag/island-io-6b5ffdWhat if the browser was designed for the enterprise? See for yourself at Black Hat - Visit Booth #1474 https://itspm.ag/islandl724For more Black Hat USA 2023 coverage: https://itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Fredrik Heiding, Research Fellow at Harvard University [@Harvard]On Linkedin | https://www.linkedin.com/in/fheiding/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco discuss the use of AI in hacking and cybersecurity with guest Frederick Heiding, specifically large language models, such as GPT-3 and GPT-4 (ChatGPT). They explore the concept of using AI to create realistic phishing emails that are difficult to detect, and how cybercriminals can exploit this technology to deceive individuals and organizations.The episode also looks at the ease with which AI can generate content that appears real, making it a powerful tool in the hands of attackers. The trio discuss the potential dangers of AI-powered phishing emails and the need for more sophisticated spam filters that can accurately detect the intent of these emails, providing more granular information and recommended actions for users.Throughout the episode, there is a recognition of AI as a tool that can be used for both good and bad purposes, emphasizing the importance of ethics and the ongoing race between cybercriminals and cybersecurity professionals. The conversation also touches on the positive applications of AI in detecting and preventing phishing attacks, showcasing the efforts of the "good guys" in the cybersecurity world. They discuss the potential for AI to help in blocking phishing emails and providing more granular information and recommended actions for users.About the SessionAI programs, built using large language models, make it possible to automatically create realistic phishing emails based on a few data points about a user. They stand in contrast to "traditional" phishing emails that hackers design using a handful of general rules they have gleaned from experience.The V-Triad is an inductive model that replicates these rules. In this study, we compare users' suspicion towards emails created automatically by GPT-4 and created using the V-triad. We also combine GPT-4 with the V-triad to assess their combined potential. A fourth group, exposed to generic phishing emails created without a specific method, was our control group. We utilized a factorial approach, targeting 200 randomly selected participants recruited for the study. First, we measured the behavioral and cognitive reasons for falling for the phish. Next, the study trained GPT-4 to detect the phishing emails created in the study after having trained it on the extensive cybercrime dataset hosted by Cambridge. We hypothesize that the emails created by GPT-4 will yield a similar click-through rate as those created using V-Triad. We further believe that the combined approach (using the V-triad to feed GPT-4) will significantly increase the success rate of GPT-4, while GPT-4 will be relatively skilled in detecting both our phishing emails and its own.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____________________________ResourcesDevising and Detecting Phishing: Large Language Models (GPT3, GPT4) vs. Smaller Human Models (V-Triad, Generic Emails): https://www.blackhat.com/us-23/briefings/schedule/#devising-and-detecting-phishing-large-language-models-gpt-gpt-vs-smaller-human-models-v-triad-generic-emails-31659For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Laurent Hausermann, EntrepreneurOn Linkedin | https://www.linkedin.com/in/laurenthausermann/On Twitter | https://twitter.com/lhausermannWebsite | https://cyberbuilders.substack.com/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining CyberSecurity Podcast, host Sean Martin and guest Laurent Hausermann discuss the process of building security products. They emphasize the importance of understanding customer needs and pain points before developing a product. Laurent shares his experience in the IoT security space and the significance of gathering feedback from potential customers. The conversation highlights the role of a product manager in championing the value and experience of a product, without overselling it to security practitioners. They discuss the challenges of marketing security products and the need for realistic expectations.The discussion explores the user experience of security products, from installation to operational ease. They discuss the importance of a well-defined product development process and the role of the product manager in bridging user experience, technology, and business. They touch on the evolving nature of product management in a world where almost everything is built using a SaaS model. They also discuss the concept of time to value, emphasizing the need for quick delivery of value to users. They also address the role of product marketing in promoting the product and supporting sales, including the creation of collateral such as sales decks, briefs and papers, user testimonials, and webinars.The conversation concludes by discussing the organizational structures and responsibilities for product management and product marketing. Sean and Laurent highlight the need for a clear understanding of the product manager's role and the distinction between product management and product marketing. They emphasize the importance of a collaborative product development process, where the product manager serves as a bridge between various aspects of the product.Overall, this episode provides valuable insights into the world of building security products, emphasizing the importance of considering customer needs, user experience, and marketing strategies. The conversation is informative and thought-provoking, offering practical advice and discussing the challenges faced by security product teams. The host, Sean Martin, and guest, Laurent Hausermann, bring their expertise and experiences to the discussion, making it engaging and relevant for listeners in the cybersecurity industry.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesInspiring Post | Unlocking the Secrets of Cybersecurity Product Teams: https://cyberbuilders.substack.com/p/unlocking-the-secrets-of-cybersecurity____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Ryan Leirvik, CEO of Neuvik [@Neuvik]On LinkedIn | https://www.linkedin.com/in/leirvik/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity podcast, host Sean Martin discusses the fundamentals of risk management in cybersecurity with Ryan Leirvik, author of "Understand, Manage and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program." The conversation centers around the importance of understanding risk management in cybersecurity, categorizing assets, and identifying what's important to the business versus what's important to the individual. They also discuss the need to use frameworks like NIST-CSF to define and categorize risks and the importance of responding quickly to active threats and having a plan in place for recovery. Sean and Ryan provide practical advice for creating a sustainable cyber program that prioritizes risk management and explain how to set the stage for conversations about cybersecurity with stakeholders. Overall, the episode provides valuable insights into risk management in cybersecurity and how to prioritize and protect critical assets.ABOUT THE BOOKWhen it comes to managing cybersecurity in an organization, most organizations tussle with basic foundational components. This practitioner’s guide lays down those foundational components, with real client examples and pitfalls to avoid.A plethora of cybersecurity management resources are available―many with sound advice, management approaches, and technical solutions―but few with one common theme that pulls together management and technology, with a focus on executive oversight. Author Ryan Leirvik helps solve these common problems by providing a clear, easy-to-understand, and easy-to-deploy "playbook" for a cyber risk management approach applicable to your entire organization.This second edition provides tools and methods in a straight-forward, practical manner to guide the management of a cybersecurity program. Expanded sections include the critical integration of cyber risk management into enterprise risk management, the important connection between a Software Bill of Materials and Third-party Risk Programs, and additional "how to" tools and material for mapping frameworks to controls.Who This Book Is ForCISOs, CROs, CIOs, directors of risk management, and anyone struggling to pull together frameworks or basic metrics to quantify uncertainty and address risk____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesUnderstand, Manage, and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program (Book): https://www.amazon.com/Understand-Manage-Measure-Cyber-Risk-dp-1484293185/dp/1484293185/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Steve Wylie, Vice President, Cybersecurity Market at Informa Tech [@InformaTechHQ] and General Manager at Black Hat [@BlackHatEvents]On LinkedIn | https://www.linkedin.com/in/swylie650/On Twitter | https://twitter.com/swylie650____________________________This Episode’s SponsorsrunZero | https://itspm.ag/runzervvyhIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesBlack Hat USA 2023 conference's keynote sessions promise engaging and insightful conversations. Steve Wylie, the General Manager, highlighted one of the key discussions that will occur during the event, a fireside chat between Jen Easterly, the director of Cybersecurity and Infrastructure Agency (CISA), and Viktor Zhora, who is responsible for defending Ukraine's digital infrastructure. Easterly, having been appointed in 2021, participated in a Black Hat keynote stage three weeks later, where she effectively discussed her vision for the collaboration of hackers, government, and the private sector. Now, after a couple of years in her role, she's expected to bring in more nuanced perspectives.The discussion will focus on the pressing issues faced by the cybersecurity world, including the war in Ukraine and the country's efforts to defend its digital infrastructure. This fireside chat is set to foster insightful exchanges from two significant figures, each from different governments, giving attendees a unique view into real-world security operations.The Thursday morning keynote will feature Kemba Walden, the Acting National Cyber Director for the Executive Office of the President. Her contributions to major cybersecurity initiatives, such as the implementation of Executive Order 14028, make her an exciting addition to the conference. This order, which aimed to improve the nation's cybersecurity, addressed significant issues like public-private cooperation, sharing of intelligence between agencies, and supply chain security.As the conference unfolds, more technical discussions will also take place. Wylie mentioned the Black Hat briefings which are typically quite technical and provide insights into the current cybersecurity landscape. One notable briefing includes James Kettle's session, "Smashing the State Machine: The True Potential of Web Race Conditions," highlighting an unexpected flaw in web applications. Other sessions cover important topics such as the recent Viacom satellite attack in Ukraine and global DDoS trends, as observed by the FBI.The Black Hat USA 2023 conference offers a diverse range of topics for attendees, from policy-related big-picture conversations to more technical, detail-oriented discussions, plus hands-on activities taking place in the Arsenal. There's also an entrepreneur track, where innovative solutions are pitched to judges and are on display in the business hall.Black Hat USA 2023 aims to provide both overarching perspectives and in-depth analyses to ensure a comprehensive understanding of today's cybersecurity challenges.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____________________________ResourcesBlack Hat USA 2023 Trainings: https://blackhat.com/us-23/training/schedule/index.htmlBlack Hat USA 2023 Briefings: https://blackhat.com/us-23/briefings.htmlFor more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Allie Mellen, Senior Analyst at Forrester [@forrester]On Linkedin | https://www.linkedin.com/in/hackerxbella/On Twitter | https://twitter.com/hackerxbellaJeff Pollard, VP & Principal Analyst at Forrester [@forrester]On LinkedIn | https://www.linkedin.com/in/jpollard96/On Twitter | https://twitter.com/jeff_pollard2____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this new episode of Redefining CyberSecurity with Sean Martin, Allie Mellen, and Jeff Pollard engage in an in-depth conversation exploring security metrics' critical role and power in the infoSec decision-making processes. Throughout the dialogue, listeners can gain an understanding of the importance of implementing relevant metrics, such as Mean Time To Detect (MTTD) and Mean Time To Respond (MTTR), for tracking growth within cybersecurity contexts. However, there’s much more to metrics than just these two figures.Both Allie and Jeff emphasize that metrics should be perceived not merely as numerical values but as valuable guideposts aiding decision-making. This perspective, attributed to the Lean Startup philosophy by Eric Ries, encourages using metrics to guide future actions, understand current decisions, or evaluate past outcomes. They stress that metrics should have a genuine purpose and contribute meaningfully rather than just providing quantitative data.Furthermore, the conversation underscores the relevance of metrics to the decision-making audience. Allie and Jeff agree that metrics should differentiate between what matters only to your team and what's necessary for strategic decisions in the broader organization. They become truly impactful by ensuring metrics support decision-making and reach the right audience, whether it's senior leadership, the security program, or the tactical metric practitioners.Storytelling's role is highlighted as vital in presenting these metrics to various stakeholders, making the data more meaningful, understandable, and actionable. The conversation extends the notion of metrics, applying concepts like readmission rates, commonly used in healthcare, to measure incident recurrence in cybersecurity.The trio also spotlights the need for a synergistic relationship between the Security Operations Center (SOC) and Vulnerability Risk Management (VRM). Such a relationship fosters improved security posture through effective incident management and prevention, with Allie reasoning that translating data into something meaningful for other business units is crucial.Touching upon individual metrics in the context of career progression, both Allie and Jeff emphasize the necessity for individuals to define their career-oriented metrics based on their personal goals and organizational expectations. This understanding can help leaders prove their program's success and influence others.The conversation ultimately underscores the importance of the right data sources for calculating meaningful metrics. Without the correct data, generating truly impactful and actionable metrics becomes impossible. Jeff cites an example of a financial organization that used a unique metric to measure insider risk, emphasizing the complexities and challenges of deriving meaningful and actionable cybersecurity metrics.There’s a lot to unpack in this conversation. Listen to the entire episode so you don’t miss a beat.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesThe Lean Startup: https://theleanstartup.com/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Logan Finch, Principal Engineer at Cromulence [@cromulencellc]On Linkedin | https://www.linkedin.com/in/logan-finch/On Twitter | https://twitter.com/hack_a_satJason Williams, Co-Founder and CEO of Cromulence [@cromulencellc]On Linkedin | https://www.linkedin.com/in/jason-williams-5858c3On Twitter | https://twitter.com/hack_a_satAaron Myrick, Project Leader at The Aerospace Corporation [@AerospaceCorp]On Linkedin | https://www.linkedin.com/in/aaron-myrick-677b8474/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining CyberSecurity with Sean Martin, Logan Finch, Jason Williams, Aaron Myrick discuss the history and evolution of the Hack-A-Sat program, which aims to bridge the gap between the cybersecurity and aerospace communities and showcase the capabilities of extreme programming and hacking to secure space systems. The Moonlighter CTF challenge is a key part of the program, which emulates real-world attacks on space systems, and the guests share insights on the different disciplines involved in securing space systems.This episode also explores the ethical considerations of hacking and cybersecurity, the importance of diversity in the space and cybersecurity industries, and the need for collaboration between the different communities to create a holistic approach to securing space and satellite systems. The group highlights the importance of a new mindset and approach to securing these systems, which are critical to our lives and the economy, and showcases the capabilities of the cybersecurity and aerospace communities.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesHack-a-Sat CTF Website: https://hackasat.com/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinFrankie Thomas, Host of the Hacking Your Potential Podcast On ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/frankie-thomas____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesLong-timer Sean Martin and first-timer Frankie Thomas come together live from London, England, for Infosecurity Europe 2023, connecting with you to give you their thoughts and insights from day 3 of the event.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch the video for this conversation: https://youtu.be/SY5hSF37FOsBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastFor more podcast stories from Hacking Your Potential Podcast with Frankie Thomas, visit: https://www.itspmagazine.com/hacking-your-potential-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesSean Martin and Marco Ciappelli are live from London, England for Infosecurity Europe 2023, connecting with you from an undisclosed location to give you their thoughts and insights from day 2 of the event.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch the video for this conversation: https://youtu.be/RovrUo2CeowBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesSean Martin and Marco Ciappelli are live from London, England for Infosecurity Europe 2023, connecting with you from an undisclosed location to give you their thoughts and insights from day 1 of the event.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch the video for this conversation: https://youtu.be/xny6ffxiPNoBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Nabil Hannan, the field CISO at NetSPI, to discuss Attack Surface Management (ASM) and how it has evolved in recent years to become the minimum cybersecurity benchmark that organizations need. ASM provides a more targeted approach to vulnerability management, allowing testers to focus on building a platform with automation that identifies areas that need attention and validates them.Sean and Nabil also cover API security, the challenges of authentication and authorization, and the need for organizations to prioritize building secure-by-design frameworks. Nabil stresses the importance of understanding an organization's external perimeter and what exposures might exist, as well as the need for good cybersecurity hygiene that starts with good cybersecurity basics before bringing others in to help with the problem.ASM is an important element in modern cybersecurity with its role as the first line of defense reinforces the critical need to have a continuous view of an organization's external-facing perimeter.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Nabil Hannan, Field Chief Information Security Officer (CISO) at NetSPI [@NetSPI]On Linkedin | https://www.linkedin.com/in/nhannan/ResourcesLearn more about NetSPI: https://itspm.ag/netspi-hcjvBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Chris Thorpe from Quest Software to discuss operational and AD resilience and how organizations can manage permissions to prevent cybersecurity threats.The conversation covers how AD is a vital system and a single point of failure for the organization and therefore is a prime target for bad actors. Given the continued rise in cybersecurity threats, organizations should assume that accounts have already been compromised and should aim to work towards blocking access at choke points before their tier zero assets can be reached.Sean and Chris also discuss the importance of audit trails to track changes and to find the origin of a compromise, emphasizing that AD, as a specialist product, requires a specialist solution.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Chris Thorpe, UK&I Technical Channel Manager at Quest Software [@Quest]On Linkedin | https://www.linkedin.com/in/chris-thorpe-52488b25/ResourcesLearn more about Quest: https://itspm.ag/quest-adp23Recommended Podcast | Cyber Resilience with Defense in Depth: Maximizing Security in Hybrid Active Directory Environments | A Their Story Conversation from RSA Conference 2023 | A Quest Story with Sergey Medved and Matthew Vinton: https://itsprad.io/redefining-cybersecurity-168Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Nir Loya from Cymulate to discuss the launch of their new solution for organizations to run an informed continuous threat exposure management (CTEM) program.When you have the insights presented through the lens of the attacker and mapped to a CTEM program, you have an opportunity to drive better IT decisions to securely enable the business. The Cymulate Exposure Analytics solution has a quantifiable impact across all five of the CTEM program pillars and on a business’s ability to reduce risk by understanding, tracking, and improving its security posture with the following CTEM Alignment:Scoping: Understand by organizational segment, the risk posture of business systems and security tools and its risk to immediate and emergent threats to define the highest impact programs needed to reduce or manage risk scores and toleranceDiscovery: Correlated analysis from Cymulate and multi-vendor data that assesses on-premises and cloud attack surfaces, risky assets, attack paths, vulnerabilities, and business impactPrioritization: Vulnerability prioritization & remediation guidance based on multi-vendor aggregated data that is normalized, contextualized, and evaluated against breach feasibilityValidation: Analyze exposure severity, security integrity, and effectiveness of remediation from security validation assessment data. Immediate threat and security control efficacy data can be used to answer questions such as “Are we at risk to this emergent threat?”, “Do we have the necessary capabilities to protect us when under attack?”.Mobilization: Utilize Cymulate contextualized data to understand various response outcome options, and establish and track performance against baselines, benchmarks, and risk profilesNote: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Nir Loya, VP of Product at Cymulate [@Cymulateltd]On LinkedIn | https://www.linkedin.com/in/nir-loya-dahan/ResourcesLearn more about Cymulate: https://itspm.ag/cymulate-ltd--s2k4Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Simon Hodgkinson, former CISO for BP, to discuss a range of cybersecurity topics surrounding the concept of operational resilience. Simon shares his thoughts on the relationship between IT operations and cybersecurity operations, the similarities and differences between OT and IT security, and Semperis' approach to resilience and identity. Simon also discussed the importance of identity in enabling the business and the company's pre-, during- and post-breach capability, expressing his admiration for the company's culture and inclusion policies.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Simon Hodgkinson, Advisory Board Member at Semperis [@SemperisTech]On LinkedIn | https://www.linkedin.com/in/simon-hodgkinson-6072623/ResourcesLearn more about Semperis and their offering: https://itspm.ag/semperis-1rooPodcast | Securing the Modern Business Riddled with Legacy Technology | Protecting Active Directory On-Premises and Azure AD in the Cloud | A Semperis Story with Guido Grillenmeier and Daniel Lattimer: https://itsprad.io/event-coverage-1498Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Bridget Kenyon, CISO at Shared Services Connected Ltd [@SSCL_UK]On Linkedin | https://www.linkedin.com/in/bridgetkenyon/On Twitter | https://twitter.com/bridgetkenyon____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesBridget Kenyon, Chief Information Security Officer, joins host Sean Martin to discuss supply chain security. Using a ball of wool metaphor, they discuss the complexity of the supply chain and how independent organizations can provide impartial oversight.Have a listen for some practical steps organizations can take to improve their supply chain security and highlight the importance of meaningful conversation and relationships in building a more secure supply chain.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Bridget's session: ‘Instead of Thinking out of the Box, Get Rid of the Box’ — Supply Chain and Third-Party RisksBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Rob Black, Director at UK Cyber 9/12 Strategy Challenge [@Cyber912_UK]On Linkedin | https://www.linkedin.com/in/rob-black-30440819/____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesLive on-location from Infosecurity Europe 2023, Sean Martin connects with , a lecturer of information activities at the Defence Academy in the UK, to discuss the legal aspect of cybercrime and how legal definitions of harm and damage must be reexamined to protect against cyberattacks. They also explore the need to instill culture and passion in cybersecurity teams, the importance of innovation and collaboration to stay ahead of attackers, and the challenges of cyber defense.Black argues that the fight against cybercrime must be approached with a warfighting mindset rather than a regulatory one, and they discuss the role of insurance companies in determining coverage for cybersecurity incidents and how deception technology can help build a more robust defense against attackers. The conversation covers everything from burnout in the industry to the need for a global cybersecurity culture and the challenges of balancing aggressive cyber defense posture with international relations. ____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Rob's session: Cyber Crime Woes - Modernising our Legal Framework for the Information AgeUK Cyber 9/12 Strategy Challenge: http://www.ukcyber912.co.ukDesign Thinking for Cyber Deception (academic paper from the HICCS 2021 Conference): https://scholarspace.manoa.hawaii.edu/handle/10125/70853Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Ravi Pather from Ericom Software to discuss the importance of security architecture and isolation to prevent zero-day exploits from reaching networks and applications.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Ravi Pather, VP EME, Ericom Software [@Ericom_Software], Cybersecurity Business Unit at Cradlepoint [@cradlepoint]On Linkedin | https://www.linkedin.com/in/ravi-pather-21b20710/ResourcesLearn more about Ericom and their offering: https://itspm.ag/ericom-software-gtzfBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Live on-location from Infosecurity Europe 2023, Sean Martin connects with Steve Smith from Pentera to discuss the challenges and opportunities to help organizations protect against the broader scope of security risk.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-storyGuest: Steve Smith, VP, UKI & CEE at Pentera [@penterasec]On Linkedin | https://www.linkedin.com/in/stevesmithesq/ResourcesLearn more about Pentera and their offering: https://itspm.ag/pentera-tyuwBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6BAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join us as we connect with CEO and co-founder of Brinqa, Amad Fida, to discuss the importance of visualizing and prioritizing risk management in the cybersecurity space. Hosts Sean Martin and Marco Ciappelli chat with Fida where he stresses the importance of taking a data-driven approach to risk management and combining vulnerability data with threat intelligence and business context in order to help organizations prioritize their security efforts effectively.The conversation examines the challenges of bringing together disparate sources of information in an environment where the security landscape is constantly changing and emphasizes the value of tools like Brinqa in helping organizations stay ahead of evolving threats. The trio also discuss the changing landscape of cybersecurity, the types of assets that are being targeted, and how Brinqa's platform can be used for everything from traditional servers and workstations to code, applications, and cloud environments.Fida also shares insights into Brinqa's journey and the value of bootstrapping from day one, focusing on building a product that solves a real problem, and staying true to what works best when it comes to entrepreneurship. Overall, listeners can expect to gain valuable insights into the world of risk management and cybersecurity and how data-driven approaches can help organizations stay ahead of their security challenges.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Amad Fida, CEO, and Co-Founder of at Brinqa [@brinqa]On Linkedin | https://www.linkedin.com/in/amad-fida-80b7534/ResourcesLearn more about Brinqa and their offering: https://itspm.ag/brinqa-pmdpAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Jason Haddix, CISO and Hacker in Charge at BuddoBot Inc [@BuddoBot]On LinkedIn | https://www.linkedin.com/in/jhaddix/On Twitter | https://twitter.com/Jhaddix____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this Redefining CyberSecurity Podcast, we provide an in-depth exploration of the potential implications of large language models (LLMs) and artificial intelligence in the cybersecurity landscape. Jason Haddix, a renowned expert in offensive security, shares his perspective on the evolving risks and opportunities that these new technologies bring to businesses and individuals alike. Sean and Jason explore the potential risks of using LLMs:🚀 Prompt Injections💧 Data Leakage🏖️ Inadequate Sandboxing📜 Unauthorized Code Execution🌐 SSRF Vulnerabilities⚖️ Overreliance on LLM-generated Content🧭 Inadequate AI Alignment🚫 Insufficient Access Controls⚠️ Improper Error Handling💀 Training Data PoisoningFrom the standpoint of offensive security, Haddix emphasizes the potential for LLMs to create an entirely new world of capabilities, even for non-expert users. He envisages a near future where AI, trained on diverse datasets like OCR and image recognition data, can answer private queries about individuals based on their public social media activity. This potential, however, isn't limited to individuals - businesses are equally at risk.According to Haddix, businesses worldwide are rushing to leverage proprietary data they've collected in order to generate profits. They envision using LLMs, such as GPT, to ask intelligent questions of their data that could inform decisions and fuel growth. This has given rise to the development of numerous APIs, many of which are integrated with LLMs to produce their output.However, Haddix warns of the vulnerabilities this widespread use of LLMs might present. With each integration and layer of connectivity, opportunities for prompt injection attacks increase, with attackers aiming to exploit these interfaces to steal data. He also points out that the very data a company uses to train its LLM might be subject to theft, with hackers potentially able to smuggle out sensitive data through natural language interactions.Another concern Haddix raises is the interconnected nature of these systems, as companies link their LLMs to applications like Slack and Salesforce. The connections intended for data ingestion or query could also be exploited for nefarious ends. Data leakage, a potential issue when implementing LLMs, opens multiple avenues for attacks.Sean Martin, the podcast's host, echoes Haddix's concerns, imagining scenarios where private data could be leveraged and manipulated. He notes that even benign-seeming interactions, such as conversing with a bot on a site like Etsy about jacket preferences, could potentially expose a wealth of private data.Haddix also warns of the potential to game these systems, using the Etsy example to illustrate potential data extraction, including earnings of sellers or even their private location information. He likens the data leakage possibilities in the world of LLMs to the potential dangers of SQL injection in the web world. In conclusion, Haddix emphasizes the need to understand and safeguard against these risks, lest organizations inadvertently expose themselves to attack via their own LLMs.All OWASP Top 10 items are reviewed, along with a few other valuable resources (listed below).We hope you enjoy this conversation!____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesThe inspiring Tweet: https://twitter.com/Jhaddix/status/1661477215194816513Announcing the OWASP Top 10 for Large Language Models (AI) Project (Steve Wilson): https://www.linkedin.com/pulse/announcing-owasp-top-10-large-language-models-ai-project-steve-wilson/OWASP Top 10 List for Large Language Models Descriptions: https://owasp.org/www-project-top-10-for-large-language-model-applications/descriptions/Daniel Miessler Blog: The AI attack Surface Map 1.0: https://danielmiessler.com/p/the-ai-attack-surface-map-v1-0/PODCAST: Navigating the AI Security Frontier: Balancing Innovation and Cybersecurity | ITSPmagazine Event Coverage: RSAC 2023 San Francisco, USA | A Conversation about AI security and MITRE Atlas with Dr. Christina Liaghati: https://itsprad.io/redefining-cybersecurity-163Learn more about MITRE Atl

Guest: Erhan Temurkan, Director of Security and Technology at Fleet Mortgages [@FleetMortgages]____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesIn this Chats on the Road to Infosecurity Europe 2023, hosts Marco and Sean interview Erhan Temurkan, Director of Security and Technology at Fleet Mortgages to discuss his experiences with cybersecurity strategy and diversifying recruitment, emphasizing the need for the security community to learn from each other's experiences and to talk about security incidents to improve outcomes.The conversation touches on the importance of having a diverse range of skills and backgrounds in the cybersecurity workforce, and maintaining a balance of skills for old and new technology. They also discuss how organizations can maintain a workforce for legacy technology while also preparing for the future, and how to recruit candidates with varied experiences and education.The conversation also highlights the value of having flexibility and being open to new ideas, including from younger generations. The hosts encourage listeners to engage with speakers and attendees at events and continue the conversation beyond the sessions.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Erhan's session: Managing the Current Demands of a Cyber Workforce Whilst Looking to Secure the Workforce of the FutureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Paul Watts, Distinguished Analyst at Information Security Forum [@securityforum]On Linkedin | https://www.linkedin.com/in/paulewatts____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesAs part of the traditional Chats on the Road to Infosecurity Europe 2023 series, hosts Sean Martin and Marco Ciappelli welcome Paul Watts, keynote speaker, to discuss the importance of communication, collaboration, and diversity in cybersecurity.The conversation touches on several topics, including the need for security professionals to understand customer needs, the importance of being agile and forward-thinking, and the value of having a nurturing relationship with the business. They also discuss Paul's session on the cybersecurity workforce, where he advocates for creativity and skills beyond just technical expertise.Overall, the episode emphasizes the need for constant, progressive conversations and relationships with the business, recognizing that change is a two-way street. Paul invites listeners to join his sessions at InfoSecurity Europe and engage in meaningful conversations. We look forward to seeing you there!____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Paul's session: Managing the Current Demands of a Cyber Workforce Whilst Looking to Secure the Workforce of the FutureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this story on the ITSPmagazine podcast network, Marco and Sean are joined by Daniel Lattimer and Guido Grillenmeier from Semperis to discuss the challenges of managing Active Directory and Azure AD in the modern cloud era.The foursome speak to the difficulty of determining responsibility and ownership for directory services and touch on the value that secure businesses bring. The conversation covers the potential risks of syncing on-premises and cloud-based directories, the evolving threat landscape, and the importance of securing directory services. They also discuss Semperis' Purple Knight tool, which helps organizations assess their Active Directory security posture and identify potential indicators of compromise.The episode includes several case studies of clients who have improved their security posture with Semperis' offerings. The conversation also explores the ongoing challenge of detecting legitimate logins that are actually malicious and the importance of ongoing monitoring and detection.Overall, the conversation provides informative insights on the complex world of directory services and the challenges of securing them in the modern business environment.Note: This story contains promotional content. Learn more.GuestsDaniel Lattimer, Area Vice President - UK & Ireland at Semperis [@SemperisTech]On Linkedin | https://www.linkedin.com/in/daniel-lattimer-37533016/Guido Grillenmeier, Principal Technologist EMEA at Semperis [@SemperisTech]On Linkedin | https://www.linkedin.com/in/guidogrillenmeier/ResourcesLearn more about Semperis and their offering: https://itspm.ag/semperis-1rooGet a free Active Directory security vulnerability assessment: https://itspm.ag/semperjs0yVisit Semperis at Infosecurity Europe 2023: https://www.infosecurityeurope.com/en-gb/exhibitor-details.org-18976101-97be-4f3d-a009-872b8e0b9079.html#/Are you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this story on the ITSPmagazine podcast network, hosts Sean Martin and Marco Ciappelli invite guest Karl Triebes to take a look back at 10 years of Bad Bot Reports. Looking forward to the future, they discuss the increasing sophistication of bot attacks, the challenges in detecting them, and the potential damage to businesses and society.As they discuss the evolution of bot attacks in the last decade, they outline the increasing focus on API security, account takeover, and business logic attacks. They also discuss the challenges of detecting bot attacks with the rise of AI. The conversation raises philosophical questions about the future of humanity and the potential damage to businesses and society caused by bot attacks.Note: This story contains promotional content. Learn more.GuestKarl Triebes, SVP and General Manager, Application Security at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/karltriebes/On Twitter | https://twitter.com/TriebesResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Download the 2023 Imperva Bad Bot Report: https://itspm.ag/impervv0sgAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Frankie ThomasOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/frankie-thomasHosts:Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode IntroductionOn this "Hacking Your Potential" podcast introduction episode, Sean Martin and Marco Ciappelli are joined by Frankie Thomas to discuss the plans for the show, imposter syndrome, challenges of education, and community support for personal and professional growth.______________________Resources______________________For more podcast stories from Hacking Your Potential Podcast with Frankie Thomas, visit: https://www.itspmagazine.com/hacking-your-potential-podcastWatch the webcast version on-demand on YouTube: (coming soon) Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Robin Lennon Bylenga, Information Security Awareness, Education and Communications Lead at DWS Group [@DWS_Group]On LinkedIn | https://www.linkedin.com/in/robinlbylenga/On Twitter | https://twitter.com/pedalchic____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aSemperis | https://itspm.ag/semperis-1roo✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesIn this Chats on the Road to Infosecurity Europe Conference podcast episode, In this episode of ITSPmagazine, hosts, Sean Martin and Marco Ciappelli, invite Robin Lennon Bylenga, a human factors expert, to discuss the impact of culture on cybersecurity.The conversation emphasizes the importance of involving humans in cybersecurity instead of just relying on technology. Robin advocates building a cybersecurity awareness culture by making cybersecurity relevant to individuals' daily routines. Robin shares valuable insights on folding security into an organization's culture, making it relevant to employees, and using storytelling to build a security culture.Sean and Marco highlight the significance of Robin's upcoming keynote speech at Infosecurity Europe, where she will explain the importance of a good security culture using stories. The conversation also touches upon GDPR and avoiding over-reliance on technology while making metrics to measure success.The conversation provides an holistic perspective on how the culture of an organization influences cybersecurity, as cybersecurity is not just about technology, but it's also about the way people make sense of it.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Catch Robin's session: ‘Culture Eats Strategy for Breakfast’ - Building a Strong Cyber Security Awareness CultureBe sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests:Dr. Stacy Thayer, Senior Manager, Marketing Research and Engagement at Netography [@netography] and Adjunct Professor of CyberPsychology at Norfolk State University [@Norfolkstate]On LinkedIn | https://www.linkedin.com/in/stacythayer/Dr. Darius Hines-Cross, Security Assigned Expert at Splunk [@splunk]On LinkedIn | https://www.linkedin.com/in/dariushinescross/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity on ITSPmagazine Podcast Network, host Sean Martin is joined by Dr. Stacy Thayer and Dr. Darius Hines-Cross to explore how virtual and augmented reality can be used in cybersecurity to improve business operations. Throughout the conversation, the group discusses the possibilities and ethical implications of using these technologies. They speculate on how virtual and augmented reality can be used to improve cybersecurity operations, such as training and simulations.The experts explore the wide range of implications and opportunities that virtual and augmented reality offer in various industries, including the healthcare industry to help draw some analogies to other business operations. In another example, virtual reality can allow individuals to experience alternate worlds and places that may not be physically accessible. However, the group also discusses the potential dangers of crafted reality, where the reality is still controlled by someone else. They also discuss how virtual classrooms could be used to improve student participation in courses.During the episode, the group also touches on the challenges of implementing such technology and the importance of doing research and risk analysis before investing. Small and medium-sized businesses are also discussed, with emphasis on the potential risks associated with implementing technology without proper security concerns. The podcast ends by stressing the opportunities and challenges of using virtual and augmented reality in various industries, including cybersecurity, and how technology can be used ethically to improve society.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________Resources____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: John Chambers, Founder and CEO at JC2 Ventures [@JC2Ventures]On Linkedin | https://www.linkedin.com/in/johnchambersjc/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesOn this episode of Redefining Cybersecurity, John Chambers - former CEO of Cisco and current CEO of JC2 Ventures - speaks with host Sean Martin about the intersection of cybersecurity and risk with AI, the state of enterprise budgets for cybersecurity, innovation in the tech industry, and the need for education and innovation hubs. Chambers warns that companies need a well-thought-out plan when it comes to AI strategies and cybersecurity strategies, emphasizing that those without plans may experience difficulties raising funds and suffer from stock declines. He notes the complexities arising from cybersecurity attacks, specifically those leveraging AI, and highlights the importance of getting ahead of the issue. Chambers also talks about the need for companies to evolve and emphasizes the importance of innovation.Later in the conversation, Chambers and Martin shift to the need for education and innovation hubs, discussing how these hubs are shifting from being limited to only the coasts. They discuss how the industry playbook is similar to previous movements in cloud and internet technology, but the speed of change and disruption has evolved. Chambers highlights the changes occurring in West Virginia and notes the emergence of a new crop of cybersecurity professionals entering the field.The episode concludes with Chambers emphasizing the need for a change in education to achieve long-term success in the industry, with a focus on sharing knowledge and innovation throughout the country. Overall, the episode provides listeners with insights on the future of cybersecurity and innovation, the importance of having a well-planned strategy for both fields, and the need for education and innovation hubs to achieve success.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________Resources____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests:Andrew Woodhouse, CIO at RealVNC [@RealVNC]On Linkedin | https://www.linkedin.com/in/ajwoodhouse/Dr. Mario Heiderich, Founder of Cure53 [@cure53berlin]On Linkedin | https://www.linkedin.com/in/marioheiderich/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesThis Redefining CyberSecurity podcast features insights from Andrew Woodhouse, Dr. Mario Heiderich, and host Sean Martin, who explore various aspects of system and application security. Woodhouse introduces software composition analysis and the importance of security initiatives like ISO 27001. Dr. Heiderich discusses the roles in security testing, and the parallels between traditional QA testing and security testing methods. The use of C++ as a core language, the intricacies of managing large-scale software, and the complexities of auditing entire tech stacks are also highlighted. The discussion provides an overall comprehensive understanding of tech stack security tests and audit processes.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesWhite Box Testing – What is, Techniques, Example & Types: https://www.guru99.com/white-box-testing.html____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Ian Hill, Director of Information and Cyber Security at Upp Corporation [@getonupp]On LinkedIn | https://www.linkedin.com/in/ian-hill-95123897/____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67a✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesIn this Chats on the Road to Infosecurity Europe Conference podcast episode, Ian Hill, a cybersecurity veteran with 25 years in the field, and current Director of Information and Cybersecurity at Upp Corporation, shares his knowledge and experiences. He provides valuable insights into compliance, readiness, and the global challenges that affect cybersecurity.A main focus is the interplay between compliance and security. Hill emphasizes the importance of prioritizing a robust security strategy that organically leads to compliance, rather than letting compliance requirements dictate security measures. This perspective offers a redefined take on building an effective cybersecurity framework.The conversation also explores the concept of readiness in cybersecurity. In a domain where technology continually outpaces regulations, understanding what constitutes readiness is not straightforward. However, the discussion highlights its importance in preparing organizations to respond to evolving threats.The conversation pivots to get a view of global cybersecurity, discussing the cross-border challenges that organizations face in our interconnected world. Hill underscores the implications of navigating diverse laws, cultural attitudes, and standards in a global company, and points to an increasing need for international cooperation to manage the complex, ever-changing threat landscape.Have a listen. Enjoy. And be sure to catch Ian's keynote presentation and panel discussion during the conference.____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

GuestsNicole Mills, Exhibition Director at Infosecurity Europe [@Infosecurity]On LinkedIn | https://www.linkedin.com/in/nicolemmills/Julia Clarke, Group Marketing Manager at RX [@RXGlobal_]On LinkedIn | https://www.linkedin.com/in/julia-clarke-bab72a222/____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67a✨ ➤ Sponsorship Signup Is Now Open — And Yes, Space Is Limited!____________________________Episode NotesWe are thrilled to kick off our event coverage with our traditional first Chats On The Road to Infosecurity Europe 2023 in London, chatting with our good friends as they give us the latest and greatest for what we can expect at this year's event.Listen in to hear more about the theme, keynotes, stages, sessions, workshops, speakers, expo hall, community events, and so much more. And, yes, we decided to capture this one on video too, so be sure to give that a watch.Tune in and be sure to join us for all of our coverage coming to you before, from, and after Infosecurity Europe 2023!____________________________ResourcesLearn more, explore the programme, and register for Infosecurity Europe: https://itspm.ag/iseu23Be sure to tune in to all of our Infosecurity Europe 2023 conference coverage: https://www.itspmagazine.com/infosecurity-europe-2023-infosec-london-cybersecurity-event-coverageCatch the full Infosecurity Europe 2023 YouTube playlist: https://www.youtube.com/playlist?list=PLnYu0psdcllTOeLEfCLJlToZIoJtNJB6B____________________________If you are a cybersecurity vendor with a story to share, you can book your pre-event video podcast briefing here (https://itspm.ag/iseu23tsv) and your on-location audio podcast briefing here (https://itspm.ag/iseu23tsp).Explore the full conference coverage sponsorship bundle here: https://itspm.ag/iseu23bndlFor more ITSPmagazine advertising and sponsorship opportunities:👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

GuestsLinda Gray Martin, Vice President at RSA Conference [@RSAConference]On LinkedIn | https://www.linkedin.com/in/linda-gray-martin-223708/On Twitter | https://twitter.com/LindaJaneGrayCecilia Murtagh Marinier, Cybersecurity Advisor - Strategy, Innovation & Scholars at RSA Conference [@RSAConference]On LinkedIn | https://www.linkedin.com/in/cecilia-murtagh-marinier-14967/On Twitter | https://twitter.com/CMarinier____________________________Host:Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesWe had an amazing conference and are thrilled to close out our Chats On The Road to (from) RSA Conference 2023 with a recap chat with our good friends as they give us the latest and greatest for what took place at this year's event.Be sure to tune in to all of our RSA Conference 2023 USA coverage from San Francisco to hear stories from the keynotes, sessions, speakers, expo hall, community events, and so much more. And, yes, we decided to capture a lot of our coverage on video too, so be sure to check out the RSA Conference 2023 playlist on YouTube as well.____________________________ResourcesLearn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsa-cordbw____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?👉 https://itspm.ag/rsac23spAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorshipsTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Aunshul Rege, Director at The CARE Lab at Temple University [@TU_CARE]On Linkedin | https://www.linkedin.com/in/aunshul-rege-26526b59/On Twitter | https://twitter.com/Prof_Rege____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aCrowdSec | https://itspm.ag/crowdsec-b1vp___________________________Episode NotesWelcome to a riveting new episode of the Redefining Cybersecurity Podcast, hosted by Sean Martin! Today, we're diving into the fascinating world of social engineering and the crucial role of education in understanding cybersecurity. Join us in this engaging conversation with Aunshul Rege from Temple University, who does amazing work in helping students comprehend the importance of cybersecurity and how social engineering plays a vital part in it.Imagine a world where computer science students and liberal arts students come together to tackle cybersecurity challenges from different angles. Aunshul Rege is an associate professor at the Department of Criminal Justice at Temple University, who has a unique journey starting as a software engineer and eventually realizing that computer science wasn't enough to answer the who, why, and how of cyber attacks. Her passion for understanding human behavior, sociology, and cybersecurity led her to explore the liberal arts side of cybersecurity.In this episode, Aunshul talks about her innovative teaching methods, where she pushes her students to collaborate across disciplines and explore the importance of social engineering in cyber attacks. From shoulder surfing activities to discussing ethics and multidisciplinary teamwork, her students learn to appreciate the different skill sets and perspectives they bring to the table.But it's not just about the technical aspect of cybersecurity. Aunshul's approach to teaching focuses on building students' understanding of human behavior and psychology in cyber attacks, emphasizing the value of social engineering in both the attack and defense aspects of cybersecurity.As you listen to this fascinating conversation, you'll discover the powerful impact of merging computer science and liberal arts perspectives, the importance of ethics in cybersecurity, and how Aunshul's unique teaching methods help students appreciate their role in the ever-evolving world of cybersecurity.So, get ready to be inspired by Aunshul's story and her innovative approach to cybersecurity education. You won't want to miss this captivating episode that challenges our understanding of cybersecurity and the critical role of social engineering in it. And don't forget to share this episode, subscribe to the podcast, and join us for more insightful conversations on Redefining Cybersecurity.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesThe CARE Lab: https://sites.temple.edu/care/Summer Social Engineering Event: https://sites.temple.edu/socialengineering/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Tom Eston, VP of Consulting & Cosmos at Bishop Fox [@bishopfox]On LinkedIn | https://www.linkedin.com/in/tomeston/On Twitter | https://twitter.com/agent0x0On Mastodon | https://infosec.exchange/@agent0x0____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsPentera | https://itspm.ag/penteri67aCrowdSec | https://itspm.ag/crowdsec-b1vp___________________________Episode NotesIn this new Redefining CyberSecurity podcast episode, Tom Eston and Sean Martin debate the value of certifications such as the CISSP. Tom emphasizes that, in his area of offensive security, experience, cultural fit, and ability to learn are more important than certifications or formal education. The two also discuss the role of internships in providing real-world experience and hands-on learning opportunities for aspiring professionals.The conversation also touches on the importance of finding a niche within the cybersecurity field. Tom highlights the need for specialization and encourages listeners to explore different areas and technologies to find what excites them the most. He also stresses the importance of learning the fundamentals before diving deep into a specific subject. Sean and Tom consider how job descriptions may evolve to embrace specialization and the need for experts in different aspects of cybersecurity.Tom and Sean also discuss the role of AI in cybersecurity, both as a tool to assist in detection and response, and as a potential risk itself. Tom believes that learning how to interface with AI and understanding its capabilities is crucial for professionals in the industry. While AI can be an efficient assistant, it is essential not to rely solely on its output, as human analysis and verification remain vital in ensuring accuracy and security.Listen to this episode and you might begin to determine what your cyber chameleon might look like.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesShared Security Podcast: https://www.youtube.com/c/SharedSecurityPodcast____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Sarah Freeman, Principal Cyber Engagement Operations Engineer, MITRE [@MITREcorp]On LinkedIn | https://www.linkedin.com/in/sarah-freeman-7817b121/At RSAC | https://www.rsaconference.com/experts/sarah-freemanMegha Kalsi, Director - Digital, Cybersecurity, AlixPartners [@AlixPartnersLLP]On LinkedIn | https://www.linkedin.com/in/meghakalsi/At RSAC | https://www.rsaconference.com/experts/megha-kalsiKristy Westphal, Director, Information Security and Operations, HealthEquity [@HealthEquity]On LinkedIn | https://www.linkedin.com/in/kmwestphal/At RSAC | https://www.rsaconference.com/experts/kristy-westphal____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesGiven recent changes in the financial posture in nearly every economy, many organizations are faced with challenges from rising interest rates, bank failures, and dissipating venture capital. With this, and other fiscal issues that may be surfacing, how do security leaders look at budgets differently? In this session, we’ll explore:How, where — and on which technologies — are organizations spending their money earmarked for cybersecurity?How do they know they are spending the right amount of money in the right places at the right times?How do security teams organize their thoughts, plans, and budget requests — and how do they present them to executive staff — to ensure they are speaking to these fiscal challenges they face in the context of the rest of the business?____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?👉 https://itspm.ag/rsac23spAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorshipsBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast episode, Michael Parisi and Sean Martin dig into the challenges and implications of compliance, cybersecurity, and the risk of commoditization in the industry. The conversation focuses on the importance of maintaining a strong security posture, the role of stakeholders, and the need for education among non-technical individuals, such as CFOs and board members, to prevent a race to the bottom in cybersecurity.Parisi's main concern is that compliance has become an outcome rather than a mission, and that cybersecurity could follow a similar path if we're not careful. With an increasing number of organizations turning to managed security service providers (MSSPs), the risk of commoditization looms large. Parisi and Martin also discuss the challenges posed by the "fog of more" in the cybersecurity landscape, with an overwhelming number of security solutions available and a potential race to the bottom in pricing.The conversation shifts to the role of stakeholders in preventing this downward spiral. Parisi argues that stakeholders have the power to save the industry, but only if they care enough and are adequately educated about the importance of cybersecurity. He believes that educating boards and business owners is crucial to creating more stakeholders with a genuine stake in the game.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Michael Parisi, Head of Client Acquisition at Schellman [@Schellman]On Linkedin | https://www.linkedin.com/in/michael-parisi-4009b2261/ResourcesLearn more about Schellman and their offering: https://itspm.ag/schellman9a6vFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This Their Story podcast episode features Chris Pierson, the co-founder of BlackCloak as Marco Ciappelli and Sean Martin discuss into the importance of relationships and human empathy in the cybersecurity field, as well as the challenges of cutting through the noise in the industry. Chris Pierson presents the importance of protecting corporate executives and their personal lives, devices, and homes, ultimately ensuring their peace of mind. The trio explore the significance of human relationships in the cybersecurity industry, emphasizing the need for trust and understanding between vendors and clients. They also highlight the importance of human empathy in developing cybersecurity products and services that address the unique needs of different users. They also discuss the challenges of balancing privacy and security, while also considering the unique needs of clients in different sectors.Pierson also unveils BlackCloak's latest innovation – the CISO Protection Dashboard. This powerful tool helps Chief Information Security Officers and their teams gain valuable insights into the digital lives of their executives.Don't miss out on this informative and thought-provoking episode that delves deep into the world of digital executive protection. Be sure to tune in to learn about Black Cloak's innovative dashboard and how they involve their clients in the development process.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast episode, Paul Valente and Russell Sherman discuss the challenges faced by both small and large enterprises when sharing data and managing risk with business partners and third party providers. They share their experiences working together in the past where they needed to balance addressing security concerns with closing deals. The duo highlights the importance of proper scoping and understanding the context of a business relationship to help assess inherent risks.Paul and Russell also share details of their third party risk management platform which allows users to quickly scope and define attributes of a business relationship, providing an inherent risk rating. The platform uses over 800 data points and references over 25 frameworks, streamlining the process for both the assessor and the assessed. By utilizing natural language processing (NLP) and artificial intelligence (AI), the platform is able to analyze collected data, automate manual aspects of the review process, and provide valuable insights to help make better, faster, and more contextually-relevant informed decisions.The pair further emphasize the importance of reducing friction in the assessment process, which led them to focus on eliminating the need for lengthy questionnaires and instead utilizing existing artifacts to assess a company's security posture. This innovative approach reduces the burden on both the assessor and the assessed while providing a more accurate and comprehensive view of a company's cyber risk.Overall, this episode provides valuable insights into how technology is transforming the traditional third-party cyber risk assessment process and paving the way for a more efficient and secure future.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests:Paul Valente, CEO & Co-founder at VISO TRUST [@VISOTrust]On LinkedIn | https://www.linkedin.com/in/pauldvalente/Russell Sherman, Co-founder and CTO at VISO TRUST [@VISOTrust]On LinkedIn | https://www.linkedin.com/in/neverenoughinfo/On Twitter | https://twitter.com/russellshermanResourcesLearn more about VISO TRUST and their offering: https://itspm.ag/visotrust8x4iFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Mayuresh Ektare, an expert in risk management and SVP of Product Management at Brinqa, joins Sean Martin for a quick dive into the world of centralizing risk management frameworks. Ektare explains that the magic sauce isn't just bringing the data together, but stitching it together to create a unified understanding of an organization's attack surface. By overlaying business context, customers can prioritize and act upon the right set of findings in a timely fashion. Martin and Ektare discuss the challenges faced by customers in finding a centralized repository for business context, with many relying on tribal knowledge or CMDB records.Ektare introduces the concept of a Risk Operations Center (ROC), which allows organizations to orchestrate the risk lifecycle and proactively reduce exposure. Comparing it to a Security Operations Center (SOC), he highlights the importance of extending vulnerability management programs to encompass cloud infrastructure and application security posture management. The conversation also touches on the challenges of managing false positives and distilling a vast amount of findings into actionable items. By overlaying business context and understanding the impact of vulnerabilities on their organization, customers can fine-tune security scores, prioritize effectively, and respond accordingly.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Mayuresh Ektare, SVP of Product Management at Brinqa [@brinqa]On Linkedin | https://www.linkedin.com/in/mektare/ResourcesLearn more about Brinqa and their offering: https://itspm.ag/brinqa-pmdpFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The rapid evolution of technology has ushered in the API revolution in cybersecurity, transforming the way organizations navigate an AI-driven threat and security landscape. As CTOs and CISOs grapple with the delicate balancing act of managing risk and innovation, they must adapt to the demands of securing a modernized world. This postmodern paradigm shift in cybersecurity necessitates a comprehensive understanding of emerging trends and cutting-edge solutions to effectively safeguard our increasingly interconnected digital ecosystem.Dive into this captivating podcast episode featuring Kunal Anand, the CTO and CISO of Imperva, as he discusses the evolving world of cybersecurity and the impact of emerging technologies such as artificial intelligence. Alongside host Sean Martin, Kunal shares his experiences as both a CTO and CISO, highlighting the importance of peer-to-peer collaboration and the integration of modern technologies in the cybersecurity landscape.Kunal and Sean delve into the significance of APIs in modern applications and the challenges of securing them in the face of ever-increasing data breaches. They also explore the transformative power of AI in both offensive and defensive security, including its role in enhancing productivity and effectiveness in cybersecurity efforts crossing all cybersecurity roles from analyst to executive.Kunal also shares his insights into the future of cybersecurity and the need for the industry to embrace AI and other emerging technologies. This discussion offers valuable perspectives for anyone interested in understanding the evolving challenges and opportunities in the cybersecurity world. Don't miss this chance to learn from someone who thinks differently, thinks creatively, and thinks broadly about the challenges we face and the paths we can take to overcome them.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Kunal Anand, CTO and CISO at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/kunalanand/On Twitter | https://twitter.com/kaResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast episode, Pam Murphy, CEO of Imperva, talks to Sean Martin about the challenges facing businesses in terms of cybersecurity.Murphy explains that data is the most valuable asset of any company and that protecting data is a vital aspect of cybersecurity. Murphy discusses the growing importance of APIs in the current environment, and how securing APIs is a challenge for CISOs, with many Shadow APIs being used. Murphy also notes that the regulatory aspect of security is increasing, with more rules and regulations emerging around the world.Businesses face reputational risk and can suffer major operational disruption as a result of a breach, making security more important than ever. Murphy explains how Imperva helps customers protect their data, applications, and APIs from cyberattacks, and discusses the need for security vendors as trusted partners to focus on time to value and total cost of ownership, especially given the growing skills shortage in the security sector.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Pam Murphy, CEO at Imperva [@Imperva]On Linkedin | https://www.linkedin.com/in/pam-murphy-a5297915/On Twitter | https://twitter.com/PamMurphyInTechResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast, Sean Martin talks with Matthew Vinton and Sergey Medved from Quest about the challenges associated with Active Directory (AD) and the importance of these systems in a company's overall security methodology and posture.Active Directory remains an integral part of an organization’s IT infrastructure as it is the pillar of identity that most organizations use to enable their workforce, partners, and business processes. The trio discusses how Quest helps companies manage their AD environment across a variety of functional areas like assessing the environment, detecting changes, putting in preventive controls, and guiding response and recovery.They also cover the growing challenges security leaders face concerning AD and the gap between the people in the trenches and business leaders who may not understand the inherent importance of AD. Exacerbating this reality is the ongoing security talent shortage, where few new entries into the field learn the technology as it is not as forward-looking when compared to Azure.About the Cybersecurity risk management for Active Directory from QuestMicrosoft Active Directory (AD) is under attack. That’s why cybersecurity risk management is so important. With 95 million attempted AD attacks every day, it should be no surprise to hear AD was the target of another cybercrime. But these concerns aren’t contained to on-prem AD; in 2021 alone, there were more than 25 billion Azure AD attacks. It’s clear cybersecurity risk management needs to be a consideration, and even if the issues you’ve encountered aren’t intentional or nefarious, you still need to be prepared for the worst.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests:Matthew Vinton, Strategic Systems Consultant at Quest [@Quest]On Linkedin | https://www.linkedin.com/in/matthew-vinton/On Twitter | https://twitter.com/Mister_momentumSergey Medved, VP, Product Management and Marketing at Quest [@Quest]On Linkedin | https://www.linkedin.com/in/sergeym/ResourcesLearn more about Quest: https://itspm.ag/quest-adp23Learn more about the Quest Cybersecurity for Active Directory Solution: https://itspm.ag/quest-pp49For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this podcast, Mathieu Gorge, CEO and founder of VigiTrust, talks with Sean Martin about GRC (Governance, Risk, and Compliance) software. Gorge's award-winning VigiOne tool enables clients to prepare for, validate, and manage continuous compliance with more than 100 security frameworks worldwide.Gorge also discusses the idea that security is a journey, not a destination, and how risk surfaces change continually. He recommends choosing a GRC platform that allows different stakeholders to view risk from different perspectives. Gorge also discusses his Five Pillars of Security framework, which focuses on physical security, people's security, data security, infrastructure security, and crisis management. Gorge also talks about the VigiTrust Global Advisory Board, a think-tank that brings together people from all over the world to discuss topics such as geopolitical risk, critical infrastructure protection, and diversity and inclusion in cybersecurity.The risk conversation has become a hot topic. Listen in to this episode to think differently about how you approach, analyze, and address the risk your organization faces.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Mathieu Gorge, CEO at VigiTrust [@VigiTrust] - Chairman of the VigiTrust Global Advisory BoardOn Linkedin | https://www.linkedin.com/in/mgorge/On Twitter | https://twitter.com/MatGorgeResourcesLearn more about VigiTrust and their offering: https://itspm.ag/vigitrust04e618More about Mathieu Gorge: https://mathieugorge.com/Book | The Cyber Elephant in the Boardroom: Cyber-Accountability with the Five Pillars of Security Framework: https://mathieugorge.com/book/For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests: Leah McLean, Vice President - Cybersecurity Specialist, Mastercard Data & Services [@Mastercard]On LinkedIn | https://www.linkedin.com/in/leahrmclean/On Twitter | https://twitter.com/lmcleanDiana Kelley, Chief Security Officer / Chief Strategy Officer, CybrizeOn LinkedIn | https://www.linkedin.com/in/dianakelleysecuritycurve/At RSAC | https://www.rsaconference.com/experts/diana-kelleyDavi Ottenheimer, VP Trust and Digital Ethics, Inrupt [@inrupt]At RSAC | https://www.rsaconference.com/experts/Davi%20Ottenheimer____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]____________________________This Episode’s SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this panel, we will explore the potential impact artificial intelligence technologies can have on the role of the security analyst and security operations. How can these technologies be used for:Education, training, skill development, and practice?Better protection, detection, response, and recovery?Program definition, planning, management, and measurement to create better results?Connect security operations to the business to drive better business outcomes?Given some of the controversy surrounding generative AI (ChatGPT), we will also explore the potential harms coming from the use of these technologies.____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?👉 https://itspm.ag/rsac23spAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorshipsBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Their Story podcast on ITSPmagazine, Huxley Barbee delves into the world of InfoSec and asset management, discussing the importance of having a full asset inventory and how his company, RunZero, addresses this challenge with a cyber asset management solution.Founders HG Moore and Chris Kirsch identified the need for better tooling as security teams' scopes expanded beyond managing traditional IT devices to securing IoT and OT devices across various environments. RunZero helps organizations understand gaps in security controls coverage, identify potentially vulnerable devices in the face of zero-day threats, and more.Huxley Barbee explains that a full asset inventory, including asset details like location within the network, device function, and business context, can assist in determining which vulnerabilities or misconfigurations need immediate attention. Huxley highlights the delicate process of gathering information on devices and the importance of incremental fingerprinting, particularly in OT environments and those with often-unmanaged IoT devices.The trio also cover the business side, discussing the typical clients for RunZero and the mindset shift required to realize that existing asset discovery tools may not be sufficient. They discuss the collaboration between IT, OT, and security teams, emphasizing that having a full cyber asset inventory beyond the traditional IT asset inventory can help reduce remediation time and improve overall business decision-making.Tune in to this episode to learn more about RunZero's modern approach to asset management, the crucial role of visibility in addressing security challenges, and how a robust asset inventory by RunZero can help businesses leaders and security practitioners make better decisions.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: Huxley Barbee, Security Evangelist at RunZero [@runZeroInc] and lead organizer for BSides NYC [@bsidesnyc]On LinkedIn | https://www.linkedin.com/in/jhbarbee/On Twitter | https://twitter.com/huxley_barbeeOn Mastodon | https://infosec.exchange/@huxleyResourcesLearn more about RunZero and their offering: https://itspm.ag/runzervvyhCatch the video and podcast version of this conversation: https://itspmagazine.com/their-stories/its-difficult-to-secure-the-invisible-reinventing-asset-management-for-modern-challenges-in-it-iot-and-ot-a-runzero-story-with-huxley-barbeeBSides NYC Podcast: https://itsprad.io/event-coverage-1388Are you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this engaging conversation, industry experts discuss the value of mainframes, the importance of cybersecurity, and how businesses can benefit from implementing mainframe technology in a secure manner. Join Sean Martin, Phil Buckellew, and Cynthia Overby as they explore real-world use cases, share valuable insights, and discuss innovative solutions to modernize and secure mainframe infrastructures. They also discuss the importance of not only focusing on the technical aspect of mainframes but also understanding the business operations and end-user needs.Cynthia Overby shares an experience she had with a client who believed that securing their mainframe would prevent access to their customers. She emphasizes the importance of finding a balance between security and accessibility. Automated tools and the zero-trust framework are crucial in achieving this balance.Phil Buckellew highlights the value that Cynthia's team brings to Rocket Software due to their deep and extensive experience in mainframe security. KRI and Rocket Software, together, strive to make security a part of everything they do, ensuring transparency and seamless integration. The pair also discuss the challenges and benefits of migrations to and from mainframe environments.Phil explains that the value of mainframes lies in their continuity, scalability, and high availability. These factors make them attractive to businesses that prioritize secure and reliable transaction processing. Cynthia adds that mainframes can offer better security and efficiency than other platforms, which is evident from their continued growth in the marketplace.Tune in to this insightful episode of Redefining CyberSecurity and learn how to empower your business with security and innovation in the new age of mainframes. Don't miss out – listen now! Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests:Cynthia Overby, President & Co-Founder at Key Resources, Inc. [@KeyResourcesInc ]On Linkedin | https://www.linkedin.com/in/cynthia-overby-41110a3/Phil Buckellew, President, Infrastructure Modernization BU at Rocket Software [@rocket ]On Linkedin | https://www.linkedin.com/in/phil-buckellew/On Twitter | https://twitter.com/BuckellewResourcesCatch the video and podcast version of this conversation: www.itspmagazine.com/their-stories/the-mainframe-advantage-robust-security-meets-infrastructure-modernization-a-rocket-software-and-kri-security-story-with-phil-buckellew-and-cynthia-overbyLearn more about Rocket Software and their offering: https://itspm.ag/keyresources-2876Mainframe Modernization and Cybersecurity: https://itspm.ag/kri-secs4mPodcast: The Humans In The Mainframe | Common Misunderstandings In Mainframe Security Management | A Key Resources Story With Ray OverbyPodcast: When Failure Is Not An Option, Organizations Turn To The Mainframe — Incorporating Mainframes Into Your Zero Trust Architecture | A Key Resources Story With Cynthia OverbyAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.