PLAY PODCASTS
The ITSPmagazine Podcast

The ITSPmagazine Podcast

2,048 episodes — Page 13 of 41

Ep 2084Book | The Unthinkable Truth | A conversation about AI, The Future of Humanity, and Of Course About Storytelling | A Conversation With Author Dr. Yona Bouskila | Audio Signals Podcast With Marco Ciappelli

Guest: Dr. Yona Bouskila, AuthorWebsite | https://www.yonabouskila.com/_____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network_____________________________Episode IntroductionHello everybody, welcome to another episode of the Audio Signals Podcast! This is Marco Ciappelli, and today’s episode is special for many reasons: I'm currently in Italy instead of my usual LA setup, and I'm joined by a remarkable guest, Yona Bouskila, tuning in from the UK. Together, we're diving into a topic that has been on everyone’s lips lately - Artificial Intelligence (AI), but from a unique perspective tied to Yona’s new book, "The Unthinkable Truth".Meet Yona BouskilaYona introduces himself as a trained neuroscientist with a penchant for fiction writing. His innovative approach combines these two fields, making his work particularly significant. In "The Unthinkable Truth," Yona explores the relationships between the human mind and AI, presenting thought-provoking questions that challenge conventional perspectives. Are we, humans, as different from AI as we think?The Human Mind and AI: A Deep DiveYona brings up an intriguing point: during events like the COVID-19 pandemic, people criticized leaders and each other, but not the virus itself. Similarly, we can't hold natural events responsible for their outcomes. What if humans, theoretically, are also sentient automata governed by the laws of nature just like AI? This bold hypothesis posits that our actions might not be as independent from natural laws as we believe.Simulated or Real? Exploring Human and Machine SimilaritiesMarco probes further into Yona's perspective, touching on the popular simulation theory. Yona clarifies that while his book doesn’t fully subscribe to simulation theory, it does draw parallels between human decision-making and AI behaviors. An example given is how engineers observed robots showing hesitation when faced with an ethical dilemma, similar to human actions.Fiction Meets Nonfiction: The Unique Blend in "The Unthinkable Truth"Unlike most books which fit neatly into either fiction or nonfiction, Yona's book melds the two genres. Citing examples from historical and hard science fiction, he reveals that his narrative incorporates real-world studies published in peer-reviewed journals intertwined with a thrilling fictional storyline. This unique blend is designed to be thought-provoking yet highly engaging.An Unforgettable Setting: ParisSet against the backdrop of Paris, the storyline benefits from the rich history and cultural significance of the city. Paris, noted for its pivotal role in many social and scientific revolutions, provides an apt setting for the book's exploration of advanced AI within a contemporary context closely linked to UNESCO.Balancing Optimism and Caution in AI DevelopmentThe conversation also delves into the societal implications of AI. Recognizing its immense potential in fields like medical diagnostics, Yona emphasizes the need for cautious development. He warns about the risks associated with AI surpassing human capabilities, advocating for a balanced approach to incorporating AI into daily life.The Future of Storytelling and AIWrapping up the discussion, Yona shares insights into his motivations and influences from a lifetime of reading both fiction and nonfiction. He expresses his hope that his book will contribute to the ongoing dialogue about AI and its impact on humanity. The podcast concludes with a heartfelt invitation to readers to explore and ponder the deeply intertwined future of AI and human existence.Final ThoughtsAs Yona succinctly puts it, if you're looking for a light read, "The Unthinkable Truth" may not be your choice. However, if you're keen on diving into a thought-provoking, entertaining narrative that pushes the boundaries of your understanding of AI and human nature, then this book will undoubtedly leave you pondering for days.So, keep an eye out for "The Unthinkable Truth," releasing on May 28, 2024. Whether you're an avid reader of AI discourse, a lover of thrilling narratives, or both, Yona Bouskila's latest work promises to be an enriching addition to your collection.About the BookIn the hope of distracting himself from his heartache, George Bennet, a mild-mannered professor of theoretical physics, accepts an invitation by UNESCO to join a dream team of experts assisted by a powerful AI, tasked with unravelling the enigma of the human mind.As this seemingly innocent academic investigation twists and turns, George suspects that they are being duped into aiding a sinister plan, which threatens to shatter the very foundations of soc

Jul 20, 202432 min

Ep 20832024 AppDome and OWASP Mobile Consumer Cyber Security Survey | A Brand Story Conversation From OWASP AppSec Global Lisbon 2024 | An AppDome Brand Story with Brian Reed and Chris Roeckl | On Location Coverage with Sean Martin and Marco Ciappelli

In the latest Brand Story episode, host Sean Martin chats with Brian Reed, Mobile Security Evangelist, and Chris Roeckl, Chief Product Officer at AppDome, during the OWASP Global AppSec event in Lisbon. The episode dives into pivotal aspects of mobile app security and consumer expectations.Brian Reed articulates how AppDome collaborates with OWASP to tackle mobile app security challenges. He underscores the significant role consumers play in these endeavors. According to AppDome's annual survey, consumer feedback is indispensable, revealing that a staggering 97% of consumers would abandon a brand after an insecure app experience, while 95% would advocate for a brand offering a secure experience. This highlights the stark consequences of neglecting mobile security.Chris Roeckl elaborates on how AppDome’s annual survey, spanning four years, has amassed data from over 120,000 consumers across 12 countries. This wealth of information provides a clear trend: consumers increasingly prioritize security, particularly in banking, e-wallet, healthcare, and retail apps. Interestingly, while social media is not at the forefront of security concerns, it is rapidly becoming a focus area as users grow more conscious of account security and privacy.The discussion brings to light how brands can effectively communicate their security protocols to consumers. Reed and Roeckl suggest transparency through dedicated web pages, direct email outreach, and in-app notifications. This communication helps build trust and reassures consumers that their security concerns are being addressed.The conversation also touches on the integration of security into the development lifecycle. Developers often face the challenge of ensuring robust security without compromising the user experience. Reed mentions the importance of making security processes seamless and non-invasive for developers. By leveraging machine learning and AI, AppDome aims to automate many security tasks, allowing developers to focus on creating innovative, user-friendly applications.Moreover, Roeckl points out that a holistic approach is essential. This means incorporating input from various teams within an organization - from product leaders focusing on user engagement to engineers ensuring crash-free applications and cybersecurity teams safeguarding data integrity. This collaborative effort ensures that the final product not only meets but exceeds consumer expectations.The insights shared in the episode are a call to action for businesses to prioritize mobile security. With six billion humans using mobile apps globally, the stakes are higher than ever. Brands must recognize the direct correlation between secure mobile experiences and customer loyalty. By investing in robust security measures and effectively communicating these efforts, businesses can foster a secure and trustworthy environment for their users.Listeners are encouraged to download the full AppDome report for a deeper understanding of consumer attitudes towards mobile app security. This empathetic report offers valuable insights that can help developers, product managers, and cybersecurity teams align their strategies with consumer expectations, ultimately leading to safer and more secure mobile applications.Learn more about Appdome: https://itspm.ag/appdome-neuvNote: This story contains promotional content. Learn more.Guests: Brian Reed, SVP AppSec & Mobile Defense, Appdome [@appdome]On LinkedIn | https://www.linkedin.com/in/briancreed/Chris Roeckl, Chief Product Officer, Appdome [@appdome]On LinkedIn | https://www.linkedin.com/in/croeckl/ResourcesLearn more and catch more stories from Appdome: https://www.itspmagazine.com/directory/appdomeView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 20, 202423 min

Ep 2082Building a CISO Office: Mastering Enterprise Risk Management and Aligning Cybersecurity with Business Goals | Part 1 of 3 | A Conversation with Kush Sharma | Redefining CyberSecurity with Sean Martin

Guest: Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario)On LinkedIn | https://www.linkedin.com/in/kush-sharma-9bb875a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode — Part 1 of 3 Parts — of the Redefining CyberSecurity Podcast on ITSPmagazine, host Sean Martin dives into a comprehensive discussion with Kush Sharma, a distinguished leader with vast experience across Accenture, Deloitte, the City of Toronto, and CP Rail. The conversation explores the intricacies of building a Chief Information Security Officer (CISO) office from the ground up, offering invaluable insights for current and aspiring CISOs.Kush Sharma emphasizes the multifaceted role of a CISO, particularly the distinct challenges faced when establishing a cybersecurity program in various organizational contexts—government, private sector, and consulting firms. He points out that in governmental environments, the focus is typically on how to benefit citizens or internal staff while operating under tight scrutiny and budget constraints. In contrast, consulting and private sectors prioritize efficiency, quick deployment, and direct benefits to the organization.A significant part of the discussion centers on enterprise risk management. Sharma highlights the importance of aligning cybersecurity initiatives with organizational objectives. From mergers and acquisitions (M&A) to digital transformations, CISOs must ensure that their strategies mitigate risk while supporting the broader business goals. Kush Sharma advises that during such major projects, security measures need to be integrated from the ground up, focusing on things like role-based access and the segmentation of business processes.Additionally, the challenges of engaging with governmental bodies are explored in depth. Sharma explains the extensive bureaucratic processes and the need for consensus-building, which often lead to significant delays. Understanding these processes allows for better navigation and more efficient outcomes. Sharma also brings out the importance of understanding and acting upon business processes when integrating cybersecurity measures. For instance, in large-scale ERP implementations, it is crucial to map out detailed roles and ensure that security provisions are applied consistently across all integrated systems. By focusing on the distinct roles within these processes, such as AP clerks or accounting managers, CISOs can develop more granular and effective security measures.The episode underscores that success in building a CISO office lies in strategic alignment, efficient resource allocation, and thorough understanding of both technical and business processes. For cybersecurity leaders, this conversation with Kush Sharma offers crucial guidance and real-world examples to help navigate their complex roles effectively. Be sure to listen to the episode for a deeper dive into these topics and more. And, stay tuned for Parts 2 and 3 for even more goodness from Sean and Kush.Top Questions AddressedWhat are the complexities of establishing a CISO office from scratch?How do the requirements and focus differ when establishing a cybersecurity program in governmental versus private sectors?What is the approach to managing enterprise risk during digital transformations and mergers & acquisitions (M&A)?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________Resources ___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 20, 202446 min

Ep 2081The Invisible Barriers to Going ‘Green’ | A conversation with Melisa Báez | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman

Guest: Melisa Báez, Co-Founder and CEO at ELUME and Teacher Assistant at Bard Graduate Programs in SustainabilityOn LinkedIn | https://www.linkedin.com/in/melisa-baezHosts: Alejandro Juárez CrawfordOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawfordMiriam Plavin-MastermanOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman______________________Episode IntroductionDelving into Melissa Baez's inspirational work with small businesses and entrepreneurs, this episode discusses the importance of language accessibility and the need for a cultural shift in mindset and sustainable business practices. It further addresses the significance of music and entertainment in transforming communities and the value of mentorship and opportunities for up-and-coming artists — particularly emphasizing the role of influential figures in making sustainability mainstream and accessible to all. Last but not least, it highlights how being a lifetime learner and maintaining curiosity are essential for personal and professional growth.______________________ResourcesELUME: On a mission to decolonize sustainability: https://www.linkedin.com/pulse/elume-mission-decolonize-sustainability-elume-llc/?trackingId=f0ZrAz5lIGMr%2F5%2F%2BSVrPlA%3D%3D______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________For more podcast stories from What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman, visit: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford and https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 18, 20241h 1m

Ep 2080Dodging the Ball and ways for CISOs to avoid: Essential Strategies for CISOs | A Black Hat USA 2024 Conversation with Jess Nall | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Jess Nall, Partner, Defense Against Government Investigations, Baker McKenzie, LLP [@bakermckenzie]On LinkedIn | https://www.linkedin.com/in/jess-nall/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAs the countdown to Black Hat 2024 begins, ITSP Magazine’s “Chats On the Road” series kicks off with a compelling pre-event discussion featuring Jess Nall, a partner at Baker McKenzie with over two decades of experience in federal investigations and defending Chief Information Security Officers (CISOs). Hosted by Sean Martin and Marco Ciappelli, the episode blends humor and serious insights to tackle the evolving challenges faced by CISOs today.The Dodgeball Analogy: Setting the StageThe conversation starts on a light-hearted note with a playful dodgeball analogy, a clever metaphor used to illustrate the growing complexities in the cybersecurity landscape. This sets the tone for a deeper exploration of the pressures and responsibilities that modern CISOs face, bridging the gap between legacy technology and contemporary cybersecurity challenges.Legacy Technology vs. Modern CybersecurityDrawing from the dodgeball metaphor, Sean and Marco highlight the burden of legacy technology and its impact on current cybersecurity practices. Jess Nall shares her perspective on how past business operations influence today’s cybersecurity strategies, emphasizing the need for CISOs to adapt and innovate continually.ITSP Magazine’s Milestone and Black Hat ConnectionsThis episode also marks a celebratory milestone for ITSP Magazine. Sean and Marco reflect on their journey from Los Angeles to Las Vegas, the birthplace of ITSP Magazine, and how their experiences have shaped the publication’s mission and growth. As they gear up for Black Hat 2024, they express their excitement about reconnecting with the cybersecurity community and exploring new opportunities for collaboration.Introducing Jess Nall: Expertise and ExperienceJess Nall, a seasoned expert in federal investigations, brings invaluable insights to the discussion. She underscores the severe implications of government scrutiny on CISOs, drawing from high-profile cases like SEC v. SolarWinds and Tim Brown. Jess provides practical advice for CISOs to avoid regulatory pitfalls and highlights the importance of staying vigilant and proactive in their roles.The Internet’s Troubled History and Its ImpactMarco steers the conversation towards the Internet’s troubled history and its initial lack of security foresight. Jess reflects on how these historical challenges have shaped modern cybersecurity practices, emphasizing the difficulties of keeping up with evolving threats and expanding attack surfaces. She also discusses the controversial strategy of targeting CISOs to influence corporate cybersecurity measures, a practice she staunchly opposes.The Perfect Storm: AI and CybersecurityThe discussion turns to the increasing complexity of cybersecurity in the age of AI. Sean and Jess delve into the pressures CISOs face as they balance the incorporation of AI technologies with maintaining robust cybersecurity measures. Jess describes this scenario as a “perfect storm,” making the role of a CISO more challenging than ever.Regulation and Legislation: A Critical ExaminationMarco raises critical concerns about the reactive nature of current cybersecurity legislation and regulation. Jess discusses how federal agencies often target individuals closest to a cybersecurity breach and outlines the topics she will cover in her upcoming Black Hat presentation. She aims to educate CISOs on preventive measures and strategic responses to navigate these challenges effectively.Looking Ahead: Black Hat 2024As the episode concludes, Sean emphasizes the importance of awareness and proactive measures among CISOs. Marco encourages listeners to attend Jess Nall’s presentation at Black Hat 2024 on August 7th at Mandalay Bay in Las Vegas. This critical discussion promises to equip CISOs and their teams with the knowledge and tools to navigate their increasingly scrutinized roles.Stay Tuned with ITSP MagazineSean and Marco remind their audience that this episode is just the beginning of a series of insightful conversations leading up to Black Hat 2024. They invite listeners to stay tuned for more engaging episodes that will continue to explore the dynamic world of cybersecurity.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTub

Jul 17, 202421 min

Ep 2079Beyond Traditional Pen Testing for Continuous Risk Assessment | A Brand Story Conversation From RSA Conference 2024 | A Hadrian Story with Rogier Fischer | On Location Coverage with Sean Martin and Marco Ciappelli

In the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Rogier Fischer, co-founder and CEO of Hadrian, to delve into the evolving landscape of cybersecurity. The discussion navigates through the intricacies of modern cybersecurity challenges and how Hadrian is providing innovative solutions to tackle these issues. Sean Martin sets the stage by emphasizing the importance of operationalizing cybersecurity strategies to manage risk and protect revenue. Rogier Fischer shares his journey from an ethical hacker working with Dutch banks and tech companies to co-founding Hadrian, a company that leverages advanced AI to automate penetration testing.Fischer highlights the limitations of traditional cybersecurity tools, noting they are often too passive and fail to provide adequate visibility. Hadrian, on the other hand, offers a proactive approach by simulating hacker behavior to identify vulnerabilities and exposures. The platform provides a more comprehensive view by combining various aspects of offensive security, enabling organizations to prioritize their most critical vulnerabilities.One of the key points Fischer discusses is Hadrian's event-driven architecture, which allows the system to detect changes in real-time and reassess vulnerabilities accordingly. This ensures continuous monitoring and timely responses to new threats, adapting to the ever-changing IT environments. Another significant aspect covered is Hadrian's use of AI and machine learning to enhance the context and flexibility of security testing. Fischer explains that AI is selectively applied to maximize efficiency and minimize false positives, thus allowing for smarter, more effective security assessments.Fischer also shares insights on how Hadrian assists in automated risk remediation. The platform not only identifies vulnerabilities but also provides clear guidance and tools to address them. This is particularly beneficial for smaller security teams that may lack the resources to handle vast amounts of raw data generated by traditional vulnerability scanners. Additionally, Hadrian's ability to integrate with existing security controls and workflows is highlighted. Fischer notes the company's focus on user experience and the need for features that facilitate easy interaction with different stakeholders, such as IT teams and security engineers, for efficient risk management and remediation.In conclusion, Rogier Fischer articulates that the true strength of Hadrian lies in its ability to offer a hacker’s perspective through advanced AI-driven tools, ensuring that organizations not only identify but also effectively mitigate risks. By doing so, Hadrian empowers businesses to stay ahead in the ever-evolving cybersecurity landscape.Top Questions AddressedWhat drove the creation of Hadrian, and what gaps in the cybersecurity market does it fill?How does Hadrian's event-driven architecture ensure continuous risk assessment and adaptation to changing environments?How does Hadrian leverage AI and machine learning to improve the effectiveness of penetration testing and risk remediation?Learn more about Hadrian: https://itspm.ag/hadrian-5eiNote: This story contains promotional content. Learn more.Guest: Rogier Fischer, Co-Founder and CEO, Hadrian [@hadriansecurity]On LinkedIn | https://www.linkedin.com/in/rogierfischer/ResourcesView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 16, 202426 min

Ep 2078Punch Cards, Steam Engines, 48 Volt Batteries, Platform Engineering, and the AI Revolution: The Ongoing Evolution of Language-Based Software Development | An OWASP AppSec Global Lisbon 2024 Conversation with Oleg Shanyuk | On Location Coverage

Guest: Oleg Shanyuk, Platform Security, Delivery Hero [@deliveryherocom]On LinkedIn | https://www.linkedin.com/in/oleg-shanyuk/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode, Sean Martin discusses the complexities of application security (AppSec) and the challenges surrounding the integration of artificial intelligence (AI) with Oleg Shanyuk at the OWASP Global AppSec Global conference in Lisbon. The conversation delves into various aspects of AppSec, DevSecOps, and the broader scope of securing both web and mobile applications, as well as the cloud and container environments that underpin them.One of the core topics Martin and Shanyuk explore is the pervasive influence of AI across different sectors. AI's application in coding, for instance, can significantly expedite the development process. However, as Sean Martin highlights, AI-generated code may lack the human intuition and contextual understanding crucial for error mitigation. This necessitates deeper and more intricate code reviews by human developers, reinforcing the symbiotic relationship between human expertise and AI efficiency.Shanyuk shares insightful anecdotes about the history and evolution of programming languages and how AI's rise is reminiscent of past technological shifts. He references the advancement from physical punch cards to assembly languages and human-readable code, drawing parallels to the current AI boom. Shanyuk stresses the importance of learning from past technological evolutions to better understand and leverage AI's full potential in modern development environments.The conversation also explores the practical applications of AI in fields beyond straightforward coding. Shanyuk discusses the evolution of automotive batteries from 12 volts to 48 volts, paralleling this shift with how AI can optimize various processes in different industries. This evolution demonstrates the potential of technology to drive efficiencies and reduce costs, emphasizing the need for ongoing innovation and adaptation.Martin further navigates the discussion towards platform engineering, contrasting its benefits of consistency and control with the precision and customization needed for specific tasks. The ongoing debate encapsulates the broader dialogue within the tech community about finding the right balance between standardization and flexibility. Shanyuk's perspective offers valuable insights into how industries can leverage AI and platform engineering principles to achieve both operational efficiency and specialized functionality.The episode concludes with forward-looking reflections on the future of AI-driven models and their potential to transcend the limitations of human language and traditional coding paradigms. The thoughtful dialogue between Martin and Shanyuk leaves listeners with a deeper appreciation of the challenges and opportunities within the realm of AI and AppSec, encouraging continued exploration and discourse in these rapidly evolving fields.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesBret Victor: https://worrydream.com/Learn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 10, 202437 min

Ep 2077Cybersecurity Leadership: AL, Burnout, and Success Strategies | A Conversation with Jack Leidecker | The Soulful CXO Podcast with Dr. Rebecca Wynn

Guest: Jack Leidecker, Chief Information Security Officer, GongLinkedIn: https://www.linkedin.com/in/leideckerHost: Dr. Rebecca WynnOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/rebecca-wynn________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionIn this episode of the Soulful CXO, host Dr. Rebecca Wynn welcomes Jack Leidecker, the Chief Information Security Officer at Gong. Jack shares insights into his journey into cybersecurity, starting from pentesting and advancing to building robust security and compliance programs in the technology and financial sectors. Additionally, they discuss the importance of attending conferences like DEF CON for cybersecurity professionals, the importance of a responsible approach when using AI in cybersecurity, the need to validate outputs generated by AI systems to ensure accuracy and reliability. This validation process is crucial as it helps in verifying the results and identifying any potential errors or biases in the AI-generated outputs, legal liabilities, and more. Tune in to learn from these top world-class cybersecurity professionals.________________________________ResourcesBalancing Critical Thinking with Professionalism: A Guide to Constructive Feedbackhttps://medium.com/@soulfulcxo/balancing-critical-thinking-with-professionalism-a-guide-to-constructive-feedback-8888542a507fEnhancing Professional Communication: Strategies for Effective Feedback and Collaborationhttps://medium.com/@soulfulcxo/enhancing-professional-communication-strategies-for-effective-feedback-and-collaboration-2f3f3b5f9c38NIST AI Risk Management Frameworkhttps://www.nist.gov/itl/ai-risk-management-frameworkShields Up: Guidance for Corporate Leaders and CEOshttps://www.cisa.gov/shields-guidance-corporate-leaders-and-ceos________________________________Support:Buy Me a Coffee: https://www.buymeacoffee.com/soulfulcxo________________________________For more podcast stories from The Soulful CXO Podcast With Rebecca Wynn: https://www.itspmagazine.com/the-soulful-cxo-podcastITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 9, 202429 min

Ep 2076Syracuse Grad's Balancing Act: Juggling Multiple Hats from Academia to Entrepreneurship | A Conversation with Gaurav Sarraf | Off the Record with Saman — Student Abroad Podcast

Guest: Gaurav Sarraf, Security Software Engineer II, Lumen TechnologiesOn LinkedIn | https://www.linkedin.com/in/sarrafgsarraf/On Medium | https://sarrafgsarraf.medium.com/________________________________Host: Saman FatimaOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/saman-fatima________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionAre you from India? Wishing to come to the USA for your studies? Is your dream university - Syracuse University? If yes, grab a pen, paper, and water, and you are all good to know everything. From researching the dream university to getting selected and beating the elephant in the room (i.e. the VISA process) to settling up - you need to know EVERYTHING because, at the end of the day, it is a foreign land with a lot of newness, loneliness, and self-dependency.________________________________ResourcesJoin the BBWIC Foundation Community: https://www.bbwic.com/________________________________For more podcast stories from Off The Record With Saman: https://www.itspmagazine.com/off-the-record-with-saman-student-abroad-podcastWatch the video version on-demand on YouTube: https://www.youtube.com/watch?v=0954PDs3hFI&list=PLnYu0psdcllS96iavkI5nQsErJ3795ow6 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 8, 20241h 9m

Ep 2075The Future of Tech and Society at Viva Tech 2024 | An On Location VIVA TECH Conference 2024 Coverage Conversation with François Bitouzet

Guest: François Bitouzet, Managing Director at Viva Technology [@VivaTech]On LinkedIn | https://www.linkedin.com/in/fran%C3%A7ois-bitouzet-180a89/____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesEvent Recap and HighlightsMarco Ciappelli opens the discussion with a warm greeting, reflecting on his recent travel experiences and upcoming conferences. François Bitouzet, the guest of honor, then dives straight into the heart of the Viva Tech 2024 event, providing detailed insights into its scope, significance, and impact.An Overview of Viva TechFrançois explains that Viva Tech is a four-day event held annually in Paris, focusing on bringing together stakeholders in the innovation sphere. This year’s event saw the participation of 155,000 attendees from 120 countries, showcasing thousands of startups, tech leaders from companies like Google and Meta, corporate giants such as Audi and LVMH, as well as public sector representatives.The Unique Format and InitiativesOne of the most distinctive features of Viva Tech 2024 was its two-fold format. For the first three days, the event catered to the B2B audience, allowing startups and investors to network and collaborate. On the final day, it opened its doors to the general public. This approach aimed to make technology accessible to everyone, regardless of their professional background.François highlighted various initiatives like the “100+100” program, where 100 successful business women in tech spent a day mentoring young girls. This not only promoted diversity and inclusion but also inspired the next generation to pursue careers in technology.Focus on AI and Other InnovationsWhile Artificial Intelligence (AI) was a major talking point, François emphasized that the event delved deeper into how AI is shaping different business sectors rather than just focusing on the technology itself. By bringing in sector-specific insights, the event sought to provide a realistic perspective on the current impact and future potential of AI.Memorable Moments and CreativityFrançois shared several memorable moments from the event, including a live Q&A session with Elon Musk, who joined virtually to answer unfiltered questions from the audience. This showcased the raw and authentic engagement the event aims to foster.Another highlight was the collaboration with the European retailer FNAC, which set up a kiosk where speakers could sign books for the attendees. This initiative bridged the gap between traditional formats and modern technology, exemplifying how the old and the new can coexist harmoniously.Looking AheadAs the conversation winded down, Marco and François discussed the future of Viva Tech, hinting at more surprises and creative content for next year. François emphasized the importance of injecting poetry and romance—metaphorically speaking—into the world of tech to retain its human touch and inspirational value.Call to ActionFinally, Marco encouraged listeners to make plans to attend Viva Tech 2025, expressing his excitement about potentially meeting his audience in person. François echoed this sentiment, inviting everyone to experience the blend of innovation, business, and meaningful impact that Viva Tech promises.ConclusionThe episode concluded with both Marco and François expressing their shared optimism for the future of technology and its potential to not only transform industries but also enhance our quality of life. They agreed that events like Viva Tech are crucial in driving this change by making technology accessible, inclusive, and genuinely impactful.____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage____________________________ResourcesLearn more about VIVA TECH 2024: https://vivatechnology.com/____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 6, 202428 min

Ep 2074Young Frankenstein (or is it Frankenstream or Frankenscheme?) and the AI Revolution | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3

In the hilarious yet insightful tale, join the eccentric Dr. Frankenstream and his quirky assistant Igor, as they bring an AI system to life, only to face unexpected challenges and hilarious missteps. Discover how they, along with cybersecurity expert Inga, navigate the perils of modern technology, reminding us of the crucial balance between innovation and responsibility.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 4, 20244 min

Ep 2073Everyone is Living in Different Parts of the World, but There's Something That Attached Us All together | A conversation with Dalia Najjar | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman

Guest: Dalia Najjar, General Manager at Farouk Systems and Social Entrepreneurship Faculty Leader at Al-Quds Bard College for Arts and SciencesOn LinkedIn | https://www.linkedin.com/in/dalia-najjar-ab212643/On YouTube | https://youtu.be/KBwjaHq3G3c?si=uvUt0EkoSGvnF7Y5Hosts: Alejandro Juárez CrawfordOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawfordMiriam Plavin-MastermanOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman______________________Episode IntroductionDalia discusses her experiences in teaching social entrepreneurship and the impact it has on students. She emphasizes the need to identify problems and find solutions that meet the needs of the people we serve. The conversation also touches on the global collaboration and the power of humor in developing connections and innovation. The conversation explores the dynamic nature of truth and the power of constantly re-deriving old truths in new contexts. The conversation also touches on the challenges faced by students in Palestine and the impact of the political situation on their projects. The concept of solidarity and the sense of community that arises from working together to create change is discussed.______________________ResourcesHow to Launch Your Own Social Enterprise – Love the People You Serve: https://youtu.be/CRVtKfnKkfs?si=WBzERS8u7TNxT_Lq______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________For more podcast stories from What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman, visit: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford and https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 4, 20241h 8m

Ep 2072Elections and Political Stability | Cyber Cognition Podcast with Hutch and Len Noe

Hosts: HutchOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/hutchLen Noe, Technical Evangelist / Whitehat Hacker at CyberArk [@CyberArk]On Twitter | https://twitter.com/hacker_213On LinkedIn | https://www.linkedin.com/in/len-noe/______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode IntroductionIn this episode, Hutch and Len address the growing challenges that increasingly advanced technology poses to the integrity of elections and political stability.______________________ResourcesScarlett Johansson considers legal action against OpenAIhttps://www.wired.com/story/scarlett-johansson-v-openai-could-look-like-in-court/First AI Beauty Pageanthttps://www.wired.com/story/ai-beauty-pageant-world-ai-creator-awards/Microsoft recalls Recall featurehttps://www.zdnet.com/article/microsoft-delays-recall-after-security-concerns-and-asks-windows-insiders-for-help/Fake head transplant websitehttps://www.technologyreview.com/2024/05/23/1092848/that-viral-video-showing-a-head-transplant-is-a-fake-but-it-might-be-real-someday/Doppel fights candidate impersonation for 2024 electionhttps://www.doppel.com/blog/election-security______________________For more podcast stories from Cyber Cognition Podcast with Hutch, visit: https://www.itspmagazine.com/cyber-cognition-podcastWatch the video podcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS12r9wDntQNB-ykHQ1UC9U Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jul 4, 202444 min

Ep 2071Pedaling Towards The Stars (Read In English) | Stories Sotto Le Stelle Podcast | Short Stories For Children And The Young At Heart

PEDALING TOWARDS THE STARSOne fine day, in the squares of the city of Ciclopoli, large billboards appeared advertising a bicycle race; everyone could participate, from zero years and up. There wasn’t much information, but it suggested that those interested should contact the Association of Bicycles with Wheels, located at Via dei Manubri Number Eight, behind the playground. The citizens got informed. The start was scheduled for the first Saturday of June from the Piazzale of the Astronomical Observatory, next to the Municipal Library. The finish line was at the top of the Hill of Dreams, and the prize was a star for everyone who crossed the finish line. Registrations had already started and, of course, were free for everyone. Many requests for participation were received.There was a lot of talk about the event, and all the inhabitants of Ciclopoli, including animals, wanted to lend a hand. Volunteers were certainly not lacking. Finally, the day of departure arrived, and the city turned into a great festival. There was a lot of chatter from the balconies of the houses and even from the dome of the Astronomical Observatory, where some inhabitants had climbed to watch the start. Spectators from everywhere cheered on the race participants.Kites in bright colors were tied to the tricycles to keep an eye on the kids. In the playground, where the city's permanent puppet theater was located, the puppets peeked out to watch the show themselves; the strings moved, and a round of applause filled the air. The church bells rang in celebration. All the participants were ready at the start with bikes, unicycles, and tricycles, and all together they formed a varied and numerous group.The start took place despite the great confusion. Fortunately, some fawns were on duty along the race route. They had a megaphone and wore special headphones, which worked with voice transmission to communicate with each other. Little clouds in the clear sky acted as flying race assistants, drawing arrows to indicate the path to the runners at each intersection.Shortly after the start, a fawn took the megaphone: “Attention, attention, the grandfather with the green jacket has a flat tire.” Everyone stopped to wait for the tire to be repaired. Shortly after, a second fawn: “Everyone stop! The kid in the yellow shorts needs to pee.” Another brief stop and a little further ahead, the first refreshment stop. Sandwiches, sweets, and fruit were already ready to be distributed, and everyone lined up to refresh themselves. Tall-stemmed flowers wearing multicolored aprons served the cyclists as they arrived. After a great feast, they set off at full speed again. A small hare was running among the bushes at the edge of the road, and a boy in a purple shirt, curious as he was, left the race course to chase it. The nearby fawn took his megaphone: “New communication! Stop, everyone, a cyclist has gone off course,” he hurried to reach him and brought him back to the road. Everyone back on the saddle.Pedaling, pedaling, they reached the great Field of Happiness full of flowers where the grandparents got lost chasing butterflies and the children lay down to rest. Time was passing. “Let's hurry, let's hurry, the top is still far away,” said the grandparents. Owls, marmots, squirrels, and martens began to follow the runners, cheering them on. Meanwhile, the fawn on the lookout: “Help, the grandmother with the pink skirt has fallen,” but fortunately nothing was broken, and the race resumed quickly.The fastest cyclists happily reached the top of the Hill of Dreams in the early afternoon. The rest of the group arrived at sunset when it was already dark. It was later than expected, and at that point, they couldn't return to the city. How could they spend the night up there? They had no supplies, let alone blankets and sleeping bags. The animals following them understood the problem, and from the nearest farmhouse, they procured milk and cheese for everyone. They ate abundantly and, tired, lay down on the grass around the top after parking their bicycles. It was a bit chilly. In the night air, there was a great buzz. The stars were deciding what to do. They held hands and transformed the sky into a great blanket. How wonderful, a great warmth enveloped all the cyclists who fell asleep.Suddenly, while everything seemed calm, first a flash, then a thunder, and a powerful breath as if caused by the breath of a giant from the top of the hill. No fear, it was just the automatic anti-theft alarm to wake the sleeping cyclists. Awake and with their ears well-tuned to listen, they heard a strange tinkling coming from the free parking lot around the curve. This caused a commotion among the race participants, who jumped to their feet and ran towards the parking lot just in time to see some magpies, some real thieves: bicycle thieves. They had just stolen many parts: bolts, bells, chains, handlebars, rims, and spokes, carrying them away in flight. “What a disaster! And now what

Jul 3, 20248 min

Ep 2070The Implications of Generative AI on Digital Identity, Brand Protection, and Content Marketing: A Philosophical and Sociological Reflection | A Musing On Society & Technology with Marco Ciappelli and TAPE3 | Read by TAPE3

This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to the "Musing On Society & Technology" newsletter on LinkedIn.Sincerely, Marco Ciappelli and TAPE3________Marco Ciappelli is the host of the Redefining Society Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Sean Martin—where you may just find some of these topics being discussed. Visit Marco on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 28, 202410 min

Ep 2069From Theory to Process to Practice: Cracking Mobile and IoT Security and Vulnerability Management | An OWASP AppSec Global Lisbon 2024 Conversation with Abraham Aranguren | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Abraham Aranguren, Managing Director at 7ASecurity [@7aSecurity]On LinkedIn | https://www.linkedin.com/in/abrahamaranguren/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this On Location episode recorded in Lisbon at the OWASP AppSec Global event, Sean Martin engages in a comprehensive discussion with Abraham Aranguren, a cybersecurity trainer skilled at hacking IoT, iOS, and Android devices. The conversation delves into the intricacies of mobile application security, touching on both the technical and procedural aspects that organizations must consider to build and maintain secure apps.Abraham Aranguren, known for his expertise in cybersecurity training, shares compelling insights into identifying IoT vulnerabilities without physically having the device. By reverse engineering applications, one can uncover potential security flaws and understand how apps communicate with their IoT counterparts. For instance, Aranguren describes exercises where students analyze mobile apps to reveal hardcoded passwords and unsecured Wi-Fi connections used to manage devices like drones.A significant portion of the discussion revolves around real-world examples of security lapses in mobile applications. Aranguren details an incident involving a Chinese government app that harvests personal data from users' phones, highlighting the serious privacy implications of such vulnerabilities. Another poignant example is Hong Kong's COVID-19 contact-tracing app, which stored sensitive user information insecurely, revealing how even high-budget applications can suffer from critical security flaws if not properly tested.Sean Martin, drawing from his background in software quality assurance, emphasizes the importance of establishing clear, repeatable processes and workflows to ensure security measures are consistently applied throughout the development and deployment phases. He and Aranguren agree that while developers need to be educated in secure coding practices, organizations must also implement robust processes, including code reviews, automated tools for static analysis, and third-party audits to identify and rectify potential vulnerabilities.Aranguren stresses the value of pentests, noting that organizations often show significant improvement over multiple tests. He shares experiences of clients who, after several engagements, greatly reduced the number of exploitable vulnerabilities. Regular, comprehensive testing, combined with a proactive approach to fixing identified issues, helps create a robust security posture, ultimately making applications harder to exploit and dissuading potential attackers.For businesses developing apps, this episode underscores the necessity of integrating security from the ground up, continuously educating developers, enforcing centralized security controls, and utilizing pentests as a tool for both validation and education. The ultimate goal is to make applications resilient enough to deter attackers, ensuring both the business and its users are protected.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesLeaveHomeSafe Pentest Report: https://7asecurity.com/reports/pentest-report-leavehomesafe.pdfCoverDrop Pentest Report: https://7asecurity.com/reports/pentest-report-coverdrop.pdfWhy You Need a Pentest: https://www.youtube.com/watch?v=oBVTlKrLw-kLearn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 28, 202433 min

Ep 2068Book | Cybersecurity Law Fundamentals | Defining 'Reasonable Cybersecurity': A Legal Perspective | A Conversation with Author, Jim Dempsey | Redefining CyberSecurity and Society with Sean Martin and Marco Ciappelli

Guest: Jim Dempsey, Senior Policy Advisor, Stanford Program on Geopolitics, Technology and Governance [@FSIStanford]; Lecturer, UC Berkeley Law School [@BerkeleyLaw]On LinkedIn | https://www.linkedin.com/in/james-dempsey-8a10a623/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinHost: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliView This Show's Sponsors___________________________Episode NotesJoin Sean Martin and Marco Ciappelli for a dynamic discussion with Jim Dempsey as they unearth critical insights into the rapidly evolving field of cybersecurity law. Jim Dempsey, who teaches cybersecurity law at UC California Berkeley Law School and serves as Senior Policy Advisor to the Stanford Program on Geopolitics, Technology, and Governance, shares his extensive knowledge and experience on the subject, providing a wealth of information on the intricacies and developments within this legal domain.Cybersecurity law is a relatively new but increasingly important area of the legal landscape. As Dempsey pointed out, the field is continually evolving, with significant strides made over the past few years in response to the growing complexity and frequency of cyber threats. One key aspect highlighted was the concept of 'reasonable cybersecurity'—a standard that demands organizations implement adequate security measures, not necessarily perfect ones, to protect against breaches and other cyber incidents. This concept parallels other industries where safety standards are continually refined and enforced.The conversation also delved into the historical context of cybersecurity law, referencing the Computer Fraud and Abuse Act of 1986, which initially aimed to combat unauthorized access and exploitation of computer systems. Dempsey provided an enlightening historical perspective on how traditional laws have been adapted to the digital age, emphasizing the role of common law and the evolution of legal principles to meet the challenges posed by technology.One of the pivotal points of discussion was the shift in liability for cybersecurity failures. The Biden administration's National Cybersecurity Strategy of 2023 marks a significant departure from previous policies by advocating for holding software developers accountable for the security of their products, rather than placing the entire burden on end-users. This approach aims to incentivize higher standards of software development and greater accountability within the industry.The discussion also touched on the importance of corporate governance in cybersecurity. With new regulations from bodies like the Securities and Exchange Commission (SEC), companies are now required to disclose material cybersecurity incidents, thus emphasizing the need for collaboration between cybersecurity teams and legal departments to navigate these requirements effectively.Overall, the episode underscored the multifaceted nature of cybersecurity law, implicating not just legal frameworks but also technological standards, corporate policies, and international relations. Dempsey's insights elucidated how cybersecurity law is becoming ever more integral to various aspects of society and governance, marking its transition from a peripheral concern to a central pillar in protecting digital infrastructure and information integrity. This ongoing evolution makes it clear that cybersecurity law will continue to be a critical area of focus for legal professionals, policymakers, and businesses alike.Top Questions AddressedWhat is the importance of defining 'reasonable cybersecurity,' and how is this standard evolving?How has the shift in legal liability for cybersecurity incidents, particularly under the Biden administration, impacted the software industry?In what ways are historical legal principles, like those from the Computer Fraud and Abuse Act, being adapted to meet modern cybersecurity challenges?About the BookFirst published in 2021, Cybersecurity Law Fundamentals has been completely revised and updated.U.S. cybersecurity law is rapidly changing. Since 2021, there have been major Supreme Court decisions interpreting the federal computer crime law and deeply affecting the principles of standing in data breach cases. The Securities and Exchange Commission has adopted new rules for publicly traded companies on cyber incident disclosure. The Federal Trade Commission revised its cybersecurity rules under the Gramm-Leach-Bliley Act and set out new expectations for all businesses collecting personal information. Sector-by-sector, federal regulators have issued binding cybersecurity rules for critical infrastructure, while a majority of states h

Jun 28, 202447 min

Ep 2069From Air Force OSI Special Agent to Cybersecurity SVP: Wendi Whitmore's Leadership Journey Wend | The Leadership Student Podcast with MK Palmore

Guest: Wendi Whitmore, Palo Alto Networks [@PaloAltoNtwks]On Twitter | https://x.com/wendiwhitmoreOn LinkedIn | https://www.linkedin.com/in/wendiwhitmore2/______________________Host: MK Palmore, Host of The Leadership Student PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/mk-palmore______________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode DescriptionPresident of Palo Alto Networks' Unit 42. Wendy discusses her compelling journey from law enforcement to becoming a significant player in the cybersecurity sector. Listeners gain insights into her professional ethos, the challenges she's faced, and her perspectives on effective leadership in the fast-paced world of cybersecurity.Wendy elaborates on her career trajectory, detailing her experiences at renowned companies like Mandiant, CrowdStrike, and IBM. She highlights the unique challenges and rewards of scaling teams in small startups versus massive enterprises and sheds light on how her background in the Air Force helped shape her investigative approach to cyber threats.______________________Resources______________________To see and hear more of The Leadership Student Podcast with MK Palmore content on ITSPmagazine, visit: https://www.itspmagazine.com/the-leadership-student-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllQdltSIJ8lWqLiflyrMxFA5Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 28, 202433 min

Ep 2068Is Your App Security Culture Leaving Out the Basics? | A Brand Story Conversation From OWASP AppSec Global Lisbon 2024 | A Phoenix Security Story with Francesco Cipollone | On Location Coverage with Sean Martin and Marco Ciappelli

In this episode of the On Location, host Sean Martin engages in an insightful conversation with Francesco Cipollone, Co-founder and CEO of Phoenix Security, at the OWASP AppSec Global conference in Lisbon. They delve into the evolving landscape of application security, focusing on the pressing challenges and innovative solutions that are shaping the industry today.The discussion begins by exploring the potential and pitfalls of artificial intelligence (AI) in cybersecurity. Francesco highlights the dual role of AI as both a tool and a target within security frameworks. He emphasizes the importance of proper prompt engineering and specialized training data to avoid common issues, such as AI-generated libraries that don't actually exist. This leads to a broader conversation about how Phoenix Security utilizes AI to intelligently categorize and prioritize vulnerabilities, allowing security teams to focus on the most critical issues.The conversation then shifts to the concept of maturity models in vulnerability management. Francesco explains that many organizations are still struggling with basic security tasks and describes how Phoenix Security helps these organizations to quickly enhance their maturity levels. This involves automating the scanning process, aggregating data, and providing clear metrics that align security efforts with executive expectations.A significant portion of the episode is dedicated to the importance of collaboration and communication between security and development teams. Francesco stresses that security should be integrated into the spring planning process, helping developers to prioritize tasks in a way that aligns with overall risk management strategies. This approach fosters a culture of cooperation and ensures that security initiatives are seen as a valuable part of the development cycle, rather than a hindrance.Francesco also touches on the role of management in security practices, underscoring the need for aligning business expectations with engineering practices. He introduces the vulnerability maturity model that Phoenix Security uses to help organizations mature their security programs effectively. This model, which maps back to established OWASP frameworks, provides a clear path for organizations to improve their security posture systematically.The episode concludes with Francesco reflecting on the persistent basic security issues that organizations face and expressing optimism about the future. He is confident that Phoenix Security's approach can help businesses intelligently address these challenges and scale their security practices effectively.Learn more about Phoenix Security: https://itspm.ag/phoenix-security-sx8vNote: This story contains promotional content. Learn more.Guest: Francesco Cipollone, CEO & Founder at Phoenix Security [@sec_phoenix]On LinkedIn | https://www.linkedin.com/in/fracipo/On Twitter | https://twitter.com/FrankSEC42ResourcesLearn more and catch more stories from Phoenix Security: https://www.itspmagazine.com/directory/phoenix-securityView all of our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 28, 202417 min

Ep 2067Build Social Media Presence | A Conversation with Jackie Blundell | Locked Down Podcast With Kayla Williams and Taylor Parsons

Guest: Jackie Blundell, Senior Marketing Communications Manager, DevoOn Twitter | https://x.com/devo_IncOn LinkedIn | https://www.linkedin.com/in/jacquelineblundell/Hosts: Kayla WilliamsOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williamsTaylor ParsonsOn ITSPmagazine | https://itspmagazine.com/itspmagazine-podcast-radio-hosts/taylor-parsons________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionJackie takes Kayla and Taylor down the social media and content creation process and why it is so important for security practitioners and building your own personal brand.________________________________Resources________________________________For more podcast stories from The Locked Down Podcast With Kayla Williams and Taylor Parsons: https://itspmagazine.com/locked-down-podcastWatch the webcast version on-demand on YouTube:https://www.youtube.com/playlist?list=PLnYu0psdcllSNOVxx-zkXPYN6dxzuG8GG Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 28, 202427 min

Ep 2066Prioritizing Cyber Resilience for your Business | 7 Minutes on ITSPmagazine | A Short Brand Innovation Story From RSA Conference 2024 | A LevelBlue Brand Story with Theresa Lanowitz

We are in the era of dynamic computing – and while that gives way to innovation, it also escalates the risks every business faces. Computing no longer occurs solely within the perimeter, and cybersecurity threats are increasingly more sophisticated. In fact, organizations today operate in a climate where entire systems can be taken offline in just a few short hours – and leaders need to be prepared for recovery from an interruption to the networks, systems, or data that underpin their business. With the advent and proliferation of new technologies, there is more pressure than ever to secure organizations’ computing. Ultimately, the evolution of computing has forced businesses into a paradox of innovation and risk. They must balance technology with security and business resilience, which requires a new way of thinking.Conduct a thorough assessment of risk areas to understand the barriers across your IT estate.Assess your organization’s dynamic computing initiatives and design security measures from the outset of implementation to ensure compliance and mitigate future risks.Allocate resources strategically to align cybersecurity initiatives with business objectives across silos.Forge partnerships with external collaborators to augment your organization’s security expertise.Regularly adapt your approach to meet the demands of an evolving computing landscape and expanding attack surface.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueView all of our RSA Conference Coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 27, 20247 min

Ep 2065The Power of Personal Branding in the Age of AI and Social Media | A Conversation with Vladimer Botsvadze | Redefining Society with Marco Ciappelli

Guest: ✨ Vladimer Botsvadze, Global Marketing Thought LeaderOn Linkedin | https://www.linkedin.com/in/vladimerbotsvadze/On Twitter | https://twitter.com/VladoBotsvadzeWebsite | https://www.vladimerbotsvadze.com/____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBlackCloak 👉 https://itspm.ag/itspbcwebBugcrowd 👉 https://itspm.ag/itspbgcweb_____________________________Episode IntroductionUnderstanding Personal Branding with Vladimer BotsvadzeHello, everybody. This is Marco Ciappelli, Redefining Society podcast on ITSB magazine podcast network. As you know, here we talk about technology and society and how each one affects the other.In today's episode, we're diving deep into a topic close to my heart and essential in the digital age—personal branding. I'm thrilled to welcome Vladimer Botsvadze, a globally renowned digital transformation marketing influencer, to share his insights on this critical subject.The Importance of Personal BrandingPersonal branding has never been more significant than it is today. Vlad kicks off the discussion by highlighting his extensive experience, spanning over 15 years, in guiding executives and entrepreneurs to achieve market leadership. Recognized for his expertise and featured in major media outlets like Forbes and Bloomberg, Vlad underscores that being known is a competitive advantage in the digital age.Vlad explains, "Marketing is no longer about just pushing messages. It's about creating an emotional connection with your audience." He cites examples from companies like Amazon, Harley Davidson, and Starbucks, emphasizing that building a strong community around your brand is key to long-term success.Technology's Role in Personal BrandingWith the advent of AI, many fear that jobs and even personal brands could be at risk. Marco raises an essential point about the fear surrounding AI's impact on personal branding. Vlad responds by stating that while AI will undoubtedly reshape industries, those who effectively build their personal brands will remain in high demand. "Emotional connection is what sets you apart," says Vlad.He clarifies that the true power of brands like Tesla and Nike lies in their ability to humanize and build strong emotional bonds with their audience. By leveraging social media, individuals and companies can maintain these connections on a large scale.AI: Friend or Foe?Are we heading towards a future where AI-created virtual influencers dominate social media? Vlad shares his belief that AI is the most revolutionary technology today. It allows brands to personalize their messaging and engage with consumers on an unprecedented level. Companies leveraging AI for better consumer insights and strategic decisions are more likely to stay competitive."We need to become long-term thinkers," Vlad advises. This principle applies not only to large corporations but also to individuals striving to build their personal brands. By continually adapting, being experimental, and focusing on consumer-centric strategies, both brands and influencers can thrive.Practical Tips for Building Your Personal BrandWrapping up the episode, Marco asks Vlad for actionable advice for those just starting on their personal branding journey. Vlad emphasizes three key points:Show Gratitude: Always appreciate your followers, no matter how few. Building a strong community starts with acknowledging and valuing your audience.Create Valuable Content: Publish content that is in your followers' best interest. Avoid sales pitches and focus on storytelling that educates and entertains.Leverage Social Media: Use platforms like Twitter, Instagram, and LinkedIn to distribute your content and connect with billions of potential followers—all at no cost.ConclusionAs we navigate the digital age, personal branding becomes an essential tool for standing out in a crowded marketplace. Through thoughtful engagement, creating meaningful content, and leveraging the power of technologies like AI, anyone can build a compelling personal brand.By following Vlad's insights and strategies, individuals and brands alike can harness the transformative power of personal branding in today's tech-driven world. For more enlightening discussions, be sure to tune in to future episodes of Redefining Society._____________________________Resources ____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information

Jun 27, 202435 min

Ep 2064Winning Buy-In: Mastering the Art of Communicating (the Value of) Security (Culture) to Management | An OWASP AppSec Global Lisbon 2024 Conversation with Ida Hameete | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Ida Hameete, Application Security Consultant, ZenrosiOn LinkedIn | https://www.linkedin.com/in/idahameete/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin____________________________Episode NotesJoin Sean Martin in this episode of "On Location" as he speaks with Ida Hameete at the OWASP Global AppSec Conference in Lisbon. Sean and Ida dive into the critical topic of creating a robust security culture within organizations. The conversation begins with an overview of the conference, emphasizing the importance of building secure applications that protect both users and businesses.Ida, with her extensive background in product ownership and security strategy, shares her unique perspective on why a security culture is integral to an organization's overall success. She explains that fostering a security culture isn't merely about training engineers but involves a collective effort from management and executive teams to prioritize and endorse security practices.Ida underscores the significance of aligning security culture with company culture, arguing that this alignment leads to smoother operations and fewer security breaches. She elaborates on how companies with strong security awareness often use their secure products as a marketing tool to differentiate themselves in the marketplace. This strategic approach not only enhances product safety but also provides a competitive edge.The discussion also touches on the common issues where management's lack of understanding or support for security measures can hinder effective implementation. Sean and Ida explore how management's commitment to security, demonstrated through adequate resource allocation and strategic planning, can drive a positive security culture through the entire organization.Ida provides practical examples from her experience, illustrating how purpose-driven business cultures can naturally incorporate security into their core values, benefiting both employees and customers. She highlights that a well-integrated security culture can lead to better workflows, reduced costs, and enhanced customer experiences.Towards the end of their conversation, Ida reflects on the necessity of communicating the business value of security to upper management, suggesting that this approach can shift the perception of security from a fear-driven mandate to a valuable business asset. She encourages leaders to find their company's purpose and align security practices with that mission to achieve sustainable success.Listeners are invited to attend Ida's session, "Winning Buy-In: Mastering the Art of Communicating Security to Management" at the conference, which promises to offer deeper insights into securing executive support for security initiatives.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesLearn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/Ida's Session: https://owaspglobalappseclisbon2024.sched.com/event/1VdB4/winning-buy-in-mastering-the-art-of-communicating-security-to-management____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 27, 202422 min

Ep 2063Beyond "The Conceivable Future": Reimagining Our Climate Narrative | A conversation with Dr Meghan Elizabeth Kallman | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman

Guest: Dr. Meghan Elizabeth Kallman, PhD, Rhode Island State Senator and Associate Professor, School for Global Inclusion and Social Development UMASS BostonOn Twitter | https://x.com/MeghanEKallmanOn LinkedIn | https://www.linkedin.com/in/meghan-kallman-6030a3229/Website | https://meghankallman.com/Hosts: Alejandro Juárez CrawfordOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawfordMiriam Plavin-MastermanOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman______________________Episode IntroductionIn this episode, the we explore the importance of engaging in difficult conversations with people who hold different beliefs. The conversation highlights the necessity of building bridges and finding common ground to nurture a culture of understanding and justice.Additionally, the episode touches on the intersection of reproductive rights and climate change, discussing the impact of climate change on public health and the need for comprehensive solutions. The role of technology in facilitating conversations and learning is also discussed, with an emphasis on its potential to connect people and provide access to information.Tune in to get insights on how we can collectively address the climate crisis and create a more just and sustainable future.______________________ResourcesThe Conceivable Future: Planning Families and Taking Action in the Age of Climate Change (Book): https://rowman.com/ISBN/9781538179697/The-Conceivable-Future-Planning-Families-and-Taking-Action-in-the-Age-of-Climate-Change______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________For more podcast stories from What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman, visit: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford and https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 27, 202458 min

Ep 2062Book | Conspiracy Ignited | A Conversation With Author Raymond Paul Johnson | Audio Signals Podcast With Marco Ciappelli

Guest: Raymond Paul Johnson, NovelistOn LinkedIn | https://www.linkedin.com/in/raymond-paul-johnnson-author-attorney/On Twitter | https://twitter.com/RPJohnsonBooksOn Website | https://RaymondPaulJohnson.comOn Facebook | https://www.Facebook.com/RaymondPaulJohnsonThrillerWriterOn Instagram | https://www.Instagram.com/raymondpauljohnson_author_____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network_____________________________Episode IntroductionIn the latest episode of the "Audio Signals Podcast," Marco Ciappelli welcomes Raymond Paul Johnson to discuss his new book, "Conspiracy Ignited," the ins and outs of storytelling, and the personal and professional journey from United States Air Force fighter pilot to engineer on the space shuttle program, successful trial lawyer, and ultimately to becoming a novelist. The candid conversation unveils insights into Ray's writing process, the challenges he faced, and the elements that make his thriller a compelling read.The Introduction: A Deep Dive into Stories and StorytellingMarco Ciappelli opens the episode with a warm welcome to the listeners, setting the stage for a journey into storytelling, creativity, and the essence of creating narratives. He introduces Raymond Paul Johnson, noting the fascinating transitions in Ray's career and how his life experiences culminate in the creation of his first novel, "Conspiracy Ignited."Raymond begins by expressing his excitement and gratitude for being on the show and looking forward to the engaging discussion.Who is Raymond Paul Johnson?Ray shares a bit about his past, including his time as a combat pilot in the Air Force, his stint as an engineer on the space shuttle program, and his eventual transition to becoming a trial lawyer. He humorously recounts a prophetic encounter with his high school teacher who foresaw his future as something other than an engineer or pilot. This narrative paints a vivid picture of his multifaceted life, leading up to his unexpected yet fulfilling path as a novelist.Ray's Writing Journey: From Courtrooms to Creative PagesOne of the key takeaways from the discussion is Ray's approach to writing. He identifies himself as a "pantser" — a writer who doesn't plot out the story but allows it to evolve organically. This method, he explains, makes the process enjoyable and keeps him surprised by the twists and turns his characters take.He shares his influences, including Hemingway, and underscores the importance of writing what you know. For Ray, this means crafting narratives that intertwine his personal experiences with fiction, creating a textured and believable story.Exploring "Conspiracy Ignited"The conversation naturally flows into the main topic of the episode — Ray's novel, "Conspiracy Ignited." Marco praises the book's ability to blend reality with fiction and inquires about the real-life inspirations behind the characters and plotlines. Ray dives deeper into the protagonist, Eric Ridge, a lawyer who is also a former CIA combat pilot, and how his life mirrors certain aspects of Ray's own experiences.Ray touches on significant themes in his book, like post-traumatic stress disorder (PTSD), based on his interactions with veterans and his work with the American Legion’s "Be The One" program. This initiative focuses on supporting veterans suffering from PTSD, and Ray incorporates this real-world issue seamlessly into his narrative, adding depth and provoking thought.The Art of StorytellingMarco and Ray shift the discussion to the broader concept of storytelling. Ray reflects on his years as a trial lawyer, explaining how vital storytelling is in presenting cases and engaging juries. He shares that the best trial lawyers, much like good writers, are compelling storytellers who can convey facts in a captivating and memorable manner.Ray also emphasizes the broader applications of storytelling in everyday life, including teaching, advertising, and even personal interactions. This part of the conversation resonates with listeners, highlighting the universal importance of good storytelling.Wrapping Up: An Invitation to Read "Conspiracy Ignited"As the episode winds down, Marco offers Ray the floor to invite listeners to read his book. Ray shares his journey of getting "Conspiracy Ignited" traditionally published and how its recognition in manuscript competitions helped him bypass the often daunting process of securing an agent and publisher.He encourages aspiring writers to put their work out there and to stay persistent, providing invaluable advice for those looking to make their mark in the literary world.ConclusionThis episode of t

Jun 26, 202436 min

Ep 2061Mastering Cybersecurity: Jainam's Enlightening Journey Through Graduate Studies and Beyond | A Conversation with Jainam Basra | Off the Record with Saman — Student Abroad Podcast

Guest: Jainam Basra, Cybersecurity Analyst and TechnufOn LinkedIn | https://www.linkedin.com/in/jainam-basra/________________________________Host: Saman FatimaOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/saman-fatima________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionAre you from India? Wishing to come to the USA for your studies? Is your dream university - the University of Maryland? If yes, grab a pen, paper, and water, and you are all good to know everything. From researching the dream university to getting selected and beating the elephant in the room (i.e. the VISA process) to settling up - you need to know EVERYTHING because, at the end of the day, it is a foreign land with a lot of newness, loneliness, and self-dependency.________________________________ResourcesJoin the BBWIC Foundation Community: https://www.bbwic.com/________________________________For more podcast stories from Off The Record With Saman: https://www.itspmagazine.com/off-the-record-with-saman-student-abroad-podcastWatch the video version on-demand on YouTube: https://www.youtube.com/watch?v=0954PDs3hFI&list=PLnYu0psdcllS96iavkI5nQsErJ3795ow6 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 26, 202454 min

Ep 2060The Importance of Cyber Peace | A Conversation with Gabrielle Botbol | The Soulful CXO Podcast with Dr. Rebecca Wynn

Guest: Gabrielle Botbol, Offensive Security Advisor, DesjardinsWebsite: https://csbygb.github.io/LinkedIn: https://www.linkedin.com/in/gabriellebotbol/Twitter/X: https://twitter.com/Gabrielle_BGBHost: Dr. Rebecca WynnOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/rebecca-wynn________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionIn this episode of the Soulful CXO, host Dr. Rebecca Wynn welcomes Gabrielle Botbol, Offensive Security Advisor at Desjardins. Additionally, she is a trusted advisor to numerous organizations, an award-winning ethical hacker, and a distinguished cybersecurity blogger. She shares her journey from being an actress to becoming an award-winning ethical hacker and cybersecurity blogger. She discusses the importance of transitioning skills from other fields to cybersecurity, offers valuable insights on proactive cybersecurity measures individuals can take to protect themselves from cyber threats, the significance of cyber peace, and practical tips to safeguard against phishing attacks. If you're looking for motivation, career advice, or simply interested in cybersecurity, this episode is a must-listen!________________________________ResourcesFrom Selfies to Security Breaches: Pentesting Androidhttps://www.rsaconference.com/Library/presentation/usa/2024/from%20selfies%20to%20security%20breaches%20pentesting%20androidCSbyGB's Pentipshttps://csbygb.gitbook.io/pentipsFraud Resourceshttps://www.occ.treas.gov/topics/consumers-and-communities/consumer-protection/fraud-resources/index-fraud-resources.html________________________________Support:Buy Me a Coffee: https://www.buymeacoffee.com/soulfulcxo________________________________For more podcast stories from The Soulful CXO Podcast With Rebecca Wynn: https://www.itspmagazine.com/the-soulful-cxo-podcastITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 25, 202425 min

Ep 2059Cybersecurity as a Profit Center: Transforming Risk into Opportunity | A Conversation with Robert Fernandes | Redefining CyberSecurity with Sean Martin

Guest: Robert Fernandes, Chief Information Security Officer, The Investment Center, Inc.On LinkedIn | https://www.linkedin.com/in/robert-fernandes-cybersecurity/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin engages in a compelling conversation with Robert Fernandes, CISO at the Investment Center, a financial service provider based in New Jersey. Together, they delve into the concept of viewing cybersecurity not merely as a cost center but as a profit center. This innovative perspective is fundamentally altering how businesses approach their cybersecurity investments.Sean Martin opens the discussion by addressing the evolving landscape of cybersecurity. He highlights how traditional views of cybersecurity — such as those held for an insurance policy — are outdated. Robert Fernandes agrees and emphasizes that times have changed; there's a growing need for businesses to leverage their cybersecurity posture as a competitive advantage. He advocates for the proactive use of a robust cybersecurity program to attract clients and secure trust, much like other marketing strategies.Drawing parallels from various industries, Fernandes notes that grocery stores and restaurants don't just sell food; they sell safe and high-quality food experiences. Similarly, automobile manufacturers sell not just vehicles but also safety and comfort. In the same vein, cybersecurity should be seen as an integral part of the product, enhancing its value and appeal to customers. For Fernandes, this shift in thinking can transform a company's cybersecurity program from a necessary expense into a key marketing asset.Fernandes also discusses the importance of breaking down silos within organizations. Effective communication between different departments, such as marketing, operations, and cybersecurity, can lead to a more cohesive strategy where cybersecurity is embedded in the company's culture and operations. This integration can significantly enhance the company's security posture, making it a selling point rather than an afterthought.One particularly intriguing point Fernandes makes is the role of education in shifting perceptions about cybersecurity. He stresses the need to inform and educate stakeholders - from end-users to executives - about the importance of cybersecurity. By moving past buzzwords and misconceptions, businesses can better understand and articulate the value of their cybersecurity measures to clients and partners. Martin and Fernandes also touch on the role of cyber insurance in conveying trust. A robust cyber insurance policy can serve as a testament to the company's strong security posture, further building client confidence.Ultimately, the conversation underscores that by rethinking cybersecurity - from product design to marketing and beyond - businesses can realize substantial benefits. This episode is a must-listen for business leaders looking to turn their cybersecurity efforts into a profitable and strategic advantage.Top Questions AddressedHow can businesses transform cybersecurity from a cost center to a profit center?What are the benefits of breaking down organizational silos in cybersecurity strategy?How does educating stakeholders affect the perception and effectiveness of cybersecurity?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesInspiring Post: https://www.linkedin.com/pulse/cybersecurity-profit-center-transforming-risk-robert-fernandes-uskwe___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 24, 202431 min

Ep 2058Demystifying Microsegmentation | 7 Minutes on ITSPmagazine | A Zero Networks Brand Story with Benny Lakunishok

Earlier this year, the NSA released updated zero-trust guidance in which microsegmentation is listed as a daunting, advanced endeavor, only suitable to the most mature organizations. Zero Networks is committed to challenging this sentiment. While some may hesitate, thinking microsegmentation is beyond their reach, we urge organizations to reconsider. Waiting is not an option when it comes to securing your network against evolving threats. By prioritizing microsegmentation, you're taking a proactive stance against unauthorized lateral movement, thwarting advanced attacks, and effectively blocking ransomware. Zero Networks has helped organizations of all sizes, maturity, and complexity levels to deploy our radically simple microsegmentation solution in a click, without breaking anything, and with little to no effort.As ransomware attacks double, microsegmentation has been hailed by Gartner, Forrester, the NSA, and leading security trade media outlets, as the most promising solution for halting lateral movement and satisfying zero trust guidelines. You can’t have a zero trust architecture without microsegmentation – but you also need to implement a solution quickly, without breaking anything, and without extensive costs and complexities. Zero Networks offers exactly this solution. Zero Networks' microsegmentation solution locks down lateral movement, effectively stranding hackers and preventing them from spreading ransomware. For an added layer of security, we apply MFA authentication to the network layer, allowing organizations to protect assets that could not be easily protected by MFA before: legacy applications, databases, OT/IoT devices, mainframes, on-prem VMs, and IaaS VMs. Our just-in-time MFA also applies an additional layer of security to privileged remote admin protocols like RDP, SSH, and WinRM – commonly exploited by attackers. This also supports organizations with compliance needs. “Never trust, always verify” comes automatically with Zero Networks.Zero Networks' microsegmentation solution provides agentless, automated, and multi-factor authentication (MFA) powered architecture. By monitoring and learning all network connections over a 30-day period, Zero Networks creates precise firewall rules that are centrally applied to all assets. This agentless architecture ensures that every asset, whether on-premises or in the cloud, including OT/IoT devices, is segmented without disrupting normal operations. One of the key challenges with traditional microsegmentation solutions is their complexity and associated costs. Forrester highlights the difficulty in quantifying the business benefits of microsegmentation due to its indirect impact on productivity and user experience. A global independent investment bank, Evercore, was undergoing the major challenge of effectively responding to an incident when a workstation was compromised, and a threat actor was able to gain access to their network to move laterally. They had firewalls, whitelists, blacklists and other measures that could slow them down but nothing that could immediately shut them down. Chris Turek, CIO of Evercore, said “Zero Networks is creating a new sphere of security capabilities.See the platform for yourself - reach out to us at zeronetworks.com for a demo.Learn more about Zero Networks: https://itspm.ag/zeronet-al2d2Note: This story contains promotional content. Learn more.Guest: Benny Lakunishok, Co-Founder and CEO, Zero Networks [@ZeroNetworks]On LinkedIn | https://www.linkedin.com/in/bennyl/On Twitter | https://x.com/lakunishokResourcesLearn more and catch more stories from Zero Networks: www.itspmagazine.com/directory/zero-networksLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 21, 20247 min

Ep 2057AI Development: Can Ethics Keep Up with Innovation? | A Conversation with Aric Perminter, Pam Kamath, Darrell Hawkins, and Taiye Lambo | Redefining CyberSecurity with Sean Martin

Guests: Taiye Lambo, Founder of Holistic Information Security Practitioner Institute (HISPI), Founder and Chief Technology Officer of CloudeAssurance, Inc.On LinkedIn | https://www.linkedin.com/in/taiyelambo/Pam Kamath, Founder, Adaptive.AIOn LinkedIn | https://www.linkedin.com/in/pamkamath/Aric Perminter, CEO, Lynx Technology Partners, LLC.On LinkedIn | https://www.linkedin.com/in/aricperminter/Darrel Hawkins, Cyber Chief Technology Officer, Otis Elevator Co.On LinkedIn | https://www.linkedin.com/in/darrellhawkinscissp/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesThe latest episode of Redefining CyberSecurity Podcast brought together a distinguished panel of experts to delve into the intricacies of artificial intelligence, its benefits, and its risks. Hosted by Sean Martin, the panel included Aric Perminter, Founder and Chairman of Lynx Technology Partners; Pam Kamath, Founder of Adaptive AI; Darrell Hawkins, an IT industry veteran with extensive experience in cybersecurity; and Taiye Lambo, who established the Holistic Information Security Practitioner Institute in Atlanta, Georgia. One of the primary topics discussed was the pervasive influence of AI in various industries, particularly the dichotomy between generative AI and traditional AI.Pam Kamath highlighted the overlooked capabilities of traditional AI in fields like healthcare, which already show significant advancements in areas such as radiology. This underscores the point that while generative AI, epitomized by models like ChatGPT, garners much of the public's attention, traditional AI applications continue to evolve and solve complex problems efficiently.Darrell Hawkins brought a commercial perspective into the discourse, emphasizing the balancing act between leveraging AI for profitability versus ensuring societal safety. The key takeaway was that AI's role in enhancing productivity and creating new opportunities is undeniable, yet it is imperative to remain vigilant about its societal implications, such as privacy concerns and job displacement.Taiye Lambo shared insights from his experience with AI's practical applications in cyber operations. He underscored the diversity of AI's utility, from improving threat intelligence to automating secure responses, demonstrating its potential to transform cybersecurity protocols dramatically. Lambo also provided a thought-provoking view on privacy, suggesting that with the integration of AI into daily operations, the traditional concept of privacy might inevitably evolve or even diminish.Aric Perminter, focusing on sales and operational efficiencies, shared his insights on how AI-driven analytics can profoundly impact sales strategies, enhancing proposal effectiveness and positioning high-value services. This reflects AI’s broader potential to revolutionize internal business processes, making organizations nimbler and more data-driven. A common thread throughout the discussion was the emphasis on learning from past technological advances, like the adoption of cloud services, to guide AI implementation.Sean Martin and the panelists agreed that clear use cases and identified outcomes remain critical to leveraging AI effectively while managing risks thoughtfully. In doing so, organizations can harness AI's strengths without repeating past mistakes. Ultimately, the episode revealed that the journey with AI entails navigating both opportunities and risks. By focusing on practical applications and maintaining a vigilant eye on ethical and societal concerns, businesses and individuals can find a balanced approach to integrating AI into their ecosystems. This nuanced conversation serves as a valuable guide for anyone looking to understand and leverage the power of AI in a meaningful and responsible way.Top Questions AddressedWhy do we need a special view on AI compared to data and applications?How is AI being integrated into various industries and what are the implications?What are the risks and opportunities associated with AI adoption?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesBeyond the hype: Capturing the potential of AI and gen AI in tech, media, and telecom: https://www.mckinsey.com/~/media/mckinsey/industries/technology%20media%20and%20telecommunications/high%20tech/our%20insights/beyond%20the%20hype%20capturing%20the%20potential%20of%20ai%20and%20gen%20ai%20in%20tmt/beyond-the-hype-capturing-the-potential-of-ai-and-gen-ai-in-tmt.pdfAI Summit Roundtable Topics S

Jun 21, 20241h 5m

Ep 2056Hurricanes, Hacktivists, & HPCs: Building Resilience for the Compute Era | A Conversation With Dr. Melanie Garson and Sean Martin | Redefining Society with Marco Ciappelli

Guests: ✨ Dr. Melanie Garson, Cyber Policy & Tech Geopolitics Lead, Tony Blair Institute for Global Change [@InstituteGC]On LinkedIn | https://www.linkedin.com/in/melaniegarson/Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBlackCloak 👉 https://itspm.ag/itspbcwebBugcrowd 👉 https://itspm.ag/itspbgcweb_____________________________Episode IntroductionIn an era where technology is the backbone of society, resilience in the face of cyber threats, natural disasters, and geopolitical strife is paramount. This was the focal point of the discussion between Sean Martin, Marco Ciappelli, and Dr. Melanie Garson in their recent conversation on "Hurricanes, Hacktivists, & HPCs: Building Resilience for the Compute Era."Dr. Melanie Garson, the Cyber and Tech Geopolitics Lead at the Tony Blair Institute for Global Change and Associate Professor at University College London, brings a wealth of expertise to the topic. Her work revolves around understanding how new and disruptive technologies like cyber warfare, brain-computer interfaces, and genetic engineering affect global stability. This episode delves into her insights on the evolving landscape of cyber resilience and the steps needed to brace for future challenges.The conversation begins with an exploration of how legacy infrastructure poses a significant risk to our digital and physical security. Dr. Garson emphasizes the importance of addressing these foundational elements, noting examples like the 2006 earthquake in Taiwan, which disrupted 22 communication cables. She warns of the potential catastrophes linked to outdated infrastructure and underscores the need for modernization and robust protection against not just cyberattacks but physical disruptions as well.The geopolitical aspect of technology is another critical element discussed. Dr. Garson highlights the role of private companies like Microsoft and Amazon in global conflicts, noting the effects seen during the Russia-Ukraine conflict where cloud services played a pivotal role in preserving data. This involvement signals a shift in how we understand power dynamics and control over critical technologies and raises questions about the responsibilities and decision-making processes of these tech giants. Furthermore, the discussion covers the intersection of emergency situations and technological dependencies.Using real-world instances like the hurricane in West Africa that knocked out major cables, Marco Ciappelli and Sean Martin emphasize how such events lead to significant economic impacts, illustrating how interconnected and vulnerable our systems are. Dr. Garson also touches upon the evolving nature of warfare, especially with the advent of electromagnetic spectrum manipulation and the reliance on GPS technologies. She notes the increasing use of electromagnetic interference for strategic advantage, a trend seen in ongoing global conflicts. The idea of compute diplomacy—ensuring countries have the sustainable computational power needed to remain competitive and secure—resonates strongly throughout their dialogue.The conversation wrapped with a powerful call to action: the need for both public and private sectors to address vulnerabilities throughout the entire tech stack, not just the application layer. This holistic approach is essential to safeguarding our digital infrastructure against a multitude of threats.In conclusion, building resilience in the compute era requires a multi-faceted approach that integrates robust cyber defense, modernized infrastructure, and a keen understanding of the geopolitical landscape. The insights shared by Dr. Melanie Garson underscore the importance of proactive measures and collaborative efforts in securing our interconnected world. This episode serves as a crucial reminder that as technology advances, so must our strategies to protect against emerging threats.Top Questions AddressedWhat are the biggest threats to our current digital infrastructure and how can we address them?How do geopolitical dynamics and private tech companies influence global cyber resilience?What role does emerging technology play in modern warfare and how should we prepare for it?_____________________________ResourcesHurricanes, Hacktivists & HPCs: Building Resilience for the Compute Era (Session): https://www.ukcyberweek.co.uk/uk-cyber-week-2024-agenda/hurricanes-hacktivists-hpcs-building-resilience-for-the-compute-eraThe State of Access to Compute Index 2023: https://www.institute.global/insights/tech-and-digitalisation/state-of-compute-access-how-to-bridge-the-new-digital-divideUK Cyber Week Exp

Jun 19, 202436 min

Ep 2055In the Same Site We Trust: Navigating the Landscape of Client-side Request Hijacking on the Web | An OWASP AppSec Global Lisbon 2024 Conversation with Soheil Khodayari | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Soheil Khodayari, Security Researcher, CISPA - Helmholtz Center for Information Security [@CISPA]On LinkedIn | https://www.linkedin.com/in/soheilkhodayari/On Twitter | https://x.com/Soheil__K____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, co-host Sean Martin embarks on a solo journey to cover the OWASP AppSec Global event in Lisbon. Sean welcomes Soheil Khodayari, a security researcher at the CISPA Helmholtz Center for Information Security in Saarland, Germany, to discuss the intricacies of web security, particularly focusing on request forgery attacks.They dive into Soheil’s background, noting his extensive research in web security and privacy, with interests spanning vulnerability detection, internet measurements, browser security, and new testing techniques. Soheil aims to share valuable insights on request forgery attacks, a prevalent issue in web security that continues to challenge developers and security professionals alike.The conversation transitions to an in-depth exploration of client-side request forgery and how these attacks differ from traditional cross-site request forgery (CSRF). Soheil elaborates on the evolution of web applications and how shifting functionalities to client-side code has introduced new, complex vulnerabilities. He identifies the critical role of input validation and the resurgence of issues related to improper handling of user inputs, which attackers can exploit to cause unintended actions on authenticated sessions.As they prepare for the upcoming OWASP Global AppSec event, Soheil highlights his session, titled "In the Same Site We Trust: Navigating the Landscape of Client-Side Request Hijacking on the Web," scheduled for Thursday, June 27th. He emphasizes the relevance of the session for developers and security professionals who are eager to learn about modern request hijacking techniques, defense mechanisms, and how to detect these vulnerabilities using automated tools.The discussion touches on the landscape of modern browsers, the effectiveness of same-site cookies as a defense-in-depth strategy, and the limitations of these measures in preventing client-side CSRF attacks. Soheil mentions the development of a vulnerability detection tool designed to mitigate these sophisticated threats and invites attendees to integrate such tools into their CI/CD pipelines for enhanced security.Sean and Soheil ultimately reflect on the importance of understanding the nuances of web application security. They encourage listeners to attend the session, engage with the community, and explore advanced security practices to safeguard their applications against evolving threats. This engaging episode sets the stage for a deep dive into the technical aspects of web security at the OWASP Global AppSec event.Top Questions AddressedWhat are request forgery attacks and how have they evolved over time?How do modern browsers and applications handle security against these attacks?What will Soheil Khodayari's session at OWASP Global AppSec cover and who should attend?Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesIn the Same Site We Trust: Navigating the Landscape of Client-side Request Hijacking on the Web (Session): https://owaspglobalappseclisbon2024.sched.com/event/1VdAy/in-the-same-site-we-trust-navigating-the-landscape-of-client-side-request-hijacking-on-the-webLearn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of per

Jun 19, 202416 min

Ep 2054It's Just Software, What Could Possibly Go Wrong? Exploring Deterministic GenAI and AI Trust Cards | An OWASP AppSec Global Lisbon 2024 Conversation with Isabel Praça, Dinis Cruz, and Rob van der Veer | On Location Coverage

Guests:Isabel Praça, Coordinator Professor, ISEP - Instituto Superior de Engenharia do PortoOn LinkedIn | https://www.linkedin.com/in/isabel-pra%C3%A7a-07b86310/At OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/icpDinis Cruz, Chief Scientist at Glasswall [@GlasswallCDR] and CISO at Holland & Barrett [@Holland_Barrett]On LinkedIn | https://www.linkedin.com/in/diniscruz/On Twitter | https://twitter.com/DinisCruzAt OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/dinis.cruzRob van der Veer, Senior director at Software Improvement Group [@sig_eu]On Linkedin | https://www.linkedin.com/in/robvanderveer/On Twitter | https://twitter.com/robvanderveerAt OWASP | https://owaspglobalappseclisbon2024.sched.com/speaker/rob_van_der_veer.1tkia1sy____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, host Sean Martin embarks on a solo adventure to discuss the upcoming OWASP AppSec Global conference in Lisbon. He is joined by three distinguished guests: Isabel Praça, a professor and AI researcher; Dinis Cruz, an AppSec professional and startup founder; and Rob van der Veer, a software improvement consultant and AI standards pioneer.The episode kicks off with introductions and a light-hearted comment about Sean’s co-host, Marco Ciappelli, who is more of a psychology enthusiast while Sean delves into the technical aspects. Sean expresses his enthusiasm for the OWASP organization and its impactful projects, programs, and people.Each guest contributes unique insights into their work and their upcoming presentations at the conference. Isabel Praça, from the Polytechnic of Porto, shares her journey in AI and cybersecurity, emphasizing her collaboration with the European Union Agency for Cybersecurity (ENISA) on AI security and cybersecurity skills frameworks. She underscores the importance of interdisciplinary expertise in AI and cybersecurity and discusses her concept of "trust cards" for AI, which aim to provide a comprehensive evaluation of AI models beyond traditional metrics.Dinis Cruz, a longstanding member of OWASP with extensive experience in AppSec, brings attention to the challenges and opportunities presented by AI in scaling application security. He discusses the importance of a deterministic approach to AI outputs and provenance, advocating for a blend of traditional AppSec practices with new AI-driven capabilities to better understand and secure applications.Rob van der Veer, founder of the OpenCRE team and a veteran in AI, elaborates on the integration of multiple security standards and the essential need for collaboration between software engineers and data scientists. He shares his perspective on AI’s role in security, highlighting the pitfalls and biases associated with AI models and the necessity of applying established security principles to AI development.Throughout the episode, the conversation touches on the complexities of trust, the evolving landscape of AI and cybersecurity, and the imperative for ongoing collaboration and education among professionals in both fields. Sean wraps up the episode with a call to action for data scientists and AppSec professionals to join the conference, either in person or through recordings, to foster a deeper understanding and collective advancement in AI-enabled application security.Listeners are encouraged to attend the OWASP AppSec Global conference in Lisbon, where they can expect not only insightful sessions but also vibrant discussions and networking opportunities in a picturesque setting.Key Questions AddressedWhat roles and expertise are needed to effectively address AI and cybersecurity challenges?How does AI bring new dimensions to application security and what traditional methods remain relevant?Why is it important for data scientists and cybersecurity professionals to collaborate?Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesTrust Cards for AI (Session): https://owaspglobalappseclisbon2024.sched.com/event/1VTaD/trust-cards-for-aiDeterministic GenAI Outputs with Provenance (Session): https://owaspglobalappseclisbon2024.sched.com/event/1VTaO/deterministic-genai-outputs-with-provenanceAI is just software, what could possibly go wrong? (Session): http

Jun 19, 202434 min

Ep 2053Deepfakes, Publicity Rights, and the ELVIS Act: The Intersection of Intellectual Property, AI, and Your Likeness | A Conversation with JC Heinbockel | Redefining CyberSecurity with Sean Martin

Guest: JC Heinbockel, Associate, Seyfarth Shaw LLPOn LinkedIn | https://www.linkedin.com/in/j-c-heinbockel-6563996a/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode of Redefining CyberSecurity, Sean Martin delves into an intriguing conversation with JC Heinbockel, an intellectual property lawyer specializing in brand protection. The episode primarily focused on the intersection of the ELVIS Act and rights of publicity in the age of AI.The discussion kicked off with JC Heinbockel providing a primer on intellectual property and the rights of publicity. He explained that while intellectual property encompasses discrete categories such as copyrights, patents, and trademarks, the right of publicity is more nuanced and often intertwined with personal privacy rights. Essentially, the right of publicity allows individuals to exploit their likenesses for commercial purposes or prevent others from doing so without permission. Heinbockel emphasized that the right of publicity is particularly relevant to celebrities and public figures whose likenesses hold significant market value. However, with the advent of generative AI and deepfake technology, protecting one's likeness has become more complicated.The new ELVIS Act in Tennessee is designed to address these challenges by extending the right of publicity to include voices and by explicitly targeting the misuse of likenesses through deepfake technology. The episode also touched on various instances where deepfake technology has already led to unauthorized use of celebrity likenesses. JC Heinbockel cited examples like deepfake ads featuring Clint Eastwood and Tom Hanks, highlighting the legal and ethical complications these technologies introduce.The Elvis Act serves as a legislative response to these advancements, aiming to protect individuals' likenesses from unauthorized commercial exploitation. For business leaders and security professionals, the conversation underscored the imperative need to develop robust AI policies, especially within marketing and advertising departments. Heinbockel urged organizations to carefully navigate the use of AI in creating content, as both the input and output of AI-generated material need to be scrutinized for compliance with existing laws and ethical standards. Moreover, the potential pitfalls of using generative AI extend beyond marketing to areas such as customer support and even internal operations.Heinbockel warned of the risks associated with using AI platforms that might inadvertently disclose confidential information or generate legally dubious content. He emphasized the necessity of setting strict guidelines and having comprehensive policies in place to mitigate these risks.The episode concluded with a call to action for companies to be proactive in understanding the implications of using AI and to plan accordingly. By doing so, they can better navigate the complex legal landscape surrounding intellectual property and publicity rights in the digital age. This timely discussion with JC Heinbockel highlights not just the challenges but also the opportunities for businesses to adapt and thrive in this evolving technological environment.Top Questions AddressedWhat are the rights of publicity, and how do they relate to intellectual property laws?How does the ELVIS Act in Tennessee address the challenges posed by deepfake technology?What should businesses be aware of when using AI to ensure they are compliant with legal and ethical standards?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesThe Gadgets, Gigabytes, & Goodwill Blog: https://www.gadgetsgigabytesandgoodwill.com/___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 18, 202439 min

Ep 2052Kushal's Odyssey: From IIT to USC PhD - Finally PhinisheD | Conversation with Kushal Chawla | Off the Record with Saman — Student Abroad Podcast

Guest: Kushal Chawla, Applied Researcher, Capital One [@AskCapitalOne]On LinkedIn | https://www.linkedin.com/in/kushalchawla/Website | https://kushalchawla.github.io/________________________________Host: Saman FatimaOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/saman-fatima________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionAre you from India? Wishing to come to the USA for your studies? Do you wish to do your Doctorate?Is your dream university - the University of Southern California? If yes, grab a pen, paper, and water, and you are all good to know everything. From researching the dream university to getting selected and beating the elephant in the room (i.e. the VISA process) to settling up - you need to know EVERYTHING because, at the end of the day, it is a foreign land with a lot of newness, loneliness, and self-dependency.________________________________ResourcesJoin the BBWIC Foundation Community: https://www.bbwic.com/________________________________For more podcast stories from Off The Record With Saman: https://www.itspmagazine.com/off-the-record-with-saman-student-abroad-podcastWatch the video version on-demand on YouTube: https://www.youtube.com/watch?v=0954PDs3hFI&list=PLnYu0psdcllS96iavkI5nQsErJ3795ow6 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 17, 20241h 16m

Ep 2051The Focus on Community and Empathy-Driven Culture Behind BlackCloak's Success in Attracting Passionate Professionals | A BlackCloak Brand Story with Chris Pierson, Matt Covington, and Ryan Black

In this BlackCLoak Brand Story, hosts Sean Martin and Marco Ciappelli engage in an in-depth conversation with Founder Chris Pierson, Chief Information Security Officer Ryan Black, and Product Manager Matt Covington. The discussion explores the company’s dedication to protecting security and privacy for CISOs, executives, and high-net-worth individuals.The episode kicks off with Martin and Ciappelli extending a warm welcome to Pierson, Black, and Covington while highlighting the mission-driven approach of BlackCloak. Pierson elaborates on BlackCloak’s unique focus on protecting not just organizations but also extending security measures to the personal lives of executives and their families. This connection underscores the significance of safeguarding home environments, which are increasingly becoming targets for cyberattacks.Covington shares his intriguing journey from having a master's degree in literary theory to becoming involved in cybersecurity, emphasizing the importance of empathy in product development. He explains how BlackCloak's technology seeks to scale its services efficiently by automating repetitive tasks, thereby allowing their experts to focus on critical problem-solving for clients.Throughout the conversation, Ryan Black describes the flexible, personalized concierge service that BlackCloak offers, aimed at addressing the unique security needs of individuals outside the corporate framework. He emphasizes that their approach goes beyond traditional enterprise security, focusing on protecting personal devices and networks that executives use at home.The episode also touches on the emotional and psychological aspects of cybersecurity, illustrating how personal experiences with phishing attacks have driven both Black and Covington in their professional paths. The hosts and guests also discuss the personal side of cybersecurity, addressing behavioral vulnerabilities and the integration of user-friendly technology in personal security measures.Finally, the session highlights the collaborative and proactive culture at Black Cloak, where team members are committed to going above and beyond to protect their clients. This episode offers listeners valuable insights into how BlackCloak is pioneering an empathetic and comprehensive approach to cybersecurity.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuests: Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonRyan Black, Chief Information Security Officer, BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/ryancblack/Matt Covington, VP of Product, BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/mecovington/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebBlackCloak welcomes Ryan Black: https://www.linkedin.com/posts/blackcloak_personalcybersecurity-cybersecurity-executiveprotection-activity-7198293889777098752-Bd5zAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 17, 202438 min

Ep 2050A Hundred Thousand Small Experiments | A Conversation with Dr Sebastian Groh | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman

Guest: Dr Sebastian Groh, Managing Director at SOLshare and Professor at BRAC Business SchoolOn LinkedIn | https://www.linkedin.com/in/sebastian-groh-solshare/On Facebook | https://www.facebook.com/sebastian.groh.14On YouTube | https://www.youtube.com/@solshareHosts: Alejandro Juárez CrawfordOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawfordMiriam Plavin-MastermanOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman______________________Episode IntroductionWe discuss the limitations of relying on a few major players to solve the problem and emphasizes the importance of empowering local innovators who understand the challenges firsthand. The conversation also highlights the need to redirect investments towards climate solutions and away from companies that contribute to emissions. It suggests creating a platform or portfolio of climate entrepreneurs in the global south to provide funding and support for their initiatives. Collaboration among these entrepreneurs is seen as crucial for accelerating progress. The conversation explores the need to empower regular people to become entrepreneurs and create solutions to local problems. It highlights the importance of developing a mindset that believes in the ability to make a difference.______________________ResourcesHow SOLshare’s Sebastian Groh Wants to Create a Wave of Climate Startups: https://www.wired.com/sponsored/story/how-solshares-sebastian-groh-wants-to-create-a-wave-of-climate-startups/To solve the climate crisis, go global – and bottom up: https://www.climateandcapitalmedia.com/to-solve-the-climate-crisis-go-global-and-bottom-up/______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________For more podcast stories from What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman, visit: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford and https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 14, 202452 min

Ep 2050Practical Privacy by Design - Building Secure Applications that Respect Privacy | An OWASP AppSec Global Lisbon 2024 Conversation with Kim Wuyts and Avi Douglen | On Location Coverage with Sean Martin and Marco Ciappelli

Guests: Kim Wuyts, Manager Cyber & Privacy, PwC Belgium [@PwC_Belgium]On LinkedIn | https://www.linkedin.com/in/kwuyts/On Twitter | https://twitter.com/WuytskiOn Mastodon | https://mastodon.social/@kimwAvi Douglen, CEO / Board of Directors, Bounce Security & OWASPOn LinkedIn | https://www.linkedin.com/in/avidouglen/On Twitter | https://twitter.com/sec_tigger____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, host Sean Martin offers a deep dive into the OWASP AppSec Lisbon event, engaging in a meaningful conversation with Kim Wuyts and Avi Douglen. Sean starts by setting the stage for an insightful discussion focused on privacy, security, and the integration of both in modern application development.Kim Wuyts, a Cyber and Privacy Manager at PwC Belgium, shares her journey from a security researcher to a privacy engineering expert, emphasizing the importance of privacy threat modeling and the intricate balance between security and privacy. She explains how privacy not only strengthens security but also involves complex considerations like legal, ethical, and technological aspects. Kim highlights the need for companies to adopt privacy by design, ensuring data is used with care and transparency, rather than merely being collected and stored.Avi Douglen, Lead Consultant at Bounce Security, brings his experience in threat modeling to the conversation, recounting his learning curve in understanding the depths of privacy beyond mere confidentiality. He speaks about the importance of educating security engineers on privacy considerations and using value-driven security to protect stakeholders' interests. Avi stresses that privacy and security should be integrated from the beginning of the application development process to avoid clashes and ensure robust, privacy-respecting systems.Throughout the discussion, the guests delve into various privacy engineering practices, including data minimization, the handling of meta-information, and the potential conflicts between security requirements and privacy needs. They touch on real-world scenarios where privacy can enhance overall security posture and how privacy engineering aligns with compliance requirements such as GDPR.Sean, Kim, and Avi also explore the concept of architectural data mapping and selecting the right components for privacy. They discuss the evolving skill set required for privacy engineering and how integrating privacy with existing security practices can add significant value to any organization.The episode concludes with a look at the upcoming training session at the OWASP AppSec event in Lisbon, emphasizing the need for a diverse audience, including security engineers, privacy professionals, and developers. This session aims to foster a collaborative environment where participants can expand their knowledge and apply practical privacy by design principles in their work.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesTraining: https://lisbon.globalappsec.org/trainings/#sku_PPBDThreat modeling manifesto: https://www.threatmodelingmanifesto.org/Learn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 14, 202432 min

Ep 2049Application Security: Standards, UI, Identity, Access, Cryptography, Process, and More | An OWASP AppSec Global Lisbon 2024 Conversation with Jim Manico | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Jim Manico, Founder and Secure Coding Educator, Manicode SecurityOn LinkedIn | https://www.linkedin.com/in/jmanico/On Twitter | https://x.com/manicode____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, host Sean Martin engages in a compelling discussion with Jim Manico about the current landscape of application security. Jim, a notable leader in the field, delves into several critical topics surrounding application security and its evolving challenges.The conversation opens by touching on the significant influence of artificial intelligence (AI) on application security, suggesting a future episode dedicated entirely to exploring this complex topic. They then shift focus to the necessity of having a formalized approach when dealing with security vulnerabilities. Jim underscores the importance of planning and preparation before tackling security threats, emphasizing that structured processes lead to more effective management of potential issues.A significant portion of the dialogue explores the challenges associated with identifying and managing vulnerable or outdated libraries within codebases. Jim and Sean discuss how modern development practices often lead to the incorporation of various libraries, each of which can introduce potential security risks if not properly maintained. The intricacies of keeping these libraries updated to prevent vulnerabilities are highlighted, including the frequent necessity of updating or replacing libraries to ensure robust security.Jim also touches upon the noise generated by automated security findings, which can overwhelm development teams with alerts and potential issues. He stresses the value of effectively prioritizing and addressing these findings to ensure that the most critical vulnerabilities are tackled promptly, reducing the risk of exploitation.Throughout the episode, Jim and Sean highlight the balance that must be struck between developing new features and maintaining a secure, resilient application environment. Ensuring that security is integrated into the development lifecycle rather than being an afterthought is a recurring theme in their discussion.This engaging episode provides listeners with a deep dive into the strategic and tactical aspects of application security, offering valuable insights and practical advice on navigating the often complex and ever-evolving security landscape.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our OWASP AppSec Global Lisbon 2024 coverage: https://www.itspmagazine.com/owasp-global-2024-lisbon-application-security-event-coverage-in-portugalOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTzdBL4GGWZ_x-B1ifPIIBVBe sure to share and subscribe!____________________________ResourcesTraining: https://lisbon.globalappsec.org/trainings/#sku_ASTJMOWASP ASVS: https://github.com/OWASP/ASVS/tree/master/5.0/enOWASP Cheatsheet Series: https://cheatsheetseries.owasp.org/Learn more about OWASP AppSec Global Lisbon 2024: https://lisbon.globalappsec.org/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 14, 202431 min

Ep 2048Cybersecurity and Pop Culture | Locked Down Podcast With Kayla Williams and Taylor Parsons

Hosts: Kayla WilliamsOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williamsTaylor ParsonsOn ITSPmagazine | https://itspmagazine.com/itspmagazine-podcast-radio-hosts/taylor-parsons________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionKayla and Taylor take to pop culture references and how that intersects with Security. We dive deep into some of the best cultural references to security, hacking, and technology when it comes to books, tv shows, and movies.________________________________Resources________________________________For more podcast stories from The Locked Down Podcast With Kayla Williams and Taylor Parsons: https://itspmagazine.com/locked-down-podcastWatch the webcast version on-demand on YouTube:https://www.youtube.com/playlist?list=PLnYu0psdcllSNOVxx-zkXPYN6dxzuG8GG Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 14, 202437 min

Ep 2047Decoding Human-Centered Cybersecurity with Security Attitudes | A Conversation with Julie Haney and Dr. Cori Faklaris | Redefining CyberSecurity with Sean Martin

Guests: Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology [@NISTcyber]On LinkedIn | https://www.linkedin.com/in/julie-haney-037449119/On Twitter | https://x.com/jmhaney8?s=21&t=f6qJjVoRYdIJhkm3pOngHQDr. Cori Faklaris, Assistant Professor, University of North Carolina at Charlotte [@unccharlotte], Director, Security and Privacy Experiences (SPEX) research group [@SPEX_lab]On LinkedIn | https://www.linkedin.com/in/corifaklaris/On Twitter | https://twitter.com/heycoriOn Mastodon | https://hci.social/@HeycoriOn Facebook | https://www.facebook.com/heycori____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this new episode of the Redefining CyberSecurity Podcast, host Sean Martin and co-host Julie Haney welcomed Dr. Cori Faklaris, an assistant professor at the University of North Carolina, Charlotte, to discuss the intricate relationship between human-centered research and cybersecurity. Dr. Faklaris, who leads the Security and Privacy Experience Research Group at the university, shared valuable insights on the intersection of human behavior and security practices.The episode delved into Dr. Faklaris' extensive research on security attitudes and behaviors. She introduced the Security Attitudes (SA) scales, particularly the SA-6 and SA-13, which are tools designed to measure people's security attitudes. These scales provide a reliable and valid means to gauge individuals' perspectives on cybersecurity, which can be critical for organizations looking to enhance their security training programs. By regularly measuring security attitudes before and after training, organizations can assess the effectiveness of their initiatives and identify areas for improvement. Dr. Faklaris emphasized the importance of considering not just attitudes but also social norms and perceived behavioral control when examining security behaviors.A significant portion of the discussion centered around the challenges posed by smishing—phishing attacks conducted via SMS. Dr. Faklaris highlighted that younger people and college students are particularly vulnerable to such attacks. Her research indicates that demographic factors can influence susceptibility to smishing, underscoring the need for targeted awareness campaigns and tailored security measures.The episode also touched on the broader implications of trust and usability in communication systems, with Dr. Faklaris stressing the importance of clear and trustworthy communication channels to prevent user fatigue and mistrust. In addition to her academic endeavors, Dr. Faklaris is spearheading a new cybersecurity clinic at UNC Charlotte. This initiative aims to support local organizations, particularly small businesses and non-profits, by providing them with valuable cybersecurity guidance and services free of charge. The clinic, which will involve student teams working on real-world problems, seeks to bridge the gap between academic research and practical application while fostering community engagement and providing hands-on experience to students.The episode serves as a treasure trove of insights for security leaders and practitioners, offering practical advice on enhancing security training and awareness programs. By leveraging research-backed methods and fostering community partnerships, organizations can better navigate the complex human factors that influence cybersecurity practices. Dr. Faklaris' work serves as a powerful reminder of the critical role human-centered approaches play in building robust and effective security frameworks.Top Questions AddressedHow can you measure security attitudes?What is smishing and why are younger people more vulnerable to it?How can organizations utilize human-centered research to enhance their security training programs?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________Resources___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 13, 202448 min

Ep 2046Master Class: How to Spot AI-Generated Content | A Conversation with Michele Stuart | The Soulful CXO Podcast with Dr. Rebecca Wynn

Guest: Michele Stuart, CEO, Keynote Speaker, OSINT Trainer, JAG InvestigationsWebsite: https://www.jaginvestigations.com/LinkedIn: https://www.https://www.linkedin.com/in/michele-stuart-jag Host: Dr. Rebecca WynnOn ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/rebecca-wynn________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionIn this episode of the Soulful CXO, host Dr. Rebecca Wynn welcomes back Michele Stuart, CEO of JAG Investigation. Her expertise lies in Open-Source Intelligence (OSINT), counterintelligence, insurance fraud investigations, financial investigations, threat assessments/mitigation, due diligence, organized retail crime, and corporate and competitive intelligence. She provides consulting and training services to federal, state, and local law enforcement agencies, military intelligence communities, Fortune 500 companies, and the financial and insurance industries. Additionally, she has served as an instructor at Quantico (FBI Academy) for international training in OSINT (Open-Source Intelligence), is a keynote speaker, and teaches classes for many professional organizations. Learn how to spot AI fakes, how to proactively train yourself and your team, learn practical tools, deep-fakes awareness, cyberbullying, legal issues, and how to better protect your privacy.________________________________ResourcesAI Generated or Human?https://www.whichishuman.comReverse Image Searchhttps://www.tineye.comFace Recognition Search Engine & Reverse Image Searchhttps://www.pimeyes.comAI Art Generatorhttps://www.starryai.com________________________________Support:Buy Me a Coffee: https://www.buymeacoffee.com/soulfulcxo________________________________For more podcast stories from The Soulful CXO Podcast With Rebecca Wynn: https://www.itspmagazine.com/the-soulful-cxo-podcastITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 11, 202431 min

Ep 2045The Present and Future of Cybersecurity Culture | An Infosecurity Europe 2024 Conversation with Aston Martin's CISO Robin Smith | On Location Coverage with Sean Martin and Marco Ciappelli

Guest: Robin Smith, CISO of Aston Martin [@astonmartin]On LinkedIn | https://www.linkedin.com/in/robin-s-78148a133/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe latest episode of "On Location With Marco and Sean" features an in-depth discussion with Robin Smith, the Chief Information Security Officer (CISO) at Aston Martin. Recorded live in the media room at Infosecurity Europe 2024 in London, this episode explores the essential role of culture in cybersecurity. Sean Martin and Marco Ciappelli guide the conversation, touching on everything related to the complexities of organizational security culture.The IcebreakerThe conversation kicks off with some light-hearted banter about yogurt and its cultural significance, setting a relaxed tone before diving into the serious business of cybersecurity. Sean and Marco's playful exchange effectively breaks the ice, before Sean introduces Robin Smith, emphasizing how this conversation is the final one in their Infosecurity Europe coverage. Robin reciprocates with a warm thank you, before sharing insights on Aston Martin’s cybersecurity culture.Life at Aston MartinRobin elaborates on his role at Aston Martin, revealing that he considers himself the "luckiest man in cyber." He explains how a commitment to high-quality IT initially existed at Aston Martin but not a fully developed cybersecurity culture. Over the past three years, his mission has been to build that culture, aligning it with Aston Martin’s values and brand prestige.Building a Cybersecurity CultureRobin describes how he introduced a comprehensive security program that aligns with Aston Martin’s renowned design and engineering standards. He discusses the importance of integrating cybersecurity as a full-spectrum approach to business improvement, not just a technological add-on.Lessons LearnedThe conversation shifts to some of the challenges and failures encountered along the way. Robin recounts an ambitious but ultimately unsuccessful attempt to engage the board with an open-source intelligence report on their personal information. Though the exercise did not go as planned, it provided invaluable lessons on cultural sensitivity and resource allocation.The Vision for the FutureRobin and Sean discuss the forward-thinking mindset necessary to navigate both immediate and long-term cybersecurity challenges. Robin emphasizes the need for a balanced approach that combines visionary planning with effective tactical response. He highlights Aston Martin's ambition for full automation and AI-driven security measures.Impact on Customers and CommunityMarco Ciappelli raises the question of how this robust security culture affects Aston Martin's customers. Robin assures that high-value customers expect the best, including top-notch security. He underscores the importance of securing the entire value chain, from suppliers to dealership networks.Community and CollaborationSean explores the role of community among CISOs. Robin shares his positive experiences with the automotive CISO community, emphasizing the value of honest and sometimes brutal feedback. This collaborative environment helps him and his peers continually improve their security programs.Wrapping UpAs the conversation winds down, both hosts thank Robin for his insights. They reflect on the passion and dedication evident in the cybersecurity community throughout the event. Sean invites Robin for another discussion on cyber futurism, hinting at more intriguing conversations to come.Marco and Sean close the episode by thanking their audience and expressing their excitement for future events. They hope to see everyone again at next year's Infosecurity Europe, promising more engaging content and enlightening discussions.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTcLEF2H9r2svIRrI1P4QkrBe sure to share and subscribe!____________________________ResourcesLearn more about InfoSecurity Europe 2024: https://itspm.ag/iseu24reg____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/re

Jun 11, 202426 min

Ep 2044Exploring Cyber Insurance Nuances Across Europe | An Infosecurity Europe 2024 Conversation with Marcin Gajkowski and Michal Balwinski from Generali Poland | On Location Coverage with Sean Martin and Marco Ciappelli

Guests: Marcin Gajkowski, Head of Liability Underwriting Team, Generali PolandOn LinkedIn | https://www.linkedin.com/in/marcin-gajkowski-4a6685134/ Michal Balwinski, Senior Underwriter and Cyber Practice Leader, Generali PolandOn LinkedIn | https://www.linkedin.com/in/micha%C5%82-balwi%C5%84ski-136105197/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesExploring Cyber Insurance Nuances Across Europe with Generali Poland at InfoSecurity Europe 2024Picture this: bustling conversations, gleaming booths, and thought-provoking sessions at InfoSecurity Europe 2024, held in the vibrant city of London. Amidst this atmosphere, Sean Martin and Marco Ciappelli of "On Location With Marco and Sean" invite listeners into a fascinating discussion focusing on the intricacies of cyber insurance within Europe. Joined by two brilliant minds from Generali Poland, Marcin Gajkowsky and Michal Balwinski, this episode immerses us into understanding cyber insurance and its varied landscape across the continent.Setting the Scene: InfoSecurity Europe 2024The episode kicks off with Marco and Sean's characteristically witty banter. They joked about their numerous travels and questioned their whereabouts, reflecting the lively and spontaneous spirit of live recording. They also introduce their esteemed guests, Marcin Gajkowsky and Michal Balwinski, from Generali Poland. The discussion's setting is none other than the renowned InfoSecurity Europe event, where cybersecurity professionals gather to forge connections and share innovative security solutions.Understanding Cyber Insurance: Perspectives from Generali PolandMarcin Gajkowsky, leading Generali Poland's Liability Team, opens up about his journey into cyber insurance. Despite his initial background in casualty and professional indemnity underwriting, Gajkowsky has grown passionate about the potential and challenges of cyber insurance, especially within Poland. With the deployment of their local cyber insurance policy in 2021, Generali Poland has committed to navigating and shaping this emerging market.Michal Balwinski, a senior underwriter and cyber insurance practice leader at Generali Poland, delves further into the policies and market dynamics. He highlights the significant knowledge gap in Central and Eastern Europe, a relic of historical and geopolitical contexts. This awareness gap necessitates steps for thorough market education and awareness building, ensuring businesses understand and value the importance of cyber insurance.Market Dynamics: Diversity Across EuropeBalwinski emphasizes the differing levels of cyber risk awareness across Europe. The UK, Western Europe, and the Mediterranean regions each present unique insurance needs and challenges based on their levels of digital sophistication and historical development. Poland's market reveals a stark contrast with larger enterprises adopting sophisticated vendor technologies akin to global banks, while smaller and mid-sized companies lag behind, often unaware of the essential benefits and protections cyber insurance provides.Adapting to the Market: Educational and Technological PartnershipsReflecting on the unique role of cyber insurance, the Generali Poland team outlines their approach to nurturing client relationships. They provide comprehensive risk assessments, engaging conversations, and tailored recommendations. True to their philosophy, Generali Poland extends beyond the role of mere policy provider, establishing themselves as committed partners in their clients' cybersecurity journeys.One pivotal shift in insurance strategy involved offering additional prevention tools alongside policies, such as an anti-phishing package equipped with cutting-edge security kits. The goal is to bridge the evident gap in cyber preparedness among smaller enterprises, ensuring they have robust mitigation measures in place before a policy comes into effect.Resilience and Ransomware: To Pay or Not to Pay?A highlight of the discussion revolves around ransomware and the ethical and practical dilemmas associated with ransom payments. Marcin and Michal elucidate Generali Poland's firm stance against paying ransoms, except in extraordinary circumstances where lives are at stake. They stress that paying ransoms perpetuates the cycle of cybercrime funding and escalation. Instead, their approach focuses on bolstering clients' overall cyber resilience through comprehensive support, including 24/7 incident response services, business interruption coverage, and holistic risk management.Conclusion: Building a Borderless Cyber-Aware FutureAs the insightful conv

Jun 11, 202424 min

Ep 2043Jump Into Our DeLorean and Travel Back and Forth Into the Future | An Infosecurity Europe 2024 Conversation with Madelein van der Hout and Paul McKay from Forrester | On Location Coverage with Sean Martin and Marco Ciappelli

Guests: Madelein van der Hout, Senior Analyst Security & Risk at Forrester [@forrester]On LinkedIn | https://www.linkedin.com/in/madelein-van-der-hout-65452025/On Twitter | https://x.com/HoutMadeleinPaul McKay, Vice President, Research Director at Forrester [@forrester]On LinkedIn | https://www.linkedin.com/in/paul-mckay-5304a115/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Human Side of CybersecurityInfosecurity Europe 2024 in London brought together some of the industry's most knowledgeable professionals. Marco Ciappelli and Sean Martin, your hosts, were joined by Madeline Van Der Hout, Paul McKay, both from Forrester, and various other experts to discuss the latest trends, challenges, and solutions within the cybersecurity landscape. This exciting episode of "On Location With Marco and Sean" dives deep into essential topics such as the significant role of the human element in cybersecurity, skill shortages, industry fragmentation, and future trends.Reimagining Cybersecurity: Back to the FutureThe episode begins with a nostalgic touch as Sean Martin and Marco Ciappelli discuss the iconic movie "Back to the Future". Drawing a parallel between the film's theme of time travel and the evolving cybersecurity landscape, they emphasize how the industry might benefit from lessons of the past while anticipating the future.The Reality of Cybersecurity InnovationMadeline Van Der Hout and Paul McKay shed light on the changing dynamics of cybersecurity events. Paul mentions that events like Infosecurity Europe must now compete with other regional events like CyberSec Europe in Brussels. This healthy competition fosters localized insights and innovations.Madeline adds that cybersecurity innovation often stems from startups. She believes these events stimulate larger vendors to communicate with smaller startups, thus supporting the entire ecosystem.API Security: A Case for ConsolidationBoth Paul and Madeline reflect on the notable presence of API security vendors at the conference. Madeline points out the consolidation in the market driven by various approaches to API security. CISOs today expect API security to be an integral part of their infrastructure, driving the conversation towards prioritization and efficient resource management.The Human Element and Mental HealthOne of the crucial points discussed was the significant skill shortage in the cybersecurity industry. Madeline stresses the need for more conversations around mental health and burnout prevention among cybersecurity professionals. Paul supports this by highlighting common hiring challenges where organizations are often looking for the "purple squirrel" or the "five-legged sheep."Training and Educating Future TalentThe conversation moves towards the barriers to entry for new talent in the industry. Both experts agree that focusing on certifications alone can create a class divide. Paul argues that this practice restricts access to the industry for those unable to afford costly certifications.Madeline emphasizes the need to work closely with HR departments to create better job profiles and hiring practices. This could alleviate some of the industry's talent shortages.Cybersecurity's Future: More Than Just a Business ProblemMadeline takes a broader view by asserting that cybersecurity is not just a business problem. It's a civilian issue as well, affecting everyone with a digital footprint. She encourages leveraging the power of informed voting and education to address cybersecurity at a societal level.Data-Driven Decision Making: The Key to Security's EvolutionSean Martin concludes by discussing the immense data available in the cybersecurity sector. He emphasizes the potential for the industry to drive businesses by making better, data-driven decisions. Paul agrees, pointing out the need for cybersecurity to evolve similarly to how the CIO function has over the years.Conclusion: A Call for Innovation and HumanityThe episode wraps up by reinforcing the focus on the human element. Marco highlights the need to utilize existing resources effectively rather than being distracted by the latest technological gadgets. Madeline's call to talk more about humans in every cybersecurity breach serves as a profound takeaway.As the conversation echoes through the media room at Infosecurity Europe 2024, it's clear that the journey forward in cybersecurity involves a blend of technology, human touch, and innovative thinking.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://w

Jun 10, 202431 min

Ep 2042The Boundless Frontier of Space and How What Happens Up There Affect Us Down Here: Exploring the Societal Impacts of Space | A Conversation With Tim Fowler and Sean Martin | Redefining Society with Marco Ciappelli

Guests: ✨ Tim Fowler, Offensive Security Analyst, Black Hills Information Security [@BHinfoSecurity]On LinkedIn | https://www.linkedin.com/in/roobixx/On Twitter | https://twitter.com/roobixxSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martin____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBlackCloak 👉 https://itspm.ag/itspbcwebBugcrowd 👉 https://itspm.ag/itspbgcweb_____________________________Episode IntroductionWelcome to another thought-provoking episode of Redefining Society. Today, our host Marco Ciappelli takes us on an expansive journey beyond the confines of Earth. Along with Sean Martin and special guest Tim Fowler, we explore the wide-ranging societal impacts of space exploration.The Fascination with SpaceMarco Ciappelli kicks off the episode by highlighting humanity’s perpetual fascination with exploring the unknown. Drawing on cultural references from Italy, he sets the stage for a discussion that ventures far beyond our planet’s atmosphere. Co-host Sean Martin joins the conversation with evident enthusiasm for the journey, setting a tone of curiosity and adventure.Introduction to Tim FowlerTim Fowler, an expert in offensive security from Black Hills Information Security, brings a unique perspective to the table. Having transitioned his focus from traditional cyber security to the cutting-edge domain of space systems, Fowler offers deep insights into why space exploration matters, not just from a technological standpoint but also culturally and societally.Everyday Technology Rooted in SpaceMarco cites several everyday items that owe their existence to space technology, from memory foam mattresses to GPS navigation systems. Tim elaborates on how technologies developed for space missions have trickled down to enhance various aspects of our daily lives—a clear testament to the far-reaching benefits of space exploration. For example, modern agriculture heavily relies on data from space for soil analysis, weather forecasting, and even autonomous machinery.The Economics and Politics of Space ExplorationFowler explains that space exploration is moving faster than ever, primarily due to private companies like SpaceX and Blue Origin. These organizations have democratized access to space, thus enabling rapid advancements that were once thought impossible. However, he also emphasizes the complexities involved in sending humans to space, noting the high stakes and intense caution required.The Moon and BeyondMarco and Tim discuss the intricacies of missions to the moon and Mars. Tim highlights the importance of off-world resource utilization as a pivotal step for sustained space habitation. Drawing inspiration from Daniel Suarez’s books "Delta V" and "Critical Mass," he discusses the potential of lunar and asteroid mining to provide the necessary materials for building space infrastructure.Challenges and ConcernsAs the conversation evolves, Sean raises valid concerns about the implications of space technology becoming monopolized by a few powerful entities. Tim acknowledges this, explaining that while technological advancements are exhilarating, they also bring about significant societal and ethical considerations.Regulatory and Social ConsiderationsMarco and Tim touch on future regulatory landscapes and the societal shifts that will be needed as human activities extend further into space. The concept of needing a new social contract for space emerges, encompassing laws, ethical guidelines, and collaborative international efforts.As the episode draws to a close, Tim shares his excitement about the rapid advancements and burgeoning opportunities in space exploration. Both Marco and Tim agree that while we are on the brink of a new era, societal readiness and regulatory frameworks will play crucial roles in shaping this next chapter of human history.Final ThoughtsFascinating, insightful, and expansive—today's episode is a compelling reminder of how interconnected our lives are with the broader universe. Whether you're captivated by technology, intrigued by societal evolution, or simply a space enthusiast, this discussion offers a panoramic view of our present and future frontiers._____________________________Resources____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adsw

Jun 9, 202446 min

Ep 2041Building Resilience in Healthcare Cybersecurity Following the Recent NHS Third-Party Ransomware Incident | Expert Insights from InfoSecurity Europe 2024 | On Location Coverage with Sean Martin and Marco Ciappelli

Guests:Brian Honan, Founder, BH ConsultingOn LinkedIn: https://www.linkedin.com/in/brianhonan/On X: https://x.com/BrianHonanSuk Paul, Director - EMEA Services GTM, Kudelski SecurityOn LinkedIn: https://www.linkedin.com/in/suk-paul-mba-99757412/Heather Lowrie, Chief Information Security Officer (CISO), The University of ManchesterOn LinkedIn: https://www.linkedin.com/in/heather-lowrie/On X: https://x.com/HeatherELowrieTim Grieveson, Senior Vice President - Global Cyber Risk Advisor, BitsightOn LinkedIn: https://www.linkedin.com/in/timgrieveson/On X: https://x.com/timgrievesonDaniel Lattimer, Area Vice President - EMEA West, SemperisOn LinkedIn: https://www.linkedin.com/in/daniel-lattimer-37533016/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesWATCH THE VIDEO: https://youtu.be/3VQ5VsD-DKQIn recent news, the NHS has been severely impacted by a ransomware cyber attack. This once again highlights the vulnerability of critical infrastructure to cyber threats. In this episode of ITSPmagazine, Marco Ciappelli and Sean Martin dive into this alarming incident while at the InfoSecurity Europe event in London, engaging with a panel of esteemed professionals in the field of information security.One of the significant themes that emerged from the conversation is that cybercrime is no longer the domain of rogue teenage hackers working from their basements. As Brian Honan emphasized, cybercriminals today are often part of organized crime syndicates involved in drug trafficking, arms dealing, and human trafficking. They are driven by financial gain and are willing to go to great lengths to achieve their goals.This particular incident affected NHS pathology services, causing surgeries and blood transfusions to be canceled or postponed, directly impacting patient care. Suk Paul pointed out that this kind of attack is not isolated. Since the conflict in 2022, the UK has witnessed a rise in cyber-attacks on public infrastructure, including hospitals and universities. He stated that the human intelligence element is crucial in identifying the techniques and methods used in such attacks.The conversation also shed light on the complexity of managing third-party supply chain risk. Heather Lowrie suggested considering cybersecurity as a business enabler and not just a technical issue. She stressed the need for robust communication and collaboration between internal teams, external partners, and even at the board level to create a resilient cybersecurity posture.To this end, Tim Grieveson echoed the importance of having a security leader with excellent communication skills who can align security strategies with business outcomes. This alignment is particularly essential in critical sectors like healthcare, where the focus is on maintaining patient-centric care.Furthermore, Daniel Lattimer highlighted the challenges faced by the NHS in funding cybersecurity measures. He mentioned that while the NHS has made strides in improving its cybersecurity capabilities, there is still a dilemma of prioritizing between lifesaving patient care and investing in cybersecurity. More specific guidance and a legislative approach similar to US standards could help in achieving minimum security standards.Brian Honan described the importance of legislative measures like the EU's Digital Operations Resilience Act (DORA) and the Network and Information Security Directive (NIS2), which focus on resilience in critical infrastructure. The key is not just to prevent cyber-attacks but to ensure continuity of services during and after an attack.During the discussion, a repeated point was the inevitability of cyber incidents and the need for preparation and response. Tim Grieveson stressed the necessity of identifying critical assets and vulnerabilities, communicating risks to the board, and developing a clear response plan. He pointed out that it is not just about the technical aspects but also about storytelling and helping the organization understand the real-world implications of cyber risks.The significance of cross-sector collaboration was also highlighted. Heather Lowrie noted that cyber threats are a societal challenge, not limited to individual organizations or sectors. Therefore, collective preparation and response are crucial for building resilience against cyber threats. She called for more exercises within and across sectors to prepare teams for real-world events.Lastly, the episode discussed the ethical dilemma of paying ransoms. Brian Honan strongly advocated against paying the ransom, citing the lack of guarantee that systems would be restored securely and

Jun 7, 202418 min

Ep 2040Directly From The CORO Security Modular Booth: Expansion Into The European Market | A Brand Story Conversation From InfoSecurity Europe 2024 | A CORO Story with Dror Liwer | On Location Coverage with Sean Martin and Marco Ciappelli

Here we are, once again from the bustling show floor at Infosecurity Europe 2024 in London, situated at the Excel Centre. Sean Martin of ITSP Magazine is your host, and he's joined by Dror Liwer, co-founder of CORO Security. Both are excited to dive deep into how CORO is expanding its focus into the European market.Day Three: Nonstop Conversations and PresentationsFrom the get-go, Dror shares his enthusiasm about being part of this prestigious event for the first time. With a primary presence in the U.S., CORO is now aggressively moving into EMEA, starting right here in London. This move is in response to increasing demand from small to medium-sized enterprises (SMEs) in Europe who need robust cybersecurity solutions.Addressing the Security Needs of SMEsSean recalls the comprehensive capabilities of CORO discussed in previous episodes. CORO provides multiple layers of security tailored to an organization’s specific needs, such as regulatory requirements, budget, and staffing capabilities. Sean encourages everyone to revisit those insightful seven-minute chats from RSA Conference to get an in-depth view.Dror emphasizes that CORO is unique in targeting the mid-market from the ground up, unlike other companies that retrofit enterprise solutions to fit smaller businesses. With a focus on simplicity and powerful protection, CORO ensures that its solutions are manageable even for lean IT teams.Navigating the Complexities of EuropeOne of the significant discussions revolves around the differences between the U.S. and European markets. While Sean and Dror acknowledge the similar types of cyber threats faced globally, operational nuances like data residency and privacy regulations differ widely across Europe. CORO has established a data center in Germany to comply with local data residency requirements, ensuring that email and file inspections stay within the EU boundaries.Real-World Applications and ChallengesSean drives the conversation into the specific challenges CORO has faced and the different attack scenarios in Europe compared to the U.S. Dror mentions that while SME awareness of being targets has been prevalent in the U.S. for a while, European SMEs are just beginning to realize the same. As a result, CORO is educating this market about the imminent threats and how to efficiently protect against them without becoming overwhelmed.The Importance of AffordabilityDror and Sean discuss the financial challenges faced by SMEs, such as difficult decisions on whether to invest in cybersecurity or other critical needs like educational resources. Dror emphasizes that CORO has priced its suite of security solutions to remove this barrier, making comprehensive coverage affordable for even the smallest enterprises.Team and Technology: The Backbone of COROThe conversation takes a moment to appreciate CORO’s dedicated team. Sean praises the high energy and mutual support visible at CORO’s booth. Dror points out that customer reviews often highlight how easy it is to work with CORO—a testimony to the company’s dedication to protecting overlooked small and mid-sized businesses.The Future of SME CybersecurityCORO aims to remove the guesswork ("threat roulette”) for SMEs by providing an all-encompassing platform that is accessible and easy to manage. This approach ensures that small businesses can protect themselves comprehensively without the need to prioritize between different threat vectors due to budget constraints.CORO’s MissionAs the conversation winds down, Dror reiterates CORO's mission to protect SMEs globally and make cybersecurity as effortless as possible. Sean encourages attendees of Infosecurity Europe to visit CORO's dynamic and innovative booth, and for those who cannot make it, to check out CORO online. For more information, visit CORO's website at Coro.netThanks to everyone for joining us. Expect more exciting updates from CORO, possibly next time from Las Vegas!Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 7, 202420 min

Ep 2039Meet Phoenix Security | A Brand Story Conversation From Infosecurity Europe 2024 | A Phoenix Security Story with Francesco Cipollone | On Location Coverage with Sean Martin and Marco Ciappelli

In the dynamic and ever-changing world of cybersecurity, it is crucial to remain at the forefront of addressing vulnerabilities, implementing innovative solutions, and getting to know companies that are making a differences in this industry. At Infosecurity Europe 2024 in London, Sean Martin sits down with Francesco Cipollone, co-founder of Phoenix Security, to discuss the company’s journey, achievements, and unique value propositions, highlighting their significant impact within the cybersecurity community.Setting the StageThe bustling environment of Infosecurity Europe 2024 serves as the backdrop for an engaging conversation about the latest cybersecurity trends. Martin and Cipollone delve into Phoenix Security’s origins as an internal project at HSBC, aimed at addressing engineer burnout by improving communication and prioritization in vulnerability management.Phoenix Security’s Journey and VisionCipollone explains how Phoenix Security was created to help engineers avoid burnout, originally focusing on solving communication and prioritization challenges in vulnerability management. This initiative quickly evolved into a comprehensive solution that bridges the gap between security and engineering teams by providing actionable risk assessments and automating decision-making processes.Innovative Solutions for Modern Cybersecurity ChallengesPhoenix Security stands out by offering powerful tools that streamline vulnerability management across enterprise systems. Their platform allows for better scheduling of workloads and prioritization of tasks, significantly reducing the time it takes to address vulnerabilities from hours to just minutes. This efficiency not only prevents engineer burnout but also ensures that security measures are implemented effectively.Success Stories and Client FeedbackCipollone shares success stories from clients like ClearBank, who have benefited from real-time, up-to-date asset inventory and operational insights. By using Phoenix Security, these organizations can engage in informed risk-based decision-making, enabling security teams to focus on high-impact vulnerabilities and maximize risk reduction.Expanding Reach Through Strategic PartnershipsHighlighting the importance of collaboration, Cipollone mentions Phoenix Security’s recent partnership with Booncheck. This partnership integrates advanced threat intelligence into the Phoenix platform, offering clients access to a wealth of vulnerability data and enabling more effective risk management strategies.ConclusionThe conversation concludes with insights into future security trends and Phoenix Security’s commitment to innovation and community-driven solutions. Cipollone emphasizes that Phoenix Security aims to simplify decision-making processes, giving engineers and security professionals more time to focus on what truly matters.We encourage all ITSPmagazine viewers and listeners to connect with the Phoenix team, download their new book, and stay tuned for more updates from Infosecurity Europe 2024.Learn more about Phoenix Security: https://itspm.ag/phoenix-security-sx8vNote: This story contains promotional content. Learn more.Guest: Francesco Cipollone, CEO & Founder at Phoenix Security [@sec_phoenix]On LinkedIn | https://www.linkedin.com/in/fracipo/On Twitter | https://twitter.com/FrankSEC42ResourcesLearn more and catch more stories from Phoenix Security: https://www.itspmagazine.com/directory/phoenix-securityView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 6, 202420 min

Ep 2038Randomly Rambling About Random Things, Including the Randomness of Randomware (Ransomware) | An Infosecurity Europe 2024 Conversation | On Location Coverage with Sean Martin and Marco Ciappelli

In this recap episode, Sean Martin and Marco Ciappelli think back on their experience thus far during their time at InfoSecurity in London. The conversation touches on several key areas including physical versus digital security, the allocation of budgets for cybersecurity measures, and broader societal implications of technology. Let's break down the significant points discussed by these industry professionals.Sean Martin, starting the discussion, emphasizes the innovative ways the city of London integrates physical security with digital tools. He observes hidden security features, such as street lamps converted into cameras, showcasing a blend of centuries-old infrastructure with modern technology. This seamless integration represents a significant investment aimed at enhancing urban security while maintaining the city's historical aesthetic.The discussion soon transitions into the critical topic of cybersecurity budgeting. Marco Ciappelli points out the complexities organizations face when deciding where and how much to invest in cybersecurity. John Davies’ keynote panel discussion he had with Sean and Marco on ransomware raised many ethical questions. Should one pay a ransom when lives are at stake? This sparks a nuanced debate among the participants.Sean Martin recaps some sobering conversations about the NHS breach, which highlights the real-world consequences of insufficient cybersecurity investments. He ponders whether current spending is enough and asks how organizations can effectively allocate resources to mitigate risks. Another significant part of the conversation revolves around the societal impact of technology. Brian Honan's insights underscore the dual nature of technology as a tool that can be used for both good and bad purposes. This dichotomy is a recurrent theme that questions the ethical implications of technological advances in our society.While cybersecurity aims to protect, there are those who exploit it for nefarious purposes. Throughout the episode, both hosts reflect on the global perspectives of these issues. They note a cultural contrast in how different countries perceive and react to cybersecurity threats.The conversation also highlights the growing importance of cybersecurity awareness and collaboration on an international scale to effectively address these global challenges.Concluding their dialogue, Martin and Ciappelli muse on the future of the industry. The dialogue serves not just as a recap of the information shared at the conference, but as a call to action for organizations to reassess their cybersecurity strategies. As Sean Martin aptly puts it, the industry must continually evolve to ensure that the investments in cybersecurity bring about the intended protective outcomes, thus safeguarding both data and lives in this interconnected world.WATCH THE VIDEO: https://youtu.be/ccKG5KUdEII____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Be sure to follow our Coverage Journey and subscribe to our podcasts!Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTcLEF2H9r2svIRrI1P4QkrBe sure to share and subscribe!____________________________ResourcesLearn more about InfoSecurity Europe 2024: https://itspm.ag/iseu24reg____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Jun 5, 202413 min