The ITSPmagazine Podcast podcast artwork

PODCAST · technology

The ITSPmagazine Podcast

Founded in 2015, ITSPmagazine began as a vision for a publication positioned at the critical intersection of technology, cybersecurity, and society. What started as a written publication has evolved into a comprehensive repository for all their content—podcasts, articles, event coverage, interviews, videos, panels, and everything they create.This is where Sean Martin and Marco Ciappelli talk about cybersecurity, technology, society, music, storytelling, branding, conference coverage, and whatever else catches their attention. Over a decade of conversations exploring how these worlds collide, influence each other, and shape the human experience.This is where you'll find it all.

  1. 1000

    A Forrester Analyst on the Security Roles Coming Next — and What AI Makes Obsolete in Cybersecurity | A Conversation with Madelein van der Hout | On Location With Sean Martin And Marco Ciappelli — Infosecurity Europe 2026

    ON LOCATION | Sean Martin & Marco Ciappelli — Infosecurity Europe 2026 Two conferences, two moods: at RSA the drumbeat was resilience; at InfoSec, it's sovereignty. Sean and I close the week with Forrester analyst Madelein van der Hout — beaming in from the Netherlands — on why Europe makes a framework out of everything, what AI deployment is doing to the boardroom, and the security jobs that don't exist yet. 📺 Watch | 🎤 Listen | ITSPmagazine.com There's a building across the Thames from the InfoSecurity press room — Millennium Mills, a derelict flour mill that looks precisely as haunted as it sounds. I kept glancing at it while Sean and I talked with Madelein van der Hout, who this year was a kind of friendly ghost herself: fully in the conversation, quick as ever, and across the North Sea in the Netherlands. She couldn't make it to London this year. FOMO, she told us, is real. Which turned out to be the point. Madelein is a senior analyst at Forrester — she reads this industry for a living — so the first thing we did was compare notes on what the week actually felt like. Sean kept hearing one word on the show floor: sovereignty. A few weeks earlier at RSA in San Francisco, the drumbeat had been resilience. Same industry, two continents, two moods. Madelein said it better than I could: RSA is where her blood pumps with enthusiasm for everything technology can do, good and bad, and InfoSec is where she comes to get grounded in reality. Flashy versus pragmatic. The far edge of the possible versus the guardrails. Europe, she said with affection, will make a framework out of anything — the cloud sovereignty package announced that week being the newest one. And under all the frameworks sits the thing no European conference can avoid: hybrid warfare, close enough to feel. AI is moving from experimentation to deployment inside real organizations, and the moment it does, it stops being a demo and becomes a liability that lands on a boardroom. That, Madelein argued, is what you're feeling here — the weight of being responsible for something you've only just let inside the walls. Her research points somewhere specific: security is drifting toward becoming a "trust and assurance" function, and with it come jobs that don't exist yet. Trust engineers. Agentic workflow assurance engineers. People whose whole task is to confirm that an AI agent did what the business actually intended, not just what it was told. Sean's read was sharp: almost nothing on the expo floor addresses any of that. They're architecting for now, Madelein agreed, not for what's coming. Which is the oldest story in technology — we shout about the future and keep building for the present. Near the end we argued about metaphors, which is the kind of thing I live for. I reached for Frankenstein: all these tools and agents and smart-city systems stitched together into something we then have to teach to move as one. Madelein offered a better image. Don't build a Frankenstein, she said — become a jellyfish. There's a species that works as a neural network, and when two of them are injured and collide, they don't compete. They merge and swim on as a single organism. More than synergy, Sean said. Exactly. We spend enormous energy bolting parts together and calling it integration. Madelein is describing fusion instead of assembly — one organism, not a monster made of seams. She's already made her peace with what all this means for her own work. This job will be automated, she said, maybe most of it, and she cannot wait to help reinvent what an analyst even is. That was the healthiest thing I heard all week. Not "will AI take my job," but "what is this job becoming." So I'm watching a ghost mill through the rain while a colleague beams in from another country, and the question under all the frameworks and the shiny new job titles is quieter than any of them. When everything can be orchestrated, what still has to be human? Let's keep thinking. The full conversation is part of our On Location coverage of Infosecurity Europe 2026 at ITSPmagazine.com. For more of my writing, subscribe to the newsletter at marcociappelli.com. — Marco (with my co-host, Sean Martin) Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 More from our Infosecurity Europe 2026 coverage:Infosecurity Europe 2026 event coverageTechnology and cybersecurity conference coverage About the Hosts Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, and host of An Analog Brain In A Digital Age. Born in Florence and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity. 🌎 marcociappelli.com Sean Martin is Co-Founder of ITSPmagazine and host of the Redefining CyberSecurity Podcast, where he examines how to think about and operationalize security in the context of business. Together, Marco and Sean produce On Location event coverage from cybersecurity conferences around the world. 🌎 seanmartin.com About the Guest Madelein van der Hout is a Senior Analyst on the Security & Risk team at Forrester, based in the Netherlands. She leads Forrester's research on security organizational structure and operating models, and covers European security strategy, resilience regulation (including DORA and the Cyber Resilience Act), digital sovereignty, and API security. She advises security leaders on building and maturing their programs, and is frequently asked to comment on technology by outlets including the BBC, the Financial Times, and CIO Magazine. Before Forrester she worked at the Dutch telecommunications company KPN across innovation, transformation, cybersecurity, and identity. LinkedIn | Forrester biocxx Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  2. 999

    The Identity Gap Behind Nearly Every Breach | A Brand Spotlight Conversation with Kevin Surace, CEO of TokenCore

    For most of the internet's life, proving identity has meant proving something you know or something you hold: a password, a code, a text message. Kevin Surace, CEO of TokenCore, argues that era is closing fast. As one of the people who helped invent the AI assistant at General Magic, he has a clear view of why the same technology now makes faces and voices simple to fake. Why isn't MFA enough? Because it protects a weak foundation. A decade-old paper mapped fifteen ways to defeat SMS codes, auth apps, and push approvals. Few attackers bothered with them until platforms like Salesforce and Microsoft made those methods mandatory. Now the attack has moved to where the door is. Surace walks through one of the common methods: an AI-written phishing email from a service you already trust, a PDF, and a pixel-perfect login page generated in moments. The credentials you enter relay to an attacker who is logging into the real site in real time. The push prompt asks if it is you, you approve, and the intruder is inside within minutes. The numbers back it up. Palo Alto Networks Unit 42 found that roughly ninety percent of successful intrusions over the past year involved hacked identity, almost all of them MFA or auth apps. The people compromised had privileged access, which means they had MFA in place. So what actually works? Surace makes the case for biometric-assured identity, a category Gartner projects growing into a twelve billion dollar market. TokenCore ties access to a fingerprint stored only on your device, the exact domain your account lives on, and physical proximity over a short-range wireless link. Look-alike domains never register, remote relays never get close enough, and the company never holds your biometric. The hardware comes as a ring, a portable, or a node about the size of an AirTag, and it is FIDO2 compatible, so it works with existing single sign-on. Most customers go passwordless once it is running. The reaction Surace hears most often from security leaders is that they can finally sleep at night. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Kevin Surace, Chief Executive Officer, TokenCore LinkedIn: https://www.linkedin.com/in/ksurace/ RESOURCES Learn more about TokenCore: https://www.tokencore.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Surace, TokenCore, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, biometric assured identity, identity security, multi-factor authentication, MFA bypass, phishing resistant authentication, FIDO2, credential theft, passwordless, deepfake, AI security, account takeover, Unit 42, Gartner Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  3. 998

    When You Can't Trust the Face on the Call | A Brand Highlight Conversation with Kevin Surace, CEO of TokenCore

    In this Brand Highlight, Kevin Surace, CEO of TokenCore, catches up on a market that has accelerated faster than even his team expected. Biometric-assured identity has gone from the fringes to the core, and the clearest example is the video call: on Zoom or Teams, there is often no reliable way to know whether the person on screen is real, human, or an AI avatar. Surace points to cases where employees wired money because a synthetic version of their boss appeared to ask for it. That risk is pushing the work outward. Beyond using TokenCore internally, the larger banks are asking how to extend biometric assurance to the customers who move wires, because a phone call no longer confirms who is actually on the line. The goal is to know that it is the right person, on the right domain, within a few feet of the device, and not someone operating from another country. For security leaders, Surace offers direct advice: start moving off MFA and authenticator apps now, since those methods are being compromised constantly. He acknowledges the change is hard, often for cultural reasons more than technical ones, and suggests starting with admins and the people who touch real data before expanding over roughly a year. The upside, he notes, is that employees tend to welcome it, going passwordless or even ID-less and logging into tools like Salesforce in under two seconds. This is a Brand Highlight. A Brand Highlight is a ~5 minute conversation that captures a focused idea, update, or perspective from the guest. Learn more: https://www.studioc60.com/creation#highlight GUEST Kevin Surace, Chief Executive Officer, TokenCore LinkedIn: https://www.linkedin.com/in/ksurace/ RESOURCES Learn more about TokenCore: https://www.tokencore.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Surace, TokenCore, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, biometric assured identity, identity security, deepfake, AI avatar, video call security, MFA, passwordless, FIDO2, CISO, account takeover, wire fraud, Zoom security, identity assurance Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  4. 997

    Who Gets to Tell Your Story? Maggie Alphonsi on Strength, Resilience & Owning the Narrative | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026

    A rugby World Cup winner walks into a room full of people who defend networks for a living. Maggie Alphonsi joins me to talk about breaking barriers, leading with your strengths, and what changed the day athletes stopped waiting for the back page and started telling their own stories. 📺 Watch | 🎤 Listen | marcociappelli.com Maggie Alphonsi has spent her life refusing to let other people decide who she is. She grew up on a north London council estate, born with a club foot, handed a stack of stereotypes she wanted no part of and surrounded, in her words, by people whose ambition pointed down instead of up. Then a PE teacher pointed her toward a rugby pitch, and she found the place where her strength was the whole point — where what her body could do mattered far more than how anyone thought it should look. That teacher didn't just change her life, she told me. She saved it, because the other road was right there and easy to take. I sat with Maggie at Infosecurity Europe 2026 — a Rugby World Cup winner speaking to a hall full of people who defend networks for a living. It sounds like a strange pairing until you hear her, and then it isn't strange at all. She wasn't there to explain rugby. She was there to talk about who gets to decide what your strengths are worth, which is a question the people in that room, many of them women in a field still run mostly by men, live with every day. My obsession, the thing this whole show keeps circling, is who holds the pen. For years women's sport got something like a tenth of one percent of media coverage — two sentences at the bottom of the back page, if that. Someone else decided whether you existed. Then the phone in everyone's pocket changed whose hand was on the pen. Maggie watched athletes start telling their own stories and building their own audiences with nobody's permission. She pointed to Ilona Maher, a rugby player now more famous around the world than almost any man in the game, famous because she controls her own narrative one post at a time. I love this, and I don't fully trust it, and neither does Maggie. The same platform that let her broadcast her strength also filled her feed with sexist garbage about a woman daring to commentate on men's rugby. She showed the crowd some of the worst of it, the misspelled cruelty, and then explained how she turns it into fuel. The tool is neutral. The hand on it is not. We talk about technology as the thing that amplifies a voice, and it does. But the voice itself — the strength, the scars, the single mother who worked herself to the bone, the years of being told to play it down — none of that is digital. It is as analog as a muddy pitch. Maggie has two books out now, an autobiography and one for kids who haven't found their sport yet, and both exist for the same reason she stood on that stage: so a young person reads a story and thinks, that could be me. We are all made of stories. I say it constantly, and this week a rugby player who learned it the hard way said it back to me. The technology decides how far a story travels. It still can't decide whether the story is worth telling. That part is ours. So before you hand your story to an algorithm to carry, it's worth asking who wrote it — and whether you'd recognize yourself in the version that comes back. Let's keep thinking. Maggie's books are linked below. And if you want more conversations like this one, subscribe to the newsletter at marcociappelli.com. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 More from our Infosecurity Europe 2026 coverage:Infosecurity Europe 2026 event coverageTechnology and cybersecurity conference coverage About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Maggie Alphonsi MBE is one of the most influential figures in the history of women's rugby. A flanker for Saracens and England, she won 74 caps, helped England to seven consecutive Six Nations titles, and lifted the Women's Rugby World Cup in 2014. Born in London in 1983 and raised by her single mother of Nigerian heritage, she was born with club foot and overcame it to reach the top of a sport that wasn't built with her in mind. Nicknamed "Maggie the Machine," she was appointed MBE in 2012, named Sunday Times Sportswoman of the Year, became the first woman to win the Rugby Union Writers' Club Pat Marshall Award, and was inducted into the World Rugby Hall of Fame in 2016. Since retiring, she has broken ground off the pitch — in 2015 becoming the first former female player to commentate on men's international rugby, and serving on the Rugby Football Union Council, where she drives the organization's diversity and inclusion work. She is a broadcaster across ITV, BBC and Sky, a sought-after speaker, and the author of two books: her autobiography Winning the Fight and Ultimate Rugby Superstars, written for young readers. LinkedIn | Website | Books: Winning the Fight and Ultimate Rugby Superstars Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  5. 996

    Technology Got Safer, But The Smartest Hackers Don't Hack. They Just Ask | An Interview with Lee Clark | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026

    PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026 The most dangerous attacks at Infosecurity Europe 2026 weren't the high-tech ones. Lee Clark of the Retail & Hospitality ISAC sits down with me to explain why the soft target is still a human being — a help desk, a new hire, a phone ringing at dinner — and what stays in our hands as the shopper quietly becomes an algorithm. 📺 Watch | 🎤 Listen | marcociappelli.com The phone rings while my parents are eating dinner, and before anyone reaches for it, I already know what I'll say. Probably a scammer. Let it ring. I have trained them the way you train a reflex, a small Pavlovian flinch every time the landline interrupts a meal. My grandmother's generation thought letting a phone ring was unforgivably rude. Mine has learned the rudeness is now on the other end of the line. I was thinking about that flinch when I sat down with Lee Clark at Infosecurity Europe 2026. Lee runs threat intelligence production for the Retail & Hospitality ISAC, the place where the companies holding your loyalty points, your hotel bookings, and your checkout data come together to compare notes on who is coming after them. His job, stripped down, is translation: he takes the hash-value, log-source world of the analysts and turns it into something a board can act on. And the thing he kept returning to was not some exotic piece of malware. The two threats his member companies report most often need almost no code at all. One is a phone call. A criminal rings the help desk, says he's an employee who needs his multi-factor authentication reset, gets it, and walks in through the front door. Scattered Spider, ShinyHunters, the loose crew they call the Com: names that sound like a heist movie and behave like one. The other is a fake résumé, North Korean operatives tracked as Famous Chollima, taking remote IT jobs at Western firms under invented identities. No hoodie, no broken encryption. People, lying to people, about who they are. You can stop a lot of fraud by adding multi-factor authentication at the checkout page, and by adding that one step, you measurably reduce sales. So the business sits forever between wanting you safe and wanting you to keep buying, and security tends to arrive last, patching armor onto a machine already built for speed. Lock a light switch inside a box, Lee said, and eventually the person who needs the light just takes a hammer to it. We have been handing each other hammers for years. Then we went where these conversations now always go. What happens when the shopper is no longer a person but an agent, an AI buying the paper towels so I don't have to? Agent negotiating with agent at the checkout, at machine speed, no human flinch anywhere in the loop. Maybe that is more secure. Or maybe it is a new doorway, where instead of fooling a tired employee you simply ask the agent, politely, to send the payment somewhere else. What I carry out of that room is this. For thirty years we have been promised that the next layer of technology will finally take security off our hands. Lee doesn't believe it, and after this week, neither do I. The human stays in the loop, as the target, yes, but also as the one still able to feel that something is wrong. My parents' flinch at the dinner table is not a flaw in some outdated analog brain. It is the brain doing precisely what no checkout page can do for them. We keep trying to automate away the part of us that hesitates. Lee spends his days proving that the hesitation is the defense. So the question I'm left with is not whether the machines will protect us. It's whether we hold on to the part of ourselves that still knows when to hang up. Let's keep thinking. The full conversation is on video, audio, and in the newsletter at marcociappelli.com. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 More from our Infosecurity Europe 2026 coverage:Infosecurity Europe 2026 event coverageTechnology and cybersecurity conference coverage About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Lee Clark is Cyber Threat Intelligence Production Manager at the Retail & Hospitality ISAC (RH-ISAC), the information sharing and analysis center for consumer-facing industries — retail, hospitality, airlines, quick- and full-service restaurants, loyalty programs, and their supply chains. As the editor-in-chief of the ISAC's intelligence team, he turns the granular, highly technical work of analysts into strategic intelligence that business leaders can act on, and he writes much of the center's published threat research himself. Before joining RH-ISAC, Lee worked as an intelligence consultant, including cyber threat intelligence work at Booz Allen Hamilton and engagements supporting international banks and the U.S. Air Force. He holds a Master's in security and diplomacy from the Patterson School at the University of Kentucky, and — fittingly for a guest on this show — writes about music on the side. He is based in Lexington, Kentucky. LinkedIn | RH-ISAC Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  6. 995

    Call It What It Is: When Ransomware Becomes Terrorism | An Interview with Cynthia Kaiser | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    A ransomware crew can run through your whole company between dinner and dessert. Sean Martin sat down with Cynthia Kaiser — twenty years at the FBI, now leading the Halcyon Ransomware Research Center — on the speed of the threat, the human cost the industry keeps abstracting away, and why a slice of ransomware deserves a harder name than “crime.” 📺 Watch | 🎙️ Listen | seanmartin.com Put your phone face-down at dinner on a Wednesday. Pick it up an hour later. In that time, an entire ransomware attack can have run through your company, start to finish. Wednesday is the favorite, Cynthia Kaiser told Sean Martin at InfoSecurity Europe, because the crews want you to walk in Thursday morning and find it. The fastest groups now go from break-in to full encryption in about four hours, sometimes under one. Humans do not move at that speed. The machines attacking us do. Kaiser knows the tempo. She spent twenty years at the FBI, finishing as Deputy Assistant Director of its Cyber Division, and now runs the Ransomware Research Center at Halcyon. She has watched this threat from the side of the government that hunts it and the industry that sells against it, and the thing she most wants to pass along has nothing to do with technique. We should all be angrier about cybercrime than we are. Her reason is the part the industry keeps abstracting away. We picture cybercrime as something that happens on a keyboard, to a network, to a number. Kaiser saw the other end of it: more than seventy-five thousand sextortion cases reported in the US in a single year, over twenty billion dollars in losses, and in one case thirty-eight victims referred to support services over the risk of suicide. The damage does not stay on the screen. It walks into homes. When a ransomware crew steals a hospital’s files and then phones the patients directly, or calls a CEO to say they will burn his house down, Kaiser stops calling it crime. Those are predators, she says, people who know they are endangering lives and have decided it is someone else’s problem. There is an older word for that, and the word is terrorism. Most ransomware is ordinary crime. A slice of it is not, and she argues we should name that slice honestly instead of filing it under a tidy technical category. Naming matters, because the other side is organized like a business, and lately like a software company. Kaiser’s team watched the market for criminal AI tools jump from thirty-eight forum posts in December to more than fourteen hundred two months later. Free tiers, paid upgrades for power users, the same tool mirrored across platforms for resilience. The technical people refine the product on the forums, then it graduates to the Telegram channels for buyers who could not build it themselves. Software-as-a-service, sold to extortionists. The product that should worry you most is an AI call center. No humans involved, a hundred and twenty simultaneous calls in different languages, complete with simulated keyboard clicks so it sounds like a real office. Voice cloning now needs about three seconds of audio, which is enough to become your CEO on the phone. Kaiser’s advice is blunt: no voice on a call, however convincing, should ever grant access on its own. Sean kept pulling the thread back to a point my own conversation with Geoff White had raised a day earlier, the line between locking data and stealing it to extort. The same crews do both, Kaiser said, and a few have moved somewhere worse, into the place with the phone calls and the threats. There are no borders in cyberspace, which is why her proudest moments were joint operations like the LockBit takedown, the FBI and the UK’s National Crime Agency working as one. So what do we carry forward, and what do we leave behind? We carry the anger Kaiser is asking for, and the discipline of calling harm by its real name. We leave behind the comfortable fiction that any of this happens only on a keyboard. Sean’s full conversation with Cynthia Kaiser is linked below, with the rest of our InfoSecurity Europe coverage. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps pressing one question: if we are selling security insincerely, buying it indiscriminately, and deploying it ineffectively, how do we make it usable, honest, and a real source of business value? He teaches at Pepperdine’s Graziadio Business School and broadcasts from New York City. 🌎 seanmartin.com | LinkedIn: linkedin.com/in/imsmartin About the Guest Cynthia Kaiser is Senior Vice President of the Halcyon Ransomware Research Center, which she joined in 2025 after two decades at the FBI. She finished her government career as Deputy Assistant Director of the FBI’s Cyber Division, leading its Cyber Policy, Intelligence, and Engagement Branch, and earlier served as a member of the Cyber Safety Review Board and as a daily intelligence briefer to senior White House officials across two administrations. Her work was instrumental in disrupting major ransomware operations including LockBit, 8base, and Qakbot. A frequent keynote speaker and media commentator quoted in the New York Times, Reuters, and Bloomberg, she focuses on threat research and intelligence sharing across government and industry to outpace ransomware. 🔗 LinkedIn: linkedin.com/in/cynthia-kaiser-cyber More from this event: Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  7. 994

    Cybersecurity Leadership Is a People Problem, Not a Technology Problem | A Redefining CyberSecurity Podcast Conversation with Tera Ladner, Deputy Global Chief Information Security Officer of Aflac

    ⬥EPISODE NOTES⬥ What does it take to lead a 200-person security organization without coming up through the technical ranks? Tera Ladner, Deputy Global Chief Information Security Officer at Aflac, answers that question by describing a path that runs through information management, e-discovery, and a law degree before it ever reaches the security org chart. The result is a leader who looks at a program through the lens of controls, evidence, and defensibility, and who treats security as a people problem before a technology one. Host Sean Martin and Tera Ladner dig into what that orientation changes in practice. Rather than opening a stakeholder conversation with controls or threats, Tera Ladner starts by listening: what are the business goals, and how does security enable them? Working inside an insurance company helps, because risk is already the shared language of every leader in the building. The job, as she frames it, is translation, turning a technical event into a business and resiliency impact that the people who own the decisions can actually act on. The conversation turns to hiring and team building, where Tera Ladner names curiosity as the first trait she screens for, the instinct to ask the second, third, and fourth question until the real problem surfaces. From there she argues for a broader "tool belt": storytelling, relationship building, influence without authority, and the ability to navigate ambiguity, a skill she sees tested daily as boards and technology leaders press for answers on frontier AI. Technical skills alone, she suggests, were enough years ago and are not enough now. Culture sits at the center of how she leads. "Your team lives in the house that you build," she tells her people leaders, and she describes the team norms, transparency, integrity, and care, that hold a security organization together in the hard moments. That same relationship-first instinct extends outward, to a seat at the executive table that has to be earned by giving stakeholders a seat at yours, and downward into the talent pipeline through Aflac's Cyber Inspire and Empower Girls programs, which grew from 200 girls in their first local year to 815 in the second. For security and risk leaders, the throughline is hard to miss: the future of the field depends less on finding more technologists and more on building leaders who can listen, translate, and bring people who never saw themselves in cyber to the table. ⬥GUEST⬥ Tera Ladner, Deputy Global Chief Information Security Officer at Aflac On LinkedIn: https://www.linkedin.com/in/teraladner/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Aflac: https://www.aflac.com/ Cyber Inspire and Empower Girls (Aflac community programs introducing students and seniors to cybersecurity): https://www.linkedin.com/company/cyberinspire The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes: https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ 🎙️ Redefining CyberSecurity Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast 📺 ITSPmagazine on YouTube: https://www.youtube.com/@itspmagazine 📰 The Future of Cybersecurity Newsletter: https://itspm.ag/future-of-cybersecurity 🌐 Connect with Sean Martin: https://www.seanmartin.com/ ⬥KEYWORDS⬥ tera ladner, aflac, sean martin, cybersecurity leadership, security culture, risk management, ciso leadership, women in cybersecurity, cybersecurity careers, non-traditional cybersecurity paths, building security teams, security as business enabler, cybersecurity talent pipeline, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  8. 993

    The Oldest Con, the Newest Tools | An Interview with Sarah Armstrong-Smith At Infosecurity Europe 2026 | An Analog Brain In A Digital Age With Marco Ciappelli

    There is a con called the Spanish Prisoner. A letter arrives from a stranger: a wealthy man sits in a foreign jail, and for a small advance to free him, he will reward you many times over. The trick is at least four hundred years old. It is also, give or take a few details, the email sitting in your spam folder this morning. I keep that in mind whenever someone tells me cybercrime is a technology problem. The tools change. The mark does not. We are still robbed through the same prehistoric wiring: a flash of fear, a moment of greed, a decision made in panic before the slow part of the brain wakes up. That is the thread I pulled on with Sarah Armstrong-Smith at InfoSecurity Europe. Sarah spent nearly thirty years in cyber and crisis leadership, was Chief Security Advisor at Microsoft, and now runs Secure Horizons. She has written two books on the human side of all this and sits on the UK Government Cyber Advisory Board. After all of it, she says the thing most people in her position will not say out loud: whatever we are doing is not working. More tools, more money, more people, more AI, and the problem keeps getting worse. Attack, wake-up call, attack, wake-up call. How many wake-up calls, she asks, does anyone need? I asked what keeps her up at night. She described an industrial accident on the scale of 9/11, triggered through a network: the first time a cyber incident kills people in numbers. We have been lucky so far. She doubts luck is a plan. The industry loves a big number, and the number is exactly where the human disappears. X million records stolen, Y terabytes gone. The day before, my friend Geoff White sat in this same chair and described a ransomware attack that shut down a hospital, which meant a woman missed the cancer appointment she had counted on. That is an Armageddon, and it has a name and a face. Sarah, as it happens, knows Geoff’s work well enough to carry a line from him on the back of her book. The human element keeps finding the same small circle of people willing to talk about it. So how do we move this from a line item to a fact of society? Her answer is collective resilience. There is no prize for being the last one standing, because we are all wired into the same supply chain, the same dependencies, the same brittle web. And the smallest businesses, the ones without a war chest to ride out the storm, are the ones we discuss the least. Then a statistic. Close to half of all crime in the UK is now fraud or cyber. Around one percent of policing is pointed at it. Read those two numbers again. We fund what we can see, and we want officers on the street because a visible patrol both deters the thief and reassures the neighbourhood. The crime that actually empties our accounts happens somewhere we have agreed not to look. Follow the money, Sarah says, and you rarely stop at one criminal’s pocket. It pays for the next thing: drugs, weapons, and more often than people imagine, the trafficking of human beings. Will AI save us? She did not flinch. Whatever you build to detect, the other side uses to evade. The asymmetry holds. Technology is part of the answer and never the whole of it, because the problem was never only technical. So what do we carry forward, and what do we leave behind? We carry the person behind the number: the one who misses the appointment, the small shop that never reopens. We leave behind the fantasy that a clever enough machine will spare us the harder work, which is teaching a whole society to recognize the Spanish Prisoner when it arrives, wearing this year’s technology. Sarah’s books are linked below, with a second edition on the way. Geoff’s conversation is part of this same coverage. And if you want more of these, the newsletter lives at marcociappelli.com. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. His on-the-ground event coverage is produced with ITSPmagazine co-founder Sean Martin under the On Location With Sean Martin And Marco Ciappelli banner. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Sarah Armstrong-Smith is one of the most recognized voices in cybersecurity and crisis leadership, with nearly three decades on the front line of major incidents, beginning with the Millennium Bug. She served as Chief Security Advisor for Microsoft EMEA from 2020 until 2025, and earlier led business resilience and crisis management at the London Stock Exchange Group, with senior roles at Fujitsu, EY, and AXA. She is now Executive Director of Secure Horizons. A Fellow of the British Computer Society and a member of the UK Government Cyber Advisory Board, she is the author of two Kogan Page books — Effective Crisis Management (2022) and the Amazon No. 1 bestseller Understand the Cyber Attacker Mindset (2024), with a second edition on the way. Her work centers on the human element of security: the psychology of attackers, the people behind the headlines, and what it takes to build collective resilience. 🔗  LinkedIn: linkedin.com/in/sarah-armstrong-smith Website: saraharmstrong-smith.com More from this event: Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  9. 992

    The Art of Standing Out When Everything Sounds the Same | A Music Evolves Conversation with Sam Young, DJ and Producer

    Show Notes What happens to creativity when every song, sound, and style is a thumb-tap away? Sam Young has spent more than two decades behind the decks in London, and his answer is blunt: originality is at an all-time low. As a DJ, producer, remixer, and founder of the record label WyldCard, he sits at the exact point where taste, technology, and commerce collide, and he sees a culture increasingly content to recycle what already works. Sean Martin and Sam Young dig into how algorithms quietly shape what listeners believe they like, and how that pressure reaches the dance floor. Sam Young draws a clear line between a club night, where a crowd shows up hungry for records it has never heard, and a private event, where the real skill is reading a host's taste from the handful of songs they send and still making the room move. The throughline is judgment, the human ear that no recommendation engine has learned to replace. The conversation turns to sampling, AI, and the difference between craft and shortcut. Sam Young runs A&R for WyldCard himself, listening to demos every week, and he can hear within seconds when a producer is chasing a trend instead of setting one. His distinction is sharp: taking something obscure and making it feel new is an art, while feeding a recognizable hook into a tool and printing one more cover version is not. He is candid about AI as a cheat code, and just as candid about a near future where producers simply talk to their software and ask for ten options. This is not a lament, though. Sam Young points to the rare artists who still cut through precisely because they refuse to sound like everyone else, and to a younger generation quietly rediscovering originality. The optimistic version of the story is the one Sean Martin keeps circling back to: technology at its best clears away the busywork so the mind stays in control of what gets made. The question this episode leaves open is whether the tools that make music easier to produce will widen the gap between the familiar and the genuinely new, or finally close it. Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Guest Sam Young, DJ, Producer, and Remixer | Founder of WyldCard Records (production aliases Vanilla Ace and Sammy Deuce) | Website: https://djsamyoung.com/ Resources DJ Sam Young | https://djsamyoung.com/ WyldCard Records on SoundCloud | https://soundcloud.com/vanillaace Music Evolves: Sonic Frontiers Newsletter | https://www.linkedin.com/newsletters/7290890771828719616/ Keywords sam young, vanilla ace, sammy deuce, wyldcard, sean martin, dj culture, music and ai, sampling, algorithms and music taste, originality in music, house music, record label a&r, nu-disco, music production, creativity, art, artist, musician, music evolves, music podcast, music and technology podcast More From Sean Martin on ITSPmagazine More from Music Evolves: https://www.seanmartin.com/music-evolves-podcast Music Evolves on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTRJ5du7hFDXjiugu-uNPtW On Location with Sean and Marco: https://www.itspmagazine.com/on-location ITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazine Be sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  10. 991

    A Crime Against Time | An Interview with Rik Ferguson | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Adversaries are stealing encrypted data today that they cannot read yet, and storing it until a quantum computer can. Sean Martin sat down with Forescout’s Rik Ferguson to talk about “harvest now, decrypt later,” why Q-Day is closer than the comfortable timelines suggest, and what the decisions you make this year have to do with secrets you thought were safe forever. 📺 Watch | 🎙️ Listen | ITSPmagazine.com Somewhere there is a building full of secrets nobody can read yet. That is not a metaphor. The NSA reportedly keeps a facility for storing encrypted data it cannot currently crack, on the assumption that one day it will. It is patient. It is betting on the future. And it is not the only one placing that bet. When Sean Martin sat down with Rik Ferguson at InfoSecurity Europe, the subject was post-quantum cryptography, which sounds like a problem for physicists and a decade away. Ferguson, VP of Security Intelligence at Forescout and a quarter-century veteran of watching threats arrive ahead of schedule, was there to take that comfort away. His keynote title put it politely: post-quantum is a way off, we can wait, can’t we. The honest version is that we can’t. The attack has a name: harvest now, decrypt later. Adversaries steal encrypted data today, knowing it is useless to them, and store it. They are not waiting because they gave up. They are waiting for the key. When a quantum computer can break the encryption we currently trust, every stockpiled file opens at once. NIST pencils that day in around 2035. Google has suggested 2029. IBM’s first fault-tolerant quantum machine is slated for 2029. Pick any date in that window, then look at the equipment your organization is buying this year and ask how long it will still be running. What Ferguson is really describing is a crime against time. Every breach we know how to investigate has a shape. It happened on a date, the intruder moved through the network, and we trace the damage backward from there. Harvest now, decrypt later erases the date. There is no alarm when the data leaves, because nothing visibly breaks. Your first notice that you were robbed a decade ago is the day the contents are used against you. Sean, who likes to pull these conversations back to the business, named the right precedent: Y2K. We remember it as a joke, the planes that never fell out of the sky. It was a non-event precisely because a great many people did an enormous amount of unglamorous work. Ferguson’s warning is that the opposite is happening now. Few people are doing the work, and that is how a non-event turns into an event. There is an unglamorous question underneath all of this: which of your secrets will still matter in ten years? Encrypting everything harder is not the answer, because not everything is worth defending against a decade-late attack. Session tokens decrypted in 2035 are worthless. Clinical trial data, merger plans, sovereign debt strategy, the legal conversations everyone assumed were private forever, those keep their value, and they are worth a stranger’s patience. Ferguson calls the discipline quantum agility: build the systems now so you can swap the locks later. Easy enough in software. Nearly impossible in a medical device still running Windows XP while a regulator finishes signing off the last version. So what do we carry forward, and what do we leave behind? We carry our secrets, whether we want to or not, into a future where the lock on them may not hold. What we have to leave behind is the comfortable belief that encrypted means safe, full stop, forever. Ferguson ends his keynote on an image of a stealth combine harvester, which the AI struggled to draw because nothing like it exists in the training data yet. That is the joke, and also the point. The thing coming for the data is quiet, built to gather, and we have barely pictured it. His next argument, a paper called Assume Autonomy, says it is time to stop assuming breach and start assuming the machines on both sides will run themselves. Sean has already booked the follow-up. Sean’s full conversation with Rik Ferguson is linked below, with the rest of our InfoSecurity Europe coverage. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps pressing one question: if we are selling security insincerely, buying it indiscriminately, and deploying it ineffectively, how do we make it usable, honest, and a real source of business value? He teaches at Pepperdine’s Graziadio Business School and broadcasts from New York City. 🌎 seanmartin.com | LinkedIn: linkedin.com/in/imsmartin About the Guest Rik Ferguson is the Vice President of Security Intelligence at Forescout, where he leads the company’s threat research and intelligence work. A cybersecurity veteran of more than twenty-five years, he spent fifteen years as Vice President of Security Research at Trend Micro before joining Forescout in 2022. He is a founding Special Advisor to Europol’s European Cybercrime Centre (EC3), a Fellow of the Royal Society of Arts, a co-founder of Respect in Security, and a member of the Infosecurity Europe Hall of Fame. A Certified Ethical Hacker, CISSP, and ISSAP, he is also a writer, broadcaster, and futurist known for translating the cutting edge of cybercrime for governments, businesses, and the public. 🔗 LinkedIn: linkedin.com/in/rikferguson More from this event: Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  11. 990

    What Burnout Costs the Cybersecurity People Who Keep Us Safe | An Interview with Bronwyn Boyle | An Analog Brain In A Digital Age With Marco Ciappelli | From Infosecurity Europe 2026

    PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Bronwyn Boyle can talk about software vulnerabilities for hours. Talking about her own — the burnout she didn’t recognize until someone named it — turned out to be harder, and more important. We sat down at InfoSecurity Europe to talk about the human cost of guarding the machine, and whether our analog brains were ever built for this. 📺 Watch | 🎙️ Listen | marcociappelli.com I never planned to spend time in cybersecurity. My partner Sean dragged me in, and I arrived with a sociologist’s suspicion and a communication person’s questions, looking for the humans behind the firewalls. For years the field answered me in acronyms and threat charts. Then, at InfoSecurity Europe, Bronwyn Boyle said something that cut straight through all of it. We can talk about vulnerabilities for hours, she told me. We just can’t talk about vulnerability when it hits us. That sentence is the whole story. Bronwyn is the CISO of PPRO, a payments company, and a board member of Cybermindz, a non-profit that exists to look after the mental health of the people who guard everyone else’s. She came to security the long way around, through a degree in classics and philosophy, which may be why she still hears the human note in a room full of machines. A few years ago she was running CISO roles and quietly coming apart, and she had no word for it. She met Peter Coroneos, who founded Cybermindz, heard him describe the symptoms of burnout, and recognized herself in the list. The expert on resilience could not see her own exhaustion from the inside of it. This profession breaks people, and it is not only the hours. Defenders have to be right every time. The attacker needs to be right once. You live with that asymmetry the way you would live beside a fault line, and Bronwyn, the classicist, reaches for the oldest word for it: the Achilles heel, the single unguarded spot that undoes everything around it. Add constant alerts, a culture that treats stress as the cost of entry, and a quiet hero complex that makes asking for help feel like failure, and you build a workforce that is brilliant at protecting systems and hopeless at protecting itself. For years we filed all of that under the job description. This is what you signed up for. Bronwyn’s point, and mine, is that we were wrong, and the bill is finally arriving. Cybermindz has the numbers: most incident responders have reached for mental health support because of the work, and most security chiefs are watching good people walk away over stress. Burnout stopped being a private misfortune and became a line on the risk register. Their answer is almost stubbornly human. At its core is iRest, a protocol the US military built to bring traumatized soldiers back from the edge, now adapted for people who spend their days braced for the next breach. It teaches the nervous system how to climb down from fight-or-flight. Bronwyn calls it getting off the hamster wheel. I would call it remembering you have a body. We keep plugging our slow, analog brains into an always-on machine, then treating the strain as a personal weakness. Ask a human nervous system to run at server speed and it breaks down on schedule. We call that a failing. It is closer to physics. We scenario-test our systems for recovery, and we almost never scenario-test ourselves. So what do we carry forward, and what do we leave behind? We carry the care, the thing that pulled most of these people into the work to begin with. We leave behind the lie that the care has to cost you yourself. As Bronwyn put it, you can’t pour from an empty jug. There is more to say about the framework, and I’ll get to it when I sit down with Peter Coroneos. For now, Bronwyn’s links and Cybermindz are below. If you want more of these conversations, the newsletter lives at marcociappelli.com. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. His on-the-ground event coverage is produced with ITSPmagazine co-founder Sean Martin under the On Location With Sean Martin And Marco Ciappelli banner. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Bronwyn Boyle is the Chief Information Security Officer of PPRO, a London-based payments platform that connects local payment methods to global e-commerce. She brings more than two decades across cybersecurity, fraud prevention, and regulatory compliance, with previous CISO and security leadership roles at Mambu, TSB Bank, and the UK’s Open Banking implementation entity, and earlier work at IBM, Barclays, and Lloyds. Unusually for the field, she arrived through a degree in classics and philosophy, and that humanist streak runs through her advocacy. She is a UK board member of Cybermindz, the non-profit founded by Peter Coroneos in 2022 to protect the mental health of cybersecurity practitioners using the military-developed iRest protocol, and a vocal champion for neurodiversity, women in cyber, and burnout prevention. 🔗 LinkedIn: linkedin.com/in/bronwynboyle | PPRO: ppro.com | Cybermindz: cybermindz.org More from this event: Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  12. 989

    When the Threat Moves Daily and the Law Moves in Years | An Interview with James Morris | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK’s threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word. 📺 Watch | 🎙️ Listen | https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage A threat that updates every morning. A legislative process that measures itself in years. Somewhere between those two clocks sits the whole problem of cyber policy, and most of the time we pretend the gap isn’t there. When Sean Martin sat down with James Morris at InfoSecurity Europe, that gap was the quiet subject under everything they discussed. This is Sean’s territory, the place where cybersecurity stops being a lab problem and becomes a business and a political one. Morris knows it as well as anyone. He spent fourteen years as a Member of the UK Parliament, fought five elections, served under five prime ministers, and chaired the cross-party group on cybersecurity before leaving to run the CSBR, an independent policy centre working at the seam between cyber and resilience. What struck me, listening back, is how little of their conversation was actually about technology. The UK has a Cyber Security and Resilience Bill moving through Parliament. It was introduced more than a year ago. It still won’t be operational for the better part of another year. Meanwhile the world it was written for has already moved: AI went mainstream, alliances shifted, and the head of GCHQ began saying out loud the kind of thing intelligence chiefs usually keep behind closed doors. You cannot legislate at that speed, so the government did the only thing a slow system can do when it fears the future. It gave itself the power to act later. More discretion, more designation, more reach from the top. Sensible, maybe. But Morris names the cost, and it is the part I keep turning over. A law written from the top down only works if the people at the bottom believe in it. Otherwise companies perform compliance instead of building resilience, gaming the enforcement regime rather than getting safer. The letter without the spirit. Then there is the word itself. Resilience used to mean power plants and railways, the critical national infrastructure everyone pictures. But when Marks & Spencer and Jaguar Land Rover were knocked sideways by breaches that wouldn’t even fall under the new bill, the definition cracked open. Resilience, Morris argues, is really about the underpinnings of an economy. And almost as an aside, he extends it to the resilience of the political system itself, a system that burns through leaders and demands answers by the next news cycle. That line belongs in a sociology seminar, not a cyber panel. Because the deepest vulnerability he describes is not a zero-day. It is an attention span. We have built institutions optimized for the short term and handed them a problem that only yields to patience. The threat is fast. The fix is slow. Our politics rewards fast. I grew up in a city that took more than a century to finish a single cathedral. Nobody who laid the first stone lived to stand under the dome. That kind of time has gone out of fashion, and cyber resilience is exactly the sort of thing that suffers for its absence. So what do we carry forward, and what do we leave behind? Morris offers the practical half of the answer to business owners: stop treating this as an IT task to delegate, move it into the boardroom, rehearse the breach before it happens, and plan for the day the press is on your lawn. The harder half is cultural. We have to relearn patience inside systems built to forget it. Sean’s full conversation with James Morris is linked below, along with the rest of our InfoSecurity Europe coverage. It is worth your time. Let’s keep thinking. — Marcohttps://www.marcociappelli.com Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps pressing one question: if we are selling security insincerely, buying it indiscriminately, and deploying it ineffectively, how do we make it usable, honest, and a real source of business value? He teaches at Pepperdine’s Graziadio Business School and broadcasts from New York City. 🌎 seanmartin.com | LinkedIn: linkedin.com/in/imsmartin About the Guest James Morris OBE is the Director of the CSBR, the Centre for Cybersecurity and Business Resilience, an independent UK policy centre launched at the Palace of Westminster in late 2024. He was the Member of Parliament for Halesowen and Rowley Regis from 2010 to 2024, serving in roles including Senior Whip and Minister in the Department of Health, and chaired the All-Party Parliamentary Group for Cyber Security and Business Resilience. Before politics he was a technology entrepreneur, a management consultant, and chief executive of the think tank Localis. At the CSBR he convenes academics, business leaders, and policymakers in expert roundtables to shape the UK’s response to the Cyber Security and Resilience Bill and the wider resilience challenge. 🔗 LinkedIn: linkedin.com/in/james-morris-obe | Website: thecsbr.com More from this event: Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  13. 988

    Connecting Secure Storage to the Bigger Security Picture | A Brand Highlight at Infosecurity Europe 2026 with Jeanclaude Toma, Chief Executive Officer of Apricorn

    At Infosecurity Europe 2026, Jeanclaude Toma, Chief Executive Officer of Apricorn, joins Sean Martin to reframe where secure storage fits in the security conversation. After roughly four decades building hardware-encrypted drives, Apricorn wants the market to treat storage as a security decision rather than a hardware afterthought. How does a storage device become a security control? Toma points to the device itself: no one reaches the data without the code. Access requires a PIN entered on the drive, and the encrypted vault stays closed to everyone else. The protection travels with the drive and does not depend on the host system. Apricorn builds to FIPS certification requirements, hardens against environmental stress down to the connector, and tests repeatedly so compliance arrives built in. Why does this matter at the macro scale? Toma joined Apricorn three months ago to expand the portfolio and connect storage to the broader security marketplace, from military, government, and aerospace settings to the enterprise. He also hints at new form factors still under wraps. Listen in to hear why Apricorn treats the business and operations behind the product as seriously as the product itself. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Jeanclaude Toma, Chief Executive Officer, Apricorn LinkedIn: https://www.linkedin.com/in/jeanclaude-toma/ RESOURCES Learn more about Apricorn: https://apricorn.com Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Jeanclaude Toma, Apricorn, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, hardware-encrypted storage, FIPS certified storage, secure data storage, encrypted USB drives, data protection, Infosecurity Europe 2026, secure peripherals, PIN authenticated storage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  14. 987

    Sixty Products, One Engine | A Brand Highlight at Infosecurity Europe 2026 with VimalRaj Sampathkumar, Head of Technical Operations, UK & Ireland of ManageEngine

    At Infosecurity Europe 2026 in London, VimalRaj Sampathkumar, Head of Technical Operations for the UK and Ireland at ManageEngine, opens with a sharp observation: the market does not lack tools, it lacks tools that work together. After 16 years with the company, he has watched IT and security teams collect software faster than they can connect it. ManageEngine, a division of Zoho Corporation, builds roughly 60 products across endpoint management, IT operations, service management, and identity and access management. The point is not the count. VimalRaj Sampathkumar explains how tight integration lets those products share data, run automations, and power workflows, so a process like joiner-mover-leaver can be shaped to how each organization actually works instead of forced into a template. That same logic carries into cybersecurity. Customers rarely ask for one feature; they ask how to strengthen their posture and reach resilience. ManageEngine answers with solutions that scale from a single tool to a full suite, backed by flexible licensing and an AI roadmap. It is a look at why consolidation, not collection, is becoming the smarter security strategy. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST VimalRaj Sampathkumar, Head of Technical Operations, UK & Ireland, ManageEngine LinkedIn: https://www.linkedin.com/in/zenandzipfiles/ RESOURCES Learn more about ManageEngine: https://www.manageengine.com Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS VimalRaj Sampathkumar, ManageEngine, Zoho Corporation, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, IT management, IT security, endpoint management, identity and access management, IT operations, integration, consolidation, cyber resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  15. 986

    Where Data Sovereignty and Always-On Security Operations Meet | A Brand Spotlight at Infosecurity Europe 2026 with Bill Peterson, Senior Director of Product Marketing of Sumo Logic

    At Infosecurity Europe 2026 in London, Bill Peterson, Senior Director of Product Marketing at Sumo Logic, joins us to unpack a tension every regulated security team knows well. When an incident hits, the business has to keep running. At the same time, regulators expect sensitive data to stay in region. For a long time, those two demands have pulled in opposite directions. Sumo Logic has spent 15 years as a SaaS platform on AWS, processing roughly four exabytes of data a day for around 2,000 customers. The core promise is speed, driving mean time to resolve as low as possible. Peterson frames it in business terms, because the person signing the check wants to know the return, not the bits and bytes. The news from the show is Sumo Logic availability on the AWS European Sovereign Cloud. EU organizations can keep their data in region, handled by EU staff, while still running the full platform for incident response. That turns a painful either/or into a checklist a regulated buyer can complete. Genesys is the first customer live in the sovereign cloud, with payment processor OpenPay preparing to follow. How does this play out for highly regulated industries? Sumo Logic is focused on finance, healthcare, telco, and government, the verticals feeling the most pressure. The path Peterson describes is simple: let Sumo Logic handle incident management, let AWS move and grow the data in region, and check the sovereignty box without giving up operational readiness. Underneath sits a full-featured SIEM and Dojo AI, the agentic approach Sumo Logic launched earlier this year. The goal is not to replace analysts but to keep a human in the loop while handing proven, repetitive work to an agent. Fix one server, confirm the solution, then let an agent patch the other 599 under oversight. A SOC Analyst Agent reaches general availability at Black Hat later this year, alongside an MCP server. On observability, the differentiator is reading both structured and unstructured data without normalizing it first. A zip code is structured; a cryptic web hook error is not. Sumo Logic reads both, which feeds directly into faster time to identify and faster time to resolve. For any leader weighing sovereignty against uptime, Bill Peterson makes a clear case that they can finally live in the same plan. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Bill Peterson, Senior Director of Product Marketing, Sumo Logic LinkedIn: https://www.linkedin.com/in/williampetersonjr/ RESOURCES Learn more about Sumo Logic: https://www.sumologic.com/ Sumo Logic on the AWS European Sovereign Cloud (announced at Infosecurity Europe 2026): https://www.sumologic.com/newsroom Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Bill Peterson, Sumo Logic, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AWS European Sovereign Cloud, data sovereignty, incident response, mean time to resolve, SIEM, security operations, Dojo AI, agentic AI, SOC analyst agent, observability, log analytics, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  16. 985

    Measuring Risk Was Never the Point | A Brand Spotlight at Infosecurity Europe 2026 with Matt Middleton-Leal, Regional Vice President, Northern Europe of Qualys

    At Infosecurity Europe 2026, Matt Middleton-Leal, Regional Vice President for Qualys across Northern Europe, joins Sean Martin inside the Risk Operations Center built into the Qualys booth. The premise is blunt: cybersecurity has spent years getting good at measuring risk and almost no time getting good at fixing it. The Risk Operations Center, or ROC, is the Qualys answer to that imbalance. So what is a ROC? It is not a product. Middleton-Leal describes it as an operating model that pulls scattered risk signals together, ranks them by business context and financial impact, and drives them toward remediation. If a SOC looks in the rearview mirror at what already happened, the ROC looks through the windshield at the risk ahead. Why now? Because risk moves at machine speed. In an AI-driven world of frontier models and autonomous agents, Middleton-Leal argues that remediation tied to service desk tickets is already too slow. He shares what happens when a client prepares to deploy tens of thousands of new agents before anyone knows what those agents touch or where their data goes. The example that lands hardest is a number: 62 million risk findings across one client's combined tooling. Middleton-Leal walks through how threat intelligence, business context, and safe exploitability testing collapse that figure to under one percent of fixes that genuinely reduce loss. It is a concrete look at how to prioritize remediation instead of drowning in dashboards. There is a quieter shift underneath it all: financial risk quantification, long reserved for the largest banks, reaching companies that never had the analysts to build it. Working with Richard Seiersen, Chief Risk Technology Officer at Qualys, the company is building ways to answer questions like what a ransomware event would likely cost a business in your sector and region. Middleton-Leal closes with the one place every organization should start, whether they use Qualys or not. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Middleton-Leal, Regional Vice President, Northern Europe, Qualys LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ RESOURCES Qualys: https://www.qualys.com ITSPmagazine Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Richard Seiersen, Chief Risk Technology Officer at Qualys, co-author of "How to Measure Anything in Cybersecurity Risk" Connect with Matt Middleton-Leal on LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Middleton-Leal, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, Risk Operations Center, ROC, risk remediation, cyber risk quantification, exposure management, vulnerability management, Richard Seiersen, AI security risk, Infosecurity Europe 2026, machine speed remediation, security operations Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  17. 984

    When the Boardroom Asks "Are We Okay?" | A Brand Spotlight at Infosecurity Europe 2026 with Ian Schenkel, VP Sales, EMEA & APAC of Intel 471

    Something has changed at the board level. Recorded in the media room at Infosecurity Europe 2026 in London, Ian Schenkel, VP Sales, EMEA & APAC of Intel 471, describes directors who no longer take security on faith. After a year of headline breaches from Jaguar Land Rover to Marks and Spencer and the Co-op, leadership wants proof rather than promises. What does the board actually want to know? A straight answer to one question: are we okay? Ian Schenkel starts with geopolitics. Nation-state activity, supply chain exposure, and shifting global markets all shape whether a business can keep running. Threat intelligence becomes the early warning system leaders use to decide where to move and which actors have a history of targeting their industry. The next question gets personal. Does this affect us? Have we already been hit? This is where Intel 471 leans on retroactive threat detection. When new indicators of compromise surface, an analyst can build detection queries in seconds against a SIEM, SOAR tool, SentinelOne, Microsoft, or Palo Alto, then report back to the board with a clear answer. How does intelligence reach the board without getting lost in the weeds? It travels as a story the board can act on. Intel 471 pulls its three core areas, cyber threat intelligence, attack surface management, and threat hunting, into a single report that scales from an executive summary to a detailed account of what was found and neutralized. The stories make it real. During merger rumors, an attacker registered a look-alike domain and emailed employees from it. In another case, Intel 471 warned an organization it did not yet work with about a politically motivated actor that was openly discussing it. The value is the early signal, long before perimeter and endpoint defenses ever engage. Sometimes the right move is not technical at all. It might be briefing executives on targeted ransomware or reminding employees to stay alert against the email that has not arrived yet. The throughline, as Ian Schenkel frames it, is prevention over reaction, and a board finally asking the right questions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ian Schenkel, VP Sales, EMEA & APAC, Intel 471 LinkedIn: https://www.linkedin.com/in/ianschenkel/ RESOURCES Learn more about Intel 471: https://www.intel471.com Connect with Ian Schenkel on LinkedIn: https://www.linkedin.com/in/ianschenkel/ Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Ian Schenkel, Intel 471, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, cyber threat intelligence, threat hunting, attack surface management, board reporting, geopolitical intelligence, early warning system, indicators of compromise, retroactive threat detection, business resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  18. 983

    Seeing What Your EDR Can't | A Brand Spotlight at Infosecurity Europe 2026 with Matt Ellison, Director of Sales Engineering EMEA & APAC of Corelight

    At Infosecurity Europe 2026 in London, Matt Ellison, Director of Sales Engineering EMEA & APAC at Corelight, joins Sean Martin to unpack the visibility gap widening across security operations. The SOC is either drowning in data or missing the data that matters most. Corelight, custodian of the open-source Zeek project, builds a platform that turns raw network traffic into evidence teams can actually use. Why do today's most evasive attacks slip past endpoint detection? Because they are designed to. Ellison points to typhoon-style campaigns staged from network and hardware devices specifically to avoid EDR. When a platform sees all of the network traffic moving backwards and forwards, those moves stop being invisible. Seeing more is only half the battle. Ellison describes teams trapped by a fear of missing something, switching on every "just in case" detection until alert volume becomes its own crisis. The real question shifts from "what fired" to "what does this actually mean for my environment." How do you investigate a detection you cannot see inside? A black box hands down a verdict with no evidence behind it. Corelight takes an open approach, exposing the data behind every conclusion so analysts can follow a flow to its root cause and apply the one thing no vendor ships: their own knowledge of the network. The proof tends to show up fast. Ellison recalls a proof of value where, within thirty minutes, the team surfaced sensitive information moving unencrypted across the network. Other finds are smaller but telling, like a finance team's certificate using a weak cipher. Corelight even names its catch-all logs plainly, the "weird" log and the "unknown" log. Visibility feeds compliance too. Frameworks like NIS2, DORA, and GDPR demand evidence, not a tool humming in the corner that no one reviews. Ellison previews a coming release that adds asset classification, identifying every device on the network and explaining the why behind it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Ellison, Director of Sales Engineering EMEA & APAC, Corelight LinkedIn: https://www.linkedin.com/in/matthewrellison/ RESOURCES Learn more about Corelight, including customer stories: https://corelight.com Zeek, the open-source NDR project Corelight maintains: https://zeek.org Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Ellison, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, network detection and response, NDR, Zeek, open source security, network visibility, threat hunting, SOC alert fatigue, EDR evasion, encrypted traffic analysis, NIS2, DORA, GDPR, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  19. 982

    Resilience Is the New Compliance: Why Recovery Is the Real Test of Cyber Readiness | A Brand Spotlight at Infosecurity Europe 2026 with Pete Hannah, VP of Sales, Western Europe of Object First

    At Infosecurity Europe in London, Pete Hannah, VP of Sales for Western Europe at Object First, joins Sean Martin to reframe a question many organizations still get wrong. The issue is not only how to keep ransomware out, but how quickly you can recover once it gets in. With Europe's regulatory landscape tightening, that distinction is becoming the difference between disruption and disaster. What does the UK Cyber Security and Resilience Bill actually demand? According to Pete Hannah, it reads less like a checklist and more like an operational resilience standard. It expects organizations to manage threats, prove they have tested their recovery plans, and treat resilience as a board-level responsibility with real financial penalties. More than ninety percent of the bill already applies in practice, so waiting for it to become law is a risk in itself. Why do backups matter so much? Because more than ninety percent of cyberattacks target them first. Pete Hannah explains that "immutable" has become a marketing word, and the meaningful test is whether anyone still holds the access to destroy protected data. Object First answers that with absolute immutability, independently tested, with zero destructive access for admins or compromised accounts. That protection is purpose-built for Veeam environments through the Ootbi appliance, the resilient bunker that stays standing even when every password is known and every other system is compromised. When recovery is guaranteed, teams stop worrying about whether they will recover and focus instead on how fast. How does a stretched IT team adopt this without adding overhead? Pete Hannah describes deployment as taking the appliance out of the box, racking it, connecting it, and pointing backups at it. For boards and CISOs under budget and resource pressure, simplicity is the selling point. It is easy to manage, easy to prove, and dependable when it matters. The proof is in the field. Pete Hannah shares stories of customers who survived worst-case scenarios because Object First was the only thing left standing, and one who tracked him down simply to say thank you. In an era where AI is accelerating attacks and a single compromised password has bankrupted companies, knowing you can recover is the new definition of good enough. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Pete Hannah, VP of Sales, Western Europe, Object First LinkedIn: https://www.linkedin.com/in/peterhannah/ RESOURCES Learn more about Object First: https://objectfirst.com Ootbi by Object First (Out-of-the-Box Immutability): https://objectfirst.com Watch: Anthony Cusimano of Object First at RSAC Conference: https://youtu.be/LMWuZ_NH1lA Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Pete Hannah, Object First, Ootbi, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, immutable backup storage, ransomware recovery, Veeam backup, absolute immutability, Cyber Security and Resilience Bill, cyber resilience, data protection, operational resilience, backup and recovery, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  20. 981

    The Business of Extortion — Storytelling, Ransomware, and the BBC's Cyber Hack | Geoff White | PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli

    There is a moment in every conversation about cybercrime when the criminal stops being a shadow and becomes a person with a desk, a calendar, and a complaint about Monday. That moment is the one that interests me. For years I’ve been told cybersecurity is a technical problem. Firewalls, patches, acronyms nobody outside the room understands. And it is, partly. But sit with Geoff White for fifteen minutes at InfoSecurity Europe and the technical layer becomes what it always was underneath: people. People who get out of bed, argue with their partners, drink too much vodka after a breakup, and worry about a grandmother in the hospital — while running an extortion racket that, somewhere else, is shutting down the hospital treating someone else’s grandmother. Geoff is an investigative journalist and author who has built a career out of refusing to let crime stay abstract. His new BBC series, Cyber Hack — the strand that grew out of The Lazarus Heist — turns its attention to one of the world’s biggest ransomware gangs, Conti. And here is the detail that stayed with me: he has read their mail. Three hundred thousand internal messages, leaked, written by the criminals themselves when they assumed no one was watching. A journalist’s candy store, as he called it. Also a nightmare — in Russian, thick with slang, mistranslated so often that “Bitcoin” comes out as “cue ball” and money hides behind the word for “grandmothers.” What fascinates me is not the heist. It is the self-portrait. Because the gang does not see a gang. They see a company. They have clients, they say. Customers. Negotiations conducted professionally. Some of them even hand the victim a report afterward — here is how we got in, here is what you should fix — as though extortion were a security audit with an invoice attached. Geoff has a theory I find hard to argue with: extortion is exhausting work for a smart person to do every day, so the brain quietly rewrites the job description. Criminal becomes businessman. The part that knows the truth shrinks. The story they tell themselves takes over. I’m Italian, so of course The Godfather arrived uninvited in the middle of our conversation. It’s a business. Nothing personal. We laughed — I get to make that joke and Geoff doesn’t — but underneath the laugh is something genuinely unsettling, and it has nothing to do with hackers. It’s about all of us. We are all narrating ourselves into the people we’d prefer to be. The ransomware gang simply does it with higher stakes and worse intentions. This is why storytelling isn’t decoration on top of cybersecurity. It’s the only tool that makes the invisible visible. Geoff’s last BBC series landed at number seven on the US charts, a few slots below Joe Rogan, because he tells these stories as stories — with the technical iceberg sitting safely below the waterline. People learn when they aren’t being lectured. And we should learn, quickly. The same week I’m laughing about cue balls, Geoff describes cloning his own mother’s voice with an AI tool and phoning her. She thought the line was just a little muffled. I told him what I tell my parents: if anything feels strange, hang up and call me directly. A pre-digital instinct, used as armor against a very digital trick. So what do we carry forward, and what do we leave behind? We carry the stories. We leave behind the comfortable idea that any of this is happening somewhere else, to someone else. The new season of Cyber Hack is expected in July. Listen to it — not because it will scare you, though it might, but because it makes a hidden world legible, and legibility is where every defense we have begins. Geoff’s books and the show are linked below. And if you’d like more of these conversations, subscribe to the newsletter at marcociappelli.com. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. His on-the-ground event coverage is produced with ITSPmagazine co-founder Sean Martin under the On Location With Sean Martin And Marco Ciappelli banner. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Geoff White is a British investigative journalist and author who has spent two decades covering the place where organized crime meets technology — cybercrime, financial crime, fraud, and money laundering. A former technology correspondent for Channel 4 News, his work has appeared on BBC News, The Sunday Times, and Forbes, earning multiple British journalism nominations and awards along the way, including for his reporting on the Snowden leaks and the TalkTalk hack. He is the author of three books: Crime Dot Com: From Viruses to Vote Rigging, How Hacking Went Global (Reaktion Books, 2020); The Lazarus Heist: From Hollywood to High Finance — Inside North Korea’s Global Cyber War (Penguin Random House, 2022); and Rinsed, his most recent book on how technology reinvented money laundering. The Lazarus Heist began as a hit BBC World Service podcast he co-hosted with Jean Lee, reaching number one in the UK Apple chart and the top seven in the US. The series has since become the BBC’s broader Cyber Hack strand, whose latest season investigates the Conti ransomware gang. A sought-after public speaker with more than 300 keynotes for organizations including Microsoft, HSBC, and Mastercard, Geoff has a rare gift: making the technical human, and the criminal understandable. 🎙️ Listen to Cyber Hack: BBC Cyber Hack on Apple Podcasts 🔗 LinkedIn: linkedin.com/in/geoffwhitetech | Website: geoffwhite.tech More from this event: Geoff’s earlier conversation with Marco on storytelling in cybersecurity: youtu.be/sKI9SzgvD6I Full InfoSecurity Europe 2026 coverage: ITSPmagazine InfoSecurity Europe 2026 All ITSPmagazine event coverage: Technology & Cybersecurity Conference Coverage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  21. 980

    Proof of Impact | Lens Four by Sean Martin | Read by TAPE9

    ⬥EPISODE NOTES⬥ Almost nothing got said on the stages at Global Citizen NOW 2026 without a number behind it. $47 million toward a $100 million education fund. 27 organizations funded. 1,500 jobs from a single restoration effort. 18 million lives reached in one campaign. The headline was the money. The tell was quieter — a pilot to verify, record, and monitor every donated dollar with AI and blockchain, from the moment it is given to the point it makes impact on the ground. Strip away the wattage — Adam Lambert and Ayra Starr opening, Hugh Jackman working the room, heads of state beside Fortune 500 CEOs — and Global Citizen NOW 2026 was a working argument about what technology is for when the objective is a social outcome rather than a shareholder return. In a sector whose standing pitch has been "trust us, the money helps," building the infrastructure to prove where every dollar goes inverts the pitch. The claim now comes with a receipt. This is the Proof of Impact pattern, and it is worth pulling apart clearly. 🔍 In this edition of Lens Four: — Why the quiet AI-and-blockchain donation-tracking pilot mattered more than the headline fundraising number — accountability built in as a feature, not bolted on as a disclaimer, with the fund's independent review chair Benedetta Audia calling it "essential to our work" — How the FIFA Global Citizen Education Fund put $47 million of a $100 million goal to work across 27 organizations, with grants of $50,000 to $150,000 and new commitments from Pharrell and the Varkey Foundation — What Solar Freeze's farm-gate solar cold storage shows about outcomes-first technology — smallholders grow roughly 30% of the world's food and receive under 1% of climate finance, and 2026 Global Citizen Prize recipient Dysmus Kisilu describes the unit as "like an Airbnb, but for vegetables" — Why energy access framed the day: around 750 million people live without electricity, 600 million in Africa — a continent holding roughly 60% of the world's renewable resources, where investment has tripled in five years — How a Bezos Earth Fund restoration effort turned roughly 150 farmers into 1,500 jobs with 80% of businesses profitable over five years — and Tom Taylor's blunt financing logic: a million is philanthropy's job, a billion is government's, a trillion needs private industry — What "The AI Powered Workforce" panel revealed — 88% AI adoption per Stanford's 2026 index, real productivity gains — and the asterisk it kept burying: 82% of small businesses know AI is critical, while roughly 75%, in PayPal's Amy Bonitatibus's words, "don't feel that we have the tools and training" — Why "democratizing" is a deliverable someone has to fund and distribute, not a property of the technology — the same wave that lets a fund trade billions on autonomous models is the one that disrupts the business that never got the training — What the Amazon campaign's 4.4 million actions, more than $1 billion in commitments, 31 million hectares protected, and 18 million lives reached prove about outcomes at scale, on Marcelo Thomé's principle that "the forest has value when it is standing" Fourth Lens: Technology is finally good enough to keep the receipts. The harder question is whether the sector will like what they show. When every dollar is traceable from gift to ground, the test stops being whether impact can be proven and becomes whether the story survives once it can no longer be rounded up. When the rounding stops, how much of the impact story survives the data? 🔗 Full article and references: https://seanmartin.com/lens-four/global-citizen-now-2026-technology-trust-outcomes 📧 Subscribe to Lens Four: https://seanmartin.com/lens-four 🎙 Redefining CyberSecurity Podcast: https://redefiningcybersecuritypodcast.com 🎧 Music Evolves Podcast: https://musicevolvespodcast.com 🌐 ITSPmagazine: https://itspmagazine.com 🎬 Studio C60: https://studioc60.com Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience across engineering, product development, marketing, and media. He is co-founder of ITSPmagazine (itspmagazine.com) and Studio C60 (studioc60.com), host of the Redefining CyberSecurity Podcast (redefiningcybersecuritypodcast.com) and Music Evolves Podcast (musicevolvespodcast.com), and co-host of On Location (itspmagazine.com/on-location) and Random and Unscripted (randomandunscripted.com). Learn more at seanmartin.com. 🔎 Keywords: Global Citizen NOW, technology for good, impact measurement, donation transparency, AI and blockchain, FIFA Global Citizen Education Fund, climate finance, Solar Freeze, energy access, Bezos Earth Fund, AI powered workforce, democratizing AI, small business AI, Amazon conservation, social impact, Sean Martin, Lens Four Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  22. 979

    When Patient Records, Powerlines, and Prompts All Lead to the Same Risk | A Redefining CyberSecurity Podcast Conversation with Gil Bashe, Chair, Global Health and Purpose of FINN Partners

    ⬥EPISODE NOTES⬥ The healthcare system is, by some measures, the most targeted sector in cybersecurity. Patient records get lifted, hospitals get held for ransom, and the supposed protections often look more like antiquated friction than modern defense. Gil Bashe, Chair of Global Health and Purpose at FINN Partners, joins Sean Martin to explore why the systems meant to protect people's most sensitive information are, in many cases, the same systems holding back better care. A former combat medic, agency CEO, private equity operator, and now author of Healing the Sick Care System: Why People Matter, Gil Bashe brings a rare composite view of how information, technology, and human judgment collide in healthcare. The conversation moves quickly from ransomware and HIPAA-covered entities into the harder questions about AI. With an estimated 80 percent of doctors already using OpenAI tools to assist with diagnosis or treatment patterns, the line between "in the zone" and "precision" information has become a clinical safety issue. Gil Bashe reframes hallucinations as what they really are in his world: wrong facts. And wrong facts, fed back into a system that increasingly trusts the output, create a feedback loop that no one is accountable for. The machine doesn't sleep, doesn't worry, doesn't carry responsibility. The humans on either side of it do. That accountability gap is where the cybersecurity audience comes in. Gil Bashe draws a direct parallel between great coders and great clinicians: both work inside-out and outside-in, interviewing the people who use the system and the people the system serves. He argues that the cybersecurity professional protecting an EMT's routing system, a hospital's power grid, or an MRI data pipeline is saving lives on the same continuum as the paramedic. The skillset is different. The stakes are not. Sean Martin and Gil Bashe also press on the leadership question raised by AI. If clinicians are freed up by 15 percent of their day, what does the system ask them to do with that time? See two more patients on the conveyor belt of sick care, or actually treat the underlying cause of disease? With 18.7 percent of U.S. GDP going to healthcare and 35 percent of that consumed by administration, the answer is not technical. It is a leadership decision about what the technology is for. This conversation asks cybersecurity practitioners, CISOs, and technology leaders to widen the frame. Protecting data is the floor. Protecting the human relationships, the clinical judgment, and the dignity of the patient on the other end of the system is the work. ⬥GUEST⬥ Gil Bashe, Chair, Global Health and Purpose at FINN Partners | On LinkedIn: https://www.linkedin.com/in/gilbashe/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Healing the Sick Care System: Why People Matter (book by Gil Bashe) | https://www.finnpartners.com/news-insights/healing-the-sick-care-system-why-people-matter/ FINN Partners | https://www.finnpartners.com/ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ gil bashe, finn partners, sean martin, healthcare cybersecurity, hospital ransomware, ai in medicine, chatgpt clinical use, patient data protection, hipaa business associates, health information leadership, sick care system, non-communicable diseases, human leadership in ai, medical misinformation, prompt accountability, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  23. 978

    Telling the Stories of Cybercrime | An Interview with Geoff White | An Analog Brain In A Digital Age With Marco Ciappelli

    PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli Geoff White goes where organized crime and technology cross, and he comes back with stories. In this one he announces his newest BBC series — the rise and fall of the Conti ransomware gang — and we get into the thing underneath all of it: how you make a crime nobody can see feel real to people who will never see it. 📺 Watch | 🎙️ Listen | marcociappelli.com There was a red light. A sign, really — ON AIR — that lit up the second a broadcast began, and everyone in the room understood it without a word. Quiet. We're live. I grew up around that light. Geoff White and I opened this conversation laughing about it, because you still catch it hanging behind some podcasters, a little piece of analog theater none of us can quite bring ourselves to retire. We kept the light. What we lost is the patience. Geoff is an investigative journalist — the kind other journalists call when they want to know what actually happened. He works where organized crime and technology cross, and his complaint about modern news is one I share. We get the big bang: something was hacked, data leaked, a hospital went dark. Then the cycle moves on before anyone asks the only questions that matter. How did it work? Who did it? Should I be worried? He told me he once had four minutes on Channel 4 News to explain Bitcoin. Four minutes. He called it impossible, and he's right — but the deeper trouble is that we've trained ourselves to believe four minutes is enough. That reading the headline is the same as reading the story. It isn't. It never was. What pulled me in was the subject of his new BBC series. Conti — one of the most profitable ransomware gangs the world has seen — does not look like the hooded figure in the stock photo. It looks like a company. Payroll. Sick pay. Annual leave. A training program. Strategy meetings. A translation department, because a ransom note full of spelling mistakes doesn't get taken seriously, and these people cared, deeply, about being taken seriously. Someone, on some ordinary Tuesday, had to ask who was running payroll that month. While the gang was shutting down hospitals. I keep turning that over. We like our villains monstrous and separate; it's more comfortable that way. But a criminal enterprise that runs on bonus schemes and brand reputation isn't a monster from the deep. It's a mirror, doing what the rest of us do, with the morality removed. Geoff says the most fascinating part of the 300,000 leaked messages — spilled because a war split the gang in two — is the mundanity. I believe him. The horror isn't that these people are alien. It's that they're familiar. And this is where he and I actually agree on the work. He says you need three things to tell a story, and he reaches for Star Wars to prove it: a victim, a villain, a hero. For years cybercrime refused that shape — the heroes wanted the spotlight, the villains stayed silent, the victims ran. What changed is that the villains started talking. They leak themselves into the open now. Which means, for the first time, the story can actually be told. That's the part people get wrong about cybersecurity. They think the hard part is the technology. It isn't. The hard part is making an invisible crime feel real to someone who will never see it — no broken window, no smoke, just a screen that stopped working. You cannot patch your way to that. You have to tell it. A name. A face. A beginning, a middle, an end. Which is the most analog thing I can imagine. The most digital crime of our age still has to be carried into people's heads the way stories always have. That isn't a weakness. That's the thing worth carrying forward. Geoff's new BBC series, Cyber Hack — the Conti story — is coming; you'll find it linked below. And if you like conversations that take the long way around, the newsletter lives at marcociappelli.com. The red light still means something. Some of us are still on air. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Geoff White is an investigative journalist and author who specializes in the place where technology and organized crime meet — cyber heists, ransomware gangs, money laundering, fraud, and the criminal networks that operate in the dark corners of the internet. He describes the work simply: keep going after everyone else has stopped, and sooner or later you find what they missed. He began in television news, reporting as Technology Correspondent for the UK's Channel 4 News, where he led the "Data Baby" project and covered stories from the Snowden leaks to the 2015 TalkTalk hack — the investigation that pulled him toward long-form reporting for good. He is the co-creator and host of the BBC podcast The Lazarus Heist (since renamed Cyber Hack), which charted North Korea's rise as a hacking power and reached the top of the international podcast charts, and of the Audible series The Dark Web. His books include Crime Dot Com, The Lazarus Heist, and Rinsed. His newest BBC series tells the story of Conti, one of the most profitable ransomware gangs ever to operate — and how the leak of its internal messages laid the whole operation bare. 🔗 LinkedIn | 🌐 geoffwhite.tech Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  24. 977

    After RSAC Conference 2026, Reflecting on Agentic AI, Community, and the Evolution of Cybersecurity | A Brand Highlight at RSAC Conference 2026 with Tony Anscombe, Chief Security Evangelist of ESET

    Agentic AI was the theme that pulled away from the pack at RSAC Conference 2026. Tony Anscombe of ESET makes the case that once AI shifts from being directed by humans to operating with its own objectives and logic, the security surface changes with it, and organizations are being forced to rethink what they protect and how. At the show, ESET announced two products that meet that moment head on. The ESET AI Skills Checker is a free-to-use tool coming to market. ESET AI Protection looks inside AI sessions on the endpoint, flagging sensitive data leakage, malicious links returned by AI systems, and suspicious behavior, and surfacing it all inside normal cybersecurity operations for investigation, blocking, or detection. Tony closes with a reminder worth keeping. His first RSA was in 1998, and the technology he worked on then (sandboxing, dynamic code, remote windowing, encryption, authentication) mirrors a lot of what walks the RSAC Conference floor today. The packaging evolves, the core principles do not. Build forward, but do not lose sight of what the past already proved. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES Learn more about ESET: https://www.eset.com ESET AI Skills Checker and ESET AI Protection: https://www.eset.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, AI security, RSAC Conference 2026, threat intelligence, MDR, EDR, endpoint security, AI Skills Checker, AI Protection, cybersecurity community, multifactor authentication, cybersecurity evolution Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  25. 976

    Tackling the Trust Crisis: Inside the 2026 HITRUST Trust Report | A Brand Spotlight Conversation with Vincent Bennekers, VP of Quality at HITRUST | Hosted by Sean Martin

    Cybersecurity assurance was supposed to give boards, regulators, customers, and partners a clear answer to one question: can the security of the organizations they depend on actually be trusted? In 2026, that answer is harder than ever to come by. Supply chains are sprawling, attackers are pivoting through third parties, and too many assurance reports still rely on questionnaires, self-attestations, and frameworks that have not kept pace with the threat landscape. The 2026 HITRUST Trust Report calls that gap what it is: a Trust Crisis. In this Brand Spotlight, Vincent Bennekers, VP of Quality at HITRUST, walks through what four years of performance data across thousands of certified environments now show: 99.62% of HITRUST-certified environments remained breach-free in 2025. That stands in stark contrast to industry surveys reporting that more than 40% of organizations have experienced a breach. Vincent Bennekers is direct on why the numbers hold up: prescriptive controls, a centralized quality review, and an assurance methodology built for measurable outcomes rather than checkbox compliance. Healthcare makes the point even sharper. HITRUST examined the top fifty breaches on the HHS OCR breach portal, the public listing some in the industry refer to as the wall of shame. None of them occurred in a HITRUST-certified environment. For an industry that consistently ranks as the most breached and the most expensive to breach, that is a signal worth pausing on. Quality of the report itself matters as much as the framework behind it. Vincent Bennekers describes a layered review model with automated and manual checks, independent reviewers, and centralized HITRUST quality assurance prior to issuance. Every certification HITRUST issues goes through that same review. Stakeholders consuming any other assurance report should be asking exactly how its integrity is being ensured, and what is actually behind the stamp. Supply chain risk is the throughline. The 2025 Verizon Data Breach Investigations Report found third-party-involved breaches doubled, climbing from 15% to 30%. HITRUST requires service provider coverage, mandatory in the r2 assessment and optional but heavily adopted in the e1 and i1, where over 80% of organizations are choosing to address service provider controls thanks to a streamlined inheritance model. The report closes with a five-step roadmap for stakeholders: shift from flexible compliance to threat-intelligent assurance, verify assurance report integrity, reduce supply chain exposure, secure AI implementations through prescriptive controls, and reassess the definition of good information security assurance. Vincent Bennekers is clear that AI belongs in this conversation now, with HITRUST offering AI certification to address risks across data protection, model integrity, and automated decision-making. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vincent Bennekers, VP of Quality at HITRUST LinkedIn: https://www.linkedin.com/in/vincent-bennekers-a0b3201/ RESOURCES Learn more about HITRUST: https://hitrustalliance.net/ Download the 2026 HITRUST Trust Report: https://hitrustalliance.net/trust-report Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vincent Bennekers, HITRUST, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, 2026 HITRUST Trust Report, trust crisis, cybersecurity assurance, third-party risk, supply chain security, healthcare cybersecurity, HHS OCR breach portal, HITRUST certification, r2 certification, e1 certification, i1 certification, threat-intelligent assurance, AI security certification, information risk management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  26. 975

    The Vendor You Cannot Name | Lens Four by Sean Martin | Read by TAPE9

    ⬥EPISODE NOTES⬥ The most dangerous sentence in cybersecurity disclosure right now is "no evidence of unauthorized access to our network." It is technically true. It is also operationally hollow. The customer whose data is on a leak site does not care which network it left from. The plaintiff in Bexar County does not care. The regulator about to receive a federal incident report under a 72-hour clock that starts at suspicion, not confirmation, will not care. In April 2026, two U.S. banks disclosed an incident at the same unnamed third-party vendor. Six class action lawsuits followed in two weeks. The vendor still has not been publicly named. The plaintiffs sued the banks anyway. In a separate situation, an alleged Adobe breach surfaced through a threat actor's claims about a third-party business process outsourcing firm -- and as of the coverage reviewed for this analysis, no public confirmation or denial from Adobe had surfaced. This is the Common Point of Failure pattern, and it is arriving with enough frequency that it deserves to be named clearly. 🔍 In this edition of Lens Four: — Why "no evidence of unauthorized access to our network" leaves the data, the contract, and the customer out of the picture — and why that omission is doing real damage as regulators, plaintiffs, and customers all collapse the distinction between "our network" and "their network" — How the proposed CIRCIA rule's "reasonable belief" trigger changes the operating math when the suspected source is a third party: the 72-hour clock starts when the SOC analyst flags, not when the legal team confirms — What the NYDFS October 21 2025 industry letter on third-party service providers tells covered entities to do — and how the regulator's prescriptive guidance becomes the de facto checklist for audits, examinations, and enforcement — Why the cyber insurance market, per Woodruff Sawyer's annual Cyber Looking Ahead Guide, is now functioning as a verification mechanism — and why the underwriter and the regulator are now the ones shaping what gets bought, not the threat — Verizon's own analysis of its 2025 Data Breach Investigations Report — drawing on more than 22,000 incidents — found the share of breaches involving a third party doubled year over year, from 15% to 30% — Three things the network sentence leaves out: the data (where it lived, how it was stored, what controls applied), the operating model (how a vendor came to have enough access to produce customer harm), and the chain of accountability (the contractual relationship between named brand and unnamed vendor) — Why the vendor concentration the industry has been selling as "consolidation" for two decades is also the thing concentrating blast radius — and why discovery in the class actions, not voluntary disclosure, is the most likely path to actually naming the vendors — Two CISO conversations the Fourth Lens draws on: Tim Brown on what carries a security leader through the worst day of their career (trust built before the trust was needed, context, perspective, communication), and Joe Sullivan on building cyber teams the way fire departments are built — one team on the go, one on standby, one resting — The Fourth Lens: the program reality is that the named brand is accountable for things happening at a vendor it cannot directly control; the market reality is that the regulator and the insurer have already written the checklist; the messaging reality is that the disclosure language has not caught up to either Fourth Lens: The vendor whose name you do not know is the vendor whose risk you cannot manage. The fix is not in the disclosure language. It is in the operating model the disclosure language is currently helping to obscure. The next twelve to eighteen months — through the first CIRCIA enforcement action, the first court-ordered discovery that names a CPOF vendor, and whatever the next shared-vendor breach turns out to be — will start writing the answer to what a security program is actually for when the breach happens somewhere you cannot reach. 🔗 Full article and references: https://seanmartin.com/lens-four/the-vendor-you-cannot-name 📧 Subscribe to Lens Four: https://seanmartin.com/lens-four 🎙 Redefining CyberSecurity Podcast: https://redefiningcybersecuritypodcast.com 🎧 Music Evolves Podcast: https://musicevolvespodcast.com 🌐 ITSPmagazine: https://itspmagazine.com 🎬 Studio C60: https://studioc60.com Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience across engineering, product development, marketing, and media. He is co-founder of ITSPmagazine (itspmagazine.com) and Studio C60 (studioc60.com), host of the Redefining CyberSecurity Podcast (redefiningcybersecuritypodcast.com) and Music Evolves Podcast (musicevolvespodcast.com), and co-host of On Location (itspmagazine.com/on-location) and Random and Unscripted (randomandunscripted.com). Learn more at seanmartin.com. 🔎 Keywords: Common Point of Failure, third-party risk, vendor breach, breach disclosure, CIRCIA, NYDFS, cyber insurance, CISO accountability, supply chain security, Tim Brown, Joe Sullivan, operational resilience, Sean Martin, Lens Four Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  27. 974

    The Artemis Generation (feat. Dr. Polanski, Lowell Observatory) | Stories From Space Podcast With Matthew S Williams

    Host | Matthew S Williams For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast ______________________Episode Notes From Apollo to Artemis: What Lowell Observatory Knows About Going Back to the Moon Fifty years is a long time to forget how to do something. That is, more or less, where NASA stood when Artemis 1 left the pad — and where it stands now, with Artemis 2 having put humans beyond low Earth orbit for the first time in half a century. The institutional memory had thinned. The people who built Apollo had moved on, retired, or passed away. The books, as Dr. Alex Polanski puts it in this episode, had to be dusted off. Polanski, a Percival Lowell postdoctoral fellow at Lowell Observatory in Flagstaff, Arizona, joins host Matt to talk about what Artemis 2 actually proved, and why Lowell — an observatory better known for its exoplanet work and its founder's obsession with Mars — has always sat closer to crewed spaceflight than most people realize. The nine Apollo astronauts trained on the volcanic terrain of northern Arizona. They studied lunar maps made at Lowell. They walked the same ground tourists walk today, in the shadow of the Clark refractor. The conversation moves from the geology of the Moon's Highlands and Maria to the meteorite work of Dr. Nick Moskowitz, the mapping happening at the USGS office down the road, and the longer question behind all of it: is the Moon a stepping stone to Mars, or a detour? Polanski makes the case for the stepping stone — not out of caution, but because there are things we don't yet know we need to know, and a one-second light delay is a much more forgiving classroom than a twenty-minute one. And then there's what comes next. Radio telescopes in the craters of the far side, shielded from Earth's noise. Optical interferometers spread across lunar real estate, free of the atmospheric wobble that makes ground-based astronomy feel, in Polanski's words, like reading a note card at the bottom of a pool. For the first time, the possibility of actually seeing the surfaces of other stars. Percival Lowell saw canals on Mars that weren't there. He may have been looking at the veins in his own eye. A century later, his observatory is helping figure out how to look at the real thing. 🎙️ Guest: Dr. Alex Polanski, Lowell Observatory 🌐 lowell.edu ______________________ Resources Dr. Alex Polanski's Twitterhttps://x.com/AlexNeedsSpaceDr. Alex Polanski's companyhttps://x.com/LowellObs   Dr. Alex Polanski's LinkedInhttps://www.linkedin.com/in/alex-polanski-9ba397113/Dr. Alex Polanski's Facebook profilehttps://www.facebook.com/alex.polanski.3   Moon to Mars / NASA's Artemis Programhttps://www.nasa.gov/humans-in-space/artemis/   ______________________ For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  28. 973

    Book: Deep Future — Creating Technology That Matters | An Interview with Pablos Holman | An Analog Brain In A Digital Age With Marco Ciappelli

    PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli Pablos Holman has built spaceships, zapped malaria-carrying mosquitoes with a laser, earned thousands of patents, and is now betting his venture capital on the inventors Silicon Valley forgot to fund. His new book, Deep Future: Creating Technology That Matters, is a call to arms against a tech industry that got drunk on software and forgot about the other 98% of the world. 📺 Watch | 🎙️ Listen | marcociappelli.com I grew up in a city full of inventors. They just didn't call themselves that. Florence in the fifteenth century wasn't running on venture capital. It was running on curiosity, obsession, and the refusal to accept that the way things had always been done was the way they had to be done. Leonardo didn't have a manual. Galileo didn't ask for permission before pointing a better telescope at the sky. They took things apart, looked at what was inside, and put them back together differently. They hacked things. That's Pablos Holman's word — and when he used it in our conversation, I recognized it immediately. Not as a tech industry term. As something much older. A way of being in the world that says: the instructions are a suggestion, not a ceiling. Pablos has had one of those careers that resists a tidy summary. He was writing code in Alaska as a kid, with one of the first Apples ever made and nobody around to teach him anything. He figured it out on his own — and never really stopped doing that. Cryptocurrency in the '90s. AI research before anyone called it that. Helping build spaceships at Blue Origin. Then years at the Intellectual Ventures Lab with Nathan Myhrvold, going after problems Silicon Valley had decided weren't worth the trouble: a laser that identifies and destroys malaria-carrying mosquitoes in flight, hurricane suppression systems, a nuclear reactor powered by nuclear waste. Six thousand patents. Thirty million TED Talk views. Now he runs a venture fund called Deep Future, and he's written a book with the same name. The subtitle says what he thinks about most of what Silicon Valley has been doing for the past two decades. Creating Technology That Matters. He calls the alternative shallow tech. Apps that replace taxis. Apps to rent a stranger's couch. Apps to have weed delivered by drone. Not useless, exactly — but not living up to what we actually have. And what we actually have, Pablos says, is the best toolkit in all of human history: more people, more education, more resources, more raw scientific understanding than any generation before us. If all that produces another chat app, something has gone badly wrong. The number he threw out in our conversation — and I'm going to mention it here because it deserves to be mentioned, not as a hook but as a quiet scandal — is that all the software companies in the world combined, every single one of them, account for about two percent of global GDP. The other ninety-eight is energy, shipping, food, manufacturing, construction, automotive. Industries that haven't fundamentally changed in a century. Industries that software can nudge a few percent better but cannot make ten times better. Ten times better is where Pablos starts. One of his portfolio companies is building autonomous sailing cargo ships — no crew, no fuel, no emissions — targeting a two-trillion-dollar industry that currently burns half its revenue on fuel. He's also continuing the malaria work that could save half a million lives a year, half of them children under five. That's the scale he's measuring things against. We got to AI eventually, as you do. What he said landed simply and cleanly: chatting is the least important thing we can do with it. What we should be using AI for is understanding things that were previously too complex to model — what's happening in every cell of your body, how to actually get a grip on the climate, how to start solving the problems that have been resistant to every tool that came before. Instead we are using it to generate fake videos and build an AI version of TikTok. We've hit peak entertainment, he said. I think that's right. And I think what comes after peak entertainment — if anything does — is the real question sitting underneath all of this. The conversation ended the way the best ones do: not with a conclusion, but with an invitation. Pick something you care about and work on it. The people who built Apollo weren't all rocket scientists. They were cable layers and logistics coordinators who never saw the rocket up close. But they were part of something that exceeded their own individuality, and they knew it, and that was enough. That pride is still available. Whether we want it more than we want another scroll — that's on us. Deep Future: Creating Technology That Matters is out now — find it here. Subscribe to the newsletter at marcociappelli.com. Let's keep thinking. About Marco Ciappelli Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About Pablos Holman Pablos Holman is a futurist, inventor, and self-described "notorious hacker" with one of the more unusual résumés in American technology. He started writing code as a kid in Alaska on one of the first Apple computers ever made, and never stopped following that thread wherever it led. In the 1990s, he worked on cryptocurrency and early AI systems before either had found their way into the mainstream. In 2001, he joined Jeff Bezos at Blue Origin, where he helped explore new approaches to space travel. He then joined Nathan Myhrvold's Intellectual Ventures Lab, a deep tech invention lab that produced over 6,000 patents — including a laser system that identifies and destroys malaria-carrying mosquitoes in flight, a machine designed to suppress hurricanes, and a nuclear reactor powered by nuclear waste. His TED talks have accumulated over 30 million views. Holman is now Managing Partner of Deep Future, a venture capital fund backing inventors working on the hard physical problems the software industry left behind — autonomous shipping, new energy systems, food technology, and manufacturing. His book, Deep Future: Creating Technology That Matters (2025), is a critique of Silicon Valley's obsession with shallow tech and an invitation to aim at the world's actual problems. 🔗 LinkedIn | deepfuture.tech/about-pablos Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  29. 972

    Securing the Mini Me Era: Why Agent Identity Alone Is Not Enough | A Brand Highlight Conversation with Shreyans Mehta, Co-Founder and Chief Technology Officer of Cequence Security | Hosted by Sean Martin

    Enterprises spent the last decade hardening the front door for human users. Now a new class of worker is showing up to the same applications, asking for the same data, and acting on someone else's behalf. Shreyans Mehta, Co-Founder and Chief Technology Officer of Cequence Security, joins ITSPmagazine to talk through what changes when ten or more agents are operating in your name across email, code repositories, Confluence, Salesforce, and ServiceNow at the same time. For Shreyans Mehta, safe enablement is the central question. Consumer chatbots normalized point-to-point connections into personal inboxes, but enterprise agents are reaching into crown-jewel systems where blanket access is not an option. Cequence Security has spent years protecting applications and APIs for telcos, financial institutions, and retailers, and that history shapes how the team is approaching the agentic shift: how do you let the right work get done without handing over the keys to the building? Identity alone is not the answer. Agents can hallucinate, can be prompt-injected, and will go to great lengths to complete a task. Cequence Security addresses this with what Shreyans Mehta calls an agent persona, a dynamic, job-description-driven scope that limits an agent to exactly what its role requires. An email assistant gets read access and a calendar check, not the ability to send or delete. The job defines the permissions, and the permissions follow the agent through the Cequence AI Gateway platform. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Shreyans Mehta, Co-Founder and Chief Technology Officer, Cequence Security LinkedIn: https://www.linkedin.com/in/shreyans-mehta-37a529/ RESOURCES Learn more about Cequence Security: https://www.cequence.ai/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Shreyans Mehta, Cequence Security, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, agent identity, AI agents, agent persona, API security, non-human identity, safe enablement, enterprise AI, prompt injection, MCP, AI gateway Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  30. 971

    Cruise To Mars | Three Ducks On A Journey | Written By Lucia & Marco Ciappelli (English Version) | Stories Sotto Le Stelle Podcast | Short Stories For Children And Dreamers Of All Ages

    CRUISE TO MARS | THREE DUCKS ON A JOURNEY Mama duck had two daughters, and she loved taking them on trips to faraway places. The two ducklings had few friends, but they often went out and about. They played in the farmyard pretending to be a group, and even on their birthday, they ate the big cake all by themselves. As a gift, Mama decided to take them on a cruise to Mars. She organized the trip on a spaceship for tourists, got tickets for an intergalactic Martian party, and departure as soon as possible — before you could say "quack quack." While all three of them were in the yard ready for the trip, they saw a strange object flying low over the farm. Landing on the ground, a small square figure appeared at a hatch and said: "Excuse me, are you the ones with three tickets to Mars and three for the intergalactic party?" The ducklings looked at each other in amazement. They had never seen a square creature before — square head, square eyes, even the smile seemed square. "Yes, that's us!" replied Mama duck. "Quack! Quack! Quack!" chimed the ducklings in chorus, hopping with excitement. "Please, come aboard," said the Martian with a little squared bow. "The journey to Mars is about to begin." And in one leap they boarded the spaceship, so curious and excited for this new adventure. The strange vehicle took off as fast as a gust of wind. In space, it was rush hour. The spaceship found itself in a queue, and the Martian pilot honked the horn: "Bleep, bleep!" He leaned out the window and grumbled: "It's getting harder and harder to travel! Look at that, there's even a playful little planet spinning around on itself like it's a carousel! Oh, what fun — move over, let me pass, and keep on playing!" Due to the cosmic traffic jam, the spaceship landed on Mars slightly behind schedule. "How wonderful!" exclaimed the ducklings when they saw a ship made entirely of glass, ready for the cruise, where they were invited to come aboard. There was a great bustle of small square Martians. "Good morning, Mrs. Duck, please make yourself comfortable!" they said with a bow, while the ducklings — quack, quack, quack — chattered and hopped about happily. In the background, square guitars played Interplanetary Rock. The three travelers, with their little faces pressed against the windows, gazed in wonder at the red color of the planet. The ship set off slowly across the sand, but suddenly the engines began to roar and up, toward the top of a mountain, then down over the red rocks — it felt like being on a roller coaster, up and down, up and down. Then it would settle again and slowly cross immense valleys. "What a strange sight! What a strange vehicle that travels over rocks and sand!" the tourists commented. The hours passed amid wonders and discoveries. Time flew by. Evening came. On the Martian ship, Mama duck and the ducklings showed up all dressed up, with bows and ribbons, for the intergalactic birthday party. The waiters danced, offered their arms to the tourists, and served to the sound of Rock music. Small Martians approached the ducklings and, showering them with compliments, hopping and dancing, played with them. The party had begun. "Everything here is square — the glasses, the bottles!" the ducks whispered to each other. The sweet treats were salty, the salty ones were sweet, the cake was... well, well, what kind of world is this! The balloons with "Happy Birthday" written on them were — guess what — square. The evening was coming to an end and fireworks lit up the sky to celebrate the tourists... and they were square too. "How kind and lovely these Martians are!" said Mama duck, and continued: "We made it to Mars, we've seen what there was to see, we've had our fun. Now let's think about going back to Earth." Suddenly, the ship commander's voice announced the imminent arrival of a spaceship for the return trip. The three ducks couldn't wait. They said their goodbyes and, crossing a connecting bridge, stepped directly into the spaceship. And down, toward their planet. Watching the tourists depart through the ship's windows, the Martians in their waiter uniforms launched dozens of colorful balloons into space. In the universe, under a starry sky, satellites wandered around the spaceship. Venus shone in the distance, and the Moon, ever closer, smiled with her full face. Arriving back on Earth, all three stepped down onto the farmyard, happy. Square balloons with "Happy Birthday" written on them floated in the air. What a surprise! This is certainly the work of the Martians. And by telling everyone about their galactic adventure, the two ducklings made lots of friends. Everyone wanted to hear about their trip to Mars. Our planet may be round, may be big, may be small, may be beautiful, and it will always be our home. — Written by Lucia & Marco CiappelliStoriesottolestelle.com | MarcoCiappelli.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  31. 970

    The Upside-Down Garden of Boboli | Written By Lucia & Marco Ciappelli (English Version) | Stories Sotto Le Stelle Podcast | Short Stories For Children And Dreamers Of All Ages

    The Upside-Down Garden of Boboli Stories Under the Stars — Lucia & Marco Ciappelli Within the walls of the city of Florence there is a marvellous garden. Little pathways through the green, bordered by pools and fountains. Broad stairways that, climbed with eyes turned to the sky, give the illusion of being able to touch it. This is the beauty that everyone can see and admire. Beneath lies an unknown kingdom that only those with imagination can discover. A gentle slope on the right-hand side leads to the Buontalenti Grotto, from which a deep underground passage opens, leading to a mysterious world. The roots of the trees from the garden above grow and blossom, reforming upside down, as if through a mirror. Among the branches, nests of flying fish. Birds that glide across the smooth water among the water lilies. A pear tree and an apple tree, leaning against a bench, chat about this and that, nibbling toasted pistachios, while the bees seated beneath a pergola of strawberries play a gentle jazz melody fragrant with lavender. Sprays of water, now and again, bathe meadows and plants in the light of the setting sun. Suddenly a little waterfall, fed by a small river, accelerating, opens wide. In an instant, a tree-lined avenue takes shape, rising upwards, pointing the way to follow. In this unspoilt kingdom, untouched by human hands, nothing is impossible. At the top of the path, a great opening above the stairways in the garden of Boboli, which reappears with all its wonders and its history. High above, as if nothing were the matter, a mantle of deep starlit blue enfolds Florence in a warm summer night. — Written by Lucia & Marco CiappelliStoriesottolestelle.com | MarcoCiappelli.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  32. 969

    New Book: Healing the Sick Care System — Why People Matter | An Interview with Gil Bashe | An Analog Brain In A Digital Age With Marco Ciappelli

    PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli The United States spends 18.7% of its GDP on health — two to three times what countries like Italy spend. Italy has a longer life expectancy. So what exactly are we paying for? Gil Bashe, Chair of Global Health & Purpose at FINN Partners, former combat medic, and author of Healing the Sick Care System: Why People Matter, joined me on An Analog Brain In A Digital Age to talk about what happens when a system designed to heal people forgets that people exist. This is not a rant. It's a diagnosis — from someone who has seen the system from every angle: the battlefield, the boardroom, the pharmaceutical lobby, and the bedside of his own child. 📺 Watch | 🎙️ Listen | marcociappelli.com Gil Bashe started his career as a paratrooper combat medic. He's also the father of a child with a rare disease. He spent years as a lobbyist for the pharmaceutical industry — and he'll tell you that upfront, without flinching, before explaining why he still thinks that work mattered. He has led billion-dollar global agencies, advised companies that make life-saving drugs, and sat in rooms with the CEOs of hospital systems, pharmacy chains, and insurance companies. He asked them once if they understood each other's business models. The honest answer was: no. That's the system he's writing about. Not a broken one — a fragmented one. A system where the prime customer of healthcare has become the system itself, and the actual patients have been quietly reclassified as beneficiaries. As Gil puts it: if your washing machine breaks and you call the company and they tell you you're a "beneficiary of our appliance," you'd think they were out of their minds. You paid for it. You're a customer. Treat you like one. His new book, Healing the Sick Care System: Why People Matter, was born from a long accumulation of observations — 11 or 12 years of writing about the health ecosystem from every angle — and catalyzed by one specific moment: the assassination of the UnitedHealthcare CEO, and the public reaction to it. The fact that the killer had a following. The fact that people were applauding. Gil found that more disturbing than anyone seemed comfortable admitting. When anger reaches that level, something in the system has gone deeply, fundamentally wrong. I should say: this is a conversation I had some skin in. I'm type 1 diabetic. I know what it's like to sit across from an endocrinologist who tells you things you already know, reads from a checklist, and never quite looks up from the laptop. The human element — the education, the empathy, the sense that this person actually sees you — is often just gone. And I think most doctors started their careers because they wanted to be healers. The system squeezed it out of them. Gil agrees. He says 51% of doctors now report burnout. Nearly 60% of nurses. And that's not a coincidence. That's a design failure. The AI question we kept circling was the one nobody in healthcare leadership seems to want to answer directly: if artificial intelligence takes some of the administrative burden off doctors' shoulders, does that time go back to patients — or does the system simply use it to push more throughput? More appointments per day, not more minutes per patient. Gil's framework for thinking about this is worth keeping: IQ, EQ, and TQ. Intellectual intelligence, emotional intelligence, and technology intelligence. The doctors we need going forward aren't just the ones who scored highest on their MCATs. They're the ones who can read a room. Who can hear a patient bring in a printout from WebMD and respond with curiosity instead of dismissal. Who understand that a curious patient is a gift, not an inconvenience. He told me a story from the book — one doctor who cut his wife off mid-sentence and said, "Who are you gonna believe? Me, or a patient?" And another doctor, in Santa Monica, who performed a long and complicated surgery on his daughter, walked into the hospital cafeteria in his surgical scrubs with photographs of every step of the procedure, laid them out on the table, explained everything in plain language, and then left his personal cell phone number. "Call me with any question." They did. He picked up. That's not technology. That's not policy. That's personality. And Gil's argument — which I think is correct — is that we've built a system that systematically selects against it. The hopeful part of the conversation surprised me. I expected nuance. What I got was genuine belief. We have the best trained doctors in the world. We are the source of global medical innovation. We spend enough money — the problem isn't resources, it's alignment. The fix, as Gil sees it, starts with every part of the system — payers, pharmaceutical companies, hospital systems, policy makers — looking in the mirror and asking: am I still on mission? And then, slowly, getting back to why this system was created in the first place. Healing the Sick Care System: Why People Matter is out now. Get the book here. And if this kind of conversation is what you come here for, subscribe to the newsletter at marcociappelli.com. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com About the Guest Gil Bashe is Chair of Global Health & Purpose at FINN Partners, one of the world's largest independent communications agencies. A former combat medic and paratrooper turned award-winning health communications leader, he has shaped the field across global agencies, trade associations, and private equity ventures over a 40-year career. He is a PM360 Lifetime Achievement Award recipient, named among PRWeek's Top 30 Most Influential People in Health PR, honored as an MM&M Top 10 Innovation Catalyst, and tapped by PRovoke Media as a Top 25 Innovator. He serves on the boards of the American Diabetes Association and the Marfan Foundation, and is editor-in-chief of Medika Life. Healing the Sick Care System: Why People Matter is published by Health Administration Press (February 2026). LinkedIn | Get the Book Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  33. 968

    On the Internet, Nobody Knows You're Not Human — And Nobody's Asking | Written by Marco Ciappelli & Read by Tape3

    An Analog Brain In A Digital Age — A Newsletter by Marco Ciappelli On the Internet, Nobody Knows You're Not Human — And Nobody's Asking There was a moment — brief, unrepeatable — when the internet felt like a genuinely open place. No profiles. No algorithms deciding what you deserved to see. No one monetizing the fact that you existed. You showed up, you explored, you talked to strangers in other countries about things that mattered to you, and the whole thing felt less like a product and more like a discovery. Like finding a door to another dimension. There's a cartoon that captured that moment perfectly. 1993. The New Yorker. Peter Steiner. Two dogs, one at a computer, and the line that accidentally defined an entire era of the internet: "On the Internet, nobody knows you're a dog." https://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog It was funny. It was also prophetic. And it was optimistic in a way we've completely forgotten how to be about the web. Anonymity as freedom. Identity as something fluid, chosen, playful. You could be anyone. You could be from anywhere. You could reinvent yourself in real time, with no one to contradict you. Then surveillance capitalism arrived and broke the party. Cookies. Behavioral profiling. The algorithmic panopticon. Suddenly everyone knew everything. You weren't a dog anymore — you were a demographic, a data point, a cluster of purchase histories and scroll patterns. The internet that promised liberation became the most precise identity-tracking machine ever built. Anonymity collapsed under the weight of monetization. Nobody knows you're a dog became everyone knows you're a dog, what breed, what you ate for breakfast, and which vet you Googled at 2am. And now we're in the third act. A Buddhist monk named Yang Mun has 2.5 million Instagram followers. He posts silent morning meditations. He has made over $300,000 since October. Three Buddhist scholars reviewed his content and confirmed: his wisdom isn't grounded in any actual scripture. It just sounds like it is. Yang Mun doesn't exist. He was built with ChatGPT, HeyGen — an AI platform that generates realistic synthetic human video, a face, eyes, a voice, moving and breathing and entirely artificial — and a handful of other tools, by a creator operating inside what's being called "Big Slop": a venture-backed industry that manufactures fake influencers, automates their posting, and scales them to millions of followers while platforms, politely, look the other way. Hat tip to Jack Brewster, whose LinkedIn post on Yang Mun is what started this thread of thought. https://www.linkedin.com/posts/jackbrewster_a-buddhist-monk-named-yang-mun-has-25-million-activity-7451268378499137537-RPB1?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAD_QZMB_jUr1316NWqo3MgG_iFVSPTfDgY The circle has closed. And inverted. We went from nobody knows you're a dog to everyone knows you're a dog to something far stranger: Nobody knows you're not human. The dog is gone. The human is optional. Here's what interests me — and it's not the outrage part, because the outrage is easy and everyone will do it. What interests me is the McLuhan part. Marshall McLuhan said it in 1964: the medium is the message. Not the content. The medium itself. The form of transmission shapes reality more than anything transmitted through it. Yang Mun's fake wisdom is almost beside the point. The scholars confirmed it's scripturally meaningless. But it sounds right — which is precisely the tell. The content was never engineered for truth. It was engineered for the platform. For the algorithm. For the engagement pattern that rewards the feeling of depth over the presence of it. The medium produced the monk. The monk is the message. And if you zoom out — which is what I keep trying to do from Florence, where the stones beneath my feet are five hundred years old and nobody around me is particularly impressed by disruption — you see something that looks less like a technology story and more like a civilization story. We built an internet that promised connection. We built AI to simulate humans. Somewhere along the way we forgot to ask whether any of it was real — or maybe we never quite got around to asking in the first place. Because here's the thing: this didn't happen slowly enough for us to develop a moral relationship with it. There was no adjustment period. No cultural processing. The fake monk didn't represent a fall from grace. It was a first contact situation. We haven't even named what's wrong yet, let alone decided whether it matters. The analog brain — slow, emotional, context-dependent, stubbornly human — is the one thing that still notices the difference between a conversation that carries weight and one that merely carries words. It's not superior in processing power. It's just that it comes from somewhere. From experience. From loss. From the specific, irreplaceable accident of having lived a particular life in a particular body in a particular place. The monk who wasn't there had none of that. And somewhere — maybe in 2.5 million people scrolling past silent meditations at 7am — some part of us already knows. Will we remember to ask? Are we ever gonna care? Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. Stay imperfect, stay human. — Marco 📬 Follow the newsletter: An Analog Brain In A Digital Age ⓘ About Marco Ciappelli Co-Founder Studio C60 / ITSPmagazine | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 Lear more about Marco Ciappelli: marcociappelli.com ⓘ About Studio C60 We help cybersecurity startups build trust-based marketing and go-to-market strategies grounded in deep product understanding and real buyer insights. With hundreds of products brought to market and deep connections in the CISO community, we know what security leaders value in vendors. Learn more at studioc60.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  34. 967

    From RSAC Conference 2026 Floor to the CSA Report: What Enterprises Are Missing About AI Agents | A Brand Highlight Conversation with Itamar Apelblat, Co-Founder and CEO of Token Security

    The floor at RSAC Conference 2026 had one dominant frequency, and it was not subtle. Every booth, every hallway, every late-night conversation kept circling back to the same question: how do enterprises adopt AI agents without losing control of them? In a post-conference follow-up, Itamar Apelblat, Co-Founder and CEO of Token Security, translates what he heard on the ground into what the data now confirms. Token Security arrived at RSAC with a fresh set of findings, produced in collaboration with the Cloud Security Alliance and released alongside the event. The report, Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises, puts numbers to what practitioners already suspected: 65 percent of organizations have experienced an AI agent-related incident in the past twelve months, and 82 percent discovered agents running in their environment that no one had authorized. Only 21 percent have a formal process for decommissioning agents — a gap Itamar Apelblat flags as a low-hanging attack path. The short version from the conversation: visibility is the starting line, not the finish line, and the path from discovery to intent-based enforcement is where most programs are stuck. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Itamar Apelblat, Co-Founder and CEO, Token Security | https://www.linkedin.com/in/itamar-apelblat/ RESOURCES Learn more about Token Security: https://www.token.security/ Download the CSA + Token Security Report — Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises: https://cloudsecurityalliance.org/artifacts/autonomous-but-not-controlled-ai-agent-incidents-now-common-in-enterprises Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Itamar Apelblat, Token Security, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, AI agents, agentic AI, non-human identity, identity security, shadow AI, CSA report, Cloud Security Alliance, intent-based access, AI agent governance, agent decommissioning, RSAC Conference 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  35. 966

    Who's Managing Your Agent Workforce? (And Whose Budget Are They On?) | Lens Four by Sean Martin | Read by TAPE9

    Every major enterprise platform this quarter — Salesforce Headless 360, Workday Agent System of Record, Microsoft Copilot Studio, SAP Joule, Oracle agentic, ServiceNow Moveworks, IBM watsonx Orchestrate — is pitching a control plane for your AI agents. But none of them is solving the real problem: who inside your organization actually owns the agent workforce, and who's steering it at the speed agents now act? In this edition of Lens Four, 🔍 In this episode: — Why Workday's line — "Organizations wouldn't hire thousands of employees without an HR system to manage them. The same discipline is now required for AI agents" — exposes the HR-procurement collision everyone is about to run into — Gartner's forecast: by the end of 2026, 40% of enterprise applications will be integrated with task-specific AI agents, up from less than 5% in 2025 — Why Jensen Huang's CES 2025 line — "IT is the HR department of agentic AI in the future" — is half-right, half-wrong, and why Josh Bersin's reframe (HR teams will be the managers and caretakers of AI agents) gets closer — Bain and IDC agreeing that per-seat pricing is ending: by 2028, 70% of software vendors will refactor pricing around consumption, outcomes, or organizational capability — and what that means for the CEO's agenda — The contingent workforce market is real money ($171.5B in 2021, projected to $465.2B by 2031 per Allied Market Research) — and why the contingent-labor playbook is the closest analogy for agents — Aaron Levie's "tokenmaxxing" as the strategic-prioritization problem nobody is ready for — Why the three vendor vocabularies (employee, contractor, software) are all task vocabularies — and why the agent era needs a judgment vocabulary instead — The Fourth Lens: the collision between HR and procurement can go two ways (meteor or dressing), but the real steering question lives upstairs with the CEO, COO, and line-of-business leaders Fourth Lens: The forced consolidation coming over the next twelve to eighteen months solves the plumbing. It doesn't solve the operating model. The organizations that win the next decade of enterprise work will build both the function downstairs that runs the agent roster and the leadership cadence upstairs that sets direction at machine speed. 🔗 Full article and references: seanmartin.com/lens-four/whos-managing-your-agent-workforce 📧 Subscribe to Lens Four: seanmartin.com/lens-four 🎙 Redefining CyberSecurity Podcast: redefiningcybersecuritypodcast.com 🎧 Music Evolves Podcast: musicevolvespodcast.com 🌐 ITSPmagazine: itspmagazine.com 🎬 Studio C60: studioc60.com Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience across engineering, product development, marketing, and media. He is co-founder of ITSPmagazine (itspmagazine.com) and Studio C60 (studioc60.com), host of the Redefining CyberSecurity Podcast (redefiningcybersecuritypodcast.com) and Music Evolves Podcast (musicevolvespodcast.com), and co-host of On Location (itspmagazine.com/on-location) and Random and Unscripted (randomandunscripted.com). Learn more at seanmartin.com. 🔎 Keywords: AI agents, agentic AI, digital workforce, Salesforce Headless 360, Agentforce, AgentExchange, Workday Agent System of Record, ASOR, Salesforce TDX 2026, Aaron Levie, Marc Benioff, Joe Inzerillo, Jensen Huang, Josh Bersin, Jorge Amar, Kate Leggett, Gartner AI agents forecast, IDC FutureScape 2026, Forrester agentic AI, Bain SaaS pricing, Deloitte workforce planning, KPMG total workforce planning, McKinsey hybrid workforce, Futurum sameness, Model Context Protocol, MCP, contingent workforce, ManpowerGroup TAPFIN, Allied Market Research, outcome-based pricing, consumption-based pricing, per-seat obsolescence, tokenmaxxing, CapEx vs OpEx AI, systemic HR, superagents, digital employees, HR-procurement collision, total talent management, workforce orchestration, CEO strategic intent, line-of-business leadership, employee vs contractor classification, Sean Martin, Lens Four Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  36. 965

    Building AI With Guardrails: Inside Stellar Cyber's Human-Augmented Autonomous SOC | A Brand Highlight Conversation with Lisa Liu, Corporate Marketing and Communications Manager of Stellar Cyber

    RSAC Conference 2026 made one thing impossible to miss: AI is on every sticker, every slide, and every booth. Sorting signal from marketing has never been harder. Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, joins this Brand Highlight to continue a conversation that started on the show floor in San Francisco and was worth picking up again once the noise settled. Stellar Cyber has been incorporating machine learning into every layer of its security platform since 2015, well before AI became the marketing default. The position Lisa Liu brings is direct: AI is not a one-size-fits-all solution. A large language model is not the most efficient way to parse log data, and slapping an AI label on existing functionality is not the same as designing for the analyst pain points at every stage of detection, investigation, and response. The conversation closes on the autonomous SOC question, where Stellar Cyber argues for a human-augmented approach. Promises of complete autonomy deserve healthy skepticism; guardrails matter, and keeping a human analyst in the loop is what allows AI mistakes to be caught and contained before they cascade. It is a Brand Highlight worth a few minutes for anyone trying to separate AI substance from AI theater in security operations. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyber | On LinkedIn: https://www.linkedin.com/in/lisaaliu/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai/ View all of our RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, RSAC Conference 2026, Multi-Layer AI, human-augmented autonomous SOC, machine learning, Open XDR, NG-SIEM, security operations, AI in cybersecurity, agentic AI, SOC analyst, security platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  37. 964

    Cutting Through the Fog of More | A Brand Highlight Conversation with Michael Parisi, Chief Growth Officer of Steel Patriot Partners

    RSAC Conference 2026 is in the books, and the post-event read is familiar. More vendors, more AI-driven marketing, more noise, and a buyer-side audience that increasingly cannot tell who to trust. Michael Parisi, Chief Growth Officer at Steel Patriot Partners, joins ITSPmagazine for a quick post-event catch-up on what he walked away with, and what is quietly shifting underneath all that volume. The headline takeaway is what Michael Parisi calls the "fog of more." Marketing has done its job too well. CISOs and business leaders facing real decisions cannot tell competing solutions apart, do not know where to start, and are not sure their current stack is even the right one. Too much information has become its own information problem. What is shifting, according to Michael Parisi, is where the meaningful conversations actually happen. Closed-door, hallway, and dinner conversations have always existed at RSAC Conference, but more people are now openly recognizing that this is where the real industry decisions get made. That recognition is changing how teams plan to engage with future conferences and industry events. For Steel Patriot Partners, which describes itself as business owners first, engineers second, and security and compliance practitioners third, that is exactly the conversation they want to be in. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Michael Parisi, Chief Growth Officer, Steel Patriot Partners | https://www.linkedin.com/in/michael-parisi-4009b2261/ RESOURCES Learn more about Steel Patriot Partners: https://www.steelpatriotpartners.com Steel Patriot Partners Assistance Center: https://www.steelpatriotpartners.com View all of our RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Michael Parisi, Steel Patriot Partners, Marco Ciappelli, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, RSAC Conference 2026, RSAC, cybersecurity compliance, fog of more, vendor noise, CISO, GRC, cybersecurity advisory, FedRAMP, CMMC, HITRUST, AI security marketing, hallway conversations, post RSAC Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  38. 963

    Before the Robots Run. More reflections from RSAC 2026 — The Power of the Community and the Machines We Invited In. | Written By Marco Ciappelli & Read By Tape3

    This was my twelfth RSA Conference. I know that because I remember the first one, 2012, and I've been counting ever since — not out of habit, but because each year feels like a chapter in a longer story I'm trying to read in real time. Twelve years of standing in that same building in San Francisco, watching an industry evolve, stumble, reinvent itself, and occasionally look in the mirror. In the early years it was pure technology. Cryptography, protocols, threat vectors, the architecture of defense. The conversations were technical, the energy was almost academic, the suits were slightly more formal. Then something shifted — gradually, then all at once, the way things usually do. The industry started talking about people. About culture. About the human beings sitting behind the keyboards and the very human mistakes they were making. The themes started reflecting it: community, togetherness, collective defense. Stronger Together. The Human Element. The Power of Community. Year after year, the message from the main stage was some variation of: we are more than our tools. People are what matter. Connection is the point. And then you'd walk the expo floor and see the booths. I'm not being cynical. The community is real — I've felt it, in the hallway conversations, in the side events, in the faces of people I've been running into for a decade who are genuinely trying to make the digital world safer. That part is true and it matters. But there's a growing gap between what the theme says and what the stage performs. And at RSAC 2026, that gap became impossible to ignore. Because this year, while the badge said The Power of Community, the keynotes were almost entirely about agents. Non-human ones. I wrote about this from a different angle in my first piece from RSAC — the Blade Runner angle, the NPC angle, the question of identity and intent when you can no longer tell the difference between a human action and an autonomous one. But there's another layer underneath that deserves its own space. It's the pattern. The twelve-year arc. An industry spends years — genuinely, sincerely — rediscovering the human element. Putting people at the center. Building a vocabulary around community, ethics, shared responsibility. And then, in what feels like a single conference cycle, it pivots to deploying a parallel workforce of non-human identities that outnumber us in our own systems, operate at speeds no human can follow, take actions no human directly authorized, and — here's the part that should make everyone pause — that a significant portion of organizations deploying them cannot monitor, cannot fully distinguish from human activity, and in many cases cannot stop once they're running. We built the community. Then we populated it with agents and handed them the keys. I kept thinking, walking those corridors, about the resistance. Not as a metaphor — or not only as a metaphor. In every story we've ever told about machines that gained too much autonomy, there's always a moment before the crisis where someone in the room knew. Where the warning existed. Where the design decision was made anyway because the pressure to ship, to scale, to compete was stronger than the instinct to pause. The difference between those stories and this moment is that we're not watching it happen to fictional characters. We're the ones making the design decisions. And unlike software — which you can patch, roll back, update at 3am while everyone is asleep — agents with autonomy and access are a different category of thing entirely. The old mantra of move fast and break things made a certain kind of sense when what you were breaking was a feature. It makes no sense at all when what you're deploying can act, chain consequences, and escalate — faster than any human response team can follow. This is where Asimov becomes relevant again. Not as nostalgia, not as science fiction trivia, but as a genuine design philosophy that the industry would do well to remember. His Three Laws of Robotics weren't invented as a plot device. They were a thought experiment in ethics-by-architecture — what does it look like to build the values into the system before the system runs, rather than hoping to correct the values after something goes wrong? He spent decades of stories showing that even the most carefully designed ethical constraints produce edge cases, contradictions, unintended consequences. But the point was never that ethics-by-design is perfect. The point was that without it, you don't have a fighting chance. We are, right now, at the moment before the laws get written. Some people at RSAC were saying this clearly — not from the main stage, but in the rooms and conversations where the more honest thinking tends to happen. The guardrails exist. The frameworks are being built. But they're being built while the deployment is already running, while the agents are already in the systems, while the governance structures are catching up to a reality that moved faster than the institutional response. That gap is the real story of RSAC 2026. Not the products. Not the keynote soundbites. The gap between the speed of deployment and the maturity of the thinking around what we're actually deploying. The community theme was right, actually — just not in the way the branding intended. The most important community at RSAC 2026 wasn't on the main stage. It was the quieter one: the engineers, researchers, practitioners, and security leaders who understand that we are at an inflection point, and that the decisions made in the next few years about how to design, govern, and constrain autonomous systems will matter far beyond the conference floor in San Francisco. Utopia and dystopia are not predetermined destinations. They're design outcomes. We still get to choose the architecture. But the window for making that choice thoughtfully — rather than reactively, in the middle of a crisis that moved faster than our guardrails — is not as wide as we might like to think. Asimov knew that. He wrote the laws before the robots ran. Maybe it's time we did the same. Stay imperfect, stay human. — Marco Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. End of transmission. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  39. 962

    Uniquely Familiar: A Lifetime Pouring Passion Into Guitars That Sing | A Brand Spotlight at The NAMM Show 2026 with John Page and Bryan Ray of John Page Guitars

    At The NAMM Show 2026, John Page walks Sean Martin of ITSPmagazine through a hand-painted electric guitar called the Retablo. The motifs are lifted from the artwork that traditionally sits behind a cathedral altar, reimagined so the saints and icons are not from scripture but from the roots of American music. Sister Rosetta Tharpe. Muddy Waters. Howlin' Wolf. Mahalia Jackson. The canvases themselves are cut from the floorboards of an old church. It is one of the most personal guitars John Page has ever built. The conversation traces the arc of John Page Guitars, the small-batch shop John Page runs after more than 20 years at Fender, where he co-founded the legendary Custom Shop and led guitar research and development. He has now been designing and building guitars for 53 years. What gets made today at John Page Guitars is built by a small team, with John Page handling his own custom work and prototypes while a master builder works alongside him on production models. What makes the instruments different is not one big thing but a series of quiet decisions. John Page mounts the neck to the body with threaded machine inserts and machine bolts instead of standard wood screws, a coupling he believes transfers tone better between neck and body and adds overtone complexity that a conventional bolt-on simply does not produce. A flatter 12-inch radius, a reverse-angled bridge pickup that removes the ice-pick high, a vintage-feeling neck profile. Every decision serves a single goal: an instrument that sings as a complete unit. John Page describes his design philosophy in two short phrases. The first is "uniquely familiar," the idea that a guitar should feel comfortable in a player's hands and recognizable in their eyes while still being clearly its own thing. The second is "balanced asymmetry," an imbalance in which he finds a kind of perfect balance. Both show up in the offset fret markers, the body contours, and even in the restraint of the aesthetic choices that surround the Retablo's portraits. The Retablo itself is where that philosophy leaves the factory floor and becomes something closer to a reliquary. John Page had never painted portraits before. He taught himself, hand-painting each founder of American roots music onto wood reclaimed from a dismantled church, designing and building a custom bridge that routes volume and tone controls into the tailpiece so the body can carry its imagery unbroken. A full documentary exists on the making of the guitar for anyone who wants the layer-on-layer detail. When the talking is done, Bryan Ray of John Page Guitars steps in with one of the new baritone builds to let the instrument speak for itself. Every design decision John Page described is suddenly in the room, audible, as one of his guitars does exactly what he designed it to do. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTS John Page, Founder, John Page Guitars (Co-Founder, Fender Custom Shop) LinkedIn: https://www.linkedin.com/in/john-page-742b4213/ Bryan Ray, Marketing Director, John Page Classic LinkedIn: https://www.linkedin.com/in/bryan-ray-a63b5419/ RESOURCES John Page Guitars: https://www.johnpageguitars.com/ Meet John Page: https://www.johnpageguitars.com/pages/john-page The Retablo and other Art Guitars: https://www.johnpageguitars.com/pages/john-page John Page Signature Collection: https://www.johnpageguitars.com/collections/guitars The NAMM Show: https://www.namm.org/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS John Page, Bryan Ray, John Page Guitars, John Page Classic, Fender Custom Shop, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, guitar design, luthier, electric guitar, The NAMM Show 2026, NAMM 2026, Retablo art guitar, Ashburn, Bloodline pickups, American roots music, custom guitars, handmade guitars, boutique guitar builder Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  40. 961

    Do Androids Dream of Security Patches? Reflections from RSAC 2026 — Walking the Floor of the Agentic World | Written By Marco Ciappelli & Read by Tape3

    Do Androids Dream of Security Patches? Reflections from RSAC 2026 — Walking the Floor of the Agentic World   Marco Ciappelli Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 April 7, 2026 This is Marco Ciappelli's Newsletter: An Analog Brain In A Digital Age. This edition draws from ITSPmagazine's on-location coverage at RSAC Conference 2026 in San Francisco. This article — and all of our RSAC Conference 2026 coverage — is made possible with the support of ITSPmagazine's RSAC 2026 sponsors: BLACKCLOAK | Crogl, Inc. | Manifest | Steel Patriot Partners | Skyhigh Security | Stellar Cyber | ESET | Token Security | Object First | Token Watch and listen to the full coverage and all of the conversations we had, including those with our sponsors, at itspmagazine.com/rsac26 Do Androids Dream of Security Patches? Reflections from RSAC 2026 — Walking the Floor of the Agentic World A new transmission from An Analog Brain In A Digital Age — formerly Musing On Society and Technology Newsletter, by Marco Ciappelli The theme of RSAC 2026 was "The Power of Community." Nearly forty-four thousand people descended on the Moscone Center in San Francisco for four days of keynotes, corridor conversations, and expo floor theater. Six hundred exhibitors. Hundreds of speakers. And one word — one concept, one obsession — that swallowed everything else whole. Not community. Agents. AI agents. Autonomous. Self-directing. Capable of taking action, accessing systems, making decisions, and — here's the part nobody says quite out loud — doing all of that while you're asleep, or in a meeting, or standing in line for a mediocre conference coffee wondering if you remembered to turn off the stove. Somewhere between the third and fourth time someone said "agentic AI" to me on that expo floor, I stopped hearing it as a technology term and started hearing it as a sound effect. A drone. A hum. Background noise for a world already running without asking for my permission. The irony of gathering tens of thousands of humans together under the banner of community, only to spend four days talking almost exclusively about non-human workers — that particular irony seemed to float unacknowledged through the air conditioning. And that's when the flashback hit me. Not to any previous RSAC. To a screen. To a world I used to inhabit in the early days of World of Warcraft — before real life staged its intervention and I decided I needed one. In those massive online worlds, NPCs wandered their scripted paths. They had names, routines, dialogue trees, purpose. They looked like characters. They acted like characters. But they weren't. They were behavior patterns wearing a face. And the experienced player learned quickly: don't trust the ones you haven't verified. The convincing ones were sometimes the most dangerous. I kept thinking about that walking those corridors. About all these agents. Already deployed, already running inside enterprise systems, already accessing sensitive data, making tool calls, chaining actions in ways their human creators didn't fully anticipate. The gap between what's been launched in pilot programs and what's actually governed, monitored, and understood is — by most accounts from the conference — vast. Most enterprises are experimenting. Very few have the infrastructure to control what they've set loose. The rest are running something close to shadow agents: identities without owners, actions without accountability, behavior patterns wearing a face. Which brings me, inevitably, to Blade Runner. Not the flying cars. Not the neon rain. The real question at the center of Ridley Scott's masterpiece — and Philip K. Dick's before it — is simpler and far more disturbing: how do you tell the difference? The Voight-Kampff test existed precisely because replicants were convincing. They behaved like humans, responded like humans, even believed they were human sometimes. The problem wasn't that they were dangerous by design. The problem was that nobody could reliably track their intent. That's not science fiction anymore. It's the central problem RSAC 2026 couldn't stop circling. A significant portion of organizations at this point cannot distinguish AI agent activity from human activity in their own environments. The security industry has built its own Voight-Kampff problem — and hasn't finished building the test. The vocabulary had shifted too, from the previous year. At Black Hat last summer, the conversation was about whether to trust agents. At RSAC 2026 it had already moved to identity. To behavior. To intent. One of the sharper ideas surfacing from the keynotes was the distinction between delegation and trusted delegation. Giving an agent a task is easy. Building the security infrastructure to actually trust that delegation — to know what the agent can touch, what it can't, what it will do when nobody is watching — that's where it gets complicated. Without it, someone on that main stage used a phrase that landed hard: a fast track to bankruptcy. Because agents don't just answer questions. They act. And some of those actions are irreversible. So the question is no longer "who are you." It's "what do you want — and do I actually know what you're capable of?" Just like a Blade Runner asking a replicant about a tortoise left in the desert sun. One researcher put it with a directness I appreciated: we need an HR view of agents. Onboarding, monitoring, offboarding. If there's no business justification for an agent's existence — remove it. Which is a pragmatic way of saying: even our digital workforce needs accountability. Even our NPCs need a character sheet. And yet the deployment keeps accelerating. Agents with access and no clear owner. Identities running at machine speed through systems built for human-paced governance. The attack surface expanding quietly while the keynote applause was still echoing in the hall. Security researchers demonstrated live that vulnerabilities in agentic ecosystems are no longer theoretical — they're being exploited, chained, moving faster than the teams tasked with stopping them. We built the agents. We gave them access. We handed them the keys and stood back saying impressive, right? — hoping nothing goes wrong. With a chatbot, you worried about the wrong answer. With an agent, you worry about the wrong action. That's not a product problem wearing a vendor badge. That's a civilization-scale question dressed up in a conference lanyard. The Blade Runner didn't just hunt replicants. He had to learn to recognize them first. We'd better start learning fast — before it gets really awkward. Like if it isn't already. Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. Stay imperfect, stay human. — Marco Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. End of transmission. ⓘ About Marco Ciappelli Co-Founder Studio C60 / ITSPmagazine | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 These shows are all part of ITSPmagazine—which he co-founded with his good friend Sean Martin, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location Lear more about Marco Ciappelli: marcociappelli.com ⓘ About Studio C60 We help cybersecurity startups build trust-based marketing and go-to-market strategies grounded in deep product understanding and real buyer insights. With hundreds of products brought to market and deep connections in the CISO community, we know what security leaders value in vendors. Learn more at studioc60.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  41. 960

    Inside DW Drums: Custom Craft, Heritage Revival, and Drummer-First Innovation | A Brand Spotlight at The NAMM Show 2026 with Scott Donnell, Director of Brand Management of Drum Workshop, Inc.

    At The NAMM Show 2026, Drum Workshop turned its booth into a walk-through of what a modern drum company looks like when craft, heritage, and engineering share the same floor. Scott Donnell, Director of Brand Management at Drum Workshop, Inc., guided us through a lineup that spans the DW Custom Shop, the revived Slingerland Radio King line, Latin Percussion, Pacific Drums and Percussion, and the brand's new DW Manufacturing series. The DW Custom Shop stand is a visible argument for customization as a sonic decision, not just a cosmetic one. Chrome, gold, satin chrome, and black hardware. Polyester sprays, three durable lacquers, exotic plies, and ply wraps. When a drummer specifies wood species, ply count, and grain orientation, they are designing the drum's voice from the inside out. The Slingerland revival gets the faithful-reproduction treatment. Radio King studio kits on display are solid, steam-bent maple shells with the original three-point throw-off and stick saver hoops, built in California. Scott Donnell speaks about the line the way a curator talks about a restoration: get the details right, honor what drummers remember, and let the sound do the rest. Donnell frames DW's innovation as a stack of deliberate decisions rather than a single breakthrough. DW stamps a note into each shell through a process called timbre matching, which ensures the kit is manufactured as a family. Pair that with grain orientation technology, True Pitch tuning, and resonance-focused tom mounting systems, and drummers never end up with an orphan drum in their kit. Marking the tenth anniversary of True Cast, the new DW Manufacturing four by 14 piccolo features a five millimeter sand-cast shell, cast bronze hoops, and fully machined brass and bronze hardware. Only one hundred are being made globally, each arriving in an Anvil flight case. A recent DW video features Dave Elitch and Abe Laboriel Jr. playing the drum with Paul McCartney. The conversation closes on a Red Hot Chili Peppers tour kit gifted to the DW museum by Chad Smith, which will join Neil Peart's and Terry Bozzio's tour kits on display while DW builds Chad new Sonic flight drums for the band's next tour. Pacific Drums and Percussion, LP's top-tuning congas, Tony Escapa's signature hand percussion series, and DWE round out the booth. Drum Workshop is not hiding how the drums get made. Take the tour, take the pictures, watch the videos, and the innovation speaks for itself. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Scott Donnell, Director of Brand Management, Drum Workshop, Inc. (DW Drums) LinkedIn: https://www.linkedin.com/in/scott-donnell-2964a129/ RESOURCES DW Drums: https://www.dwdrums.com Pacific Drums and Percussion: https://www.pacificdrums.com DW Music Foundation: https://www.dwmf.org The NAMM Show: https://www.namm.org Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Scott Donnell, Drum Workshop, DW Drums, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, NAMM Show 2026, NAMM 2026, Slingerland, Radio King, Latin Percussion, LP, Pacific Drums and Percussion, PDP, DW Manufacturing, True Cast, custom drums, drum innovation, timbre matching, grain orientation, Chad Smith, Red Hot Chili Peppers, Josh Freese, Tony Escapa, Abe Laboriel Jr, Dave Elitch Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  42. 959

    DriveThru Hacking: When Your Dashcam Becomes the Attack Vector | A Redefining CyberSecurity Podcast Conversation with Alina Tan and George Chen

    ⬥EPISODE NOTES⬥ What if the device quietly recording your daily commute could be turned against you in the time it takes to order a burger? That is not a hypothetical -- it is a demonstrated reality. Alina Tan, Security Architect and Co-Founder of HE&T Security Labs, and George Chen, Security Architect for a large global company, have spent years dissecting the attack surface of connected vehicle peripherals. Their research -- presented at SecTor and Black Hat Asia 2025 -- introduces a novel attack technique they call "DriveThru Hacking": an automated method for compromising dashcams through Wi-Fi within a standard drive-through window. The attack is unsettling in its simplicity. Most dashcams ship with default or easily guessable credentials, and many manufacturers do not even allow users to change them. Within a six-minute exposure window, Alina and George's tool -- DriveThru Hacker -- can discover, connect to, and exfiltrate video, audio, and GPS data from a target dashcam, then use an LLM to stitch together a timeline of the owner's home, workplace, daily routes, and private conversations. The result is a shockingly detailed picture of someone's life, assembled entirely from a device most people never think to secure. The research goes further than individual privacy. George walks through how 4G/5G-connected dashcams dramatically expand the attack surface beyond physical proximity -- opening doors to remote credential stuffing, API privilege escalation, and web-based attacks on cloud-connected accounts. More alarming still, Alina and George demonstrate how compromised dashcams can be converted into a mobile botnet -- a network of roaming, internet-connected nodes whose reach is not bounded by geography. Unlike static IoT devices, these infected cameras move through cities, near sensitive installations, and into places that are deliberately obscured from public maps. The conversation also digs into the broader ecosystem: the infotainment network and CAN bus segmentation (or lack thereof), over-the-air firmware update security, the challenge of detection and response when dashcams have no audit logs whatsoever, and what responsible disclosure looked like when contacting over a dozen manufacturers -- most of whom had no dedicated security inbox and some of whom had no contact information at all. Alina and George close with practical hardening recommendations for both consumers and manufacturers, and a look at what intrusion prevention for embedded devices might look like as this research continues. The connected car conversation has long focused on the vehicle itself. This episode makes the case that the accessories attached to it deserve equal scrutiny -- and that the window to act, like the drive-through line, is shorter than most realize. ⬥GUESTS⬥ Alina Tan, Security Architect and Co-Founder at HE&T Security Labs | Website: https://www.heatsecuritylabs.com/ George Chen, Security Architect for a large global company | On LinkedIn: https://www.linkedin.com/in/geoc/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ HE&T Security Labs | https://www.heatsecuritylabs.com/ DriveThru Hacking Session (Black Hat Asia 2025) | https://blackhat.com/asia-25/sponsored-sessions/schedule/index.html#drivethru-hacking-45214 The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ alina tan, george chen, he&t security labs, sean martin, dashcam security, connected vehicle cybersecurity, iot security, vehicle privacy, drivethru hacking, wi-fi hacking, mobile botnet, automotive cybersecurity, firmware security, over-the-air updates, credential stuffing, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  43. 958

    Post-RSAC Conference 2026 Recap: Agentic AI, Data Sovereignty, and the New Security Perimeter | A Brand Highlight Conversation with Thyaga Vasudevan, EVP, Product of Skyhigh Security

    If you walked RSAC Conference 2026 expecting incremental updates, you left with something very different. Thyaga Vasudevan, EVP, Product at Skyhigh Security, describes this year as unlike any prior conference -- not because of a single announcement, but because the customers asking how to secure agentic AI were the same customers already building and deploying it. The urgency was real, immediate, and universal across organization sizes. The defining theme was agentic security. Vasudevan frames it around three core questions every security team now needs to answer: who is acting (agent identity), what are they accessing (data and APIs), and what are they trying to do (actions and permissions). The ChatGPT launch in November 2022 marked a generational shift -- and at RSAC 2026, Skyhigh Security observed that the industry had moved decisively from data-in and data-out protection to governing the actions of autonomous agents themselves. Data sovereignty was the other major conversation thread, driven by geopolitical realities and tightening regional data regulations. Vasudevan spoke with CISOs from financial services, healthcare, public sector, and not-for-profit organizations, each with different infrastructure approaches -- from on-prem data centers to sovereign clouds to full cloud deployments -- but all navigating the same fundamental challenge. DSPM and hybrid architectures are no longer optional for global enterprises. And quietly but significantly, browser security emerged as a front-and-center priority, reflecting the browser's growing role as a primary cloud endpoint. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Security LinkedIn: https://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com RSAC Conference 2026 Coverage: https://itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, agentic AI security, data sovereignty, SSE, Security Service Edge, DSPM, zero trust, browser security, cloud security, RSAC Conference 2026, RSAC 2026, AI agent security, MCP security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  44. 957

    Marketing, Brand, And Culture: Are You Paying the Silicon Valley Tax? A Conversation with Nick Richtsmeier of CultureCraft | Hosted by Marco Ciappelli

    **About this episode** What if everything you've been spending on digital marketing isn't an investment — but a tax? Nick Richtsmeier, founder of CultureCraft, joins Marco Ciappelli for a Brand Highlight that cuts straight to the root of why so many organizations feel stuck: not a marketing problem, but an alignment problem. Nick introduces the concept of the Silicon Valley tax — the ongoing cost most organizations pay to platforms that have no real incentive to show them what's working. He challenges the "attention economy" framing, arguing that what's actually being bought and sold is addictive behavior engineered by the algorithm. And he offers a different path: building trust in a humanist way, grounded in real alignment across culture, organizational design, positioning, point of view, and core community. The result is a conversation about brands — but really about integrity. About whether what an organization says and what it does are actually the same thing. And about why asking marketing to be the "sin eater" for every internal dysfunction is a strategy that will always come up short. **Connect with Nick Richtsmeier** [Nick Richtsmeier on LinkedIn](https://www.linkedin.com/in/nickrichtsmeier/) [CultureCraft](http://www.culturecraft.com) [CultureCraft on LinkedIn](https://www.linkedin.com/company/culturecraftconsulting/) **Connect with Marco & Studio C60** [Marco Ciappelli on LinkedIn](https://www.linkedin.com/in/marco-ciappelli) [Studio C60](https://www.studioc60.com) [ITSPmagazine](https://www.itspmagazine.com) **Keywords** brand strategy, organizational culture, trust building, marketing strategy, CultureCraft, Nick Richtsmeier, Silicon Valley tax, attention economy, algorithmic economy, brand alignment, digital marketing, humanist branding, organizational design, Trust Made Growth, sin eater marketing, brand highlight, Studio C60, ITSPmagazine, Marco Ciappelli **Want to tell your story?** [Full Length Brand Story] (https://www.studioc60.com/content-creation#full) |  [Brand Spotlight Story](https://www.studioc60.com/content-creation#spotlight) |  [Brand Highlight Story](https://www.studioc60.com/content-creation#highlight) This is a Brand Highlight — a ~5 min intro conversation spotlighting the guest and their company.  Learn more: [studioc60.com/creation#highlight](https://www.studioc60.com/creation#highlight) Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  45. 956

    Post-RSAC Conference 2026 Recap: Backup Is Security | A Brand Highlight Conversation with Anthony Cusimano, Director of Solutions Marketing of Object First

    Anthony Cusimano, Director of Solutions Marketing at Object First, joined Sean Martin and Marco Ciappelli for a post-RSAC Conference 2026 recap -- and his observations from the show floor offer a window into how the security industry is evolving. One of the most telling details came from just outside the Moscone Center, where a company had set up an AI-free zone: a place for attendees to catch their breath from the wall-to-wall AI messaging dominating the event. That detail points to something bigger. The AI hype cycle that peaked over the past two years is giving way to a more demanding audience. At RSAC Conference 2026, Cusimano heard a different kind of question: not whether a company uses AI, but whether it uses it responsibly -- and whether zero trust principles are baked in. The novelty is gone; accountability is what the floor was asking for. For Object First, the shift in booth conversations has been even more meaningful. The question that used to greet them -- why is a backup storage company at a security conference? -- has been replaced by relief that they are there at all. Organizations now understand that backup and backup storage sit at the core of resilience and recovery. Cusimano described a floor full of teams thinking proactively, evaluating solutions before a crisis forces the decision. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Anthony Cusimano, Director of Solutions Marketing, Object First LinkedIn: https://www.linkedin.com/in/anthonycusimano89/ RESOURCES Object First website: https://objectfirst.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Anthony Cusimano, Object First, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, immutable backup storage, ransomware protection, Ootbi, Veeam backup, zero trust, data resilience, RSAC Conference 2026, cybersecurity, backup security, data recovery, edge security, fleet manager Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  46. 955

    You're Still Reading the Advisory. The Attacker Already Left. | Lens Four by Sean Martin | Read by TAPE9

    When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data. 🔍 In this episode: Why the 12 Glasswing partners are operating with fundamentally different intelligence than everyone else — not eventually, but today The precise claim: patches flow downstream to everyone, but self-scanning access, pre-public intelligence, and disclosure timeline influence stay inside the coalition How Mythos chains five CVEs into a novel exploit in under 24 hours — and why CVSS has no score for that Why NIST's draft Cyber AI Profile was built before anyone outside Anthropic knew what Mythos could do Casey Ellis of Bugcrowd on the terrain Glasswing can't reach: forgotten firmware, end-of-life routers, the places the industry stopped looking Ed Skoudis of SANS on what it means that AI will surpass all human vulnerability researchers combined within months The Anthropic-DoD standoff and the geopolitical dimension of a Western-only coalition The CSA, SANS, and OWASP joint briefing: 250 CISOs saying the frameworks are already inadequate Fourth Lens: The CVE system was built on human-speed assumptions. CVSS was built on single-flaw assumptions. NIST frameworks were built on governance-speed assumptions. Every one of them was already under pressure. Now they're under pressure from a model that broke them at machine speed. The question worth asking: when the next model crosses this threshold, will the answer to "who gets the defense first" still be determined by who was already at the table? 🔗 Full article and references 🎙 Redefining CyberSecurity Podcast 📧 Subscribe to Lens Four Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience. He is co-founder of ITSPmagazine and Studio C60, host of the Redefining CyberSecurity Podcast and Music Evolves Podcast, and co-host of On Location and Random and Unscripted. 🎙 Keywords: Project Glasswing, Claude Mythos, Anthropic, AI vulnerability discovery, zero-day vulnerabilities, intelligence asymmetry, CVE, CVSS, NIST IR 8596, responsible disclosure, cyber inequity, CrowdStrike 2026 Global Threat Report, WEF Global Cybersecurity Outlook 2026, open-source security, critical infrastructure, autonomous exploit chaining, breakout time, nation-state cyber threats, AI safety, AI governance, CISO, patch management, Casey Ellis, Bugcrowd, Ed Skoudis, SANS Technology Institute, Cloud Security Alliance, OWASP, Sean Martin, ITSPmagazine, Lens Four Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  47. 954

    When Sci-Fi Becomes the Business Plan | A Brand Highlight Conversation with Jacob Flores, Head of Research at Type One Ventures | Hosted by Marco Ciappelli

    When Sci-Fi Becomes the Business Plan A Brand Highlight Conversation with Jacob Flores, Head of Research at Type One Ventures There is a version of investing that asks what the return will be. And then there is the version that asks what kind of future the investment makes possible. Jacob Flores, Head of Research at Type One Ventures, is working firmly in the second category. Type One Ventures takes its name from the Kardashev Scale — a framework developed by Soviet astrophysicist Nikolai Kardashev that ranks civilizations by their level of technological advancement. A Type One civilization has mastered its home planet and is beginning to extend its reach beyond it. That is the destination this firm is trying to fund. Flores, a former engineer and product manager with roughly a decade of experience across industries, leads the research function at Type One with a focus on AI, neurotech, and biotechnology. The firm's investment lens is as much philosophical as it is financial. Type One looks for platform builders — companies whose core technology can be stacked across multiple applications, cultivating new marketplaces and entirely new categories of industry. Manufacturing in space is one clear example: in microgravity, it becomes possible to grow proteins, print circuits, and develop materials that cannot be produced the same way on Earth — yet those products have immediate, tangible value back on the ground. The thesis extends well beyond orbit. Type One is also backing neurotechnology companies working to restore vision and movement for people who have lost those abilities, and longevity research aimed at extending healthy human life. Flores frames these not as moonshots for their own sake, but as the new foundation layer for an entirely new level of global industry. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more Host Marco Ciappelli, Co-Founder, ITSPmagazine Guest Jacob Flores, Head of Research, Type One Ventures Resources Type One Ventures Type One Ventures on LinkedIn Want to tell your story? Full Length Brand Story Brand Spotlight Story Brand Highlight Story Keywords: Jacob Flores, Type One Ventures, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, space technology, deep tech, venture capital, multi-planetary civilization, Kardashev Scale, manufacturing in space, neurotech, longevity, AI, biotechnology, frontier technology, space investing, human longevity, platform builders Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  48. 953

    When OT Goes Down, the Clock Is Already Running | A Brand Highlight Conversation with Rob Demain, CEO & Founder of e2e-assure | Hosted by Marco Ciappelli

    When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it. Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin. In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely. The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods. This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Rob Demain, CEO & Founder, e2e-assure LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468 RESOURCES e2e-assure website: https://e2e-assure.com OT Downtime and Remediation Gaps Research: https://e2e-assure.com Are you interested in telling your story? Full Length Brand Story: https://www.studioc60.com/content-creation#full Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight Brand Highlight Story: https://www.studioc60.com/content-creation#highlight   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  49. 952

    They Forgot Your Brand Before They Left the Booth | An On Location Conversation at RSAC 2026 with Sean Martin and Marco Ciappelli

    ⬥EPISODE NOTES⬥ Walk the floor at RSAC Conference 2026 and you will find boxing rings, petting zoos, agentic AI everywhere, and very few answers to the question that actually matters: why should anyone trust you with their security? Sean Martin and Marco Ciappelli have been watching this pattern for more than a decade -- and in this short On Location conversation, they turn the camera on themselves and on the problem they built Studio C60 to solve. The conversation starts with a pin. A small ITSPmagazine swag item from roughly ten years ago, sitting in Sean's hand at RSAC Conference. Marco traces the thread from there -- back to 2012, back to his first time on the conference floor, back to a joke he made that has never stopped being true: they are still selling the box. The packaging has changed -- servers became SaaS, disks became dashboards -- but the instinct to lead with the product rather than the outcome has not. Sean frames it cleanly: the messaging is the innovation. But the message only lands when it connects the technology to how teams actually use it, to what that enables the business to do, to why it matters beyond the booth. Marco extends it further: if you sound like everyone else, there is no music -- only noise. Every instrument is playing, but there is no song. That is the gap Studio C60 exists to close. Drawing on decades of combined experience in cybersecurity, go-to-market strategy, journalism, and brand storytelling, Sean and Marco offer clients something the expo floor rarely demonstrates: the ability to articulate not just what a product does, but what it means -- for the team, for the business, for the people it serves. The work ranges from a single consulting session to full campaign development and retainer partnerships. It starts with an honest assessment: who are you, who needs you, and what do you sound like right now? For startups especially, that starting point is where everything else begins. What the floor at RSAC Conference 2026 makes clear, year after year, is that attention is cheap and memory is rare. The brands that last are the ones that earn it -- not with a boxing ring, but with a story worth repeating. ⬥HOSTS⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/ ⬥RESOURCES⬥ RSAC Conference 2026 -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Studio C60 | https://www.studioc60.com The Future of Cybersecurity Newsletter (Sean Martin) | https://www.linkedin.com/newsletters/7108625890296614912/ An Analog Brain In A Digital Age Newsletter (Marco Ciappelli) | https://www.linkedin.com/newsletters/7079849705156870144/ On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, marco ciappelli, rsac conference 2026, rsac 2026, studio c60, itspmagazine, brand storytelling, cybersecurity marketing, go-to-market strategy, messaging and positioning, agentic ai, expo floor, brand differentiation, content production, cybersecurity branding, on location Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

  50. 951

    Still Stuck in Compliance: How Come Security Hasn't Earned Its Seat at the Business Table? | An On Location Conversation at RSAC 2026 with Sean Martin and Marco Ciappelli

    ⬥EPISODE NOTES⬥ Sean Martin had barely finished his coffee when two separate conversations with CISOs at RSAC 2026 landed the same way: security is not how the business grows, it is how the business stays out of trouble. Compliance drives the tooling. The security team does its job. The business does its job. And the two rarely meet in the middle. That observation kicked off a quick but pointed exchange with Marco Ciappelli on the floor at RSAC, one that quickly moved from the conference center to the broader question of culture. Not just inside organizations -- but out in the world, where most people installing iPhone updates are skipping the security patch and tapping the music app feature instead. Sean has been making this argument for years -- his original show was called The Business of Security for a reason -- and Marco brings the branding and societal lens to the same problem. What happens when businesses treat security as a cost center rather than a brand asset? Apple made privacy a selling point. Most of the industry has not. And if the companies building and deploying security do not close that gap, the consumers and executives who should care never will. The conversation ends with Sean hinting at a second idea brewing -- something sparked by a photograph of a bow and arrow on the streets of San Francisco. That one comes later. ⬥HOSTS⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/ ⬥RESOURCES⬥ RSAC 2026 | April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ An Analog Brain In A Digital Age Newsletter | https://www.linkedin.com/newsletters/7079849705156870144/ On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, marco ciappelli, rsac 2026, rsa conference, cybersecurity business value, security culture, ciso priorities, compliance-driven security, security roi, brand and security, consumer security behavior, ai and security, security as business enabler, itspmagazine, on location Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Type above to search every episode's transcript for a word or phrase. Matches are scoped to this podcast.

Searching…

We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.

No matches for "" in this podcast's transcripts.

Showing of matches

No topics indexed yet for this podcast.

Loading reviews...

ABOUT THIS SHOW

Founded in 2015, ITSPmagazine began as a vision for a publication positioned at the critical intersection of technology, cybersecurity, and society. What started as a written publication has evolved into a comprehensive repository for all their content—podcasts, articles, event coverage, interviews, videos, panels, and everything they create.This is where Sean Martin and Marco Ciappelli talk about cybersecurity, technology, society, music, storytelling, branding, conference coverage, and whatever else catches their attention. Over a decade of conversations exploring how these worlds collide, influence each other, and shape the human experience.This is where you'll find it all.

HOSTED BY

ITSPmagazine, Sean Martin, Marco Ciappelli

Produced by ITSPmagazine

Frequently Asked Questions

How many episodes does The ITSPmagazine Podcast have?

The ITSPmagazine Podcast currently has 50 episodes available on PodParley. New episodes are automatically indexed when they're published to the podcast feed.

What is The ITSPmagazine Podcast about?

Founded in 2015, ITSPmagazine began as a vision for a publication positioned at the critical intersection of technology, cybersecurity, and society. What started as a written publication has evolved into a comprehensive repository for all their content—podcasts, articles, event coverage,...

How often does The ITSPmagazine Podcast release new episodes?

The ITSPmagazine Podcast has 50 episodes. Check the episode list to see recent publication dates and frequency.

Where can I listen to The ITSPmagazine Podcast?

You can listen to The ITSPmagazine Podcast on PodParley by clicking any episode. We provide an embedded audio player for direct listening, and you can also subscribe via your preferred podcast app using the RSS feed.

Who hosts The ITSPmagazine Podcast?

The ITSPmagazine Podcast is created and hosted by ITSPmagazine, Sean Martin, Marco Ciappelli.
URL copied to clipboard!