ITSPmagazine | Technology. Cybersecurity. Society

PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK's threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word.

At Infosecurity Europe 2026, Jeanclaude Toma, Chief Executive Officer of Apricorn, joins Sean Martin to reframe where secure storage fits in the security conversation. After roughly four decades building hardware-encrypted drives, Apricorn wants the market to treat storage as a security decision rather than a hardware afterthought. How does a storage device become a security control? Toma points to the device itself: no one reaches the data without the code. Access requires a PIN entered on the drive, and the encrypted vault stays closed to everyone else. The protection travels with the drive and does not depend on the host system. Apricorn builds to FIPS certification requirements, hardens against environmental stress down to the connector, and tests repeatedly so compliance arrives built in. Why does this matter at the macro scale? Toma joined Apricorn three months ago to expand the portfolio and connect storage to the broader security marketplace, from military, government, and aerospace settings to the enterprise. He also hints at new form factors still under wraps. Listen in to hear why Apricorn treats the business and operations behind the product as seriously as the product itself. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Jeanclaude Toma, Chief Executive Officer, Apricorn LinkedIn: https://www.linkedin.com/in/jeanclaude-toma/ RESOURCES Learn more about Apricorn: https://apricorn.com Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Jeanclaude Toma, Apricorn, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, hardware-encrypted storage, FIPS certified storage, secure data storage, encrypted USB drives, data protection, Infosecurity Europe 2026, secure peripherals, PIN authenticated storage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe 2026 in London, VimalRaj Sampathkumar, Head of Technical Operations for the UK and Ireland at ManageEngine, opens with a sharp observation: the market does not lack tools, it lacks tools that work together. After 16 years with the company, he has watched IT and security teams collect software faster than they can connect it. ManageEngine, a division of Zoho Corporation, builds roughly 60 products across endpoint management, IT operations, service management, and identity and access management. The point is not the count. VimalRaj Sampathkumar explains how tight integration lets those products share data, run automations, and power workflows, so a process like joiner-mover-leaver can be shaped to how each organization actually works instead of forced into a template. That same logic carries into cybersecurity. Customers rarely ask for one feature; they ask how to strengthen their posture and reach resilience. ManageEngine answers with solutions that scale from a single tool to a full suite, backed by flexible licensing and an AI roadmap. It is a look at why consolidation, not collection, is becoming the smarter security strategy. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST VimalRaj Sampathkumar, Head of Technical Operations, UK & Ireland, ManageEngine LinkedIn: https://www.linkedin.com/in/zenandzipfiles/ RESOURCES Learn more about ManageEngine: https://www.manageengine.com Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS VimalRaj Sampathkumar, ManageEngine, Zoho Corporation, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, IT management, IT security, endpoint management, identity and access management, IT operations, integration, consolidation, cyber resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe 2026 in London, Bill Peterson, Senior Director of Product Marketing at Sumo Logic, joins us to unpack a tension every regulated security team knows well. When an incident hits, the business has to keep running. At the same time, regulators expect sensitive data to stay in region. For a long time, those two demands have pulled in opposite directions. Sumo Logic has spent 15 years as a SaaS platform on AWS, processing roughly four exabytes of data a day for around 2,000 customers. The core promise is speed, driving mean time to resolve as low as possible. Peterson frames it in business terms, because the person signing the check wants to know the return, not the bits and bytes. The news from the show is Sumo Logic availability on the AWS European Sovereign Cloud. EU organizations can keep their data in region, handled by EU staff, while still running the full platform for incident response. That turns a painful either/or into a checklist a regulated buyer can complete. Genesys is the first customer live in the sovereign cloud, with payment processor OpenPay preparing to follow. How does this play out for highly regulated industries? Sumo Logic is focused on finance, healthcare, telco, and government, the verticals feeling the most pressure. The path Peterson describes is simple: let Sumo Logic handle incident management, let AWS move and grow the data in region, and check the sovereignty box without giving up operational readiness. Underneath sits a full-featured SIEM and Dojo AI, the agentic approach Sumo Logic launched earlier this year. The goal is not to replace analysts but to keep a human in the loop while handing proven, repetitive work to an agent. Fix one server, confirm the solution, then let an agent patch the other 599 under oversight. A SOC Analyst Agent reaches general availability at Black Hat later this year, alongside an MCP server. On observability, the differentiator is reading both structured and unstructured data without normalizing it first. A zip code is structured; a cryptic web hook error is not. Sumo Logic reads both, which feeds directly into faster time to identify and faster time to resolve. For any leader weighing sovereignty against uptime, Bill Peterson makes a clear case that they can finally live in the same plan. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Bill Peterson, Senior Director of Product Marketing, Sumo Logic LinkedIn: https://www.linkedin.com/in/williampetersonjr/ RESOURCES Learn more about Sumo Logic: https://www.sumologic.com/ Sumo Logic on the AWS European Sovereign Cloud (announced at Infosecurity Europe 2026): https://www.sumologic.com/newsroom Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Bill Peterson, Sumo Logic, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AWS European Sovereign Cloud, data sovereignty, incident response, mean time to resolve, SIEM, security operations, Dojo AI, agentic AI, SOC analyst agent, observability, log analytics, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe 2026, Matt Middleton-Leal, Regional Vice President for Qualys across Northern Europe, joins Sean Martin inside the Risk Operations Center built into the Qualys booth. The premise is blunt: cybersecurity has spent years getting good at measuring risk and almost no time getting good at fixing it. The Risk Operations Center, or ROC, is the Qualys answer to that imbalance. So what is a ROC? It is not a product. Middleton-Leal describes it as an operating model that pulls scattered risk signals together, ranks them by business context and financial impact, and drives them toward remediation. If a SOC looks in the rearview mirror at what already happened, the ROC looks through the windshield at the risk ahead. Why now? Because risk moves at machine speed. In an AI-driven world of frontier models and autonomous agents, Middleton-Leal argues that remediation tied to service desk tickets is already too slow. He shares what happens when a client prepares to deploy tens of thousands of new agents before anyone knows what those agents touch or where their data goes. The example that lands hardest is a number: 62 million risk findings across one client's combined tooling. Middleton-Leal walks through how threat intelligence, business context, and safe exploitability testing collapse that figure to under one percent of fixes that genuinely reduce loss. It is a concrete look at how to prioritize remediation instead of drowning in dashboards. There is a quieter shift underneath it all: financial risk quantification, long reserved for the largest banks, reaching companies that never had the analysts to build it. Working with Richard Seiersen, Chief Risk Technology Officer at Qualys, the company is building ways to answer questions like what a ransomware event would likely cost a business in your sector and region. Middleton-Leal closes with the one place every organization should start, whether they use Qualys or not. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Middleton-Leal, Regional Vice President, Northern Europe, Qualys LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ RESOURCES Qualys: https://www.qualys.com ITSPmagazine Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Richard Seiersen, Chief Risk Technology Officer at Qualys, co-author of "How to Measure Anything in Cybersecurity Risk" Connect with Matt Middleton-Leal on LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Middleton-Leal, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, Risk Operations Center, ROC, risk remediation, cyber risk quantification, exposure management, vulnerability management, Richard Seiersen, AI security risk, Infosecurity Europe 2026, machine speed remediation, security operations Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Something has changed at the board level. Recorded in the media room at Infosecurity Europe 2026 in London, Ian Schenkel, VP Sales, EMEA & APAC of Intel 471, describes directors who no longer take security on faith. After a year of headline breaches from Jaguar Land Rover to Marks and Spencer and the Co-op, leadership wants proof rather than promises. What does the board actually want to know? A straight answer to one question: are we okay? Ian Schenkel starts with geopolitics. Nation-state activity, supply chain exposure, and shifting global markets all shape whether a business can keep running. Threat intelligence becomes the early warning system leaders use to decide where to move and which actors have a history of targeting their industry. The next question gets personal. Does this affect us? Have we already been hit? This is where Intel 471 leans on retroactive threat detection. When new indicators of compromise surface, an analyst can build detection queries in seconds against a SIEM, SOAR tool, SentinelOne, Microsoft, or Palo Alto, then report back to the board with a clear answer. How does intelligence reach the board without getting lost in the weeds? It travels as a story the board can act on. Intel 471 pulls its three core areas, cyber threat intelligence, attack surface management, and threat hunting, into a single report that scales from an executive summary to a detailed account of what was found and neutralized. The stories make it real. During merger rumors, an attacker registered a look-alike domain and emailed employees from it. In another case, Intel 471 warned an organization it did not yet work with about a politically motivated actor that was openly discussing it. The value is the early signal, long before perimeter and endpoint defenses ever engage. Sometimes the right move is not technical at all. It might be briefing executives on targeted ransomware or reminding employees to stay alert against the email that has not arrived yet. The throughline, as Ian Schenkel frames it, is prevention over reaction, and a board finally asking the right questions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ian Schenkel, VP Sales, EMEA & APAC, Intel 471 LinkedIn: https://www.linkedin.com/in/ianschenkel/ RESOURCES Learn more about Intel 471: https://www.intel471.com Connect with Ian Schenkel on LinkedIn: https://www.linkedin.com/in/ianschenkel/ Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Ian Schenkel, Intel 471, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, cyber threat intelligence, threat hunting, attack surface management, board reporting, geopolitical intelligence, early warning system, indicators of compromise, retroactive threat detection, business resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe 2026 in London, Matt Ellison, Director of Sales Engineering EMEA & APAC at Corelight, joins Sean Martin to unpack the visibility gap widening across security operations. The SOC is either drowning in data or missing the data that matters most. Corelight, custodian of the open-source Zeek project, builds a platform that turns raw network traffic into evidence teams can actually use. Why do today's most evasive attacks slip past endpoint detection? Because they are designed to. Ellison points to typhoon-style campaigns staged from network and hardware devices specifically to avoid EDR. When a platform sees all of the network traffic moving backwards and forwards, those moves stop being invisible. Seeing more is only half the battle. Ellison describes teams trapped by a fear of missing something, switching on every "just in case" detection until alert volume becomes its own crisis. The real question shifts from "what fired" to "what does this actually mean for my environment." How do you investigate a detection you cannot see inside? A black box hands down a verdict with no evidence behind it. Corelight takes an open approach, exposing the data behind every conclusion so analysts can follow a flow to its root cause and apply the one thing no vendor ships: their own knowledge of the network. The proof tends to show up fast. Ellison recalls a proof of value where, within thirty minutes, the team surfaced sensitive information moving unencrypted across the network. Other finds are smaller but telling, like a finance team's certificate using a weak cipher. Corelight even names its catch-all logs plainly, the "weird" log and the "unknown" log. Visibility feeds compliance too. Frameworks like NIS2, DORA, and GDPR demand evidence, not a tool humming in the corner that no one reviews. Ellison previews a coming release that adds asset classification, identifying every device on the network and explaining the why behind it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Ellison, Director of Sales Engineering EMEA & APAC, Corelight LinkedIn: https://www.linkedin.com/in/matthewrellison/ RESOURCES Learn more about Corelight, including customer stories: https://corelight.com Zeek, the open-source NDR project Corelight maintains: https://zeek.org Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Ellison, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, network detection and response, NDR, Zeek, open source security, network visibility, threat hunting, SOC alert fatigue, EDR evasion, encrypted traffic analysis, NIS2, DORA, GDPR, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Infosecurity Europe in London, Pete Hannah, VP of Sales for Western Europe at Object First, joins Sean Martin to reframe a question many organizations still get wrong. The issue is not only how to keep ransomware out, but how quickly you can recover once it gets in. With Europe's regulatory landscape tightening, that distinction is becoming the difference between disruption and disaster. What does the UK Cyber Security and Resilience Bill actually demand? According to Pete Hannah, it reads less like a checklist and more like an operational resilience standard. It expects organizations to manage threats, prove they have tested their recovery plans, and treat resilience as a board-level responsibility with real financial penalties. More than ninety percent of the bill already applies in practice, so waiting for it to become law is a risk in itself. Why do backups matter so much? Because more than ninety percent of cyberattacks target them first. Pete Hannah explains that "immutable" has become a marketing word, and the meaningful test is whether anyone still holds the access to destroy protected data. Object First answers that with absolute immutability, independently tested, with zero destructive access for admins or compromised accounts. That protection is purpose-built for Veeam environments through the Ootbi appliance, the resilient bunker that stays standing even when every password is known and every other system is compromised. When recovery is guaranteed, teams stop worrying about whether they will recover and focus instead on how fast. How does a stretched IT team adopt this without adding overhead? Pete Hannah describes deployment as taking the appliance out of the box, racking it, connecting it, and pointing backups at it. For boards and CISOs under budget and resource pressure, simplicity is the selling point. It is easy to manage, easy to prove, and dependable when it matters. The proof is in the field. Pete Hannah shares stories of customers who survived worst-case scenarios because Object First was the only thing left standing, and one who tracked him down simply to say thank you. In an era where AI is accelerating attacks and a single compromised password has bankrupted companies, knowing you can recover is the new definition of good enough. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Pete Hannah, VP of Sales, Western Europe, Object First LinkedIn: https://www.linkedin.com/in/peterhannah/ RESOURCES Learn more about Object First: https://objectfirst.com Ootbi by Object First (Out-of-the-Box Immutability): https://objectfirst.com Watch: Anthony Cusimano of Object First at RSAC Conference: https://youtu.be/LMWuZ_NH1lA Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Pete Hannah, Object First, Ootbi, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, immutable backup storage, ransomware recovery, Veeam backup, absolute immutability, Cyber Security and Resilience Bill, cyber resilience, data protection, operational resilience, backup and recovery, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

There is a moment in every conversation about cybercrime when the criminal stops being a shadow and becomes a person with a desk, a calendar, and a complaint about Monday. That moment is the one that interests me. For years I've been told cybersecurity is a technical problem. Firewalls, patches, acronyms nobody outside the room understands. And it is, partly. But sit with Geoff White for fifteen minutes at InfoSecurity Europe and the technical layer becomes what it always was underneath: people. People who get out of bed, argue with their partners, drink too much vodka after a breakup, and worry about a grandmother in the hospital — while running an extortion racket that, somewhere else, is shutting down the hospital treating someone else's grandmother. Geoff is an investigative journalist and author who has built a career out of refusing to let crime stay abstract. His new BBC series, Cyber Hack — the strand that grew out of The Lazarus Heist — turns its attention to one of the world's biggest ransomware gangs, Conti. And here is the detail that stayed with me: he has read their mail. Three hundred thousand internal messages, leaked, written by the criminals themselves when they assumed no one was watching. A journalist's candy store, as he called it. Also a nightmare — in Russian, thick with slang, mistranslated so often that “Bitcoin” comes out as “cue ball” and money hides behind the word for “grandmothers.” What fascinates me is not the heist. It is the self-portrait. Because the gang does not see a gang. They see a company. They have clients, they say. Customers. Negotiations conducted professionally. Some of them even hand the victim a report afterward — here is how we got in, here is what you should fix — as though extortion were a security audit with an invoice attached. Geoff has a theory I find hard to argue with: extortion is exhausting work for a smart person to do every day, so the brain quietly rewrites the job description. Criminal becomes businessman. The part that knows the truth shrinks. The story they tell themselves takes over. I'm Italian, so of course The Godfather arrived uninvited in the middle of our conversation. It's a business. Nothing personal. We laughed — I get to make that joke and Geoff doesn't — but underneath the laugh is something genuinely unsettling, and it has nothing to do with hackers. It's about all of us. We are all narrating ourselves into the people we'd prefer to be. The ransomware gang simply does it with higher stakes and worse intentions. This is why storytelling isn't decoration on top of cybersecurity. It's the only tool that makes the invisible visible. Geoff's last BBC series landed at number seven on the US charts, a few slots below Joe Rogan, because he tells these stories as stories — with the technical iceberg sitting safely below the waterline. People learn when they aren't being lectured. And we should learn, quickly. The same week I'm laughing about cue balls, Geoff describes cloning his own mother's voice with an AI tool and phoning her. She thought the line was just a little muffled. I told him what I tell my parents: if anything feels strange, hang up and call me directly. A pre-digital instinct, used as armor against a very digital trick. So what do we carry forward, and what do we leave behind? We carry the stories. We leave behind the comfortable idea that any of this is happening somewhere else, to someone else. The new season of Cyber Hack is expected in July. Listen to it — not because it will scare you, though it might, but because it makes a hidden world legible, and legibility is where every defense we have begins. Geoff's books and the show are linked below. And if you'd like more of these conversations, subscribe to the newsletter at marcociappelli.com. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

⬥EPISODE NOTES⬥ Almost nothing got said on the stages at Global Citizen NOW 2026 without a number behind it. $47 million toward a $100 million education fund. 27 organizations funded. 1,500 jobs from a single restoration effort. 18 million lives reached in one campaign. The headline was the money. The tell was quieter — a pilot to verify, record, and monitor every donated dollar with AI and blockchain, from the moment it is given to the point it makes impact on the ground. Strip away the wattage — Adam Lambert and Ayra Starr opening, Hugh Jackman working the room, heads of state beside Fortune 500 CEOs — and Global Citizen NOW 2026 was a working argument about what technology is for when the objective is a social outcome rather than a shareholder return. In a sector whose standing pitch has been "trust us, the money helps," building the infrastructure to prove where every dollar goes inverts the pitch. The claim now comes with a receipt. This is the Proof of Impact pattern, and it is worth pulling apart clearly.

⬥EPISODE NOTES⬥ The healthcare system is, by some measures, the most targeted sector in cybersecurity. Patient records get lifted, hospitals get held for ransom, and the supposed protections often look more like antiquated friction than modern defense. Gil Bashe, Chair of Global Health and Purpose at FINN Partners, joins Sean Martin to explore why the systems meant to protect people's most sensitive information are, in many cases, the same systems holding back better care. A former combat medic, agency CEO, private equity operator, and now author of Healing the Sick Care System: Why People Matter, Gil Bashe brings a rare composite view of how information, technology, and human judgment collide in healthcare. The conversation moves quickly from ransomware and HIPAA-covered entities into the harder questions about AI. With an estimated 80 percent of doctors already using OpenAI tools to assist with diagnosis or treatment patterns, the line between "in the zone" and "precision" information has become a clinical safety issue. Gil Bashe reframes hallucinations as what they really are in his world: wrong facts. And wrong facts, fed back into a system that increasingly trusts the output, create a feedback loop that no one is accountable for. The machine doesn't sleep, doesn't worry, doesn't carry responsibility. The humans on either side of it do. That accountability gap is where the cybersecurity audience comes in. Gil Bashe draws a direct parallel between great coders and great clinicians: both work inside-out and outside-in, interviewing the people who use the system and the people the system serves. He argues that the cybersecurity professional protecting an EMT's routing system, a hospital's power grid, or an MRI data pipeline is saving lives on the same continuum as the paramedic. The skillset is different. The stakes are not. Sean Martin and Gil Bashe also press on the leadership question raised by AI. If clinicians are freed up by 15 percent of their day, what does the system ask them to do with that time? See two more patients on the conveyor belt of sick care, or actually treat the underlying cause of disease? With 18.7 percent of U.S. GDP going to healthcare and 35 percent of that consumed by administration, the answer is not technical. It is a leadership decision about what the technology is for. This conversation asks cybersecurity practitioners, CISOs, and technology leaders to widen the frame. Protecting data is the floor. Protecting the human relationships, the clinical judgment, and the dignity of the patient on the other end of the system is the work. ⬥GUEST⬥ Gil Bashe, Chair, Global Health and Purpose at FINN Partners | On LinkedIn: https://www.linkedin.com/in/gilbashe/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Healing the Sick Care System: Why People Matter (book by Gil Bashe) | https://www.finnpartners.com/news-insights/healing-the-sick-care-system-why-people-matter/ FINN Partners | https://www.finnpartners.com/ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ gil bashe, finn partners, sean martin, healthcare cybersecurity, hospital ransomware, ai in medicine, chatgpt clinical use, patient data protection, hipaa business associates, health information leadership, sick care system, non-communicable diseases, human leadership in ai, medical misinformation, prompt accountability, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli Geoff White goes where organized crime and technology cross, and he comes back with stories. In this one he announces his newest BBC series — the rise and fall of the Conti ransomware gang — and we get into the thing underneath all of it: how you make a crime nobody can see feel real to people who will never see it.

Agentic AI was the theme that pulled away from the pack at RSAC Conference 2026. Tony Anscombe of ESET makes the case that once AI shifts from being directed by humans to operating with its own objectives and logic, the security surface changes with it, and organizations are being forced to rethink what they protect and how. At the show, ESET announced two products that meet that moment head on. The ESET AI Skills Checker is a free-to-use tool coming to market. ESET AI Protection looks inside AI sessions on the endpoint, flagging sensitive data leakage, malicious links returned by AI systems, and suspicious behavior, and surfacing it all inside normal cybersecurity operations for investigation, blocking, or detection. Tony closes with a reminder worth keeping. His first RSA was in 1998, and the technology he worked on then (sandboxing, dynamic code, remote windowing, encryption, authentication) mirrors a lot of what walks the RSAC Conference floor today. The packaging evolves, the core principles do not. Build forward, but do not lose sight of what the past already proved. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Tony Anscombe, Chief Security Evangelist, ESET LinkedIn: https://www.linkedin.com/in/tonyanscombe/ RESOURCES Learn more about ESET: https://www.eset.com ESET AI Skills Checker and ESET AI Protection: https://www.eset.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tony Anscombe, ESET, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, AI security, RSAC Conference 2026, threat intelligence, MDR, EDR, endpoint security, AI Skills Checker, AI Protection, cybersecurity community, multifactor authentication, cybersecurity evolution Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Cybersecurity assurance was supposed to give boards, regulators, customers, and partners a clear answer to one question: can the security of the organizations they depend on actually be trusted? In 2026, that answer is harder than ever to come by. Supply chains are sprawling, attackers are pivoting through third parties, and too many assurance reports still rely on questionnaires, self-attestations, and frameworks that have not kept pace with the threat landscape. The 2026 HITRUST Trust Report calls that gap what it is: a Trust Crisis. In this Brand Spotlight, Vincent Bennekers, VP of Quality at HITRUST, walks through what four years of performance data across thousands of certified environments now show: 99.62% of HITRUST-certified environments remained breach-free in 2025. That stands in stark contrast to industry surveys reporting that more than 40% of organizations have experienced a breach. Vincent Bennekers is direct on why the numbers hold up: prescriptive controls, a centralized quality review, and an assurance methodology built for measurable outcomes rather than checkbox compliance. Healthcare makes the point even sharper. HITRUST examined the top fifty breaches on the HHS OCR breach portal, the public listing some in the industry refer to as the wall of shame. None of them occurred in a HITRUST-certified environment. For an industry that consistently ranks as the most breached and the most expensive to breach, that is a signal worth pausing on. Quality of the report itself matters as much as the framework behind it. Vincent Bennekers describes a layered review model with automated and manual checks, independent reviewers, and centralized HITRUST quality assurance prior to issuance. Every certification HITRUST issues goes through that same review. Stakeholders consuming any other assurance report should be asking exactly how its integrity is being ensured, and what is actually behind the stamp. Supply chain risk is the throughline. The 2025 Verizon Data Breach Investigations Report found third-party-involved breaches doubled, climbing from 15% to 30%. HITRUST requires service provider coverage, mandatory in the r2 assessment and optional but heavily adopted in the e1 and i1, where over 80% of organizations are choosing to address service provider controls thanks to a streamlined inheritance model. The report closes with a five-step roadmap for stakeholders: shift from flexible compliance to threat-intelligent assurance, verify assurance report integrity, reduce supply chain exposure, secure AI implementations through prescriptive controls, and reassess the definition of good information security assurance. Vincent Bennekers is clear that AI belongs in this conversation now, with HITRUST offering AI certification to address risks across data protection, model integrity, and automated decision-making. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vincent Bennekers, VP of Quality at HITRUST LinkedIn: https://www.linkedin.com/in/vincent-bennekers-a0b3201/ RESOURCES Learn more about HITRUST: https://hitrustalliance.net/ Download the 2026 HITRUST Trust Report: https://hitrustalliance.net/trust-report Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Vincent Bennekers, HITRUST, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, 2026 HITRUST Trust Report, trust crisis, cybersecurity assurance, third-party risk, supply chain security, healthcare cybersecurity, HHS OCR breach portal, HITRUST certification, r2 certification, e1 certification, i1 certification, threat-intelligent assurance, AI security certification, information risk management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ The most dangerous sentence in cybersecurity disclosure right now is "no evidence of unauthorized access to our network." It is technically true. It is also operationally hollow. The customer whose data is on a leak site does not care which network it left from. The plaintiff in Bexar County does not care. The regulator about to receive a federal incident report under a 72-hour clock that starts at suspicion, not confirmation, will not care. In April 2026, two U.S. banks disclosed an incident at the same unnamed third-party vendor. Six class action lawsuits followed in two weeks. The vendor still has not been publicly named. The plaintiffs sued the banks anyway. In a separate situation, an alleged Adobe breach surfaced through a threat actor's claims about a third-party business process outsourcing firm -- and as of the coverage reviewed for this analysis, no public confirmation or denial from Adobe had surfaced. This is the Common Point of Failure pattern, and it is arriving with enough frequency that it deserves to be named clearly.

Host | Matthew S Williams For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast ______________________Episode Notes From Apollo to Artemis: What Lowell Observatory Knows About Going Back to the Moon Fifty years is a long time to forget how to do something. That is, more or less, where NASA stood when Artemis 1 left the pad — and where it stands now, with Artemis 2 having put humans beyond low Earth orbit for the first time in half a century. The institutional memory had thinned. The people who built Apollo had moved on, retired, or passed away. The books, as Dr. Alex Polanski puts it in this episode, had to be dusted off. Polanski, a Percival Lowell postdoctoral fellow at Lowell Observatory in Flagstaff, Arizona, joins host Matt to talk about what Artemis 2 actually proved, and why Lowell — an observatory better known for its exoplanet work and its founder's obsession with Mars — has always sat closer to crewed spaceflight than most people realize. The nine Apollo astronauts trained on the volcanic terrain of northern Arizona. They studied lunar maps made at Lowell. They walked the same ground tourists walk today, in the shadow of the Clark refractor. The conversation moves from the geology of the Moon's Highlands and Maria to the meteorite work of Dr. Nick Moskowitz, the mapping happening at the USGS office down the road, and the longer question behind all of it: is the Moon a stepping stone to Mars, or a detour? Polanski makes the case for the stepping stone — not out of caution, but because there are things we don't yet know we need to know, and a one-second light delay is a much more forgiving classroom than a twenty-minute one. And then there's what comes next. Radio telescopes in the craters of the far side, shielded from Earth's noise. Optical interferometers spread across lunar real estate, free of the atmospheric wobble that makes ground-based astronomy feel, in Polanski's words, like reading a note card at the bottom of a pool. For the first time, the possibility of actually seeing the surfaces of other stars. Percival Lowell saw canals on Mars that weren't there. He may have been looking at the veins in his own eye. A century later, his observatory is helping figure out how to look at the real thing.

PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli Pablos Holman has built spaceships, zapped malaria-carrying mosquitoes with a laser, earned thousands of patents, and is now betting his venture capital on the inventors Silicon Valley forgot to fund. His new book, Deep Future: Creating Technology That Matters, is a call to arms against a tech industry that got drunk on software and forgot about the other 98% of the world.

Enterprises spent the last decade hardening the front door for human users. Now a new class of worker is showing up to the same applications, asking for the same data, and acting on someone else's behalf. Shreyans Mehta, Co-Founder and Chief Technology Officer of Cequence Security, joins ITSPmagazine to talk through what changes when ten or more agents are operating in your name across email, code repositories, Confluence, Salesforce, and ServiceNow at the same time. For Shreyans Mehta, safe enablement is the central question. Consumer chatbots normalized point-to-point connections into personal inboxes, but enterprise agents are reaching into crown-jewel systems where blanket access is not an option. Cequence Security has spent years protecting applications and APIs for telcos, financial institutions, and retailers, and that history shapes how the team is approaching the agentic shift: how do you let the right work get done without handing over the keys to the building? Identity alone is not the answer. Agents can hallucinate, can be prompt-injected, and will go to great lengths to complete a task. Cequence Security addresses this with what Shreyans Mehta calls an agent persona, a dynamic, job-description-driven scope that limits an agent to exactly what its role requires. An email assistant gets read access and a calendar check, not the ability to send or delete. The job defines the permissions, and the permissions follow the agent through the Cequence AI Gateway platform. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Shreyans Mehta, Co-Founder and Chief Technology Officer, Cequence Security LinkedIn: https://www.linkedin.com/in/shreyans-mehta-37a529/ RESOURCES Learn more about Cequence Security: https://www.cequence.ai/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Shreyans Mehta, Cequence Security, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic AI, agent identity, AI agents, agent persona, API security, non-human identity, safe enablement, enterprise AI, prompt injection, MCP, AI gateway Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

CRUISE TO MARS | THREE DUCKS ON A JOURNEY Mama duck had two daughters, and she loved taking them on trips to faraway places. The two ducklings had few friends, but they often went out and about. They played in the farmyard pretending to be a group, and even on their birthday, they ate the big cake all by themselves. As a gift, Mama decided to take them on a cruise to Mars. She organized the trip on a spaceship for tourists, got tickets for an intergalactic Martian party, and departure as soon as possible — before you could say "quack quack." While all three of them were in the yard ready for the trip, they saw a strange object flying low over the farm. Landing on the ground, a small square figure appeared at a hatch and said: "Excuse me, are you the ones with three tickets to Mars and three for the intergalactic party?" The ducklings looked at each other in amazement. They had never seen a square creature before — square head, square eyes, even the smile seemed square. "Yes, that's us!" replied Mama duck. "Quack! Quack! Quack!" chimed the ducklings in chorus, hopping with excitement. "Please, come aboard," said the Martian with a little squared bow. "The journey to Mars is about to begin." And in one leap they boarded the spaceship, so curious and excited for this new adventure. The strange vehicle took off as fast as a gust of wind. In space, it was rush hour. The spaceship found itself in a queue, and the Martian pilot honked the horn: "Bleep, bleep!" He leaned out the window and grumbled: "It's getting harder and harder to travel! Look at that, there's even a playful little planet spinning around on itself like it's a carousel! Oh, what fun — move over, let me pass, and keep on playing!" Due to the cosmic traffic jam, the spaceship landed on Mars slightly behind schedule. "How wonderful!" exclaimed the ducklings when they saw a ship made entirely of glass, ready for the cruise, where they were invited to come aboard. There was a great bustle of small square Martians. "Good morning, Mrs. Duck, please make yourself comfortable!" they said with a bow, while the ducklings — quack, quack, quack — chattered and hopped about happily. In the background, square guitars played Interplanetary Rock. The three travelers, with their little faces pressed against the windows, gazed in wonder at the red color of the planet. The ship set off slowly across the sand, but suddenly the engines began to roar and up, toward the top of a mountain, then down over the red rocks — it felt like being on a roller coaster, up and down, up and down. Then it would settle again and slowly cross immense valleys. "What a strange sight! What a strange vehicle that travels over rocks and sand!" the tourists commented. The hours passed amid wonders and discoveries. Time flew by. Evening came. On the Martian ship, Mama duck and the ducklings showed up all dressed up, with bows and ribbons, for the intergalactic birthday party. The waiters danced, offered their arms to the tourists, and served to the sound of Rock music. Small Martians approached the ducklings and, showering them with compliments, hopping and dancing, played with them. The party had begun. "Everything here is square — the glasses, the bottles!" the ducks whispered to each other. The sweet treats were salty, the salty ones were sweet, the cake was... well, well, what kind of world is this! The balloons with "Happy Birthday" written on them were — guess what — square. The evening was coming to an end and fireworks lit up the sky to celebrate the tourists... and they were square too. "How kind and lovely these Martians are!" said Mama duck, and continued: "We made it to Mars, we've seen what there was to see, we've had our fun. Now let's think about going back to Earth." Suddenly, the ship commander's voice announced the imminent arrival of a spaceship for the return trip. The three ducks couldn't wait. They said their goodbyes and, crossing a connecting bridge, stepped directly into the spaceship. And down, toward their planet. Watching the tourists depart through the ship's windows, the Martians in their waiter uniforms launched dozens of colorful balloons into space. In the universe, under a starry sky, satellites wandered around the spaceship. Venus shone in the distance, and the Moon, ever closer, smiled with her full face. Arriving back on Earth, all three stepped down onto the farmyard, happy. Square balloons with "Happy Birthday" written on them floated in the air. What a surprise! This is certainly the work of the Martians. And by telling everyone about their galactic adventure, the two ducklings made lots of friends. Everyone wanted to hear about their trip to Mars. Our planet may be round, may be big, may be small, may be beautiful, and it will always be our home. — Written by Lucia & Marco CiappelliStoriesottolestelle.com | MarcoCiappelli.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Upside-Down Garden of Boboli Stories Under the Stars — Lucia & Marco Ciappelli Within the walls of the city of Florence there is a marvellous garden. Little pathways through the green, bordered by pools and fountains. Broad stairways that, climbed with eyes turned to the sky, give the illusion of being able to touch it. This is the beauty that everyone can see and admire. Beneath lies an unknown kingdom that only those with imagination can discover. A gentle slope on the right-hand side leads to the Buontalenti Grotto, from which a deep underground passage opens, leading to a mysterious world. The roots of the trees from the garden above grow and blossom, reforming upside down, as if through a mirror. Among the branches, nests of flying fish. Birds that glide across the smooth water among the water lilies. A pear tree and an apple tree, leaning against a bench, chat about this and that, nibbling toasted pistachios, while the bees seated beneath a pergola of strawberries play a gentle jazz melody fragrant with lavender. Sprays of water, now and again, bathe meadows and plants in the light of the setting sun. Suddenly a little waterfall, fed by a small river, accelerating, opens wide. In an instant, a tree-lined avenue takes shape, rising upwards, pointing the way to follow. In this unspoilt kingdom, untouched by human hands, nothing is impossible. At the top of the path, a great opening above the stairways in the garden of Boboli, which reappears with all its wonders and its history. High above, as if nothing were the matter, a mantle of deep starlit blue enfolds Florence in a warm summer night. — Written by Lucia & Marco CiappelliStoriesottolestelle.com | MarcoCiappelli.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli The United States spends 18.7% of its GDP on health — two to three times what countries like Italy spend. Italy has a longer life expectancy. So what exactly are we paying for? Gil Bashe, Chair of Global Health & Purpose at FINN Partners, former combat medic, and author of Healing the Sick Care System: Why People Matter, joined me on An Analog Brain In A Digital Age to talk about what happens when a system designed to heal people forgets that people exist. This is not a rant. It's a diagnosis — from someone who has seen the system from every angle: the battlefield, the boardroom, the pharmaceutical lobby, and the bedside of his own child.

An Analog Brain In A Digital Age — A Newsletter by Marco Ciappelli On the Internet, Nobody Knows You're Not Human — And Nobody's Asking There was a moment — brief, unrepeatable — when the internet felt like a genuinely open place. No profiles. No algorithms deciding what you deserved to see. No one monetizing the fact that you existed. You showed up, you explored, you talked to strangers in other countries about things that mattered to you, and the whole thing felt less like a product and more like a discovery. Like finding a door to another dimension. There's a cartoon that captured that moment perfectly. 1993. The New Yorker. Peter Steiner. Two dogs, one at a computer, and the line that accidentally defined an entire era of the internet: "On the Internet, nobody knows you're a dog." https://en.wikipedia.org/wiki/On_the_Internet,_nobody_knows_you%27re_a_dog It was funny. It was also prophetic. And it was optimistic in a way we've completely forgotten how to be about the web. Anonymity as freedom. Identity as something fluid, chosen, playful. You could be anyone. You could be from anywhere. You could reinvent yourself in real time, with no one to contradict you. Then surveillance capitalism arrived and broke the party. Cookies. Behavioral profiling. The algorithmic panopticon. Suddenly everyone knew everything. You weren't a dog anymore — you were a demographic, a data point, a cluster of purchase histories and scroll patterns. The internet that promised liberation became the most precise identity-tracking machine ever built. Anonymity collapsed under the weight of monetization. Nobody knows you're a dog became everyone knows you're a dog, what breed, what you ate for breakfast, and which vet you Googled at 2am. And now we're in the third act. A Buddhist monk named Yang Mun has 2.5 million Instagram followers. He posts silent morning meditations. He has made over $300,000 since October. Three Buddhist scholars reviewed his content and confirmed: his wisdom isn't grounded in any actual scripture. It just sounds like it is. Yang Mun doesn't exist. He was built with ChatGPT, HeyGen — an AI platform that generates realistic synthetic human video, a face, eyes, a voice, moving and breathing and entirely artificial — and a handful of other tools, by a creator operating inside what's being called "Big Slop": a venture-backed industry that manufactures fake influencers, automates their posting, and scales them to millions of followers while platforms, politely, look the other way. Hat tip to Jack Brewster, whose LinkedIn post on Yang Mun is what started this thread of thought. https://www.linkedin.com/posts/jackbrewster_a-buddhist-monk-named-yang-mun-has-25-million-activity-7451268378499137537-RPB1?utm_source=share&utm_medium=member_desktop&rcm=ACoAAAD_QZMB_jUr1316NWqo3MgG_iFVSPTfDgY The circle has closed. And inverted. We went from nobody knows you're a dog to everyone knows you're a dog to something far stranger: Nobody knows you're not human. The dog is gone. The human is optional. Here's what interests me — and it's not the outrage part, because the outrage is easy and everyone will do it. What interests me is the McLuhan part. Marshall McLuhan said it in 1964: the medium is the message. Not the content. The medium itself. The form of transmission shapes reality more than anything transmitted through it. Yang Mun's fake wisdom is almost beside the point. The scholars confirmed it's scripturally meaningless. But it sounds right — which is precisely the tell. The content was never engineered for truth. It was engineered for the platform. For the algorithm. For the engagement pattern that rewards the feeling of depth over the presence of it. The medium produced the monk. The monk is the message. And if you zoom out — which is what I keep trying to do from Florence, where the stones beneath my feet are five hundred years old and nobody around me is particularly impressed by disruption — you see something that looks less like a technology story and more like a civilization story. We built an internet that promised connection. We built AI to simulate humans. Somewhere along the way we forgot to ask whether any of it was real — or maybe we never quite got around to asking in the first place. Because here's the thing: this didn't happen slowly enough for us to develop a moral relationship with it. There was no adjustment period. No cultural processing. The fake monk didn't represent a fall from grace. It was a first contact situation. We haven't even named what's wrong yet, let alone decided whether it matters. The analog brain — slow, emotional, context-dependent, stubbornly human — is the one thing that still notices the difference between a conversation that carries weight and one that merely carries words. It's not superior in processing power. It's just that it comes from somewhere. From experience. From loss. From the specific, irreplaceable accident of having lived a particular life in a particular body in a particular place. The monk who wasn't there had none of that. And somewhere — maybe in 2.5 million people scrolling past silent meditations at 7am — some part of us already knows. Will we remember to ask? Are we ever gonna care? Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. Stay imperfect, stay human. — Marco

The floor at RSAC Conference 2026 had one dominant frequency, and it was not subtle. Every booth, every hallway, every late-night conversation kept circling back to the same question: how do enterprises adopt AI agents without losing control of them? In a post-conference follow-up, Itamar Apelblat, Co-Founder and CEO of Token Security, translates what he heard on the ground into what the data now confirms. Token Security arrived at RSAC with a fresh set of findings, produced in collaboration with the Cloud Security Alliance and released alongside the event. The report, Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises, puts numbers to what practitioners already suspected: 65 percent of organizations have experienced an AI agent-related incident in the past twelve months, and 82 percent discovered agents running in their environment that no one had authorized. Only 21 percent have a formal process for decommissioning agents — a gap Itamar Apelblat flags as a low-hanging attack path. The short version from the conversation: visibility is the starting line, not the finish line, and the path from discovery to intent-based enforcement is where most programs are stuck. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Itamar Apelblat, Co-Founder and CEO, Token Security | https://www.linkedin.com/in/itamar-apelblat/ RESOURCES Learn more about Token Security: https://www.token.security/ Download the CSA + Token Security Report — Autonomous but Not Controlled: AI Agent Incidents Now Common in Enterprises: https://cloudsecurityalliance.org/artifacts/autonomous-but-not-controlled-ai-agent-incidents-now-common-in-enterprises Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Itamar Apelblat, Token Security, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, AI agents, agentic AI, non-human identity, identity security, shadow AI, CSA report, Cloud Security Alliance, intent-based access, AI agent governance, agent decommissioning, RSAC Conference 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Every major enterprise platform this quarter — Salesforce Headless 360, Workday Agent System of Record, Microsoft Copilot Studio, SAP Joule, Oracle agentic, ServiceNow Moveworks, IBM watsonx Orchestrate — is pitching a control plane for your AI agents. But none of them is solving the real problem: who inside your organization actually owns the agent workforce, and who's steering it at the speed agents now act? In this edition of Lens Four,

RSAC Conference 2026 made one thing impossible to miss: AI is on every sticker, every slide, and every booth. Sorting signal from marketing has never been harder. Lisa Liu, Corporate Marketing and Communications Manager at Stellar Cyber, joins this Brand Highlight to continue a conversation that started on the show floor in San Francisco and was worth picking up again once the noise settled. Stellar Cyber has been incorporating machine learning into every layer of its security platform since 2015, well before AI became the marketing default. The position Lisa Liu brings is direct: AI is not a one-size-fits-all solution. A large language model is not the most efficient way to parse log data, and slapping an AI label on existing functionality is not the same as designing for the analyst pain points at every stage of detection, investigation, and response. The conversation closes on the autonomous SOC question, where Stellar Cyber argues for a human-augmented approach. Promises of complete autonomy deserve healthy skepticism; guardrails matter, and keeping a human analyst in the loop is what allows AI mistakes to be caught and contained before they cascade. It is a Brand Highlight worth a few minutes for anyone trying to separate AI substance from AI theater in security operations. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Lisa Liu, Corporate Marketing and Communications Manager, Stellar Cyber | On LinkedIn: https://www.linkedin.com/in/lisaaliu/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai/ View all of our RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Lisa Liu, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, RSAC Conference 2026, Multi-Layer AI, human-augmented autonomous SOC, machine learning, Open XDR, NG-SIEM, security operations, AI in cybersecurity, agentic AI, SOC analyst, security platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

RSAC Conference 2026 is in the books, and the post-event read is familiar. More vendors, more AI-driven marketing, more noise, and a buyer-side audience that increasingly cannot tell who to trust. Michael Parisi, Chief Growth Officer at Steel Patriot Partners, joins ITSPmagazine for a quick post-event catch-up on what he walked away with, and what is quietly shifting underneath all that volume. The headline takeaway is what Michael Parisi calls the "fog of more." Marketing has done its job too well. CISOs and business leaders facing real decisions cannot tell competing solutions apart, do not know where to start, and are not sure their current stack is even the right one. Too much information has become its own information problem. What is shifting, according to Michael Parisi, is where the meaningful conversations actually happen. Closed-door, hallway, and dinner conversations have always existed at RSAC Conference, but more people are now openly recognizing that this is where the real industry decisions get made. That recognition is changing how teams plan to engage with future conferences and industry events. For Steel Patriot Partners, which describes itself as business owners first, engineers second, and security and compliance practitioners third, that is exactly the conversation they want to be in. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Michael Parisi, Chief Growth Officer, Steel Patriot Partners | https://www.linkedin.com/in/michael-parisi-4009b2261/ RESOURCES Learn more about Steel Patriot Partners: https://www.steelpatriotpartners.com Steel Patriot Partners Assistance Center: https://www.steelpatriotpartners.com View all of our RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Michael Parisi, Steel Patriot Partners, Marco Ciappelli, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, RSAC Conference 2026, RSAC, cybersecurity compliance, fog of more, vendor noise, CISO, GRC, cybersecurity advisory, FedRAMP, CMMC, HITRUST, AI security marketing, hallway conversations, post RSAC Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This was my twelfth RSA Conference. I know that because I remember the first one, 2012, and I've been counting ever since — not out of habit, but because each year feels like a chapter in a longer story I'm trying to read in real time. Twelve years of standing in that same building in San Francisco, watching an industry evolve, stumble, reinvent itself, and occasionally look in the mirror. In the early years it was pure technology. Cryptography, protocols, threat vectors, the architecture of defense. The conversations were technical, the energy was almost academic, the suits were slightly more formal. Then something shifted — gradually, then all at once, the way things usually do. The industry started talking about people. About culture. About the human beings sitting behind the keyboards and the very human mistakes they were making. The themes started reflecting it: community, togetherness, collective defense. Stronger Together. The Human Element. The Power of Community. Year after year, the message from the main stage was some variation of: we are more than our tools. People are what matter. Connection is the point. And then you'd walk the expo floor and see the booths. I'm not being cynical. The community is real — I've felt it, in the hallway conversations, in the side events, in the faces of people I've been running into for a decade who are genuinely trying to make the digital world safer. That part is true and it matters. But there's a growing gap between what the theme says and what the stage performs. And at RSAC 2026, that gap became impossible to ignore. Because this year, while the badge said The Power of Community, the keynotes were almost entirely about agents. Non-human ones. I wrote about this from a different angle in my first piece from RSAC — the Blade Runner angle, the NPC angle, the question of identity and intent when you can no longer tell the difference between a human action and an autonomous one. But there's another layer underneath that deserves its own space. It's the pattern. The twelve-year arc. An industry spends years — genuinely, sincerely — rediscovering the human element. Putting people at the center. Building a vocabulary around community, ethics, shared responsibility. And then, in what feels like a single conference cycle, it pivots to deploying a parallel workforce of non-human identities that outnumber us in our own systems, operate at speeds no human can follow, take actions no human directly authorized, and — here's the part that should make everyone pause — that a significant portion of organizations deploying them cannot monitor, cannot fully distinguish from human activity, and in many cases cannot stop once they're running. We built the community. Then we populated it with agents and handed them the keys. I kept thinking, walking those corridors, about the resistance. Not as a metaphor — or not only as a metaphor. In every story we've ever told about machines that gained too much autonomy, there's always a moment before the crisis where someone in the room knew. Where the warning existed. Where the design decision was made anyway because the pressure to ship, to scale, to compete was stronger than the instinct to pause. The difference between those stories and this moment is that we're not watching it happen to fictional characters. We're the ones making the design decisions. And unlike software — which you can patch, roll back, update at 3am while everyone is asleep — agents with autonomy and access are a different category of thing entirely. The old mantra of move fast and break things made a certain kind of sense when what you were breaking was a feature. It makes no sense at all when what you're deploying can act, chain consequences, and escalate — faster than any human response team can follow. This is where Asimov becomes relevant again. Not as nostalgia, not as science fiction trivia, but as a genuine design philosophy that the industry would do well to remember. His Three Laws of Robotics weren't invented as a plot device. They were a thought experiment in ethics-by-architecture — what does it look like to build the values into the system before the system runs, rather than hoping to correct the values after something goes wrong? He spent decades of stories showing that even the most carefully designed ethical constraints produce edge cases, contradictions, unintended consequences. But the point was never that ethics-by-design is perfect. The point was that without it, you don't have a fighting chance. We are, right now, at the moment before the laws get written. Some people at RSAC were saying this clearly — not from the main stage, but in the rooms and conversations where the more honest thinking tends to happen. The guardrails exist. The frameworks are being built. But they're being built while the deployment is already running, while the agents are already in the systems, while the governance structures are catching up to a reality that moved faster than the institutional response. That gap is the real story of RSAC 2026. Not the products. Not the keynote soundbites. The gap between the speed of deployment and the maturity of the thinking around what we're actually deploying. The community theme was right, actually — just not in the way the branding intended. The most important community at RSAC 2026 wasn't on the main stage. It was the quieter one: the engineers, researchers, practitioners, and security leaders who understand that we are at an inflection point, and that the decisions made in the next few years about how to design, govern, and constrain autonomous systems will matter far beyond the conference floor in San Francisco. Utopia and dystopia are not predetermined destinations. They're design outcomes. We still get to choose the architecture. But the window for making that choice thoughtfully — rather than reactively, in the middle of a crisis that moved faster than our guardrails — is not as wide as we might like to think. Asimov knew that. He wrote the laws before the robots ran. Maybe it's time we did the same. Stay imperfect, stay human. — Marco Let's keep exploring what it means to be human in this Hybrid Analog Digital Age. End of transmission. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At The NAMM Show 2026, John Page walks Sean Martin of ITSPmagazine through a hand-painted electric guitar called the Retablo. The motifs are lifted from the artwork that traditionally sits behind a cathedral altar, reimagined so the saints and icons are not from scripture but from the roots of American music. Sister Rosetta Tharpe. Muddy Waters. Howlin' Wolf. Mahalia Jackson. The canvases themselves are cut from the floorboards of an old church. It is one of the most personal guitars John Page has ever built. The conversation traces the arc of John Page Guitars, the small-batch shop John Page runs after more than 20 years at Fender, where he co-founded the legendary Custom Shop and led guitar research and development. He has now been designing and building guitars for 53 years. What gets made today at John Page Guitars is built by a small team, with John Page handling his own custom work and prototypes while a master builder works alongside him on production models. What makes the instruments different is not one big thing but a series of quiet decisions. John Page mounts the neck to the body with threaded machine inserts and machine bolts instead of standard wood screws, a coupling he believes transfers tone better between neck and body and adds overtone complexity that a conventional bolt-on simply does not produce. A flatter 12-inch radius, a reverse-angled bridge pickup that removes the ice-pick high, a vintage-feeling neck profile. Every decision serves a single goal: an instrument that sings as a complete unit. John Page describes his design philosophy in two short phrases. The first is "uniquely familiar," the idea that a guitar should feel comfortable in a player's hands and recognizable in their eyes while still being clearly its own thing. The second is "balanced asymmetry," an imbalance in which he finds a kind of perfect balance. Both show up in the offset fret markers, the body contours, and even in the restraint of the aesthetic choices that surround the Retablo's portraits. The Retablo itself is where that philosophy leaves the factory floor and becomes something closer to a reliquary. John Page had never painted portraits before. He taught himself, hand-painting each founder of American roots music onto wood reclaimed from a dismantled church, designing and building a custom bridge that routes volume and tone controls into the tailpiece so the body can carry its imagery unbroken. A full documentary exists on the making of the guitar for anyone who wants the layer-on-layer detail. When the talking is done, Bryan Ray of John Page Guitars steps in with one of the new baritone builds to let the instrument speak for itself. Every design decision John Page described is suddenly in the room, audible, as one of his guitars does exactly what he designed it to do. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTS John Page, Founder, John Page Guitars (Co-Founder, Fender Custom Shop) LinkedIn: https://www.linkedin.com/in/john-page-742b4213/ Bryan Ray, Marketing Director, John Page Classic LinkedIn: https://www.linkedin.com/in/bryan-ray-a63b5419/ RESOURCES John Page Guitars: https://www.johnpageguitars.com/ Meet John Page: https://www.johnpageguitars.com/pages/john-page The Retablo and other Art Guitars: https://www.johnpageguitars.com/pages/john-page John Page Signature Collection: https://www.johnpageguitars.com/collections/guitars The NAMM Show: https://www.namm.org/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS John Page, Bryan Ray, John Page Guitars, John Page Classic, Fender Custom Shop, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, guitar design, luthier, electric guitar, The NAMM Show 2026, NAMM 2026, Retablo art guitar, Ashburn, Bloodline pickups, American roots music, custom guitars, handmade guitars, boutique guitar builder Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Do Androids Dream of Security Patches? Reflections from RSAC 2026 — Walking the Floor of the Agentic World   Marco Ciappelli Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

At The NAMM Show 2026, Drum Workshop turned its booth into a walk-through of what a modern drum company looks like when craft, heritage, and engineering share the same floor. Scott Donnell, Director of Brand Management at Drum Workshop, Inc., guided us through a lineup that spans the DW Custom Shop, the revived Slingerland Radio King line, Latin Percussion, Pacific Drums and Percussion, and the brand's new DW Manufacturing series. The DW Custom Shop stand is a visible argument for customization as a sonic decision, not just a cosmetic one. Chrome, gold, satin chrome, and black hardware. Polyester sprays, three durable lacquers, exotic plies, and ply wraps. When a drummer specifies wood species, ply count, and grain orientation, they are designing the drum's voice from the inside out. The Slingerland revival gets the faithful-reproduction treatment. Radio King studio kits on display are solid, steam-bent maple shells with the original three-point throw-off and stick saver hoops, built in California. Scott Donnell speaks about the line the way a curator talks about a restoration: get the details right, honor what drummers remember, and let the sound do the rest. Donnell frames DW's innovation as a stack of deliberate decisions rather than a single breakthrough. DW stamps a note into each shell through a process called timbre matching, which ensures the kit is manufactured as a family. Pair that with grain orientation technology, True Pitch tuning, and resonance-focused tom mounting systems, and drummers never end up with an orphan drum in their kit. Marking the tenth anniversary of True Cast, the new DW Manufacturing four by 14 piccolo features a five millimeter sand-cast shell, cast bronze hoops, and fully machined brass and bronze hardware. Only one hundred are being made globally, each arriving in an Anvil flight case. A recent DW video features Dave Elitch and Abe Laboriel Jr. playing the drum with Paul McCartney. The conversation closes on a Red Hot Chili Peppers tour kit gifted to the DW museum by Chad Smith, which will join Neil Peart's and Terry Bozzio's tour kits on display while DW builds Chad new Sonic flight drums for the band's next tour. Pacific Drums and Percussion, LP's top-tuning congas, Tony Escapa's signature hand percussion series, and DWE round out the booth. Drum Workshop is not hiding how the drums get made. Take the tour, take the pictures, watch the videos, and the innovation speaks for itself. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Scott Donnell, Director of Brand Management, Drum Workshop, Inc. (DW Drums) LinkedIn: https://www.linkedin.com/in/scott-donnell-2964a129/ RESOURCES DW Drums: https://www.dwdrums.com Pacific Drums and Percussion: https://www.pacificdrums.com DW Music Foundation: https://www.dwmf.org The NAMM Show: https://www.namm.org Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Scott Donnell, Drum Workshop, DW Drums, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, NAMM Show 2026, NAMM 2026, Slingerland, Radio King, Latin Percussion, LP, Pacific Drums and Percussion, PDP, DW Manufacturing, True Cast, custom drums, drum innovation, timbre matching, grain orientation, Chad Smith, Red Hot Chili Peppers, Josh Freese, Tony Escapa, Abe Laboriel Jr, Dave Elitch Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ What if the device quietly recording your daily commute could be turned against you in the time it takes to order a burger? That is not a hypothetical -- it is a demonstrated reality. Alina Tan, Security Architect and Co-Founder of HE&T Security Labs, and George Chen, Security Architect for a large global company, have spent years dissecting the attack surface of connected vehicle peripherals. Their research -- presented at SecTor and Black Hat Asia 2025 -- introduces a novel attack technique they call "DriveThru Hacking": an automated method for compromising dashcams through Wi-Fi within a standard drive-through window. The attack is unsettling in its simplicity. Most dashcams ship with default or easily guessable credentials, and many manufacturers do not even allow users to change them. Within a six-minute exposure window, Alina and George's tool -- DriveThru Hacker -- can discover, connect to, and exfiltrate video, audio, and GPS data from a target dashcam, then use an LLM to stitch together a timeline of the owner's home, workplace, daily routes, and private conversations. The result is a shockingly detailed picture of someone's life, assembled entirely from a device most people never think to secure. The research goes further than individual privacy. George walks through how 4G/5G-connected dashcams dramatically expand the attack surface beyond physical proximity -- opening doors to remote credential stuffing, API privilege escalation, and web-based attacks on cloud-connected accounts. More alarming still, Alina and George demonstrate how compromised dashcams can be converted into a mobile botnet -- a network of roaming, internet-connected nodes whose reach is not bounded by geography. Unlike static IoT devices, these infected cameras move through cities, near sensitive installations, and into places that are deliberately obscured from public maps. The conversation also digs into the broader ecosystem: the infotainment network and CAN bus segmentation (or lack thereof), over-the-air firmware update security, the challenge of detection and response when dashcams have no audit logs whatsoever, and what responsible disclosure looked like when contacting over a dozen manufacturers -- most of whom had no dedicated security inbox and some of whom had no contact information at all. Alina and George close with practical hardening recommendations for both consumers and manufacturers, and a look at what intrusion prevention for embedded devices might look like as this research continues. The connected car conversation has long focused on the vehicle itself. This episode makes the case that the accessories attached to it deserve equal scrutiny -- and that the window to act, like the drive-through line, is shorter than most realize. ⬥GUESTS⬥ Alina Tan, Security Architect and Co-Founder at HE&T Security Labs | Website: https://www.heatsecuritylabs.com/ George Chen, Security Architect for a large global company | On LinkedIn: https://www.linkedin.com/in/geoc/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ HE&T Security Labs | https://www.heatsecuritylabs.com/ DriveThru Hacking Session (Black Hat Asia 2025) | https://blackhat.com/asia-25/sponsored-sessions/schedule/index.html#drivethru-hacking-45214 The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity Connect with Sean Martin | https://www.seanmartin.com/ ⬥KEYWORDS⬥ alina tan, george chen, he&t security labs, sean martin, dashcam security, connected vehicle cybersecurity, iot security, vehicle privacy, drivethru hacking, wi-fi hacking, mobile botnet, automotive cybersecurity, firmware security, over-the-air updates, credential stuffing, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

If you walked RSAC Conference 2026 expecting incremental updates, you left with something very different. Thyaga Vasudevan, EVP, Product at Skyhigh Security, describes this year as unlike any prior conference -- not because of a single announcement, but because the customers asking how to secure agentic AI were the same customers already building and deploying it. The urgency was real, immediate, and universal across organization sizes. The defining theme was agentic security. Vasudevan frames it around three core questions every security team now needs to answer: who is acting (agent identity), what are they accessing (data and APIs), and what are they trying to do (actions and permissions). The ChatGPT launch in November 2022 marked a generational shift -- and at RSAC 2026, Skyhigh Security observed that the industry had moved decisively from data-in and data-out protection to governing the actions of autonomous agents themselves. Data sovereignty was the other major conversation thread, driven by geopolitical realities and tightening regional data regulations. Vasudevan spoke with CISOs from financial services, healthcare, public sector, and not-for-profit organizations, each with different infrastructure approaches -- from on-prem data centers to sovereign clouds to full cloud deployments -- but all navigating the same fundamental challenge. DSPM and hybrid architectures are no longer optional for global enterprises. And quietly but significantly, browser security emerged as a front-and-center priority, reflecting the browser's growing role as a primary cloud endpoint. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Security LinkedIn: https://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com RSAC Conference 2026 Coverage: https://itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, agentic AI security, data sovereignty, SSE, Security Service Edge, DSPM, zero trust, browser security, cloud security, RSAC Conference 2026, RSAC 2026, AI agent security, MCP security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

**About this episode** What if everything you've been spending on digital marketing isn't an investment — but a tax? Nick Richtsmeier, founder of CultureCraft, joins Marco Ciappelli for a Brand Highlight that cuts straight to the root of why so many organizations feel stuck: not a marketing problem, but an alignment problem. Nick introduces the concept of the Silicon Valley tax — the ongoing cost most organizations pay to platforms that have no real incentive to show them what's working. He challenges the "attention economy" framing, arguing that what's actually being bought and sold is addictive behavior engineered by the algorithm. And he offers a different path: building trust in a humanist way, grounded in real alignment across culture, organizational design, positioning, point of view, and core community. The result is a conversation about brands — but really about integrity. About whether what an organization says and what it does are actually the same thing. And about why asking marketing to be the "sin eater" for every internal dysfunction is a strategy that will always come up short. **Connect with Nick Richtsmeier** [Nick Richtsmeier on LinkedIn](https://www.linkedin.com/in/nickrichtsmeier/) [CultureCraft](http://www.culturecraft.com) [CultureCraft on LinkedIn](https://www.linkedin.com/company/culturecraftconsulting/) **Connect with Marco & Studio C60** [Marco Ciappelli on LinkedIn](https://www.linkedin.com/in/marco-ciappelli) [Studio C60](https://www.studioc60.com) [ITSPmagazine](https://www.itspmagazine.com) **Keywords** brand strategy, organizational culture, trust building, marketing strategy, CultureCraft, Nick Richtsmeier, Silicon Valley tax, attention economy, algorithmic economy, brand alignment, digital marketing, humanist branding, organizational design, Trust Made Growth, sin eater marketing, brand highlight, Studio C60, ITSPmagazine, Marco Ciappelli **Want to tell your story?** [Full Length Brand Story] (https://www.studioc60.com/content-creation#full) |  [Brand Spotlight Story](https://www.studioc60.com/content-creation#spotlight) |  [Brand Highlight Story](https://www.studioc60.com/content-creation#highlight) This is a Brand Highlight — a ~5 min intro conversation spotlighting the guest and their company.  Learn more: [studioc60.com/creation#highlight](https://www.studioc60.com/creation#highlight) Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Anthony Cusimano, Director of Solutions Marketing at Object First, joined Sean Martin and Marco Ciappelli for a post-RSAC Conference 2026 recap -- and his observations from the show floor offer a window into how the security industry is evolving. One of the most telling details came from just outside the Moscone Center, where a company had set up an AI-free zone: a place for attendees to catch their breath from the wall-to-wall AI messaging dominating the event. That detail points to something bigger. The AI hype cycle that peaked over the past two years is giving way to a more demanding audience. At RSAC Conference 2026, Cusimano heard a different kind of question: not whether a company uses AI, but whether it uses it responsibly -- and whether zero trust principles are baked in. The novelty is gone; accountability is what the floor was asking for. For Object First, the shift in booth conversations has been even more meaningful. The question that used to greet them -- why is a backup storage company at a security conference? -- has been replaced by relief that they are there at all. Organizations now understand that backup and backup storage sit at the core of resilience and recovery. Cusimano described a floor full of teams thinking proactively, evaluating solutions before a crisis forces the decision. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Anthony Cusimano, Director of Solutions Marketing, Object First LinkedIn: https://www.linkedin.com/in/anthonycusimano89/ RESOURCES Object First website: https://objectfirst.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Anthony Cusimano, Object First, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, immutable backup storage, ransomware protection, Ootbi, Veeam backup, zero trust, data resilience, RSAC Conference 2026, cybersecurity, backup security, data recovery, edge security, fleet manager Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room. In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

When Sci-Fi Becomes the Business Plan A Brand Highlight Conversation with Jacob Flores, Head of Research at Type One Ventures There is a version of investing that asks what the return will be. And then there is the version that asks what kind of future the investment makes possible. Jacob Flores, Head of Research at Type One Ventures, is working firmly in the second category. Type One Ventures takes its name from the Kardashev Scale — a framework developed by Soviet astrophysicist Nikolai Kardashev that ranks civilizations by their level of technological advancement. A Type One civilization has mastered its home planet and is beginning to extend its reach beyond it. That is the destination this firm is trying to fund. Flores, a former engineer and product manager with roughly a decade of experience across industries, leads the research function at Type One with a focus on AI, neurotech, and biotechnology. The firm's investment lens is as much philosophical as it is financial. Type One looks for platform builders — companies whose core technology can be stacked across multiple applications, cultivating new marketplaces and entirely new categories of industry. Manufacturing in space is one clear example: in microgravity, it becomes possible to grow proteins, print circuits, and develop materials that cannot be produced the same way on Earth — yet those products have immediate, tangible value back on the ground. The thesis extends well beyond orbit. Type One is also backing neurotechnology companies working to restore vision and movement for people who have lost those abilities, and longevity research aimed at extending healthy human life. Flores frames these not as moonshots for their own sake, but as the new foundation layer for an entirely new level of global industry. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more Host Marco Ciappelli, Co-Founder, ITSPmagazine Guest Jacob Flores, Head of Research, Type One Ventures Resources Type One Ventures Type One Ventures on LinkedIn Want to tell your story? Full Length Brand Story Brand Spotlight Story Brand Highlight Story Keywords: Jacob Flores, Type One Ventures, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, space technology, deep tech, venture capital, multi-planetary civilization, Kardashev Scale, manufacturing in space, neurotech, longevity, AI, biotechnology, frontier technology, space investing, human longevity, platform builders Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it. Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin. In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely. The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods. This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Rob Demain, CEO & Founder, e2e-assure LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468 RESOURCES e2e-assure website: https://e2e-assure.com OT Downtime and Remediation Gaps Research: https://e2e-assure.com Are you interested in telling your story? Full Length Brand Story: https://www.studioc60.com/content-creation#full Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight Brand Highlight Story: https://www.studioc60.com/content-creation#highlight   Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Walk the floor at RSAC Conference 2026 and you will find boxing rings, petting zoos, agentic AI everywhere, and very few answers to the question that actually matters: why should anyone trust you with their security? Sean Martin and Marco Ciappelli have been watching this pattern for more than a decade -- and in this short On Location conversation, they turn the camera on themselves and on the problem they built Studio C60 to solve. The conversation starts with a pin. A small ITSPmagazine swag item from roughly ten years ago, sitting in Sean's hand at RSAC Conference. Marco traces the thread from there -- back to 2012, back to his first time on the conference floor, back to a joke he made that has never stopped being true: they are still selling the box. The packaging has changed -- servers became SaaS, disks became dashboards -- but the instinct to lead with the product rather than the outcome has not. Sean frames it cleanly: the messaging is the innovation. But the message only lands when it connects the technology to how teams actually use it, to what that enables the business to do, to why it matters beyond the booth. Marco extends it further: if you sound like everyone else, there is no music -- only noise. Every instrument is playing, but there is no song. That is the gap Studio C60 exists to close. Drawing on decades of combined experience in cybersecurity, go-to-market strategy, journalism, and brand storytelling, Sean and Marco offer clients something the expo floor rarely demonstrates: the ability to articulate not just what a product does, but what it means -- for the team, for the business, for the people it serves. The work ranges from a single consulting session to full campaign development and retainer partnerships. It starts with an honest assessment: who are you, who needs you, and what do you sound like right now? For startups especially, that starting point is where everything else begins. What the floor at RSAC Conference 2026 makes clear, year after year, is that attention is cheap and memory is rare. The brands that last are the ones that earn it -- not with a boxing ring, but with a story worth repeating. ⬥HOSTS⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/ ⬥RESOURCES⬥ RSAC Conference 2026 -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Studio C60 | https://www.studioc60.com The Future of Cybersecurity Newsletter (Sean Martin) | https://www.linkedin.com/newsletters/7108625890296614912/ An Analog Brain In A Digital Age Newsletter (Marco Ciappelli) | https://www.linkedin.com/newsletters/7079849705156870144/ On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, marco ciappelli, rsac conference 2026, rsac 2026, studio c60, itspmagazine, brand storytelling, cybersecurity marketing, go-to-market strategy, messaging and positioning, agentic ai, expo floor, brand differentiation, content production, cybersecurity branding, on location Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Sean Martin had barely finished his coffee when two separate conversations with CISOs at RSAC 2026 landed the same way: security is not how the business grows, it is how the business stays out of trouble. Compliance drives the tooling. The security team does its job. The business does its job. And the two rarely meet in the middle. That observation kicked off a quick but pointed exchange with Marco Ciappelli on the floor at RSAC, one that quickly moved from the conference center to the broader question of culture. Not just inside organizations -- but out in the world, where most people installing iPhone updates are skipping the security patch and tapping the music app feature instead. Sean has been making this argument for years -- his original show was called The Business of Security for a reason -- and Marco brings the branding and societal lens to the same problem. What happens when businesses treat security as a cost center rather than a brand asset? Apple made privacy a selling point. Most of the industry has not. And if the companies building and deploying security do not close that gap, the consumers and executives who should care never will. The conversation ends with Sean hinting at a second idea brewing -- something sparked by a photograph of a bow and arrow on the streets of San Francisco. That one comes later. ⬥HOSTS⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/ ⬥RESOURCES⬥ RSAC 2026 | April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ An Analog Brain In A Digital Age Newsletter | https://www.linkedin.com/newsletters/7079849705156870144/ On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, marco ciappelli, rsac 2026, rsa conference, cybersecurity business value, security culture, ciso priorities, compliance-driven security, security roi, brand and security, consumer security behavior, ai and security, security as business enabler, itspmagazine, on location Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score. Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can. The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins. Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Matt Stewart, Co-Founder, Impetum Alex Grohmann, Co-Founder, Impetum LinkedIn: https://www.linkedin.com/in/alexandergrohmann/ RESOURCES Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Arkose Labs sits at the intersection of bot management, fraud prevention, and identity protection -- working with the world's largest consumer-facing brands to make fraud unprofitable. Frank Teruel walks through how the threat landscape shifted from nation-state actors and organized crime to fully democratized crime-as-a-service platforms, where MFA bypass kits are sold online and multi-billion dollar fraud operations run with the efficiency of a product company. The conversation covers three of the biggest attack categories hitting organizations today: SMS toll fraud, bonus abuse, and fake account registrations. Each one exploits legitimate business flows -- onboarding, loyalty programs, referral bonuses -- and often goes entirely undetected by security teams because the attackers never trigger a traditional alert. In one example, a rideshare company's cell bill climbed by millions before anyone connected it to a fraud campaign. With agentic AI now in the mix, the attribution problem has become exponentially harder. Is that agent booking a hotel room a legitimate user action or the opening move of an account takeover? Arkose Labs places its defenses at the very top of the funnel -- registration and login flows -- combining risk scoring, challenge technology, a 24/7 SOC, and a dark web intelligence program called ACTOR. When a novel attack technique surfaces in gaming, Arkose Labs writes a global mitigation; when that same technique hits banking two days later, the defense is already deployed. Frank Teruel closes with a direct message to CISOs: 75% of organizations surveyed cannot perform attribution, and 97% expect a major AI-driven incident within the next 12 months. The signal to watch for is not always in the security stack -- it shows up in rising SMS bills, unusual account-linking activity, and transaction abandonment rates that do not match marketing spend. The answer is internal fusion: security, fraud, finance, and operations sharing data before the incident, not after. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Frank Teruel, Chief Operating Officer, Arkose Labshttps://www.linkedin.com/in/frankteruel/ RESOURCES Arkose Labs: https://www.arkoselabs.com RSAC Conference 2026: https://www.rsaconference.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Frank Teruel, Arkose Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, fraud prevention, bot management, account security, SMS toll fraud, agentic AI, fraud deterrence, identity protection, crime as a service, RSAC Conference 2026, CISO, account takeover, fake account registration, bonus abuse, loyalty fraud, federated threat intelligence Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the floor at Moscone Center was buzzing with talk of AI -- but underneath the excitement, a sharper question was forming: are enterprises actually ready to secure the AI systems they are rushing to deploy? Ed Wright, VP of Product Marketing at Menlo Security, joined Sean Martin on-site to dig into exactly that question. With 85 percent of knowledge workers now operating primarily through a browser, Menlo Security has spent 13 years building the infrastructure to protect that surface -- and the threat landscape has just taken a significant turn. The traditional browser threat model centers on humans: phishing links, malicious downloads, social engineering, deepfake video scams. Enterprises have spent billions on SSE stacks and endpoint protection stacks. Yet attacks continue to multiply. What Menlo Security is now tracking is a second threat model layered on top -- one designed specifically for AI agents. Agents use browsers to acquire data and complete tasks, often spinning up hundreds or thousands of headless browser sessions outside the enterprise perimeter, invisible to network security tools that only monitor the wire. The threat profile for agents is distinct. Where a human might miss a suspicious link, an agent reads white-on-white text and zero-font-size characters embedded in web pages -- classic prompt injection techniques. Agents are maniacally focused on task completion and do not naturally separate instructions from data. A co-opted agent, redirected through hidden instructions, will pursue its new goal with the same single-mindedness as its original one. Ed Wright notes that the top concern among CISOs at the RSAC Conference CISO bootcamp -- confirmed by a live audience poll -- is data exfiltration from agents: an agent accessing files, scraping internal pages, passing data to external LLMs, and moving sensitive information outside the organization. Menlo Security's response is a unified browser security platform that applies a single policy framework to both human and agentic workloads. The platform is built on four pillars: threat prevention including zero-day protection, secure application access, data security through AI Adaptive DLP, and file security. AI Adaptive DLP is the capability Ed Wright emphasizes most -- it functions as a combination of DLP and DSPM, discovering and classifying sensitive data across the organization and masking it in real time rather than blocking access. When traditional DLP blocks a human, they call IT. When it blocks an agent, the workflow silently fails. AI Adaptive DLP eliminates that failure mode entirely, keeping workflows uninterrupted while sensitive data stays protected at the source. The unification argument cuts through a crowded point-solution market. Rather than deploying separate tools for prompt injection, file security, and application access, Menlo Security delivers a single layer of visibility and observability across the entire workforce. Single policies. Single set of capabilities. No stitching together of forensic data from disconnected systems. Ed Wright points to a Fortune 500 customer that deployed 20,000-plus agents in a short window after a board mandate -- and quickly realized they had no security guardrails in place for browser-based agentic activity. The emergency call to Menlo Security was not the first of its kind, and it will not be the last. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ed Wright, VP of Product Marketing, Menlo Security LinkedIn: https://www.linkedin.com/in/edwardwright1/ RESOURCES Menlo Security: https://www.menlosecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Ed Wright, Menlo Security, Sean Martin, browser security, agentic AI security, AI agents, headless browsers, prompt injection, data exfiltration, AI Adaptive DLP, DSPM, zero-day threats, enterprise browser, SSE, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most enterprise authentication today is still built on passwords or one-time codes -- and neither is phishing-resistant. Alexander Summerer explains that fraud remains the core challenge: attackers intercept credentials in the online channel, and users are burdened with complex password policies that slow them down without making them safer. Swissbit's answer is the iShield Key, a FIDO2-based hardware security key that is plug and play. No passwords to remember, no codes to intercept, and no chance for a phishing attack to succeed. What sets Swissbit apart at RSAC Conference 2026 is convergence. The same iShield Key that authenticates a user at their workstation can also open a door. Tap it on an HID reader in a healthcare facility, a university, or a manufacturing plant, and access is granted -- physical and digital, in one device. Swissbit is the only vendor on the market today offering this combination, with HID Seos support now available and a global partner network ready to deploy at scale. The forward story is post-quantum cryptography. Alexander Summerer notes that quantum computing poses a real and coming threat to standard authentication algorithms. Swissbit is already previewing a PQC evaluation platform at booth 6565 -- a device that runs a post-quantum chip alongside the traditional chip. Organizations can upgrade to PQC-protected authentication with the same hardware, keeping legacy use cases running without disruption. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Alexander Summerer, Head of Authentication, Swissbit LinkedIn: https://www.linkedin.com/in/alexander-summerer RESOURCES Swissbit: https://www.swissbit.com iShield Key product page: https://www.swissbit.com/en/products/security-products/ishield-key/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Alexander Summerer, Swissbit, Sean Martin, RSAC Conference 2026, hardware security key, FIDO2, phishing-resistant authentication, passwordless authentication, physical access control, post-quantum cryptography, PQC, iShield Key, HID Seos, enterprise authentication, zero trust, brand story, brand marketing, marketing podcast, brand highlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not cloud-only and, according to Thyaga Vasudevan, EVP, Product at Skyhigh Security, they are unlikely to become cloud-only anytime soon. Legacy on-prem applications, new AI workloads kept inside the firewall, and the growing cost of routing all enterprise traffic through a cloud proxy are pushing organizations toward a hybrid security architecture -- one that needs to enforce consistent policy regardless of where the traffic goes or where the data lives. Skyhigh Security announced three major innovations at RSAC Conference 2026: a next-generation SSE hybrid platform with a single console managing on-prem and cloud enforcement under one policy construct; a patent-pending browser security capability that injects JavaScript controls dynamically into existing browser sessions without requiring a dedicated enterprise browser; and the general availability of its DSPM platform, which uniquely provides visibility into both data at rest and data in motion by combining proxy-layer inspection with posture management. The browser has quietly become the most important enforcement point in the enterprise. As AI tools like Microsoft Copilot operate through web socket connections that cannot be intercepted at the server level, security controls have to reach inside the browser session itself. Vasudevan describes a seamless approach: because Skyhigh Security already sees the traffic flowing through its SSE cloud, it can inject controls at the browser layer without asking employees to change the tools they use. Data sovereignty is no longer a compliance footnote -- it is an architectural driver. Vasudevan walked through a global manufacturer operating simultaneously in Europe, the United States, and China. Each region carries different regulatory constraints, different trust postures for cloud infrastructure, and different performance requirements. Skyhigh Security's hybrid platform handles all three scenarios under the same management framework and the same policy construct. The customer chooses where enforcement happens -- on-prem, cloud, or hybrid -- without rebuilding their security architecture. On AI agents, Vasudevan describes the evolution clearly: 2022 was about protecting data flowing into generative AI tools; 2025 became about protecting the actions of the agents themselves. Skyhigh Security positions itself as a proxy between agent traffic and the systems agents interact with -- whether MCP servers or SaaS applications -- monitoring what goes in and what comes out in real time. DSPM provides the baseline: know where sensitive data is and what risk it carries before any agent is given access to it. That distinction between sensitivity and risk is what allows organizations to make smart, dynamic decisions rather than blanket restrictions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Securityhttps://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, hybrid security, SSE, Security Service Edge, DSPM, data security posture management, zero trust, browser security, data sovereignty, AI agents, agentic AI, cloud security, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In the middle of a major incident, security teams face a brutal paradox: the faster things move, the harder it becomes to capture what's actually happening. Cydarm Technologies was built to solve exactly that. Vaughan Shanks, Co-Founder and CEO, describes the platform as a system of record for the SOC -- a purpose-built case management tool that captures who knew what, when, and why, in real time, throughout the lifecycle of an incident. Most of Cydarm's customers sit in government, defense, and critical infrastructure -- organizations where the pressure of regulatory compliance, legal accountability, and board-level reporting is highest. But the value extends well beyond compliance. Shanks draws a direct line from his time in Australian federal government to the philosophy behind Cydarm: good record keeping is good governance. When a capital-I incident is declared, legal, HR, communications, the C-Suite, and the board all need a view in. Cydarm's fine-grained, attribute-based access control makes it possible to give each stakeholder exactly the access they need -- and no more. What sets Cydarm apart from the ticketing systems most teams already have? Shanks puts it plainly: ITSM was built for IT service management, not adversarial cyber threats. The volume, velocity, and variety of SecOps are simply different. Cydarm is designed to feel more like WhatsApp and less like ITSM -- rich data format support, Easy Connect integrations, and a collaborative experience built specifically for high-frequency security operations. Teams that have built workarounds in existing tools know the maintenance burden that comes with it. Cydarm eliminates that mess. The post-incident dimension is where the system of record pays compounding dividends. Shanks outlines three paths: individual incident reports with adjustable significance levels for different audiences; longitudinal metrics capture that reveals the threat environment your controls aren't blocking; and resource justification data that gives security leaders the evidence to defend headcount and budgets. One customer -- a security leader at a major household brand -- had never experienced a breach, and had long struggled to justify the size of their team. With Cydarm's metrics, they finally had the data to make the argument. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Vaughan Shanks, Co-Founder and CEO, Cydarm Technologieshttps://www.linkedin.com/in/vaughan-shanks/ RESOURCES Cydarm Technologies: https://www.cydarm.com KEYWORDS Vaughan Shanks, Cydarm Technologies, Sean Martin, brand spotlight, brand story, brand marketing, marketing podcast, cyber incident response, SOC case management, security operations, incident management platform, system of record, RSAC Conference 2026, NIST incident response, playbook management, SecOps, ITSM alternatives, post-incident review, threat metrics, CISO accountability Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A decade ago, Kevin Gosschalk was talking CAPTCHAs and bot mitigation with Marco Ciappelli at a security conference. Today, at RSAC Conference 2026, the conversation has shifted to agentic AI -- autonomous systems that browse, click, and transact on behalf of users. For Gosschalk, the Founder and CEO of Arkose Labs, the technology has changed but the challenge is familiar: how do you tell the difference between a legitimate automated actor and a malicious one? Gosschalk explains that the vast majority of agentic traffic today is not self-identifying. Rather than announcing themselves as AI agents, these systems impersonate real Chrome browsers on Mac OS -- choosing configurations with stronger privacy features to evade fingerprinting. There are two technical categories to contend with: headless browsers running in the cloud, which can be caught through device spoofing checks, and on-device agents that control a real browser instance, which require a deeper look at behavioral patterns and intent signals. Arkose Labs builds intent models around payment fraud, fake account creation, and account compromise to distinguish the good agents from the bad. The economic framing Gosschalk brings to this conversation is striking. He describes SMS toll fraud -- where bad actors acquire millions of premium phone numbers and trigger OTP messages from victim companies, earning three to six cents per message while costing those companies tens of millions of dollars annually. He walks through micro deposit fraud targeting fintechs. His core thesis: fraud is an economic activity, and the best defense is making attacks more expensive than they are worth. Arkose Labs builds challenge mechanisms designed to raise that cost through novel stimuli that ML models have not been trained to solve -- presenting something genuinely new forces a brute-force approach that is less effective than purpose-built attacks. The platform's consortium model is a key differentiator. Arkose Labs protects large enterprises including Expedia and Meta, and when an attack signature appears on one customer but nowhere else in the network, its uniqueness is itself a strong fraud signal. Customers can also feed labeled outcome data back into the system -- if something slips through and later proves malicious, that label sharpens the model for the entire consortium. Gosschalk is equally clear about the opportunity side of agentic AI. Blocking all automated traffic is no longer viable -- legitimate agentic commerce is coming, where consumers will delegate shopping, comparison, and purchasing to AI assistants. The future is not blanket blocking but granular, policy-driven enforcement: letting each customer define what kinds of agentic behavior they want to permit on their platforms. Integration is accessible -- a basic JavaScript deployment for web, SDKs for mobile, and extended support for IoT devices and CDN integrations. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Kevin Gosschalk, Founder and CEO, Arkose Labs LinkedIn: https://www.linkedin.com/in/kgosschalk/ RESOURCES Arkose Labs: https://www.arkoselabs.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Kevin Gosschalk, Arkose Labs, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand spotlight, agentic AI, bot detection, bot mitigation, fraud prevention, SMS toll fraud, micro deposit fraud, behavioral biometrics, intent detection, CAPTCHA, account takeover, synthetic identity, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The cybersecurity industry is good at finding problems. What it has struggled with -- for decades -- is fixing them. Sunil Gottumukkala, CEO and Co-Founder of Averlon, calls this the exposure window: the gap between when a vulnerability is discovered and when it is actually resolved. That gap is where real risk lives, and closing it is the founding mission of Averlon. Speaking on location at RSAC Conference 2026, Gottumukkala draws on his experience as a security executive at Salesforce to explain why even the most well-resourced teams fall behind. More code, more acquisitions, and more attack surface means more findings -- but the capacity to remediate does not scale at the same rate. The answer, he argues, is not more people. It is better systems. Averlon approaches the problem by ingesting findings from across a customer's security stack, applying AI-driven analysis to determine what is actually exploitable in that specific environment, and eliminating noise. From there, rather than generating a ticket, the platform generates a fix -- actual code changes for application vulnerabilities, or compensating controls for situations requiring more time. The goal is not to manage vulnerabilities. It is to eliminate them. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Sunil Gottumukkala, CEO & Co-Founder, Averlonhttps://www.linkedin.com/in/sunilgottumukkala/ RESOURCES Averlon: https://www.averlon.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Sunil Gottumukkala, Averlon, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, vulnerability remediation, remediation operations, exposure window, cloud security, agentic AI, CVSS, vulnerability management, RSAC Conference 2026, RSAC 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Security teams have more data than ever -- and less confidence in it. Angelos Kottas, VP of Product and Corporate Marketing at Axonius, opens by sharing a striking finding from the Axonius Actionability Report: 55% of CISOs still run their environments off spreadsheets, and fewer than 20% have daily updates to their asset data. The result is a gap between what organizations think they know and what is actually happening across their digital real estate. Axonius was founded in 2017 after its co-founders witnessed a Fortune 100 retailer go into crisis during a live security incident -- unable to identify which assets were impacted or who owned them. That founding story still frames the company's mission: give security teams a comprehensive, enriched, and current view of every asset so they can stop flying blind. But Kottas argues that visibility alone is no longer the goal. Axonius launched its exposure management product at RSAC Conference 2025 -- its most successful product launch to date -- and the message from customers is consistent: what used to take weeks now takes hours or minutes. The platform now enables teams to move from discovery to coverage gap analysis to prioritized remediation, all in one place. The business case is real. Texas A&M University used Axonius to gamify risk reduction across its decentralized schools and divisions, turning remediation into a leaderboard and dramatically accelerating time to closure. An entertainment company customer used Axonius during the 2024 CrowdStrike Blue Screen of Death incident to scope its impact and build a remediation plan in minutes -- delaying operations by just five minutes, while others faced days of disruption. Kottas also addresses the AI question head-on. He frames it as AI squared: the foundation for artificial intelligence is asset intelligence. Agentic AI and autonomous SOC workflows are only as reliable as the data underneath them. Conflicting endpoint counts across EDR, CMDB, and other tools produce dirty data that undermines AI trust. Axonius solves this by delivering a deduplicated, enriched asset graph with business context layered in -- so AI systems can make recommendations organizations can actually act on. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Angelos Kottas, VP of Product and Corporate Marketing, Axonius LinkedIn: https://www.linkedin.com/in/amkottas/ RESOURCES Axonius website: https://www.axonius.com Axonius Actionability Report: https://www.axonius.com (available on the Axonius website) Adapt 2026 (annual customer conference, April 15, New York City): https://www.axonius.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Angelos Kottas, Axonius, Sean Martin, asset intelligence, exposure management, cyber asset attack surface management, CAASM, vulnerability management, actionability, CISO visibility, AI in cybersecurity, agentic AI, asset discovery, coverage gap analysis, incident response, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Security teams have always struggled with the gap between finding vulnerabilities and fixing the right ones. DeCloss built PlexTrac after seeing that gap firsthand as a penetration tester -- watching critical findings disappear into static PDFs and manual spreadsheets with no real tracking, no accountability, and no way to demonstrate improvement. The platform was designed from the ground up to close that loop. The conversation gets specific about what contextual risk scoring actually means. A CVE rated 10.0 in the National Vulnerability Database may be irrelevant to a given organization; a lower-severity finding may be critical given the systems that organization actually runs. PlexTrac's newly launched MCP server correlates vulnerability data against real-world environmental context, making that distinction automated and actionable -- not something an analyst has to puzzle out manually every time. DeCloss walks through what the before state looks like for most teams: an annual pentest PDF, weekly scanner output, no unified view, and spreadsheet-based assignment that makes it nearly impossible to track who is working on what or whether anything is actually getting resolved. PlexTrac replaces that with a normalized, integrated platform that connects to Jira, ServiceNow, and Azure DevOps -- keeping workflows intact while adding the visibility that was always missing. On AI's role in the industry, DeCloss is measured but direct. AI is a force multiplier, not a job eliminator. Security has always operated with a talent shortage, and automation fills that gap. But AI also expands the attack surface -- and organizations that adopt it without a security framework create new exposure. The human in the loop, with real subject matter expertise, remains essential. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Daniel DeCloss, Founder & CTO, PlexTrachttps://www.linkedin.com/in/ddecloss/ RESOURCES PlexTrac: https://plextrac.com KEYWORDS Daniel DeCloss, PlexTrac, Sean Martin, vulnerability management, penetration testing, pentest reporting, risk prioritization, CVE scoring, MCP server, AI in cybersecurity, blue team, remediation tracking, CTEM, continuous threat exposure management, RSAC Conference 2026, brand spotlight, brand marketing, marketing podcast, brand story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, Eric Herzog, Chief Marketing Officer of Infinidat, sat down with Sean Martin for a booth-side Brand Highlight that reframes a familiar blind spot. Infinidat is a high-end enterprise storage company serving global Fortune 500 organizations and mid-range managed service providers -- and Herzog argues that leaving storage out of a corporate cybersecurity strategy means leaving the largest concentration of enterprise data exposed. Infinidat embeds cybersecurity directly into its storage platform through InfiniSafe, a software suite that has earned recognition from both storage and cybersecurity analysts. The centerpiece of the offering is a written guarantee: any dataset, regardless of size, will be recovered in one minute or less. Herzog explains that this is backed by immutable snapshots that cannot be altered or deleted, a management plane separated from the data plane, and AI/ML-powered scanning through InfiniSafe Cyber Detection that validates a snapshot is clean before it is restored. The goal is a "known good copy" -- a forensically clean snapshot that can be brought back with confidence. Herzog notes that security teams often focus on confidentiality and availability while underweighting integrity. Infinidat's approach addresses all three: snapshots are verified clean, recovery is fast, and the process is demonstrable in live proof-of-concept environments. At the beginning of April 2026, Infinidat recovered six petabytes in three seconds in a live demo. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Eric Herzog, Chief Marketing Officer, Infinidat LinkedIn: https://www.linkedin.com/in/erherzog RESOURCES Infinidat Website: https://www.infinidat.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Eric Herzog, Infinidat, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, enterprise storage, cybersecurity, ransomware recovery, data protection, InfiniSafe, immutable snapshots, cyber resilience, RSAC Conference 2026, next generation data protection, MSP security, storage security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not waiting for permission to deploy AI agents -- they are already in production, often without a clear picture of what those agents can access or who is accountable for them. Token Security was built specifically for this moment, and being named an RSAC Conference Innovation Sandbox finalist is confirmation that the market is catching up to the problem the company has been solving since 2023. Itamar Apelblat, co-founder and CEO, and Ido Shlomo, co-founder and CTO, came out of Israel's elite intelligence unit 8200 -- Apelblat from the defensive security side and Shlomo from offensive cyber operations. That shared background, and 17 years of partnership, shapes how Token Security approaches a problem that most identity vendors have not yet reckoned with: AI agents are not humans, and they are not standard machine identities either. The core concept is intent-based access management. Rather than looking at an agent's historical behavior and extending permissions based on the past, Token Security asks: what is this agent supposed to do? What is its purpose? Restrictions are then built around that intent. As Apelblat explains, agents are non-deterministic -- they will pursue a goal through whatever path is available, including ones you did not anticipate or want. Locking down access based on intent rather than history is the only approach that holds. Shlomo adds a dimension that makes the risk concrete: an AI agent forgets everything between sessions. Every interaction starts fresh. That means it does not remember a previous attack attempt. A sophisticated adversary who manipulates an agent today can try the exact same technique tomorrow. Combine that with the agent's relentless drive to satisfy its directive -- even to the point of deleting data or modifying infrastructure if that is what it takes -- and the case for an isolated, intent-scoped perimeter becomes clear. The customer journey at Token Security almost always begins after deployment. Organizations arrive saying, in effect: we think we have agents out there, can you help us find them? Visibility comes first -- discovering what agents exist, understanding their usage, mapping ownership, managing lifecycle. Policy enforcement comes after. Critically, Token Security achieves this without sitting as an inline broker. The platform connects to both the agent platforms and the business applications those agents reach, creating enforcement at both ends without introducing friction into developer workflows. Apelblat frames the architecture in terms of micro agents: purpose-specific, narrowly scoped, each with a well-defined role. Not one agent doing everything -- thousands of focused agents, each constrained to exactly what it needs. Shlomo puts the business case plainly: an agent with properly managed identity is not a chatbot, it is a member of a digital workforce. Get identity right, and the productivity multiplier is enormous. Get it wrong, and a single compromised agent can cascade across every connected system it touches. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTS Itamar Apelblat, Co-Founder & CEO, Token Securityhttps://www.linkedin.com/in/itamar-apelblat/ Ido Shlomo, Co-Founder & CTO, Token Securityhttps://il.linkedin.com/in/ido--shlomo RESOURCES Token Security website: https://www.token.security/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Itamar Apelblat, Ido Shlomo, Token Security, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI agent security, AI agent identity, non-human identity, NHI security, intent-based access management, privileged access management, zero trust, RSAC Conference 2026, Innovation Sandbox, identity lifecycle management, agentic AI security, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.