Podcasts about infosecurity europe

  • 22PODCASTS
  • 177EPISODES
  • 25mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Jun 23, 2026LATEST

POPULARITY

20192020202120222023202420252026


Best podcasts about infosecurity europe

Latest podcast episodes about infosecurity europe

ITSPmagazine | Technology. Cybersecurity. Society
Who Gets to Tell Your Story? Maggie Alphonsi on Strength, Resilience & Owning the Narrative | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 23, 2026 16:12


A rugby World Cup winner walks into a room full of people who defend networks for a living. Maggie Alphonsi joins me to talk about breaking barriers, leading with your strengths, and what changed the day athletes stopped waiting for the back page and started telling their own stories.

ITSPmagazine | Technology. Cybersecurity. Society
Technology Got Safer, But The Smartest Hackers Don't Hack. They Just Ask | An Interview with Lee Clark | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 20, 2026 18:25


PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026 The most dangerous attacks at Infosecurity Europe 2026 weren't the high-tech ones. Lee Clark of the Retail & Hospitality ISAC sits down with me to explain why the soft target is still a human being — a help desk, a new hire, a phone ringing at dinner — and what stays in our hands as the shopper quietly becomes an algorithm.

ITSPmagazine | Technology. Cybersecurity. Society
Call It What It Is: When Ransomware Becomes Terrorism | An Interview with Cynthia Kaiser | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 19, 2026 16:18


A ransomware crew can run through your whole company between dinner and dessert. Sean Martin sat down with Cynthia Kaiser — twenty years at the FBI, now leading the Halcyon Ransomware Research Center — on the speed of the threat, the human cost the industry keeps abstracting away, and why a slice of ransomware deserves a harder name than “crime.”

Redefining CyberSecurity
Redefining Cyber Resilience | An On Location Conversation at Infosecurity Europe 2026 with James Morris, Former UK Member of Parliament

Redefining CyberSecurity

Play Episode Listen Later Jun 19, 2026 17:14


⬥EPISODE NOTES⬥ From the show floor at Infosecurity Europe 2026, Sean Martin sits down with James Morris, Director of The CSBR (Centre for Cyber Security and Business Resilience) and a former UK Member of Parliament who spent fourteen years in the House of Commons and chaired the All-Party Parliamentary Group for Cyber Security. His work now lives at the intersection of cybersecurity and resilience, translating evidence and expert roundtables into policy that Parliament can actually use. The conversation opens on a hard problem: legislation moves slowly, and technology does not. The UK's Cyber Security and Resilience Bill has been working through Parliament for fifteen months and may not be operational for the better part of a year, even as AI moves from the margins to the center of national infrastructure. James Morris describes how the government has responded by giving itself powers to designate organizations and sectors as threats emerge, a top-down approach that he argues only works if business is brought along from the bottom up. What counts as resilience is changing too. For years the word pointed narrowly at critical national infrastructure such as power and rail. James Morris makes the case that resilience now means economic resilience, pointing to high-profile UK breaches at Marks and Spencer and JLR that paralyzed major businesses yet would not be captured by the very bill moving through Parliament. Sean Martin pushes the thread into the supply chain, where the legislation starts to designate critical suppliers for the first time, with new expectations around transparency, incident reporting, and hardening, though financial services sits outside under its own regime. The closing turn is the one business owners should sit with. Cyber resilience is no longer a peripheral technical task to hand to IT. It is a board-level issue tied to strategy, reputation, and the survival of the organization itself, and the leaders who treat it that way, rehearsing breaches before they happen and planning for the media scrutiny that follows, are the ones positioned to recover. Resilience, in the end, is not only technical. It is economic, managerial, and political, and getting it right is becoming inseparable from how a modern society protects itself. ⬥HOST⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ ⬥GUEST⬥ James Morris -- Director, The CSBR (Centre for Cyber Security and Business Resilience); former UK Member of Parliament; former Chair of the All-Party Parliamentary Group for Cyber Security | https://uk.linkedin.com/in/james-morris-obe-787a2b17 ⬥RESOURCES⬥ Infosecurity Europe 2026 is taking place June 2-4, 2026 | ExCeL London -- Follow our coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast On Location | https://www.itspmagazine.com/on-location

Redefining CyberSecurity
The Quantum Threat Is Already a Business Decision You're Making Today | An On Location Conversation at Infosecurity Europe 2026 with Rik Ferguson, Vice President of Security Intelligence

Redefining CyberSecurity

Play Episode Listen Later Jun 19, 2026 14:54


⬥EPISODE NOTES⬥ At Infosecurity Europe 2026, Sean Martin sits down with Rik Ferguson, Vice President of Security Intelligence at Forescout, a day before Rik Ferguson takes the keynote stage with a deliberately provocative title: "Post-Quantum Cryptography Is a Way Off. We Can Wait, Can't We?" The honest answer, he says, is that waiting is a choice, and it is the wrong one. The threat is neither theoretical nor distant. Rik Ferguson walks through why the infrastructure for harvest-now, decrypt-later attacks already exists, pointing to Salt Typhoon, to BGP rerouting by unfriendly nations, and to intelligence agencies stockpiling encrypted data they cannot read yet but expect to read later. With NIST placing Q Day around 2035, Google pointing at 2029, and IBM's fault-tolerant Starling system slated for 2029, the distance between "someday" and "the hardware you purchase this year" has effectively closed. Sean Martin keeps steering the conversation back to the business. The parallel both of them keep returning to is Y2K, which became a non-event precisely because people did the work. The quantum question, Rik Ferguson argues, is not only about security or resilience, it is a budget and procurement question: which data has a long enough shelf life to still matter when it is finally decrypted? Pharmaceutical R&D, merger and acquisition strategy, sovereign debt positions, and legal negotiations all live under an assumed umbrella of privacy that encryption may not hold. The most unsettling point is what a harvest-now attack does to incident response. There is no time-bounding. Adversaries could have been collecting for a decade, and the first sign of trouble arrives only when the data is weaponized or made public, leaving the investigation disabled by chronology alone. Rik Ferguson closes with a message that reaches past cryptography itself: as attacks move toward autonomy, defense has to as well, which is why he wants the industry to move past Assume Breach and into Assume Autonomy. ⬥HOST⬥ Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/ ⬥GUEST⬥ Rik Ferguson, Vice President of Security Intelligence, Forescout | https://www.linkedin.com/in/rikferguson/ ⬥RESOURCES⬥ Infosecurity Europe 2026 is taking place June 2-4, 2026 | ExCeL London -- Follow our coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast On Location | https://www.itspmagazine.com/on-location ⬥KEYWORDS⬥ sean martin, rik ferguson, infosecurity europe, post-quantum cryptography, pqc, harvest now decrypt later, hndl, q day, quantum computing, encryption, salt typhoon, quantum agility, crypto agility, post-quantum migration, procurement, on location, itspmagazine Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
The Oldest Con, the Newest Tools | An Interview with Sarah Armstrong-Smith At Infosecurity Europe 2026 | An Analog Brain In A Digital Age With Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 17, 2026 16:00


There is a con called the Spanish Prisoner. A letter arrives from a stranger: a wealthy man sits in a foreign jail, and for a small advance to free him, he will reward you many times over. The trick is at least four hundred years old. It is also, give or take a few details, the email sitting in your spam folder this morning. I keep that in mind whenever someone tells me cybercrime is a technology problem. The tools change. The mark does not. We are still robbed through the same prehistoric wiring: a flash of fear, a moment of greed, a decision made in panic before the slow part of the brain wakes up. That is the thread I pulled on with Sarah Armstrong-Smith at InfoSecurity Europe. Sarah spent nearly thirty years in cyber and crisis leadership, was Chief Security Advisor at Microsoft, and now runs Secure Horizons. She has written two books on the human side of all this and sits on the UK Government Cyber Advisory Board. After all of it, she says the thing most people in her position will not say out loud: whatever we are doing is not working. More tools, more money, more people, more AI, and the problem keeps getting worse. Attack, wake-up call, attack, wake-up call. How many wake-up calls, she asks, does anyone need? I asked what keeps her up at night. She described an industrial accident on the scale of 9/11, triggered through a network: the first time a cyber incident kills people in numbers. We have been lucky so far. She doubts luck is a plan. The industry loves a big number, and the number is exactly where the human disappears. X million records stolen, Y terabytes gone. The day before, my friend Geoff White sat in this same chair and described a ransomware attack that shut down a hospital, which meant a woman missed the cancer appointment she had counted on. That is an Armageddon, and it has a name and a face. Sarah, as it happens, knows Geoff's work well enough to carry a line from him on the back of her book. The human element keeps finding the same small circle of people willing to talk about it. So how do we move this from a line item to a fact of society? Her answer is collective resilience. There is no prize for being the last one standing, because we are all wired into the same supply chain, the same dependencies, the same brittle web. And the smallest businesses, the ones without a war chest to ride out the storm, are the ones we discuss the least. Then a statistic. Close to half of all crime in the UK is now fraud or cyber. Around one percent of policing is pointed at it. Read those two numbers again. We fund what we can see, and we want officers on the street because a visible patrol both deters the thief and reassures the neighbourhood. The crime that actually empties our accounts happens somewhere we have agreed not to look. Follow the money, Sarah says, and you rarely stop at one criminal's pocket. It pays for the next thing: drugs, weapons, and more often than people imagine, the trafficking of human beings. Will AI save us? She did not flinch. Whatever you build to detect, the other side uses to evade. The asymmetry holds. Technology is part of the answer and never the whole of it, because the problem was never only technical. So what do we carry forward, and what do we leave behind? We carry the person behind the number: the one who misses the appointment, the small shop that never reopens. We leave behind the fantasy that a clever enough machine will spare us the harder work, which is teaching a whole society to recognize the Spanish Prisoner when it arrives, wearing this year's technology. Sarah's books are linked below, with a second edition on the way. Geoff's conversation is part of this same coverage. And if you want more of these, the newsletter lives at marcociappelli.com. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

ITSPmagazine | Technology. Cybersecurity. Society
What Burnout Costs the Cybersecurity People Who Keep Us Safe | An Interview with Bronwyn Boyle | An Analog Brain In A Digital Age With Marco Ciappelli | From Infosecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 15, 2026 15:30


PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Bronwyn Boyle can talk about software vulnerabilities for hours. Talking about her own — the burnout she didn't recognize until someone named it — turned out to be harder, and more important. We sat down at InfoSecurity Europe to talk about the human cost of guarding the machine, and whether our analog brains were ever built for this.

ITSPmagazine | Technology. Cybersecurity. Society
A Crime Against Time | An Interview with Rik Ferguson | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 15, 2026 14:54


PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Adversaries are stealing encrypted data today that they cannot read yet, and storing it until a quantum computer can. Sean Martin sat down with Forescout's Rik Ferguson to talk about “harvest now, decrypt later,” why Q-Day is closer than the comfortable timelines suggest, and what the decisions you make this year have to do with secrets you thought were safe forever.

ITSPmagazine | Technology. Cybersecurity. Society
When the Threat Moves Daily and the Law Moves in Years | An Interview with James Morris | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 13, 2026 17:14


PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK's threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word.

ITSPmagazine | Technology. Cybersecurity. Society
Measuring Risk Was Never the Point | A Brand Spotlight at Infosecurity Europe 2026 with Matt Middleton-Leal, Regional Vice President, Northern Europe of Qualys

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 12, 2026 15:45


At Infosecurity Europe 2026, Matt Middleton-Leal, Regional Vice President for Qualys across Northern Europe, joins Sean Martin inside the Risk Operations Center built into the Qualys booth. The premise is blunt: cybersecurity has spent years getting good at measuring risk and almost no time getting good at fixing it. The Risk Operations Center, or ROC, is the Qualys answer to that imbalance. So what is a ROC? It is not a product. Middleton-Leal describes it as an operating model that pulls scattered risk signals together, ranks them by business context and financial impact, and drives them toward remediation. If a SOC looks in the rearview mirror at what already happened, the ROC looks through the windshield at the risk ahead. Why now? Because risk moves at machine speed. In an AI-driven world of frontier models and autonomous agents, Middleton-Leal argues that remediation tied to service desk tickets is already too slow. He shares what happens when a client prepares to deploy tens of thousands of new agents before anyone knows what those agents touch or where their data goes. The example that lands hardest is a number: 62 million risk findings across one client's combined tooling. Middleton-Leal walks through how threat intelligence, business context, and safe exploitability testing collapse that figure to under one percent of fixes that genuinely reduce loss. It is a concrete look at how to prioritize remediation instead of drowning in dashboards. There is a quieter shift underneath it all: financial risk quantification, long reserved for the largest banks, reaching companies that never had the analysts to build it. Working with Richard Seiersen, Chief Risk Technology Officer at Qualys, the company is building ways to answer questions like what a ransomware event would likely cost a business in your sector and region. Middleton-Leal closes with the one place every organization should start, whether they use Qualys or not. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Middleton-Leal, Regional Vice President, Northern Europe, Qualys LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ RESOURCES Qualys: https://www.qualys.com ITSPmagazine Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Richard Seiersen, Chief Risk Technology Officer at Qualys, co-author of "How to Measure Anything in Cybersecurity Risk" Connect with Matt Middleton-Leal on LinkedIn: https://www.linkedin.com/in/matt-middleton-leal-a56557/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Middleton-Leal, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, Risk Operations Center, ROC, risk remediation, cyber risk quantification, exposure management, vulnerability management, Richard Seiersen, AI security risk, Infosecurity Europe 2026, machine speed remediation, security operations Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
Where Data Sovereignty and Always-On Security Operations Meet | A Brand Spotlight at Infosecurity Europe 2026 with Bill Peterson, Senior Director of Product Marketing of Sumo Logic

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 12, 2026 16:31


At Infosecurity Europe 2026 in London, Bill Peterson, Senior Director of Product Marketing at Sumo Logic, joins us to unpack a tension every regulated security team knows well. When an incident hits, the business has to keep running. At the same time, regulators expect sensitive data to stay in region. For a long time, those two demands have pulled in opposite directions. Sumo Logic has spent 15 years as a SaaS platform on AWS, processing roughly four exabytes of data a day for around 2,000 customers. The core promise is speed, driving mean time to resolve as low as possible. Peterson frames it in business terms, because the person signing the check wants to know the return, not the bits and bytes. The news from the show is Sumo Logic availability on the AWS European Sovereign Cloud. EU organizations can keep their data in region, handled by EU staff, while still running the full platform for incident response. That turns a painful either/or into a checklist a regulated buyer can complete. Genesys is the first customer live in the sovereign cloud, with payment processor OpenPay preparing to follow. How does this play out for highly regulated industries? Sumo Logic is focused on finance, healthcare, telco, and government, the verticals feeling the most pressure. The path Peterson describes is simple: let Sumo Logic handle incident management, let AWS move and grow the data in region, and check the sovereignty box without giving up operational readiness. Underneath sits a full-featured SIEM and Dojo AI, the agentic approach Sumo Logic launched earlier this year. The goal is not to replace analysts but to keep a human in the loop while handing proven, repetitive work to an agent. Fix one server, confirm the solution, then let an agent patch the other 599 under oversight. A SOC Analyst Agent reaches general availability at Black Hat later this year, alongside an MCP server. On observability, the differentiator is reading both structured and unstructured data without normalizing it first. A zip code is structured; a cryptic web hook error is not. Sumo Logic reads both, which feeds directly into faster time to identify and faster time to resolve. For any leader weighing sovereignty against uptime, Bill Peterson makes a clear case that they can finally live in the same plan. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Bill Peterson, Senior Director of Product Marketing, Sumo Logic LinkedIn: https://www.linkedin.com/in/williampetersonjr/ RESOURCES Learn more about Sumo Logic: https://www.sumologic.com/ Sumo Logic on the AWS European Sovereign Cloud (announced at Infosecurity Europe 2026): https://www.sumologic.com/newsroom Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Bill Peterson, Sumo Logic, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AWS European Sovereign Cloud, data sovereignty, incident response, mean time to resolve, SIEM, security operations, Dojo AI, agentic AI, SOC analyst agent, observability, log analytics, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
Connecting Secure Storage to the Bigger Security Picture | A Brand Highlight at Infosecurity Europe 2026 with Jeanclaude Toma, Chief Executive Officer of Apricorn

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 12, 2026 6:38


At Infosecurity Europe 2026, Jeanclaude Toma, Chief Executive Officer of Apricorn, joins Sean Martin to reframe where secure storage fits in the security conversation. After roughly four decades building hardware-encrypted drives, Apricorn wants the market to treat storage as a security decision rather than a hardware afterthought. How does a storage device become a security control? Toma points to the device itself: no one reaches the data without the code. Access requires a PIN entered on the drive, and the encrypted vault stays closed to everyone else. The protection travels with the drive and does not depend on the host system. Apricorn builds to FIPS certification requirements, hardens against environmental stress down to the connector, and tests repeatedly so compliance arrives built in. Why does this matter at the macro scale? Toma joined Apricorn three months ago to expand the portfolio and connect storage to the broader security marketplace, from military, government, and aerospace settings to the enterprise. He also hints at new form factors still under wraps. Listen in to hear why Apricorn treats the business and operations behind the product as seriously as the product itself. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Jeanclaude Toma, Chief Executive Officer, Apricorn LinkedIn: https://www.linkedin.com/in/jeanclaude-toma/ RESOURCES Learn more about Apricorn: https://apricorn.com Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Jeanclaude Toma, Apricorn, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, hardware-encrypted storage, FIPS certified storage, secure data storage, encrypted USB drives, data protection, Infosecurity Europe 2026, secure peripherals, PIN authenticated storage Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
Sixty Products, One Engine | A Brand Highlight at Infosecurity Europe 2026 with VimalRaj Sampathkumar, Head of Technical Operations, UK & Ireland of ManageEngine

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 12, 2026 6:32


At Infosecurity Europe 2026 in London, VimalRaj Sampathkumar, Head of Technical Operations for the UK and Ireland at ManageEngine, opens with a sharp observation: the market does not lack tools, it lacks tools that work together. After 16 years with the company, he has watched IT and security teams collect software faster than they can connect it. ManageEngine, a division of Zoho Corporation, builds roughly 60 products across endpoint management, IT operations, service management, and identity and access management. The point is not the count. VimalRaj Sampathkumar explains how tight integration lets those products share data, run automations, and power workflows, so a process like joiner-mover-leaver can be shaped to how each organization actually works instead of forced into a template. That same logic carries into cybersecurity. Customers rarely ask for one feature; they ask how to strengthen their posture and reach resilience. ManageEngine answers with solutions that scale from a single tool to a full suite, backed by flexible licensing and an AI roadmap. It is a look at why consolidation, not collection, is becoming the smarter security strategy. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST VimalRaj Sampathkumar, Head of Technical Operations, UK & Ireland, ManageEngine LinkedIn: https://www.linkedin.com/in/zenandzipfiles/ RESOURCES Learn more about ManageEngine: https://www.manageengine.com Infosecurity Europe 2026 coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS VimalRaj Sampathkumar, ManageEngine, Zoho Corporation, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, IT management, IT security, endpoint management, identity and access management, IT operations, integration, consolidation, cyber resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
When the Boardroom Asks "Are We Okay?" | A Brand Spotlight at Infosecurity Europe 2026 with Ian Schenkel, VP Sales, EMEA & APAC of Intel 471

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 11, 2026 16:33


Something has changed at the board level. Recorded in the media room at Infosecurity Europe 2026 in London, Ian Schenkel, VP Sales, EMEA & APAC of Intel 471, describes directors who no longer take security on faith. After a year of headline breaches from Jaguar Land Rover to Marks and Spencer and the Co-op, leadership wants proof rather than promises. What does the board actually want to know? A straight answer to one question: are we okay? Ian Schenkel starts with geopolitics. Nation-state activity, supply chain exposure, and shifting global markets all shape whether a business can keep running. Threat intelligence becomes the early warning system leaders use to decide where to move and which actors have a history of targeting their industry. The next question gets personal. Does this affect us? Have we already been hit? This is where Intel 471 leans on retroactive threat detection. When new indicators of compromise surface, an analyst can build detection queries in seconds against a SIEM, SOAR tool, SentinelOne, Microsoft, or Palo Alto, then report back to the board with a clear answer. How does intelligence reach the board without getting lost in the weeds? It travels as a story the board can act on. Intel 471 pulls its three core areas, cyber threat intelligence, attack surface management, and threat hunting, into a single report that scales from an executive summary to a detailed account of what was found and neutralized. The stories make it real. During merger rumors, an attacker registered a look-alike domain and emailed employees from it. In another case, Intel 471 warned an organization it did not yet work with about a politically motivated actor that was openly discussing it. The value is the early signal, long before perimeter and endpoint defenses ever engage. Sometimes the right move is not technical at all. It might be briefing executives on targeted ransomware or reminding employees to stay alert against the email that has not arrived yet. The throughline, as Ian Schenkel frames it, is prevention over reaction, and a board finally asking the right questions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ian Schenkel, VP Sales, EMEA & APAC, Intel 471 LinkedIn: https://www.linkedin.com/in/ianschenkel/ RESOURCES Learn more about Intel 471: https://www.intel471.com Connect with Ian Schenkel on LinkedIn: https://www.linkedin.com/in/ianschenkel/ Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Ian Schenkel, Intel 471, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, cyber threat intelligence, threat hunting, attack surface management, board reporting, geopolitical intelligence, early warning system, indicators of compromise, retroactive threat detection, business resilience, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
The Business of Extortion — Storytelling, Ransomware, and the BBC's Cyber Hack | Geoff White | PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2026 16:34


There is a moment in every conversation about cybercrime when the criminal stops being a shadow and becomes a person with a desk, a calendar, and a complaint about Monday. That moment is the one that interests me. For years I've been told cybersecurity is a technical problem. Firewalls, patches, acronyms nobody outside the room understands. And it is, partly. But sit with Geoff White for fifteen minutes at InfoSecurity Europe and the technical layer becomes what it always was underneath: people. People who get out of bed, argue with their partners, drink too much vodka after a breakup, and worry about a grandmother in the hospital — while running an extortion racket that, somewhere else, is shutting down the hospital treating someone else's grandmother. Geoff is an investigative journalist and author who has built a career out of refusing to let crime stay abstract. His new BBC series, Cyber Hack — the strand that grew out of The Lazarus Heist — turns its attention to one of the world's biggest ransomware gangs, Conti. And here is the detail that stayed with me: he has read their mail. Three hundred thousand internal messages, leaked, written by the criminals themselves when they assumed no one was watching. A journalist's candy store, as he called it. Also a nightmare — in Russian, thick with slang, mistranslated so often that “Bitcoin” comes out as “cue ball” and money hides behind the word for “grandmothers.” What fascinates me is not the heist. It is the self-portrait. Because the gang does not see a gang. They see a company. They have clients, they say. Customers. Negotiations conducted professionally. Some of them even hand the victim a report afterward — here is how we got in, here is what you should fix — as though extortion were a security audit with an invoice attached. Geoff has a theory I find hard to argue with: extortion is exhausting work for a smart person to do every day, so the brain quietly rewrites the job description. Criminal becomes businessman. The part that knows the truth shrinks. The story they tell themselves takes over. I'm Italian, so of course The Godfather arrived uninvited in the middle of our conversation. It's a business. Nothing personal. We laughed — I get to make that joke and Geoff doesn't — but underneath the laugh is something genuinely unsettling, and it has nothing to do with hackers. It's about all of us. We are all narrating ourselves into the people we'd prefer to be. The ransomware gang simply does it with higher stakes and worse intentions. This is why storytelling isn't decoration on top of cybersecurity. It's the only tool that makes the invisible visible. Geoff's last BBC series landed at number seven on the US charts, a few slots below Joe Rogan, because he tells these stories as stories — with the technical iceberg sitting safely below the waterline. People learn when they aren't being lectured. And we should learn, quickly. The same week I'm laughing about cue balls, Geoff describes cloning his own mother's voice with an AI tool and phoning her. She thought the line was just a little muffled. I told him what I tell my parents: if anything feels strange, hang up and call me directly. A pre-digital instinct, used as armor against a very digital trick. So what do we carry forward, and what do we leave behind? We carry the stories. We leave behind the comfortable idea that any of this is happening somewhere else, to someone else. The new season of Cyber Hack is expected in July. Listen to it — not because it will scare you, though it might, but because it makes a hidden world legible, and legibility is where every defense we have begins. Geoff's books and the show are linked below. And if you'd like more of these conversations, subscribe to the newsletter at marcociappelli.com. Let's keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly |

ITSPmagazine | Technology. Cybersecurity. Society
Resilience Is the New Compliance: Why Recovery Is the Real Test of Cyber Readiness | A Brand Spotlight at Infosecurity Europe 2026 with Pete Hannah, VP of Sales, Western Europe of Object First

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2026 16:44


At Infosecurity Europe in London, Pete Hannah, VP of Sales for Western Europe at Object First, joins Sean Martin to reframe a question many organizations still get wrong. The issue is not only how to keep ransomware out, but how quickly you can recover once it gets in. With Europe's regulatory landscape tightening, that distinction is becoming the difference between disruption and disaster. What does the UK Cyber Security and Resilience Bill actually demand? According to Pete Hannah, it reads less like a checklist and more like an operational resilience standard. It expects organizations to manage threats, prove they have tested their recovery plans, and treat resilience as a board-level responsibility with real financial penalties. More than ninety percent of the bill already applies in practice, so waiting for it to become law is a risk in itself. Why do backups matter so much? Because more than ninety percent of cyberattacks target them first. Pete Hannah explains that "immutable" has become a marketing word, and the meaningful test is whether anyone still holds the access to destroy protected data. Object First answers that with absolute immutability, independently tested, with zero destructive access for admins or compromised accounts. That protection is purpose-built for Veeam environments through the Ootbi appliance, the resilient bunker that stays standing even when every password is known and every other system is compromised. When recovery is guaranteed, teams stop worrying about whether they will recover and focus instead on how fast. How does a stretched IT team adopt this without adding overhead? Pete Hannah describes deployment as taking the appliance out of the box, racking it, connecting it, and pointing backups at it. For boards and CISOs under budget and resource pressure, simplicity is the selling point. It is easy to manage, easy to prove, and dependable when it matters. The proof is in the field. Pete Hannah shares stories of customers who survived worst-case scenarios because Object First was the only thing left standing, and one who tracked him down simply to say thank you. In an era where AI is accelerating attacks and a single compromised password has bankrupted companies, knowing you can recover is the new definition of good enough. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Pete Hannah, VP of Sales, Western Europe, Object First LinkedIn: https://www.linkedin.com/in/peterhannah/ RESOURCES Learn more about Object First: https://objectfirst.com Ootbi by Object First (Out-of-the-Box Immutability): https://objectfirst.com Watch: Anthony Cusimano of Object First at RSAC Conference: https://youtu.be/LMWuZ_NH1lA Infosecurity Europe 2026 event coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Pete Hannah, Object First, Ootbi, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, immutable backup storage, ransomware recovery, Veeam backup, absolute immutability, Cyber Security and Resilience Bill, cyber resilience, data protection, operational resilience, backup and recovery, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

ITSPmagazine | Technology. Cybersecurity. Society
Seeing What Your EDR Can't | A Brand Spotlight at Infosecurity Europe 2026 with Matt Ellison, Director of Sales Engineering EMEA & APAC of Corelight

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2026 16:36


At Infosecurity Europe 2026 in London, Matt Ellison, Director of Sales Engineering EMEA & APAC at Corelight, joins Sean Martin to unpack the visibility gap widening across security operations. The SOC is either drowning in data or missing the data that matters most. Corelight, custodian of the open-source Zeek project, builds a platform that turns raw network traffic into evidence teams can actually use. Why do today's most evasive attacks slip past endpoint detection? Because they are designed to. Ellison points to typhoon-style campaigns staged from network and hardware devices specifically to avoid EDR. When a platform sees all of the network traffic moving backwards and forwards, those moves stop being invisible. Seeing more is only half the battle. Ellison describes teams trapped by a fear of missing something, switching on every "just in case" detection until alert volume becomes its own crisis. The real question shifts from "what fired" to "what does this actually mean for my environment." How do you investigate a detection you cannot see inside? A black box hands down a verdict with no evidence behind it. Corelight takes an open approach, exposing the data behind every conclusion so analysts can follow a flow to its root cause and apply the one thing no vendor ships: their own knowledge of the network. The proof tends to show up fast. Ellison recalls a proof of value where, within thirty minutes, the team surfaced sensitive information moving unencrypted across the network. Other finds are smaller but telling, like a finance team's certificate using a weak cipher. Corelight even names its catch-all logs plainly, the "weird" log and the "unknown" log. Visibility feeds compliance too. Frameworks like NIS2, DORA, and GDPR demand evidence, not a tool humming in the corner that no one reviews. Ellison previews a coming release that adds asset classification, identifying every device on the network and explaining the why behind it. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUESTMatt Ellison, Director of Sales Engineering EMEA & APAC, Corelight LinkedIn: https://www.linkedin.com/in/matthewrellison/ RESOURCES Learn more about Corelight, including customer stories: https://corelight.com Zeek, the open-source NDR project Corelight maintains: https://zeek.org Infosecurity Europe 2026 coverage from ITSPmagazine: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight ▶︎ Get your own Brand Briefing at an upcoming event: https://www.studioc60.com/buy-brand-briefings KEYWORDS Matt Ellison, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, network detection and response, NDR, Zeek, open source security, network visibility, threat hunting, SOC alert fatigue, EDR evasion, encrypted traffic analysis, NIS2, DORA, GDPR, Infosecurity Europe 2026 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The CyberWire
The bugs are piling up faster than the fixes.

The CyberWire

Play Episode Listen Later Jun 2, 2026 30:23


A federal watchdog questions NIST over its vulnerability database backlog. Google patches an Android zero-day. Citizen Lab exposes a powerful location-tracking platform. Malware hides commands in Steam comments. Researchers spot AI-assisted malware development. Attackers compromise Red Hat's npm namespace. DriveSurge spreads malware through ClickFix and fake updates. FreePBX patches a critical flaw. And Dashlane responds to a brute-force attack. Our guest is ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on digital health platforms. Meta's AI support bot proves a bit too eager to help. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with ⁠Laure Lydon⁠, Opening Chair for Infosecurity Europe and VP of Security and Infrastructure, Flo Health, sharing her expertise on privacy, security, and trust in digital health platforms, especially in sensitive areas like women's health. This interview is part of our partnership with Infosecurity Europe. Selected Reading Inspector general finds NIST mistakes have made vulnerability database ineffective (The Record) Google fixes one actively exploited Android zero-day, 124 flaws (Bleeping Computer) Uncovering Webloc: An Analysis of Penlink's Ad-based Geolocation Surveillance Tech (The Citizen Lab) GoDaddy found malware on 1,980 WordPress sites using Steam as C2 infrastructure (Security Affairs) Threat Actor Uses AI to Build EDR Evasion Tools (Infosecurity Magazine) Attackers Hijack Red Hat npm Scope to Steal Cloud Secrets (Infosecurity Magazine) Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks (Bleeping Computer) Critical Hard-Coded Credentials Vulnerability in FreePBX User Control Panel (Beyond Machines) Dashlane password manager users locked out by brute force attacks (Bleeping Computer) Hackers Simply Asked Meta AI to Give Them Access to High-Profile Instagram Accounts. It Worked (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
That shield has cracks in it.

The CyberWire

Play Episode Listen Later May 21, 2026 28:40


Microsoft confirms active exploitation of two Defender flaws. Europol dismantles a VPN service tied to ransomware gangs. A nine-year-old Linux kernel bug exposes SSH keys and password hashes. Cisco patches a critical Secure Workload vulnerability, while Drupal fixes a highly critical SQL injection flaw. Android malware quietly signs victims up for premium SMS scams. Webworm upgrades its espionage toolkit with Discord and Microsoft Graph backdoors. Plus, China and Russia deepen cooperation on AI, cybersecurity, and satellite systems. Our guest is Jake Moore, Global Cybersecurity Advisor for ESET, sharing a glimpse into his Infosecurity Europe keynote "The Deepfake Interview." Greg doesn't even work here anymore… Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, Maria Varmazis speaks with Jake Moore, Keynote speaker for the upcoming Infosecurity Europe conference and Global Cybersecurity Advisor for ESET, getting a glimpse into his session "The Deepfake Interview: Breaking In From the Inside." This interview is part of our partnership with Infosecurity Europe.  Selected Reading Microsoft Defender vulnerabilities exploited in the wild (Help Net Security) Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator (Hackread) Nine-Year-Old Linux Kernel Flaw Leaks SSH Keys and Password Hashes (Infosecurity Magazine) Cisco Patches Critical Vulnerability in Secure Workload (SecurityWeek) Android Malware Spotted Subscribing Victims to Paid Services Without Consent (Hackread) Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking (SecurityWeek) Webworm: New burrowing techniques (We Live Security) Xi and Putin pledge closer cooperation on AI, cyberspace and satellite systems (The Record) Zombie user account let hackers control the city's water (The Register) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

ITSPmagazine | Technology. Cybersecurity. Society
The Transatlantic Broadcast Pilot Episode 2025: European Tech, Cybersecurity, and Society | ITSPmagazine Europe: The Transatlantic Broadcast Hosted by Marco Ciappelli, Rob Black, and Sean Martin

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Sep 6, 2025 32:12


Broadcasting from Florence and Los Angeles, I Had One of Those Conversations...You know the kind—where you start discussing one thing and suddenly realize you're mapping the entire landscape of how different societies approach technology. That's exactly what happened when Rob Black and I connected across the Atlantic for the pilot episode of ITSPmagazine Europe: The Transatlantic Broadcast.Rob was calling from what he optimistically described as "sunny" West Sussex (complete with biblical downpours and Four Seasons weather in one afternoon), while I enjoyed actual California sunshine. But this geographic distance perfectly captured what we were launching: a genuine exploration of how European perspectives on cybersecurity, technology, and society differ from—and complement—American approaches.The conversation emerged from something we'd discovered at InfoSecurity Europe earlier this year. After recording several episodes together with Sean Martin, we realized we'd stumbled onto something crucial: most global technology discourse happens through an American lens, even when discussing fundamentally European challenges. Digital sovereignty isn't just a policy buzzword in Brussels—it represents a completely different philosophy about how democratic societies should interact with technology.Rob Black: Bridging Defense Research and Digital RealityRob brings credentials that perfectly embody the European approach to cybersecurity—one that integrates geopolitics, human sciences, and operational reality in ways that purely technical perspectives miss. As UK Cyber Citizen of the Year 2024, he's recognized for contributions that span UK Ministry of Defense research on human elements in cyber operations, international relations theory, and hands-on work with university students developing next-generation cybersecurity leadership skills.But what struck me during our pilot wasn't his impressive background—it was his ability to connect macro-level geopolitical cyber operations with the daily impossible decisions that Chief Information Security Officers across Europe face. These leaders don't see themselves as combatants in a digital war, but they're absolutely operating on front lines where nation-state actors, criminal enterprises, and hybrid threats converge.Rob's international relations expertise adds crucial context that American cybersecurity discourse often overlooks. We're witnessing cyber operations as extensions of statecraft—the ongoing conflict in Ukraine demonstrates how narrative battles and digital infrastructure attacks interweave with kinetic warfare. European nations are developing their own approaches to cyber deterrence, often fundamentally different from American strategies.European Values Embedded in Technology ChoicesWhat emerged from our conversation was something I've observed but rarely heard articulated so clearly: Europe approaches technology governance through distinctly different cultural and philosophical frameworks than America. This isn't just about regulation—though the EU's leadership from GDPR through the AI Act certainly shapes global standards. It's about fundamental values embedded in technological choices.Rob highlighted algorithmic bias as a perfect example. When AI systems are developed primarily in Silicon Valley, they embed specific cultural assumptions and training data that may not reflect European experiences, values, or diverse linguistic traditions. The implications cascade across everything from hiring algorithms to content moderation to criminal justice applications.We discussed how this connects to broader patterns of technological adoption. I'd recently written about how the transistor radio revolution of the 1960s paralleled today's smartphone-driven transformation—both technologies were designed for specific purposes but adopted by users in ways inventors never anticipated. The transistor radio became a tool of cultural rebellion; smartphones became instruments of both connection and surveillance.But here's what's different now: the stakes are global, the pace is accelerated, and the platforms are controlled by a handful of American and Chinese companies. European voices in these conversations aren't just valuable—they're essential for understanding how different democratic societies can maintain their values while embracing technological transformation.The Sociological Dimensions Technology Discourse MissesMy background in political science and sociology of communication keeps pulling me toward questions that pure technologists might skip: How do different European cultures interpret privacy rights differently? Why do Nordic countries approach digital government services so differently than Mediterranean nations? What happens when AI training data reflects primarily Anglo-American cultural assumptions but gets deployed across 27 EU member states with distinct languages and traditions?Rob's perspective adds the geopolitical layer that's often missing from cybersecurity conversations. We're not just discussing technical vulnerabilities—we're examining how different societies organize themselves digitally, how they balance individual privacy against collective security, and how they maintain democratic values while defending against authoritarian digital influence operations.Perhaps most importantly, we're both convinced that the next generation of European cybersecurity leaders needs fundamentally different skills than previous generations. Technical expertise remains crucial, but they also need to communicate complex risks to non-technical decision-makers, operate comfortably with uncertainty rather than seeking perfect solutions, and understand that cybersecurity decisions are ultimately political decisions about what kind of society we want to maintain.Why European Perspectives Matter GloballyEurope represents 27 different nations with distinct histories, languages, and approaches to technology governance, yet they're increasingly coordinating digital policies through EU frameworks. This complexity is fascinating and the implications are global. When Europe implements new AI regulations or data protection standards, Silicon Valley adjusts its practices worldwide.But European perspectives are too often filtered through American media or reduced to regulatory footnotes in technology publications. We wanted to create space for European voices to explain their approaches in their own terms—not as responses to American innovation, but as distinct philosophical and practical approaches to technology's role in democratic society.Rob pointed out something crucial during our conversation: we're living through a moment where "every concept that we've thought about in terms of how humans react to each other and how they react to the world around them now needs to be reconsidered in light of how humans react through a computer mediated existence." This isn't abstract philosophizing—it's the practical challenge facing policymakers, educators, and security professionals across Europe.Building Transatlantic Understanding, Not DivisionThe "Transatlantic Broadcast" name reflects our core mission: connecting perspectives across borders rather than reinforcing them. Technology challenges—from cybersecurity threats to AI governance to digital rights—don't respect national boundaries. Solutions require understanding how different democratic societies approach these challenges while maintaining their distinct values and traditions.Rob and I come from different backgrounds—his focused on defense research and international relations, mine on communication theory and sociological analysis—but we share curiosity about how technology shapes society and how society shapes technology in return. Sean Martin brings the American cybersecurity industry perspective that completes our analytical triangle.Cross-Border Collaboration for European Digital FutureThis pilot episode represents just the beginning of what we hope becomes a sustained conversation. We're planning discussions with European academics developing new frameworks for digital rights, policymakers implementing AI governance across member states, industry leaders building privacy-first alternatives to Silicon Valley platforms, and civil society advocates working to ensure technology serves democratic values.We want to understand how digital transformation looks different across European cultures, how regulatory approaches evolve through multi-stakeholder processes, and how European innovation develops characteristics that reflect distinctly European values and approaches to technological development.The Invitation to Continue This ConversationBroadcasting from our respective sides of the Atlantic, we're extending an invitation to join this ongoing dialogue. Whether you're developing cybersecurity policy in Brussels, building startups in Berlin, teaching digital literacy in Barcelona, or researching AI ethics in Amsterdam, your perspective contributes to understanding how democratic societies can thrive in an increasingly digital world.European voices aren't afterthoughts in global technology discourse—they're fundamental contributors to understanding how diverse democratic societies can maintain their values while embracing technological change. This conversation needs academic researchers, policy practitioners, industry innovators, and engaged citizens from across Europe and beyond.If this resonates with your own observations about technology's role in society, subscribe to follow our journey as we explore these themes with guests from across Europe and the transatlantic technology community.And if you want to dig deeper into these questions or share your own perspective on European approaches to cybersecurity and technology governance, I'd love to continue the conversation directly. Get in touch with us on Linkedin! Marco CiappelliBroadcasting from Los Angeles (USA) & Florence (IT)On Linkedin: https://www.linkedin.com/in/marco-ciappelliRob BlackBroadcasting from London (UK)On Linkedin https://www.linkedin.com/in/rob-black-30440819Sean MartinBroadcasting from New York City (USA)On Linkedin: https://www.linkedin.com/in/imsmartinThe transatlantic conversation about technology, society, and democratic values starts now.

ITSPmagazine | Technology. Cybersecurity. Society
ITSPmagazine Weekly Update | From AI Agents to Tape Mixes, to Guitars and Black Hat Buzzwords and much more with Marco & Sean | Random and Unscripted Weekly Update with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 18, 2025 22:21


ITSPmagazine Weekly Update | From AI Agents to Tape Mixes, to Guitars and Black Hat Buzzwords and much more with Marco & Sean's Random & Unscripted Podcast ⸻ In this weekly unscripted update, Marco Ciappelli and Sean Martin catch up on their latest stories, from AI agents replacing SOC analysts to mixtape nostalgia and vintage guitars made from NYC history. They also tease big things coming at Black Hat USA and reflect on why collaboration is core to ITSPmagazine. ⸻ In this week's Random and Unscripted episode, Marco Ciappelli and Sean Martin return with another lively behind-the-scenes update from the ITSPmagazine world. As always, the conversation flows unpredictably—from music and nostalgia to cybersecurity, AI, and everything in between. Marco kicks off the episode by confessing he saw ASIS live—twice—and is now on a mission for the perfect mod haircut. Sean follows with an unexpected review of an avant-garde opera at Lincoln Center, which explores humanity's attempt to extend life through technology. That sets the stage for deeper reflection on AI, with both co-founders digging into the role of AI agents in cybersecurity operations. Sean recaps his recent contributor-led newsletters on threat intelligence and AI-powered SOC roles. Marco, meanwhile, teases the next chapter in his “Robbie the Robot” newsletter series, which will explore the merger of humans and machines. The episode also spotlights a series of published interviews: a brand story with Greg and John from White Knight Labs, Marco's conversation with Ken Munro wrapping up Infosecurity Europe 2025, and an episode with Abadesi from the Women in Cybersecurity track—discussing how diverse teams build better tech. Sean also drops new Music Evolves episodes, including a conversation with Summer McCoy of the Mixtape Museum and a new story on Carmine Guitars, where vintage NYC wood is repurposed into one-of-a-kind instruments. That sparks a philosophical reflection from Marco on the contrast between analog warmth and digital impermanence. As the episode winds down, Marco and Sean turn their attention to Black Hat USA 2025. With sponsorships nearly sold out, they encourage companies to claim one of the last remaining spots. They also preview an upcoming live webinar where they'll debate the event's inevitable buzzwords with industry peers. As always, the tone is informal, curious, and community-driven. If you want the inside scoop on what's shaping the stories and strategies at ITSPmagazine—this is the episode to hear. ⸻ Keywords: cybersecurity, AI agents, threat intelligence, SOC analyst, mixtape museum, custom guitars, Black Hat USA 2025, ITSPmagazine, analog vs digital, diversity in tech, robotic automation, newsletter strategy, editorial collaboration, pen testing, brand storytelling, tech culture, cybersecurity events, operational technology, digital transformation, music and techHosts links:

ITSPmagazine | Technology. Cybersecurity. Society
The Human Side of Technology with Abadesi Osunsade — From Diversity to AI and Back Again | Guest: Abadesi Osunsade | Redefining Society And Technology Podcast With Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 17, 2025 31:42


⸻ Podcast: Redefining Society and Technologyhttps://redefiningsocietyandtechnologypodcast.com Title: The Human Side of Technology with Abadesi Osunsade — From Diversity to AI and Back AgainGuest: Abadesi OsunsadeFounder @ Hustle Crew - We train ambitious & inclusive teams in tech & beyondWebSite: https://www.abadesi.comOn LinkedIn: https://www.linkedin.com/in/abadesi/Host: Marco CiappelliCo-Founder & CMO @ITSPmagazine | Master Degree in Political Science - Sociology of Communication l Branding & Marketing Consultant | Journalist | Writer | Podcasts: Technology, Cybersecurity, Society, and Storytelling.WebSite: https://marcociappelli.comOn LinkedIn: https://www.linkedin.com/in/marco-ciappelli/_____________________________This Episode's SponsorsBlackCloak provides concierge cybersecurity protection to corporate executives and high-net-worth individuals to protect against hacking, reputational loss, financial loss, and the impacts of a corporate data breach.BlackCloak:  https://itspm.ag/itspbcweb_____________________________⸻ Podcast Summary ⸻ What happens when someone with a multicultural worldview, startup grit, and a relentless focus on inclusion sits down to talk about tech, humanity, and the future? You get a conversation like this one with Abadesi Osunsade. We touched on everything from equitable design and storytelling to generative AI and ethics. This episode isn't about answers — it's about questions that matter. And it reminded me why I started this show in the first place. ⸻ Article ⸻ Some conversations remind you why you hit “record” in the first place. This one with Abadesi Osunsade — founder of Hustle Crew, podcast host of Techish, and longtime tech leader — was exactly that kind of moment. We were supposed to connect in person at Infosecurity Europe in London, but the chaos of the event kept us from it. I'm glad it worked out this way instead, because what came out of our remote chat was raw, layered, and deeply human. Abadesi and I explored a lot in just over 30 minutes: her journey through big tech and startups, the origins of Hustle Crew, and how inclusion and equity aren't just HR buzzwords — they're the foundation of better design. Better products. Better culture. We talked about the usual “why diversity matters” angle — but went beyond it. She shared viral real-world examples of flawed design (like facial recognition or hand dryers that don't register dark skin) and challenged the myth that inclusive design is more expensive. Spoiler: it's more expensive not to do it right the first time. Then we jumped into AI — not just how it's being built, but who is building it. And what it means when those creators don't reflect the world they're supposedly designing for. We talked about generative AI, ethics, simulation, capitalism, utopia, dystopia — you know, the usual light stuff. What stood out most, though, was her reminder that this work — inclusion, education, change — isn't about shame or guilt. It's about possibility. Not everyone sees the world the same way, so you meet them where they are, with stories, with data, with empathy. And maybe, just maybe, you shift their perspective. This podcast was never meant to be just about tech. It's about how tech shapes society — and how society, in turn, must shape tech. Abadesi brought that full circle. Take a listen. Think with us. Then go build something better. ⸻ Keywords ⸻ Society and Technology, AI ethics, generative AI, inclusive design, tech innovation, product development, digital transformation, tech, technology, Diversity & Inclusion, equity in tech, inclusive leadership, unconscious bias, diverse teams, representation matters, belonging at workEnjoy. Reflect. Share with your fellow humans.And if you haven't already, subscribe to Musing On Society & Technology on LinkedIn — new transmissions are always incoming.https://www.linkedin.com/newsletters/musing-on-society-technology-7079849705156870144You're listening to this through the Redefining Society & Technology podcast, so while you're here, make sure to follow the show — and join us as we continue exploring life in this Hybrid Analog Digital Society.End of transmission.____________________________Listen to more Redefining Society & Technology stories and subscribe to the podcast:

ITSPmagazine | Technology. Cybersecurity. Society
Catching Up With Ken Munro After Infosecurity Europe 2025 — Hacking the Planet, One Car, One Plane, and One System at a Time | On Location Podcast With Sean Martin & Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 17, 2025 23:25


Title: "Catching Up With Ken Munro After Infosecurity Europe 2025 — Hacking the Planet, One Car, One Plane, and One System at a Time"A Post–Infosecurity Europe 2025 Conversation with Ken MunroGuestsKen Munro Security writer & speakerhttps://www.linkedin.com/in/ken-munro-17899b1/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________After a whirlwind week at Infosecurity Europe 2025, I had the chance to reconnect with Ken Munro from Pen Test Partners — a longtime friend, hacker, and educator who brings cybersecurity to life in the most tangible ways. From car hacking escape rooms to flight simulators in pubs, we talked about why touching tech matters, how myth-busting makes us safer, and how learning through play might just be the key to securing our increasingly complex world. Tune in, and maybe bring a cocktail.⸻There's something special about catching up with someone who's not just an expert in cybersecurity, but also someone who reminds you why this industry can — and should — be fun. Ken Munro and I go back to the early days of DEFCON's Aviation Village, and this post-Infosecurity Europe 2025 chat brought all that hacker spirit right back to the surface.Ken and his crew from Pen Test Partners set up shop next to the main Infosecurity Europe venue in a traditional London pub — but this wasn't your average afterparty. They transformed it into a hands-on hacking village, complete with a car demo, flight simulator, ICS cocktail CTF, and of course… a bar. The goal? Show that cybersecurity isn't just theory — it's something you can touch. Something that moves. Something that can break — and be fixed — before it breaks us.We talked about the infamous “Otto the Autopilot” from Airplane, the Renault Clio-turned-Mario Kart console, and why knowing how TCAS (collision avoidance) works on an Airbus matters just as much as knowing your Wi-Fi password. We also dug into the real-world cybersecurity concerns of industrial systems, electronic flight bags, and why European regulation might be outpacing the U.S. in some areas — for better or worse.One of the biggest takeaways? It's time to stop fearing the hacker mindset and start embracing it. Curiosity isn't a threat — it's a superpower. And when channeled correctly, it leads to safer skies, smarter cars, and fewer surprises in the water we drink or the power we use.There's a lot to reflect on from our conversation, but above all: education, community, and creativity are still the most powerful tools we have in security — and Ken is out there proving that, one demo and one pint at a time.Thanks again, Ken. See you at the next village — whichever pub, hangar, or DEFCON corner it ends up in.⸻Keywords: cybersecurity, ethical hacking, pen testing, Infosecurity Europe, embedded systems, car hacking, flight simulator, ICS security, industrial control systems, aviation cybersecurity, hacker mindset, DEFCON___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Security Visionaries
Security Visionaries LIVE at Infosec Europe: CISO / CEO Crucial Conversations

Security Visionaries

Play Episode Listen Later Jul 15, 2025 34:15


Join host Emily Wearmouth for the very special episode of Security Visionaries recorded live at Infosecurity Europe. She's joined by Holly Foxcroft, Ian Golding, and Rich Davis to discuss the crucial conversations CISOs need to have with their CEOs this year. The episode dives into four key areas: cost, risk, innovation, and AI, offering insights and exploring the differing perspectives between tech leaders and CEOs.

ITSPmagazine | Technology. Cybersecurity. Society
“These Aren't Soft Skills — They're Human Skills” A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'Alton

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 19, 2025 27:52


Title: “These Aren't Soft Skills — They're Human Skills”A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'AltonGuestsRob BlackUK Cyber Citizen of the Year 2024 | International Keynote Speaker | Master of Ceremonies | Cyber Leaders Challenge | Professor | Community Builder | Facilitator | Cyber Security | Cyber Deceptionhttps://www.linkedin.com/in/rob-black-30440819/Anthony D'AltonProduct marketing | brand | reputation for cybersecurity growthhttps://www.linkedin.com/in/anthonydalton/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ Yes, Infosecurity Europe 2025 may be over, but the most important conversations are just getting started — and they're far from over. In this post-event follow-up, Marco Ciappelli reconnects from Florence with Rob Black and brings in Anthony D'Alton for a deep-dive into something we all talk about but rarely define clearly: so-called soft skills — or, as we prefer to call them… human skills.From storytelling to structured exercises, team communication to burnout prevention, this episode explores how communication, collaboration, and trust aren't just “nice to have” in cybersecurity — they're critical, measurable capabilities. Rob and Anthony share their experience designing real-world training environments where people — not just tools — are the difference-makers in effective incident response and security leadership.Whether you're a CISO, a SOC leader, or just tired of seeing tech get all the credit while humans carry the weight, this is a practical, honest conversation about building better teams — and redefining what really matters in cybersecurity today.If you still think “soft skills” are soft… you haven't been paying attention.⸻Keywords: Cybersecurity, Infosecurity Europe 2025, Soft Skills, Human Skills, Cyber Resilience, Cyber Training, Security Leadership, Incident Response, Teamwork, Storytelling in Cyber, Marco Ciappelli, Rob Black, Anthony Dalton, On Location, ITSPmagazine, Communication Skills, Cyber Crisis Simulation, RangeForce, Trust in Teams, Post Event Podcast, Security Culture___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Inside the Mind of the UK's Top Cyber Intelligence Officer: A Ransomware 3.0 Reality Check | An Infosecurity EU 2025 Conversation with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA)

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 16, 2025 17:47


William Lyne of the UK's National Crime Agency joins us live at Infosecurity Europe to talk ransomware, AI threats, and the future of cybercrime disruption.When the UK's top cyber intelligence strategist sits down with you in London, you listen — and you hit record.At Infosecurity Europe 2025, the ITSPmagazine podcast team — Marco Ciappelli and Sean Martin — sat down with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA). This is the guy who not only leads cyber strategy for the NCA, but has also represented the UK at the FBI in the U.S. and now oversees national-level ransomware disruption efforts. It's not just a conversation — it's a rare front-row seat into how one of the world's most serious crime-fighting agencies is tackling ransomware 3.0.The message? Ransomware isn't just a cyber issue. It's a societal one. And it's evolving faster than we're prepared for — unless we change the game.“It went from niche to national threat fast,” Lyne explains. “The tools were always there. It just took a few threat actors to stitch them together.”From banking malware to fully operational cybercrime-as-a-service ecosystems, Lyne walks us through how the underground economy has industrialized. Ransomware isn't just about tech — it's about access, scale, and business models. And most importantly, it's no longer limited to elite coders or closed-door Russian-speaking forums. The barrier to entry is gone, and the dark web is wide open for business.Sean brings up the obvious: “Why does this still feel like we're always reacting?”Lyne responds: “We've shifted. We're going after the ecosystem — the people, the infrastructure, the business model — not just the payload.” That includes disrupting ransomware-as-a-service, targeting marketplaces, and yes, investing in preemptive intelligence.Marco flips the script by comparing today's cyber landscape to something deeply human. “Extortion is nothing new — we've just digitalized it. This is human behavior, scaled by tech.”From there, the conversation takes a future-facing turn. Deepfakes, AI-powered phishing, the commoditization of generative tools — Lyne confirms it's all on their radar. But he's quick to note that cybercriminals aren't bleeding-edge innovators. “They adopt when the ROI is right. But AI-as-a-service? That's coming. And it will reshape how efficient — and damaging — these threats become.”And then the real insight lands:“You can't wait to be a victim to talk to law enforcement. We may already have access to the infrastructure. The earlier we hear from you, the better we can act — and fast.”That kind of operational openness isn't something you heard from law enforcement five years ago. It signals a cultural shift — one where collaboration is not optional, it's essential.William also highlights the NCA's partnerships with private sector firms, academia, and international agencies, including the Kronos operation targeting LockBit infrastructure. These kinds of collaborations prove that when information moves, so does impact.Why does this matter?Because while most cybersecurity media gets stuck in product buzzwords and vendor hype, this is the real stuff — how ransomware groups behave, how law enforcement thinks, and how society can respond. It's not theory. It's strategy, lived on the front lines. 

ITSPmagazine | Technology. Cybersecurity. Society
What Hump? Thirty Years of Cybersecurity and the Fine Art of Pretending It's Not a Human Problem | A Musing On Society & Technology Newsletter Written By Marco Ciappelli | Read by TAPE3

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 15, 2025 9:59


What Hump? Thirty Years of Cybersecurity and the Fine Art of Pretending It's Not a Human ProblemA new transmission from Musing On Society and Technology Newsletter, by Marco CiappelliJune 6, 2025A Post-Infosecurity Europe Reflection on the Strange but Predictable Ways We've Spent Thirty Years Pretending Cybersecurity Isn't About People.⸻ Once there was a movie titled “Young Frankenstein” (1974) — a black-and-white comedy directed by Mel Brooks, written with Gene Wilder, and starring Wilder and Marty Feldman, who delivers the iconic “What hump?” line.Let me describe the scene:[Train station, late at night. Thunder rumbles. Dr. Frederick Frankenstein steps off the train, greeted by a hunched figure holding a lantern — Igor.]Igor: Dr. Frankenstein?Dr. Frederick Frankenstein: It's Franken-steen.Igor: Oh. Well, they told me it was Frankenstein.Dr. Frederick Frankenstein: I'm not a Frankenstein. I'm a Franken-steen.Igor (cheerfully): All right.Dr. Frederick Frankenstein (noticing Igor's eyes): You must be Igor.Igor: No, it's pronounced Eye-gor.Dr. Frederick Frankenstein (confused): But they told me it was Igor.Igor: Well, they were wrong then, weren't they?[They begin walking toward the carriage.]Dr. Frederick Frankenstein (noticing Igor's severe hunchback): You know… I'm a rather brilliant surgeon. Perhaps I could help you with that hump.Igor (looks puzzled, deadpan): What hump?[Cut to them boarding the carriage, Igor climbing on the outside like a spider, grinning wildly.]It's a joke, of course. One of the best. A perfectly delivered absurdity that only Mel Brooks and Marty Feldman could pull off. But like all great comedy, it tells a deeper truth.Last night, standing in front of the Tower of London, recording one of our On Location recaps with Sean Martin, that scene came rushing back. We joked about invisible humps and cybersecurity. And the moment passed. Or so I thought.Because hours later — in bed, hotel window cracked open to the London night — I was still hearing it: “What hump?”And that's when it hit me: this isn't just a comedy bit. It's a diagnosis. Here we are at Infosecurity Europe, celebrating its 30th anniversary. Three decades of cybersecurity: a field born of optimism and fear, grown in complexity and contradiction.We've built incredible tools. We've formed global communities of defenders. We've turned “hacker” from rebel to professional job title — with a 401(k), branded hoodies, and a sponsorship deal. But we've also built an industry that — much like poor Igor — refuses to admit something's wrong.The hump is right there. You can see it. Everyone can see it. And yet… we smile and say: “What hump?”We say cybersecurity is a priority. We put it in slide decks. We hold awareness months. We write policies thick enough to be used as doorstops. But then we underfund training. We silo the security team. We click links in emails that say whatever will make us think it's important — just like those pieces of snail mail stamped URGENT that we somehow believe, even though it turns out to be an offer for a new credit card we didn't ask for and don't want. Except this time, the payload isn't junk mail — it's a clown on a spring exploding out of a fun box.Igor The hump moves, shifts, sometimes disappears from view — but it never actually goes away. And if you ask about it? Well… they were wrong then, weren't they?That's because it's not a technology problem. This is the part that still seems hard to swallow for some: Cybersecurity is not a technology problem. It never was.Yes, we need technology. But technology has never been the weak link.The weak link is the same as it was in 1995: us. The same it was before the internet and before computers: Humans.With our habits, assumptions, incentives, egos, and blind spots. We are the walking, clicking, swiping hump in the system. We've had encryption for decades. We've known about phishing since the days of AOL. Zero Trust was already discussed in 2004 — it just didn't have a cool name yet.So why do we still get breached? Why does a ransomware gang with poor grammar and a Telegram channel take down entire hospitals?Because culture doesn't change with patches. Because compliance is not belief. Because we keep treating behavior as a footnote, instead of the core.The Problem We Refuse to See at the heart of this mess is a very human phenomenon:vIf we can't see it, we pretend it doesn't exist.We can quantify risk, but we rarely internalize it. We trust our tech stack but don't trust our users. We fund detection but ignore education.And not just at work — we ignore it from the start. We still teach children how to cross the street, but not how to navigate a phishing attempt or recognize algorithmic manipulation. We give them connected devices before we teach them what being connected means. In this Hybrid Analog Digital Society, we need to treat cybersecurity not as an optional adult concern, but as a foundational part of growing up. Because by the time someone gets to the workforce, the behavior has already been set.And worst of all, we operate under the illusion that awareness equals transformation.Let's be real: Awareness is cheap. Change is expensive. It costs time, leadership, discomfort. It requires honesty. It means admitting we are all Igor, in some way. And that's the hardest part. Because no one likes to admit they've got a hump — especially when it's been there so long, it feels like part of the uniform.We have been looking the other way for over thirty years. I don't want to downplay the progress. We've come a long way, but that only makes the stubbornness more baffling.We've seen attacks evolve from digital graffiti to full-scale extortion. We've watched cybercrime move from subculture to multi-billion-dollar global enterprise. And yet, our default strategy is still: “Let's build a bigger wall, buy a shinier tool, and hope marketing doesn't fall for that PDF again.”We know what works: Psychological safety in reporting. Continuous learning. Leadership that models security values. Systems designed for humans, not just admins.But those are hard. They're invisible on the balance sheet. They don't come with dashboards or demos. So instead… We grin. We adjust our gait. And we whisper, politely:“What hump?”So what Happens now? If you're still reading this, you're probably one of the people who does see it. You see the hump. You've tried to point it out. Maybe you've been told you're imagining things. Maybe you've been told it's “not a priority this quarter.” And maybe now you're tired. I get it.But here's the thing: Nothing truly changes until we name the hump.Call it bias.Call it culture.Call it education.Call it the human condition.But don't pretend it's not there. Not anymore. Because every time we say “What hump?” — we're giving up a little more of the future. A future that depends not just on clever code and cleverer machines, but on something far more fragile:Belief. Behavior. And the choice to finally stop pretending.We joked in front of a thousand-year-old fortress. Because sometimes jokes tell the truth better than keynote stages do. And maybe the real lesson isn't about cybersecurity at all.Maybe it's just this: If we want to survive what's coming next, we have to see what's already here.- The End➤ Infosecurity Europe: https://www.itspmagazine.com/infosecurity-europe-2025-infosec-london-cybersecurity-event-coverageAnd ... we're not done yet ... stay tuned and follow Sean and Marco as they will be On Location at the following conferences over the next few months:➤ Black Hat USA in Las Vegas in August: https://www.itspmagazine.com/black-hat-usa-2025-hacker-summer-camp-2025-cybersecurity-event-coverage-in-las-vegasFOLLOW ALL OF OUR ON LOCATION CONFERENCE COVERAGEhttps://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageShare this newsletter and invite anyone you think would enjoy it!As always, let's keep thinking!— Marco [https://www.marcociappelli.com]

ITSPmagazine | Technology. Cybersecurity. Society
Beyond the Hoodie: Redefining Who Belongs in Cybersecurity with Community as the Missing Link in Cyber Resilience | An Infosecurity Europe 2025 Conversation with Amanda Finch | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 27:03


In this episode, Amanda Finch, Chief Executive Officer of the Chartered Institute of Information Security, offers a perspective shaped by decades of experience in a field she has grown with and helped shape. She shares how cybersecurity has transformed from an obscure technical pursuit into a formalized profession with recognized pathways, development programs, and charters. Her focus is clear: we need to support individuals and organizations at every level to ensure cybersecurity is inclusive, sustainable, and effective.Amanda outlines how the Chartered Institute has developed a structured framework to support cybersecurity careers from entry-level to fellowship. Programs such as the Associate Development Program and the Full Membership Development Program help individuals grow into leadership roles, especially those who come from technical backgrounds and must now influence strategy, policy, and people. She emphasizes that supporting this journey isn't just about skills—it's about building confidence and community.A significant part of the conversation centers on representation and diversity. Amanda speaks candidly about being one of the only women in the room early in her career and acknowledges the progress made, but she also highlights the structural issues still holding many back. From the branding of cybersecurity as overly technical, to the inaccessibility of school programs for under-resourced communities, the industry has work to do. She argues for a wider understanding of the skills needed in cybersecurity—communication, analysis, problem-solving—not just coding or technical specialization.Amanda also addresses the growing threat to small and medium-sized businesses. While large organizations may have teams and resources to manage security, smaller businesses face the same threats without the same support. She calls for a renewed emphasis on community-based solutions—knowledge sharing, mentorship, and collaborative platforms—that extend the reach of cyber defense to those with fewer resources.In closing, Amanda urges us not to forget the enduring principles of security—know what you're protecting, understand the consequences if it fails, and use foundational practices to stay grounded even when new technologies like AI and deepfakes arrive. And just as importantly, she reminds us that human principles—trust, empathy, responsibility—are vital tools in facing cybersecurity's biggest challenges.___________Guest: Amanda Finch, CEO of the Chartered Institute of Information Security | https://www.linkedin.com/in/amanda-finch-fciis-b1b1951/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Code to Culture: Why Technical Tools Alone Won't Save Cybersecurity | An Infosecurity Europe 2025 Conversation with Rob Black | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 22:33


What if the key to cybersecurity isn't more tech—but more humanity?In this On Location episode of ITSPmagazine, Rob Black—UK Cyber Citizen of the Year and founder of the Global Institute of Cyber Deception—joins hosts Marco Ciappelli and Sean Martin to challenge conventional thinking around cyber defense. With a background spanning military operations and human sciences, Rob brings a fresh perspective that prioritizes multidisciplinary thinking, behavioral insight, and creative disruption over brute-force technology.Rob highlights the importance of soft skills and critical thinking through initiatives like the UK Cyber Leaders Challenge, where students take on crisis simulation roles to sharpen leadership and communication in real-world scenarios. These experiences underscore the need to cultivate professionals who can think dynamically, not just code efficiently.A key focus of the conversation is the strategic use of deception in cybersecurity. Rob points out that while organizations obsess over vulnerabilities and zero-days, they often overlook attacker intent. Instead of just locking down infrastructure, defenders should disrupt decision-making—using tools, tactics, and even perception itself to sow doubt and hesitation. From publicizing the use of deception technologies to crafting networks that appear already compromised by rival threat actors, Rob argues for a smarter, more psychological approach to defense.He also pushes back against the industry's obsession with tools for every symptom—drawing a parallel to big pharma's model of selling treatments without tackling root causes. If cybersecurity is to become more resilient, he argues, it needs to embrace a systems mindset that includes governance, behavioral science, and even cultural analysis.This episode is a must-listen for anyone tired of buzzwords and ready to rethink cybersecurity as a socio-technical system—not just a digital one. From geopolitics to psychology, deception to diplomacy, Rob Black connects the dots between how we live with technology and how we must protect it—not just through code, but through creativity, context, and compassion. Listen now to explore how cybersecurity can grow up—and get smarter—by getting more human.___________Guest: Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The Digital Dark Alley: Teaching Cybersecurity Like Fire Safety by Building Cyber Habits That Stick | An Infosecurity Europe 2025 Conversation with Jemma Davis | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 21:06


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Saima Poorghobad, Portfolio Director at Reed Exhibitions | https://www.linkedin.com/in/saima-poorghobad-6a37791b/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Stay Calm, But Be Ready: What Trust Looks Like in the Middle of a Breach | An Infosecurity Europe 2025 Conversation with Steve Wright | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 28:57


What does it really mean to be crisis-ready? In this conversation from InfoSecurity Europe 2025, Steve Wright—a data privacy and cybersecurity leader with three decades of experience spanning Siemens, Unilever, John Lewis, and the Bank of England—joins Sean Martin and Marco Ciappelli to unpack the heart of effective crisis management. With a career that's evolved from risk, through cybersecurity, and now into privacy, Wright offers a refreshingly grounded perspective: crisis management starts with staying calm—but only if you've done the work beforehand.Preparation Over PanicCrisis management isn't just a technical checklist—it's a cultural discipline. Wright emphasizes that calm only comes from consistent practice. From live simulations to cross-functional coordination, he warns that too many organizations are underprepared, relying on ad hoc responses when a breach or outage occurs. Drawing on a real-life ransomware scenario from his time at John Lewis, Wright illustrates the importance of verification, collaboration with law enforcement, and informed decision-making over knee-jerk reactions.Containment, Communication, and CulturePreparation leads naturally to containment—an organization's ability to limit the damage. Whether it's pulling cables or isolating systems, quick thinking can prevent weeks of downtime. But just as important is how you communicate. Wright points to the contrast between companies that respond with transparency and empathy versus those that go silent, risking public trust. Modern crisis management requires the ability to shift the narrative and speak directly to affected stakeholders—before speculation takes over.Trust and Accountability in a Global EcosystemDigital trust has become a board-level concern, not just a technical one. Wright notes that conversations with executives have moved beyond compliance to include broader questions of data ownership, consumer expectations, and supply chain accountability. As global systems grow more complex, clarity about who owns what—and who's responsible when things go wrong—becomes harder to establish, but more important than ever.Looking AheadWright ends with a look to the future, imagining a world where individuals control their data through biometric locks and personal data brokers. Whether this utopia (or dystopia) arrives remains to be seen—but the path forward demands organizations prioritize practice, transparency, and trust today.___________Guest: Steve Wright, Data Protection Officer, Financial Services Compensation Scheme | https://www.linkedin.com/in/stevewright1970/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Understanding Cybersecurity Behavior: From Social Engineering to Shadow AI | An Infosecurity Europe 2025 Conversation with Jason Nurse | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 15:21


Dr. Jason Nurse, academic and cybersecurity behavior researcher, joins Marco Ciappelli at Infosecurity Europe to unpack the shift in cybersecurity thinking—away from purely technical measures and toward a deeper understanding of human behavior and psychology. Nurse focuses his work on why people act the way they do when it comes to security decisions, and how culture, community, and workplace influences shape those actions.Behavior is increasingly taking center stage in security conversations, and for good reason. Nurse points to recent attacks that succeed not because of flaws in technology but due to the manipulation of individuals—such as social engineering tactics that target help desk personnel. These incidents highlight how behavioral cues and psychological triggers are weaponized, making it critical for organizations to address not just systems, but the people using them.The conversation then shifts to artificial intelligence, particularly the growing issue of “shadow AI” in corporate settings. Nurse cites research from the National Cybersecurity Alliance's Behavior Report, revealing that approximately 40% of employees who use AI admit to sharing sensitive corporate information with these tools—often without their employer's awareness. Even more concerning, over half of those organizations offer no training on safe or responsible AI use.Rather than banning AI outright, Nurse advocates for responsible use grounded in training and transparency. He acknowledges that some companies attempt to enforce boundaries by deploying internal AI systems, but these are often limited in capability. Others are exploring solutions to filter or sanitize inputs, though achieving a practical balance remains elusive.The conversation also touches on the emotional and psychological bonds forming between individuals and AI. Nurse notes that users increasingly treat AI like a companion, trusting it with personal information and seeking advice, even in sensitive contexts such as mental health. That trust, while understandable, opens new avenues for misuse and misjudgment—especially when users forget AI lacks genuine understanding.This episode prompts an important question: as AI becomes part of our daily routines, how do we maintain control, context, and caution in our interactions with it—and what does that mean for the future of security?___________Guest: Dr. Jason R.C. Nurse, Associate Professor in Cybersecurity at the University of Kent | https://www.linkedin.com/in/jasonrcnurse/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Vulnerability to Visibility: Rethinking Exposure Management | A Brand Story with Tod Beardsley from runZero | An infosecurity Europe 2025 Conference On Location Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 27:20


Security teams often rely on scoring systems like Common Vulnerability Scoring System (CVSS), Exploit Prediction Scoring System (EPSS), and Stakeholder-Specific Vulnerability Categorization (SSVC) to make sense of vulnerability data—but these frameworks don't always deliver the clarity needed to act. In this episode, Tod Beardsley, Vice President of Security Research at runZero, joins host Sean Martin at InfoSec Europe 2025 to challenge how organizations use these scoring systems and to explain why context is everything when it comes to exposure management.Beardsley shares his experience navigating the limitations of vulnerability scoring. He explains why common outputs—like a CVSS score of 7.8—often leave teams with too many “priorities,” forcing them into ineffective, binary patch-or-don't-patch decisions. By contrast, he highlights the real value in understanding factors like access vectors and environmental fit, which help security teams focus on what's relevant to their specific networks and business-critical systems.The conversation also explores SSVC's ability to drive action through decision-tree logic rather than abstract scores, enabling defenders to justify priorities to leadership based on mission impact. This context-centric approach requires a deep understanding of both the asset and its role in the business—something Beardsley notes can be hard to achieve without support.That's where runZero steps in. Beardsley outlines how the platform identifies unmanaged or forgotten devices—including IoT, legacy systems, and third-party gear—without needing credentials or agents. From uncovering multi-homed light bulbs that straddle segmented networks to scanning for default passwords and misconfigurations, RunZero shines a light into the forgotten corners of corporate infrastructure.The episode closes with a look at merger and acquisition use cases, where runZero helps acquiring companies understand the actual tech debt and exposure risk in the environments they're buying. As Beardsley puts it, the goal is simple: give defenders the visibility and context they need to act now—not after something breaks.Whether you're tracking vulnerabilities, uncovering shadow assets, or preparing for your next acquisition, this episode invites you to rethink what visibility really means—and how you can stop chasing scores and start reducing risk.Learn more about runZero: https://itspm.ag/runzero-5733Note: This story contains promotional content. Learn more.Guest: Tod Beardsley, Vice President of Security Research at runZero | On Linkedin: https://www.linkedin.com/in/todb/ResourcesLearn more and catch more stories from runZero: https://www.itspmagazine.com/directory/runzeroAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, tod beardsley, runzero, exposure, vulnerability, asset, risk, ssdc, cvss, iot, brand story, brand marketing, marketing podcast, brand story podcast

ITSPmagazine | Technology. Cybersecurity. Society
When Automation Meets Ethics, Budget, Data, and Risk: The Real Factors Behind AI Deployment | An Infosecurity Europe 2025 Conversation with Andrea Isoni | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 29:35


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Saima Poorghobad, Portfolio Director at Reed Exhibitions | https://www.linkedin.com/in/saima-poorghobad-6a37791b/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Collaboration Isn't Fluffy: It's Fundamental to Cybersecurity—Rethinking the Role of Humans in Cyber Defense | An Infosecurity Europe 2025 Conversation with Purvi Kay and Rob Black | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 16:45


Cybersecurity isn't just about code, controls, or compliance—it's about people. That's the core message from Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems, and Rob Black, founder of the UK Cyber Leaders Challenge, as they share how genuine collaboration is reshaping security success in high-stakes environments.In this InfoSecurity Europe conversation, Purvi emphasizes that cybersecurity is still too often seen as an IT issue, when in reality it cuts across every aspect of business. Her role spans cybersecurity strategy, leadership development, and advocacy—serving also as Chair of BAE's Women in Cyber program and as a neurodiversity champion. For her, inclusion is more than a policy—it's essential to mission success, especially when coordinating across trilateral government and industry teams on programs as complex as next-gen fighter aircraft.Rob reinforces this point with his focus on developing soft skills in future cybersecurity leaders. His work brings non-traditional talent into cyber, prioritizing communication, empathy, and multidisciplinary collaboration. These human-centric capabilities are crucial when bridging divides between security, legal, HR, and operations.Both guests highlight how assumptions, language, and siloed thinking obstruct progress. Purvi shares how cybersecurity has often been seen as a barrier—brought in too late, misunderstood, or left out of key decisions. She now champions “secure by design” practices through early involvement of cross-functional teams. Rob brings a memorable example: using marriage counseling techniques to help auditors and developers understand each other better—not to resolve personal conflict, but to decode cultural and professional misalignments.Their conversation also touches on practical methods for building shared understanding, from sketching “river journeys” to map project dynamics, to fostering stakeholder buy-in through intentional communication. Whether aligning three governments or managing internal procurement, they show that collaboration isn't just a buzzword—it's a structured, repeatable approach to managing complexity.This episode offers a thoughtful and grounded look at how meaningful human connection—across functions, cultures, and roles—forms the foundation of effective cybersecurity. It's a timely reminder that the path to resilience begins with listening, empathy, and a clear sense of shared purpose.___________Guests:Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems | https://www.linkedin.com/in/purvikay/Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The Billion-Dollar Blueprint: Following the Digital Trail of Criminal Cash and the Human Cost of Cybercrime | An Infosecurity Europe 2025 Conversation with Geoff White | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 24:04


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Geoff White, Author, Speaker, Investigative Journalist, Podcast Creator | https://www.linkedin.com/in/geoffwhitetech/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
What Helps You Sleep Better at Night: A Practical Take on Zero Trust | A Brand Story with Rob Allen from ThreatLocker | An Infosecurity Europe 2025 Pre-Event Brand Story

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 22, 2025 23:03


As InfoSecurity Europe prepares to welcome cybersecurity professionals from across the globe, Rob Allen, Chief Product Officer at ThreatLocker, shares why this moment—and this location—matters. Allen doesn't frame the conversation around hype or headlines. Instead, he focuses on a universal truth: organizations want to sleep better at night knowing their environments are secure.ThreatLocker's mission is grounded in achieving Zero Trust in a simple, operationally feasible way. But more than that, Allen emphasizes their value as enablers of peace of mind. Whether helping customers prevent ransomware attacks or meet regional regulatory requirements like GDPR or Australia's Essential Eight, the company is working toward real-world solutions that reduce complexity without sacrificing security. Their presence at events like InfoSecurity Europe is key—not just for outreach, but to hear directly from customers and partners about what's working and where they need help.Why Being There MattersDifferent regions have different pressures. In Australia, adoption surged without any local team initially on the ground—driven purely by alignment with the Essential Eight framework. In the UK, it's conversations about Cyber Essentials that shape booth discussions. Regulations aren't just compliance checklists; they're also conversation starters that change how organizations prioritize security.The ThreatLocker team doesn't rely on generic demos or vague promises. They bring targeted examples to the booth—like asking attendees if they know what software can be run on their machines without alerting anyone. If tools like remote desktop applications or archive utilities can be freely executed, attackers can use them too. This is where ThreatLocker steps in: controlling what runs, identifying what's necessary, and blocking what isn't.Booth D90 and BeyondRob Allen invites anyone—whether they're new to ThreatLocker or longtime users—to visit booth D90. The team, built with a mix of technical skill and humor (ask about the “second-best beard” in the company), is there to listen and help. It's not just about showcasing technology; it's about building relationships and reinforcing a shared goal: practical, proactive cybersecurity that makes a measurable difference.If you're at InfoSecurity Europe, stop by. If you're not, this episode offers a meaningful glimpse into why showing up—both physically and philosophically—matters in cybersecurity.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerCyber Essentials Guide: https://threatlocker.kb.help/threatlocker-and-cyber-essentials-compliance/?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interview_rob&utm_term=podcastAustralia's Essential Eight Guide: https://www.threatlocker.com/whitepaper/australia-essential-eight?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interviLearn more and catch more event coverage stories from Infosecurity Europe 2025 in London: https://www.itspmagazine.com/infosec25 ______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, infosec, compliance, ransomware, endpoint, regulation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

ITSPmagazine | Technology. Cybersecurity. Society
Celebrating 30 Years of Connection, Innovation, and Community at Infosecurity Europe in London | Our Traditional Pre-Event Kick-Off Conversation with Saima Poorghobad | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 22, 2025 24:49


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Saima Poorghobad, Portfolio Director at Reed Exhibitions | https://www.linkedin.com/in/saima-poorghobad-6a37791b/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
When Guardrails Aren't Enough: How to Handle AI's Hidden Vulnerabilities | An Infosecurity Europe 2025 Pre-Event Conversation with Peter Garraghan | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 22, 2025 23:45


In this episode of our InfoSecurity Europe 2024 On Location coverage, Marco Ciappelli and Sean Martin sit down with Professor Peter Garraghan, Chair in Computer Science at Lancaster University and co-founder of the AI security startup Mindgard. Peter shares a grounded view of the current AI moment—one where attention-grabbing capabilities often distract from fundamental truths about software security.At the heart of the discussion is the question: Can my AI be hacked? Peter's answer is a firm “yes”—but not for the reasons most might expect. He explains that AI is still software, and the risks it introduces are extensions of those we've seen for decades. The real difference lies not in the nature of the threats, but in how these new interfaces behave and how we, as humans, interact with them. Natural language interfaces, in particular, make it easier to introduce confusion and harder to contain behaviors, especially when people overestimate the intelligence of the systems.Peter highlights that prompt injection, model poisoning, and opaque logic flows are not entirely new challenges. They mirror known classes of vulnerabilities like SQL injection or insecure APIs—only now they come wrapped in the hype of generative AI. He encourages teams to reframe the conversation: replace the word “AI” with “software” and see how the risk profile becomes more recognizable and manageable.A key takeaway is that the issue isn't just technical. Many organizations are integrating AI capabilities without understanding what they're introducing. As Peter puts it, “You're plugging in software filled with features you don't need, which makes your risk modeling much harder.” Guardrails are often mistaken for full protections, and foundational practices in application development and threat modeling are being sidelined by excitement and speed to market.Peter's upcoming session at InfoSecurity Europe—Can My AI Be Hacked?—aims to bring this discussion to life with real-world attack examples, systems-level analysis, and a practical call to action: retool, retrain, and reframe your approach to AI security. Whether you're in development, operations, or governance, this session promises perspective that cuts through the noise and anchors your strategy in reality.___________Guest: Peter Garraghan, Professor in Computer Science at Lancaster University, Fellow of the UK Engineering Physical Sciences and Research Council (EPSRC), and CEO & CTO of Mindgard | https://www.linkedin.com/in/pgarraghan/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesPeter's Session: https://www.infosecurityeurope.com/en-gb/conference-programme/session-details.4355.239479.can-my-ai-be-hacked.htmlLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Isolation to Collaboration: Rethinking Cyber Resilience for the Real World of Small and Medium Enterprise | Infosecurity Europe 2025 Pre-Event Conversation with Steven Furnell | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 15, 2025 24:07


Small and medium-sized enterprises (SMEs) continue to be at a disadvantage when it comes to cybersecurity—not because the risks are unclear, but because the means to address them remain out of reach for many. In this episode, Professor Steven Furnell of the University of Nottingham highlights the real barriers SMEs face and shares the thinking behind a new approach: creating cybersecurity communities of support.The research behind this project, supported by the University and its partners, explores how different types of SMEs—micro, small, and medium-sized—struggle with limited time, budget, and expertise. Many rely on third-party service providers, but often don't have enough cybersecurity knowledge to evaluate what “good” looks like. It's not just a resource problem—it's a visibility and literacy problem.Furnell emphasizes the potential of automation to lift some of the burden, from automated updates to scheduled malware scans. But he also makes it clear that automated tools can't fully replace the need for human judgment, especially in scenarios like phishing or social engineering attacks. People still need cybersecurity literacy to recognize and resist threats.That's where the idea of communities of support comes in. Rather than each SME navigating cybersecurity alone, the goal is to create local or sector-based communities where businesses and cybersecurity practitioners can engage in open, non-commercial conversations. These communities would offer SMEs a space to ask questions, share challenges, and exchange practical advice—without pressure, cost, or fear of judgment.The initiative isn't about replacing regulation or mandating compliance. It's about raising the baseline first. Communities of support can serve as a step toward greater awareness and capability—something that's especially critical in a world where supply chains are interconnected, and security failures in one small link can ripple outward.The message is clear: cybersecurity isn't just a technical issue—it's a social one. And it starts by creating room for dialogue, connection, and shared responsibility. Want to know what this model could look like in your community? Tune in to find out.__________________________________Guest: Steven Furnell | Professor of Cyber Security at University of Nottinghamhttps://www.linkedin.com/in/stevenfurnell/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The Future Is a Place We Visit, But Never Stay | A Post RSAC Conference 2025 Reflection | A Musing On Society & Technology Newsletter with Marco Ciappelli and TAPE3 | Read by TAPE3

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 10, 2025 7:31


The Future Is a Place We Visit, But Never StayMay 9, 2025A Post-RSAC 2025 Reflection on the Kinda Funny and Pretty Weird Ways Society, Technology, and Cybersecurity Intersect, Interact, and Often Simply Ignore Each Other.By Marco Ciappelli | Musing on Society and TechnologyHere we are — once again, back from RSAC. Back from the future. Or at least the version of the future that fits inside a conference badge, a branded tote bag, and a hotel bill that makes you wonder if your wallet just got hacked.San Francisco is still buzzing with innovation — or at least that's what the hundreds of self-driving cars swarming the city would have you believe. It's hard to feel like you're floating into a Jetsons-style future when your shuttle ride is bouncing through potholes that feel more 1984 than 2049.I have to admit, there's something oddly poetic about hosting a massive cybersecurity event in a city where most attendees would probably rather not be — and yet, here we are. Not for the scenery. Not for the affordability. But because, somehow, for a few intense days, this becomes the place where the future lives.And yes, it sometimes looks like a carnival. There are goats. There are puppies. There are LED-lit booths that could double as rave stages. Is this how cybersecurity sells the feeling of safety now? Warm fuzzies and swag you'll never use? I'm not sure.But again: here we are.There's a certain beauty in it. Even the ridiculous bits. Especially the ridiculous bits.Personally, I'm grateful for my press badge — it's not just a backstage pass; it's a magical talisman that wards off the pitch-slingers. The power of not having a budget is strong with this one.But let's set aside the Frankensteins in the expo hall for a moment.Because underneath the spectacle — behind the snacks, the popcorns, the scanners and the sales demos — there is something deeply valuable happening. Something that matters to me. Something that has kept me coming back, year after year, not for the products but for the people. Not for the tech, but for the stories.What RSAC Conference gives us — what all good conferences give us — is a window. A quick glimpse through the curtain at what might be.And sometimes, if you're lucky and paying attention, that glimpse stays with you long after the lights go down.We have quantum startups talking about cryptographic agility while schools are still banning phones. We have generative AI writing software — code that writes code — while lawmakers print bills that read like they were faxed in from 1992. We have cybersecurity vendors pitching zero trust to rooms full of people still clinging to the fantasy of perimeter defense — not just in networks, but in their thinking.We're trying to build the future on top of a mindset that refuses to update.That's the real threat. Not AI and quantum. Not ransomware. Not the next zero-day.It's the human operating system. It hasn't been patched in a while.And so I ask myself — what are these conferences for, really?Because yes, of course, they matter.Of course I believe in them — otherwise I wouldn't be there, recording stories, chasing conversations, sharing a couch and a mic with whoever is bold enough to speak not just about how we fix things, but why we should care at all.But I'm also starting to believe that unless we do something more — unless we act on what we learn, build on what we imagine, challenge what we assume — these gatherings will become time capsules. Beautiful, well-produced, highly caffeinated, blinking, noisy time capsules.We don't need more predictions. We need more decisions.One of the most compelling conversations I had wasn't about tech at all. It was about behavior. Human behavior.Dr. Jason Nurse reminded us that most people are not just confused by cybersecurity — they're afraid of it.They're tired.They're overwhelmed.And in their confusion, they become unpredictable. Vulnerable.Not because they don't care — but because we haven't built a system that makes it easy to care.That's a design flaw.Elsewhere, I heard the term “AI security debt.” That one stayed with me.Because it's not just technical debt anymore. It's existential.We are creating systems that evolve faster than our ability to understand them — and we're doing it with the same blind trust we used to install browser toolbars in the ‘90s.“Sure, it seems useful. Click accept.”We've never needed collective wisdom more than we do right now.And yet, most of what we build is designed for speed, not wisdom.So what do we do?We pause. We reflect. We resist the urge to just “move on” to the next conference, the next buzzword, the next promised fix.Because the real value of RSAC isn't in the badge or the swag or the keynotes.It's in the aftershock.It's in what we carry forward, what we refuse to forget, what we dare to question even when the conference is over, the blinking booths vanish, the future packs up early, and the lanyards go into the drawer of forgotten epiphanies — right next to the stress balls, the branded socks and the beautiful prize that you didn't win.We'll be in Barcelona soon. Then London. Then Vegas.We'll gather again. We'll talk again. But maybe — just maybe — we can start to shift the story.From visiting the future… To staying a while.Let's build something we don't want to walk away from. And now, ladies and gentlemen… the show is over.The lights dim, the music fades, and the future exits stage left...Until we meet again.—Marco ResourcesRead first newsletter about RSAC 2025 I wrote last week " Securing Our Future Without Leaving Half Our Minds in the Past" https://www.linkedin.com/pulse/securing-our-future-without-leaving-half-minds-past-marco-ciappelli-cry1c/

ITSPmagazine | Technology. Cybersecurity. Society
The Ultimate 2025 Tech & Cybersecurity Event Guide: Where to Be | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Feb 4, 2025 11:39


ITSPmagazine is gearing up for another year of in-depth event coverage, bringing insights from industry leaders, innovators, and companies making an impact in cybersecurity, technology, and society. Sean Martin and Marco Ciappelli outline their plans for 2025, emphasizing a mix of established conferences and new opportunities to highlight emerging discussions.Key Industry EventsThe year's schedule includes cornerstone cybersecurity conferences such as RSA Conference in San Francisco, Infosecurity Europe in London, and Black Hat in Las Vegas. These events serve as major platforms for discussing industry trends, launching new products, and showcasing research. Through editorial coverage, interviews, and discussions, ITSP Magazine provides perspectives from keynote speakers, panelists, and organizations shaping the field.Expanding Coverage Beyond CybersecurityBeyond security-focused events, the team is covering NAMM 2025, a leading music and technology conference, and Legal Week in New York, where legal, policy, and AI discussions intersect. Other major tech gatherings include CES, VivaTech, and KIMS, broadening the conversation to industries influencing the digital landscape.For companies looking to share their stories at these events, ITSP Magazine is offering sponsorship opportunities and editorial coverage. Stay tuned for updates, and catch ITSP Magazine on location throughout the year.Learn about Event Briefings: https://www.itspmagazine.com/event-coverage-briefingsLearn about the Event Coverage Sponsorship Bundle: https://www.itspmagazine.com/event-coverage-sponsorship-and-briefingsHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliThis Episode's Sponsor: HITRUST: https://itspm.ag/itsphitwebResourcesThe Business Newsletter: https://www.itspmagazine.com/campaigns/view-campaign/4GZV4Nk80T4jGaFCG6wZZXFhO1wa91_1AeZOznFKw-qJhYFt14gJ1lyUvtlfhpABey1BbwWbzLzj-wkwtsauLPtoWbDsmyr-RSA Conference 2025: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageBlack Hat USA 2025: https://www.itspmagazine.com/black-hat-usa-2025-hacker-summer-camp-2025-cybersecurity-event-coverage-in-las-vegasInfosecurity Europe 2025: https://www.itspmagazine.com/infosecurity-europe-2025-infosec-london-cybersecurity-event-coverageAll of our planned On Location event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Exploring Cyber Insurance Nuances Across Europe | An Infosecurity Europe 2024 Conversation with Marcin Gajkowski and Michael Balwinski from Generali Poland | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 11, 2024 24:57


Guests:  Marcin Gajkowski, Head of Liability Underwriting Team, Generali PolandOn LinkedIn | https://www.linkedin.com/in/marcin-gajkowski-4a6685134/ Michal Balwinski, Senior Underwriter and Cyber Practice Leader, Generali PolandOn LinkedIn | https://www.linkedin.com/in/micha%C5%82-balwi%C5%84ski-136105197/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesExploring Cyber Insurance Nuances Across Europe with Generali Poland at InfoSecurity Europe 2024Picture this: bustling conversations, gleaming booths, and thought-provoking sessions at InfoSecurity Europe 2024, held in the vibrant city of London. Amidst this atmosphere, Sean Martin and Marco Ciappelli of "On Location With Marco and Sean" invite listeners into a fascinating discussion focusing on the intricacies of cyber insurance within Europe. Joined by two brilliant minds from Generali Poland, Marcin Gajkowsky and Michael Balwinski, this episode immerses us into understanding cyber insurance and its varied landscape across the continent.Setting the Scene: InfoSecurity Europe 2024The episode kicks off with Marco and Sean's characteristically witty banter. They joked about their numerous travels and questioned their whereabouts, reflecting the lively and spontaneous spirit of live recording. They also introduce their esteemed guests, Marcin Gajkowsky and Michael Balwinski, from Generali Poland. The discussion's setting is none other than the renowned InfoSecurity Europe event, where cybersecurity professionals gather to forge connections and share innovative security solutions.Understanding Cyber Insurance: Perspectives from Generali PolandMarcin Gajkowsky, leading Generali Poland's Liability Team, opens up about his journey into cyber insurance. Despite his initial background in casualty and professional indemnity underwriting, Gajkowsky has grown passionate about the potential and challenges of cyber insurance, especially within Poland. With the deployment of their local cyber insurance policy in 2021, Generali Poland has committed to navigating and shaping this emerging market.Michael Balwinski, a senior underwriter and cyber insurance practice leader at Generali Poland, delves further into the policies and market dynamics. He highlights the significant knowledge gap in Central and Eastern Europe, a relic of historical and geopolitical contexts. This awareness gap necessitates steps for thorough market education and awareness building, ensuring businesses understand and value the importance of cyber insurance.Market Dynamics: Diversity Across EuropeBalwinski emphasizes the differing levels of cyber risk awareness across Europe. The UK, Western Europe, and the Mediterranean regions each present unique insurance needs and challenges based on their levels of digital sophistication and historical development. Poland's market reveals a stark contrast with larger enterprises adopting sophisticated vendor technologies akin to global banks, while smaller and mid-sized companies lag behind, often unaware of the essential benefits and protections cyber insurance provides.Adapting to the Market: Educational and Technological PartnershipsReflecting on the unique role of cyber insurance, the Generali Poland team outlines their approach to nurturing client relationships. They provide comprehensive risk assessments, engaging conversations, and tailored recommendations. True to their philosophy, Generali Poland extends beyond the role of mere policy provider, establishing themselves as committed partners in their clients' cybersecurity journeys.One pivotal shift in insurance strategy involved offering additional prevention tools alongside policies, such as an anti-phishing package equipped with cutting-edge security kits. The goal is to bridge the evident gap in cyber preparedness among smaller enterprises, ensuring they have robust mitigation measures in place before a policy comes into effect.Resilience and Ransomware: To Pay or Not to Pay?A highlight of the discussion revolves around ransomware and the ethical and practical dilemmas associated with ransom payments. Marcin and Michael elucidate Generali Poland's firm stance against paying ransoms, except in extraordinary circumstances where lives are at stake. They stress that paying ransoms perpetuates the cycle of cybercrime funding and escalation. Instead, their approach focuses on bolstering clients' overall cyber resilience through comprehensive support, including 24/7 incident response services, business interruption coverage, and holistic risk management.Conclusion: Building a Borderless Cyber-Aware FutureAs the insightful conversation wraps up, Marco and Sean underscore the importance of cross-cultural exchange and the collective effort required to bolster cybersecurity awareness. They highlight the universal nature of cyber threats, transcending borders and demanding collaborative action.This captivating episode serves as a testament to the power of open dialogue and education in fostering a more secure digital landscape. As we move forward, the lessons from Generali Poland's proactive approach to cyber insurance will undoubtedly resonate across the industry, setting a precedent for future advancements in the field.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
The Present and Future of Cybersecurity Culture | An Infosecurity Europe 2024 Conversation with Aston Martin's CISO Robin Smith | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 11, 2024 26:54


Guest: Robin Smith, CISO of Aston Martin [@astonmartin]On LinkedIn | https://www.linkedin.com/in/robin-s-78148a133/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe latest episode of "On Location With Marco and Sean" features an in-depth discussion with Robin Smith, the Chief Information Security Officer (CISO) at Aston Martin. Recorded live in the media room at Infosecurity Europe 2024 in London, this episode explores the essential role of culture in cybersecurity. Sean Martin and Marco Ciappelli guide the conversation, touching on everything related to the complexities of organizational security culture.The IcebreakerThe conversation kicks off with some light-hearted banter about yogurt and its cultural significance, setting a relaxed tone before diving into the serious business of cybersecurity. Sean and Marco's playful exchange effectively breaks the ice, before Sean introduces Robin Smith, emphasizing how this conversation is the final one in their Infosecurity Europe coverage. Robin reciprocates with a warm thank you, before sharing insights on Aston Martin's cybersecurity culture.Life at Aston MartinRobin elaborates on his role at Aston Martin, revealing that he considers himself the "luckiest man in cyber." He explains how a commitment to high-quality IT initially existed at Aston Martin but not a fully developed cybersecurity culture. Over the past three years, his mission has been to build that culture, aligning it with Aston Martin's values and brand prestige.Building a Cybersecurity CultureRobin describes how he introduced a comprehensive security program that aligns with Aston Martin's renowned design and engineering standards. He discusses the importance of integrating cybersecurity as a full-spectrum approach to business improvement, not just a technological add-on.Lessons LearnedThe conversation shifts to some of the challenges and failures encountered along the way. Robin recounts an ambitious but ultimately unsuccessful attempt to engage the board with an open-source intelligence report on their personal information. Though the exercise did not go as planned, it provided invaluable lessons on cultural sensitivity and resource allocation.The Vision for the FutureRobin and Sean discuss the forward-thinking mindset necessary to navigate both immediate and long-term cybersecurity challenges. Robin emphasizes the need for a balanced approach that combines visionary planning with effective tactical response. He highlights Aston Martin's ambition for full automation and AI-driven security measures.Impact on Customers and CommunityMarco Ciappelli raises the question of how this robust security culture affects Aston Martin's customers. Robin assures that high-value customers expect the best, including top-notch security. He underscores the importance of securing the entire value chain, from suppliers to dealership networks.Community and CollaborationSean explores the role of community among CISOs. Robin shares his positive experiences with the automotive CISO community, emphasizing the value of honest and sometimes brutal feedback. This collaborative environment helps him and his peers continually improve their security programs.Wrapping UpAs the conversation winds down, both hosts thank Robin for his insights. They reflect on the passion and dedication evident in the cybersecurity community throughout the event. Sean invites Robin for another discussion on cyber futurism, hinting at more intriguing conversations to come.Marco and Sean close the episode by thanking their audience and expressing their excitement for future events. They hope to see everyone again at next year's Infosecurity Europe, promising more engaging content and enlightening discussions.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
Jump Into Our DeLorean and Travel Back and Forth Into the Future | An Infosecurity Europe 2024 Conversation with Madelein van der Hout and Paul McKay from Forrester | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2024 31:23


Guests: Madelein van der Hout, Senior Analyst Security & Risk at Forrester [@forrester]On LinkedIn | https://www.linkedin.com/in/madelein-van-der-hout-65452025/On Twitter | https://x.com/HoutMadeleinPaul McKay, Vice President, Research Director at Forrester [@forrester]On LinkedIn | https://www.linkedin.com/in/paul-mckay-5304a115/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Human Side of CybersecurityInfosecurity Europe 2024 in London brought together some of the industry's most knowledgeable professionals. Marco Ciappelli and Sean Martin, your hosts, were joined by Madeline Van Der Hout, Paul McKay, both from Forrester, and various other experts to discuss the latest trends, challenges, and solutions within the cybersecurity landscape. This exciting episode of "On Location With Marco and Sean" dives deep into essential topics such as the significant role of the human element in cybersecurity, skill shortages, industry fragmentation, and future trends.Reimagining Cybersecurity: Back to the FutureThe episode begins with a nostalgic touch as Sean Martin and Marco Ciappelli discuss the iconic movie "Back to the Future". Drawing a parallel between the film's theme of time travel and the evolving cybersecurity landscape, they emphasize how the industry might benefit from lessons of the past while anticipating the future.The Reality of Cybersecurity InnovationMadeline Van Der Hout and Paul McKay shed light on the changing dynamics of cybersecurity events. Paul mentions that events like Infosecurity Europe must now compete with other regional events like CyberSec Europe in Brussels. This healthy competition fosters localized insights and innovations.Madeline adds that cybersecurity innovation often stems from startups. She believes these events stimulate larger vendors to communicate with smaller startups, thus supporting the entire ecosystem.API Security: A Case for ConsolidationBoth Paul and Madeline reflect on the notable presence of API security vendors at the conference. Madeline points out the consolidation in the market driven by various approaches to API security. CISOs today expect API security to be an integral part of their infrastructure, driving the conversation towards prioritization and efficient resource management.The Human Element and Mental HealthOne of the crucial points discussed was the significant skill shortage in the cybersecurity industry. Madeline stresses the need for more conversations around mental health and burnout prevention among cybersecurity professionals. Paul supports this by highlighting common hiring challenges where organizations are often looking for the "purple squirrel" or the "five-legged sheep."Training and Educating Future TalentThe conversation moves towards the barriers to entry for new talent in the industry. Both experts agree that focusing on certifications alone can create a class divide. Paul argues that this practice restricts access to the industry for those unable to afford costly certifications.Madeline emphasizes the need to work closely with HR departments to create better job profiles and hiring practices. This could alleviate some of the industry's talent shortages.Cybersecurity's Future: More Than Just a Business ProblemMadeline takes a broader view by asserting that cybersecurity is not just a business problem. It's a civilian issue as well, affecting everyone with a digital footprint. She encourages leveraging the power of informed voting and education to address cybersecurity at a societal level.Data-Driven Decision Making: The Key to Security's EvolutionSean Martin concludes by discussing the immense data available in the cybersecurity sector. He emphasizes the potential for the industry to drive businesses by making better, data-driven decisions. Paul agrees, pointing out the need for cybersecurity to evolve similarly to how the CIO function has over the years.Conclusion: A Call for Innovation and HumanityThe episode wraps up by reinforcing the focus on the human element. Marco highlights the need to utilize existing resources effectively rather than being distracted by the latest technological gadgets. Madeline's call to talk more about humans in every cybersecurity breach serves as a profound takeaway.As the conversation echoes through the media room at Infosecurity Europe 2024, it's clear that the journey forward in cybersecurity involves a blend of technology, human touch, and innovative thinking.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
Building Resilience in Healthcare Cybersecurity Following the Recent NHS Third-Party Ransomware Incident | Expert Insights from InfoSecurity Europe Europe 2024 | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 7, 2024 18:10


Guests:Brian Honan, Founder, BH ConsultingOn LinkedIn: https://www.linkedin.com/in/brianhonan/On X: https://x.com/BrianHonanSuk Paul, Director - EMEA Services GTM, Kudelski SecurityOn LinkedIn: https://www.linkedin.com/in/suk-paul-mba-99757412/Heather Lowrie, Chief Information Security Officer (CISO), The University of ManchesterOn LinkedIn: https://www.linkedin.com/in/heather-lowrie/On X: https://x.com/HeatherELowrieTim Grieveson, Senior Vice President - Global Cyber Risk Advisor, BitsightOn LinkedIn: https://www.linkedin.com/in/timgrieveson/On X: https://x.com/timgrievesonDaniel Lattimer, Area Vice President - EMEA West, SemperisOn LinkedIn: https://www.linkedin.com/in/daniel-lattimer-37533016/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesWATCH THE VIDEO: https://youtu.be/3VQ5VsD-DKQIn recent news, the NHS has been severely impacted by a ransomware cyber attack. This once again highlights the vulnerability of critical infrastructure to cyber threats. In this episode of ITSPmagazine, Marco Ciappelli and Sean Martin dive into this alarming incident while at the InfoSecurity Europe event in London, engaging with a panel of esteemed professionals in the field of information security.One of the significant themes that emerged from the conversation is that cybercrime is no longer the domain of rogue teenage hackers working from their basements. As Brian Honan emphasized, cybercriminals today are often part of organized crime syndicates involved in drug trafficking, arms dealing, and human trafficking. They are driven by financial gain and are willing to go to great lengths to achieve their goals.This particular incident affected NHS pathology services, causing surgeries and blood transfusions to be canceled or postponed, directly impacting patient care. Suk Paul pointed out that this kind of attack is not isolated. Since the conflict in 2022, the UK has witnessed a rise in cyber-attacks on public infrastructure, including hospitals and universities. He stated that the human intelligence element is crucial in identifying the techniques and methods used in such attacks.The conversation also shed light on the complexity of managing third-party supply chain risk. Heather Lowrie suggested considering cybersecurity as a business enabler and not just a technical issue. She stressed the need for robust communication and collaboration between internal teams, external partners, and even at the board level to create a resilient cybersecurity posture.To this end, Tim Grieveson echoed the importance of having a security leader with excellent communication skills who can align security strategies with business outcomes. This alignment is particularly essential in critical sectors like healthcare, where the focus is on maintaining patient-centric care.Furthermore, Daniel Lattimer highlighted the challenges faced by the NHS in funding cybersecurity measures. He mentioned that while the NHS has made strides in improving its cybersecurity capabilities, there is still a dilemma of prioritizing between lifesaving patient care and investing in cybersecurity. More specific guidance and a legislative approach similar to US standards could help in achieving minimum security standards.Brian Honan described the importance of legislative measures like the EU's Digital Operations Resilience Act (DORA) and the Network and Information Security Directive (NIS2), which focus on resilience in critical infrastructure. The key is not just to prevent cyber-attacks but to ensure continuity of services during and after an attack.During the discussion, a repeated point was the inevitability of cyber incidents and the need for preparation and response. Tim Grieveson stressed the necessity of identifying critical assets and vulnerabilities, communicating risks to the board, and developing a clear response plan. He pointed out that it is not just about the technical aspects but also about storytelling and helping the organization understand the real-world implications of cyber risks.The significance of cross-sector collaboration was also highlighted. Heather Lowrie noted that cyber threats are a societal challenge, not limited to individual organizations or sectors. Therefore, collective preparation and response are crucial for building resilience against cyber threats. She called for more exercises within and across sectors to prepare teams for real-world events.Lastly, the episode discussed the ethical dilemma of paying ransoms. Brian Honan strongly advocated against paying the ransom, citing the lack of guarantee that systems would be restored securely and the need to rebuild trust in affected devices. Instead, the focus should be on robust preparation and managing supply chain security. In conclusion, this episode underscored the pervasive threat of cyber-attacks on critical infrastructure and the multifaceted approach needed to tackle these challenges.From enhancing third-party risk management to legislative support, cross-sector collaboration, and ethical considerations, the conversation provides a comprehensive overview of the current state of cybersecurity in the healthcare sector. It highlights the urgent need for continuous improvement and resilience to protect not only systems but ultimately, patients' lives.Top Questions AddressedHow can the impact of the ransomware attack on the NHS best be described?How can organizations better manage third-party supply chain risk in cybersecurity?What are the ethical considerations and implications of paying ransom in cyberattacks?Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
Directly From The CORO Security Modular Booth: Expansion Into The European Market | A Brand Story Conversation From InfoSecurity Europe 2024 | A CORO Story with Dror Liwer | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 7, 2024 20:48


Here we are, once again from the bustling show floor at Infosecurity Europe 2024 in London, situated at the Excel Centre. Sean Martin of ITSP Magazine is your host, and he's joined by Dror Liwer, co-founder of CORO Security. Both are excited to dive deep into how CORO is expanding its focus into the European market.Day Three: Nonstop Conversations and PresentationsFrom the get-go, Dror shares his enthusiasm about being part of this prestigious event for the first time. With a primary presence in the U.S., CORO is now aggressively moving into EMEA, starting right here in London. This move is in response to increasing demand from small to medium-sized enterprises (SMEs) in Europe who need robust cybersecurity solutions.Addressing the Security Needs of SMEsSean recalls the comprehensive capabilities of CORO discussed in previous episodes. CORO provides multiple layers of security tailored to an organization's specific needs, such as regulatory requirements, budget, and staffing capabilities. Sean encourages everyone to revisit those insightful seven-minute chats from RSA Conference to get an in-depth view.Dror emphasizes that CORO is unique in targeting the mid-market from the ground up, unlike other companies that retrofit enterprise solutions to fit smaller businesses. With a focus on simplicity and powerful protection, CORO ensures that its solutions are manageable even for lean IT teams.Navigating the Complexities of EuropeOne of the significant discussions revolves around the differences between the U.S. and European markets. While Sean and Dror acknowledge the similar types of cyber threats faced globally, operational nuances like data residency and privacy regulations differ widely across Europe. CORO has established a data center in Germany to comply with local data residency requirements, ensuring that email and file inspections stay within the EU boundaries.Real-World Applications and ChallengesSean drives the conversation into the specific challenges CORO has faced and the different attack scenarios in Europe compared to the U.S. Dror mentions that while SME awareness of being targets has been prevalent in the U.S. for a while, European SMEs are just beginning to realize the same. As a result, CORO is educating this market about the imminent threats and how to efficiently protect against them without becoming overwhelmed.The Importance of AffordabilityDror and Sean discuss the financial challenges faced by SMEs, such as difficult decisions on whether to invest in cybersecurity or other critical needs like educational resources. Dror emphasizes that CORO has priced its suite of security solutions to remove this barrier, making comprehensive coverage affordable for even the smallest enterprises.Team and Technology: The Backbone of COROThe conversation takes a moment to appreciate CORO's dedicated team. Sean praises the high energy and mutual support visible at CORO's booth. Dror points out that customer reviews often highlight how easy it is to work with CORO—a testimony to the company's dedication to protecting overlooked small and mid-sized businesses.The Future of SME CybersecurityCORO aims to remove the guesswork ("threat roulette”) for SMEs by providing an all-encompassing platform that is accessible and easy to manage. This approach ensures that small businesses can protect themselves comprehensively without the need to prioritize between different threat vectors due to budget constraints.CORO's MissionAs the conversation winds down, Dror reiterates CORO's mission to protect SMEs globally and make cybersecurity as effortless as possible. Sean encourages attendees of Infosecurity Europe to visit CORO's dynamic and innovative booth, and for those who cannot make it, to check out CORO online. For more information, visit CORO's website at Coro.netThanks to everyone for joining us. Expect more exciting updates from CORO, possibly next time from Las Vegas!Learn more about CORO: https://itspm.ag/coronet-30deNote: This story contains promotional content. Learn more.Guest: Dror Liwer, Co-Founder at Coro [@coro_cyber]On LinkedIn | https://www.linkedin.com/in/drorliwer/ResourcesLearn more and catch more stories from CORO: https://www.itspmagazine.com/directory/coroView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ITSPmagazine | Technology. Cybersecurity. Society
Meet Phoenix Security | A Brand Story Conversation From Infosecurity Europe 2024 | A Phoenix Security Story with Francesco Cipollone | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 6, 2024 20:59


In the dynamic and ever-changing world of cybersecurity, it is crucial to remain at the forefront of addressing vulnerabilities, implementing innovative solutions, and getting to know companies that are making a differences in this industry. At Infosecurity Europe 2024 in London, Sean Martin sits down with Francesco Cipollone, co-founder of Phoenix Security, to discuss the company's journey, achievements, and unique value propositions, highlighting their significant impact within the cybersecurity community.Setting the StageThe bustling environment of Infosecurity Europe 2024 serves as the backdrop for an engaging conversation about the latest cybersecurity trends. Martin and Cipollone delve into Phoenix Security's origins as an internal project at HSBC, aimed at addressing engineer burnout by improving communication and prioritization in vulnerability management.Phoenix Security's Journey and VisionCipollone explains how Phoenix Security was created to help engineers avoid burnout, originally focusing on solving communication and prioritization challenges in vulnerability management. This initiative quickly evolved into a comprehensive solution that bridges the gap between security and engineering teams by providing actionable risk assessments and automating decision-making processes.Innovative Solutions for Modern Cybersecurity ChallengesPhoenix Security stands out by offering powerful tools that streamline vulnerability management across enterprise systems. Their platform allows for better scheduling of workloads and prioritization of tasks, significantly reducing the time it takes to address vulnerabilities from hours to just minutes. This efficiency not only prevents engineer burnout but also ensures that security measures are implemented effectively.Success Stories and Client FeedbackCipollone shares success stories from clients like ClearBank, who have benefited from real-time, up-to-date asset inventory and operational insights. By using Phoenix Security, these organizations can engage in informed risk-based decision-making, enabling security teams to focus on high-impact vulnerabilities and maximize risk reduction.Expanding Reach Through Strategic PartnershipsHighlighting the importance of collaboration, Cipollone mentions Phoenix Security's recent partnership with Booncheck. This partnership integrates advanced threat intelligence into the Phoenix platform, offering clients access to a wealth of vulnerability data and enabling more effective risk management strategies.ConclusionThe conversation concludes with insights into future security trends and Phoenix Security's commitment to innovation and community-driven solutions. Cipollone emphasizes that Phoenix Security aims to simplify decision-making processes, giving engineers and security professionals more time to focus on what truly matters.We encourage all ITSPmagazine viewers and listeners to connect with the Phoenix team, download their new book, and stay tuned for more updates from Infosecurity Europe 2024.Learn more about Phoenix Security: https://itspm.ag/phoenix-security-sx8vNote: This story contains promotional content. Learn more.Guest: Francesco Cipollone, CEO & Founder at Phoenix Security [@sec_phoenix]On LinkedIn | https://www.linkedin.com/in/fracipo/On Twitter | https://twitter.com/FrankSEC42ResourcesLearn more and catch more stories from Phoenix Security: https://www.itspmagazine.com/directory/phoenix-securityView all of our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

ITSPmagazine | Technology. Cybersecurity. Society
AI's Role in Cybersecurity and Society | An Infosecurity Europe 2024 Conversation with Ian Hill | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 5, 2024 32:08


Guest: Ian Hill, Director of Information and Cyber Security at Upp Corporation [@getonupp]On LinkedIn | https://www.linkedin.com/in/ian-hill-95123897/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAt Infosecurity Europe 2024, conversations were electric, diving deep into the intersection of AI and cybersecurity and its profound impact on society. Industry experts Marco Ciappelli, Sean Martin, and Ian Hill explored these pivotal changes, offering sharp insights into the digital revolution.A Casual StartThe event kicked off light-heartedly with Marco Ciappelli and Sean Martin, setting a relaxed, talk-show-like atmosphere. Despite minor technical hiccups, this informal start paved the way for an engaging discussion.“We're messing with physical technology and digital technology,” remarked Sean Martin, perfectly capturing the complex interplay between human users and their increasingly advanced tools.From Keynotes to Key ConcernsIan Hill shared his journey from Director of Information and Cybersecurity at UP Corporation, now part of Virgin Media O2, to his current advisory role. He emphasized the freedom and reduced stress of stepping back from frontline cybersecurity.Hill's keynote at the event centered on AI's implications for the future of work and society, countering the exaggerated narratives often associated with AI.The Mislabeling Issue: AI vs. AutomationMarco Ciappelli voiced a common frustration: the overuse of “AI” to describe mere automation. Hill stressed the need to differentiate true AI from sophisticated automation systems that lack adaptive learning capabilities.“We need to distinguish between what is automation and what is AI. There's a lot of automation going on at the moment,” Hill noted.Western Society's DependencyHill warned of AI's subtle yet significant impact on Western societies, likening it to the industrial and agricultural revolutions but with a more profound effect due to AI's ability to replace cognitive tasks.“AI is different because AI is actually replacing our thinking, our creativity,” Hill cautioned, highlighting the potential for job displacement and challenges to human creativity and learning.The Drive for ProfitA recurring theme was the economic drivers behind AI advancements. Hill critiqued the relentless pursuit of profit and efficiency, which risks lowering the quality of services and products in favor of mass production.“The nature with all these technological developments, the primary driver is profit and money,” Hill asserted, reflecting on the commercialization of AI.The AI Arms Race in CybersecurityHill and Martin discussed the escalating AI-driven war between cybersecurity defenses and attacks. They emphasized the need for rapid, machine-learning-based responses to evolving cyber threats, as traditional human-led security operations struggle to keep up.“You need machine learning, lightning-fast machine learning, to predict and react to events before the human even knows about it,” Hill stated, hinting at a future where automated systems dominate the cyber battlefield.The Trust DilemmaThe conversation turned philosophical as the speakers pondered the reliability of AI-generated content and the impact of deep fakes and misinformation. Hill addressed the issue of AI “hallucinations”—erroneous outputs—and the dangers of blindly trusting AI.“We're losing a sort of grip on reality… because it's becoming harder to distinguish between what's real and what isn't real,” Hill commented, expressing concerns about a future rife with misinformation.Concluding ThoughtsInfosecurity Europe 2024 highlighted AI's dual nature: its potential to revolutionize industries like healthcare and cybersecurity contrasted with its capacity to disrupt societal norms and personal authenticity.As Hill succinctly put it, “Those that own the AI, you know, OpenAI and all their sponsors, and what influence could be exerted on AI, political or otherwise, to bias… dangerous.”The dialogue underscored the need for evolving our understanding and ethical governance of AI to ensure these powerful tools enhance rather than undermine our societal fabric.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube:

ITSPmagazine | Technology. Cybersecurity. Society
Maximising Your Budget Effectively in Turbulent Times – An SME Focus | An Infosecurity Europe 2024 Conversation with Don Gibson and Emma Philpott | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 5, 2024 30:36


Guests: Don Gibson, CISO, KinlyOn LinkedIn | https://www.linkedin.com/in/don-gibson-cyber/Emma Philpott, CEO, IASME ConsortiumOn LinkedIn | https://www.linkedin.com/in/emphilpott/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of On Location with Sean and Marco, hosts Sean Martin and Marco Ciappelli explore the intricacies of cybersecurity budget management and expenditure prioritization at the Infosecurity Europe event in London. The conversation kicks off with Sean and Marco discussing the challenges of balancing a minimalist approach with the need for robust security programs. The discussion swiftly transitions into budgeting strategies where the hosts are joined by guests Emma Philpott, CEO of IASME, and Don Gibson, Chief Information Security Officer (CISO) of Kinley. Emma provides insights into her role at IASME, highlighting their work on the Cyber Essentials program aimed at ensuring basic technical security controls. Don shares his experiences at Kinley, dealing with audiovisual technologies and their importance in security. The dialogue explores the difficulties organizations face, particularly around budget constraints, legacy technology, and the need for consistent investment in security measures.A significant portion of the episode is dedicated to the challenges faced by various-sized companies, from micro-businesses to large corporations, in implementing effective cybersecurity measures. Emma stresses the importance of making security accessible to smaller entities and the efforts IASME is making to provide free guidance and support. Don emphasizes the importance of clear communication and leadership at the board level to properly budget for cybersecurity, balance between technology, and staff investment, and avoid the pitfalls of over-reliance on either.The conversation also touches on the role of community and support networks within the cybersecurity realm. Both Don and Emma highlight the value of having trusted groups where professionals can share experiences, seek advice, and offer mental health support. They underscore how such communities foster a culture of openness and mutual assistance, which is crucial in an industry often grappling with high-pressure incidents and rapid technological changes.The episode wraps up with a discussion on the dynamics of cybersecurity as a competitive advantage and the evolving nature of security leadership. Emma and Don explain how achieving certifications like Cyber Essentials can provide business benefits beyond compliance, such as improved insurance outcomes and differentiation in the marketplace. Don challenges CISOs to think creatively about how cybersecurity can become a revenue-generating aspect of the business, reinforcing the need for innovative and dynamic leadership in the field.Tune in to learn more about budgeting, community support, and forward-thinking leadership in cybersecurity from the vibrant InfoSecurity Europe event.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our InfoSecurity Europe 2024 coverage: https://www.itspmagazine.com/infosecurity-europe-2024-infosec-london-cybersecurity-event-coverageOn YouTube: