Podcasts about On location

  • 325PODCASTS
  • 1,333EPISODES
  • 50mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Aug 27, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about On location

Show all podcasts related to on location

Latest podcast episodes about On location

Crosstalk America from VCY America
America's Founding Pastors

Crosstalk America from VCY America

Play Episode Listen Later Aug 27, 2025 4:49


Our Christian Heritage goes "On Location" with Randy Melchert to a Princeton, NJ cemetery to find the grave of America's Founding Pastors: Jonathan Edwards, Samuel Davies, and John Witherspoon. Explore the intertwined histories of Princeton University and the prominent religious figures who shaped its early development. It highlights the legacies of Jonathan Edwards, Samuel Davies, and John Witherspoon, demonstrating how these influential ministers – pivotal figures in the Great Awakening and champions of religious freedom – also served as presidents of the institution and profoundly impacted the intellectual and spiritual landscape of America. The narrative underscores the original purpose of Princeton as a training ground for ministers dedicated to spreading the Gospel, and connects these academic leaders to the broader narrative of American patriotism and the founding of the nation.

Crosstalk America
America's Founding Pastors

Crosstalk America

Play Episode Listen Later Aug 27, 2025 4:49


Our Christian Heritage goes "On Location" with Randy Melchert to a Princeton, NJ cemetery to find the grave of America's Founding Pastors: Jonathan Edwards, Samuel Davies, and John Witherspoon. Explore the intertwined histories of Princeton University and the prominent religious figures who shaped its early development. It highlights the legacies of Jonathan Edwards, Samuel Davies, and John Witherspoon, demonstrating how these influential ministers – pivotal figures in the Great Awakening and champions of religious freedom – also served as presidents of the institution and profoundly impacted the intellectual and spiritual landscape of America. The narrative underscores the original purpose of Princeton as a training ground for ministers dedicated to spreading the Gospel, and connects these academic leaders to the broader narrative of American patriotism and the founding of the nation.

Dean's Chat - All Things Podiatric Medicine
Ep. 251 - 2025 APMA National Meeting Part 1 - Sponsored by Bako Diagnostics!

Dean's Chat - All Things Podiatric Medicine

Play Episode Listen Later Aug 26, 2025 43:26


APMA in 2025 hosted "The National" at the Gaylord in Dallas, TX!   Dean's Chat, once again, went, "On Location"!   This episode is sponsored by Bako Diagnostics, who graciously shared their booth with Dean's Chat! Dr. Johanna Richey interviewed many attendees discussing the scientific meeting, the networking, the collaboration and comaraderie withing the podiatric community.  Tune in for short interviews, Part 1 consists of interviews on July 15, 2025. Part 2, to be released next week, consists of interviews on July 16, 2025. Enjoy!  It was an incredible meeting for all!

Thoughts Count Anywhere Podcast
Episode 296 Chris Jericho to WWE?!?

Thoughts Count Anywhere Podcast

Play Episode Listen Later Aug 25, 2025 61:40


This week Matt and Jacob discuss all the news and rumors from Chris Jericho possibly going to WWE at the end of the year.. Wrestlepalooza tickets as well as WrestleMania tickets go on sale for On Location.

ITSPmagazine | Technology. Cybersecurity. Society
AI Confusion, Privacy Pressures, and the Search for Real Value in Cybersecurity | A Black Hat USA 2025 Conversation with Evgeniy Kharam | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 24, 2025 16:12


This year at Black Hat USA 2025, the conversation is impossible to escape: artificial intelligence. But while every vendor claims an AI-powered edge, the real question is how organizations can separate meaningful innovation from noise.In our discussion with Evgeniy Kharam, Vice President of Cybersecurity Architecture at Herjavec Group (formerly), Chief Strategy Officer (CSO) at Discern Security, and long-time security leader and author, the theme of AI confusion takes center stage. Evgeniy notes that CISOs and security architects don't have the time or resources to analyze what “AI” means in every product pitch. With over 4,000 vendors in the ecosystem, each layering its own flavor of AI, the burden falls on security leaders to distinguish hype from usable automation.From Gondola Pitches to AI OverloadEvgeniy shares how his creative networking events—skiing, biking, and beyond—mirror the industry's need for genuine connection and trust. Just as his “gondola pitch” builds authentic engagement, buyers want clarity and honesty from technology providers. The proliferation of AI labels, however, makes that trust harder to establish.Where AI Can HelpEvgeniy highlights areas where AI can reduce friction, from vulnerability management and detection to policy writing and compliance. Yet, even here, issues such as hallucinations, privacy tradeoffs, and ethics cannot be ignored. When AI begins influencing employee monitoring or analyzing sensitive data, organizations face difficult questions about fairness, transparency, and control.The Unspoken Challenge: Surveillance and TrustAs we discuss the balance between employee privacy and corporate protection, it becomes clear that AI introduces new layers of surveillance. In Europe, cultural and legal boundaries create clear separation between personal and professional lives. In North America, the lines blur, raising ethical debates that may ultimately be tested in courts.The takeaway? AI has the potential to unlock workflows that were previously too costly or complex. But without transparency, governance, and a commitment to responsible use, the “AI in everything” trend risks overwhelming the very leaders it is meant to help.___________Guest:Evgeniy Kharam, Chief Strategy Officer (CSO), Discern Security | On LinkedIn: https://www.linkedin.com/in/ekharam/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Crosstalk America from VCY America
Holton Shoe Store, Boston, MA

Crosstalk America from VCY America

Play Episode Listen Later Aug 20, 2025 3:53


Our Christian Heritage goes "On Location" with Tim Schmig in Boston, MA. What happened at Holton's Shoe Store? How did a Sunday School teacher change the life of D.L. Moody? Tim Schmig explains!

Crosstalk America
Holton Shoe Store, Boston, MA

Crosstalk America

Play Episode Listen Later Aug 20, 2025 3:53


Our Christian Heritage goes "On Location" with Tim Schmig in Boston, MA. What happened at Holton's Shoe Store? How did a Sunday School teacher change the life of D.L. Moody? Tim Schmig explains!

NCSEA On Location
Ann Marie Ruskin Child Support Leadership Award Podcast

NCSEA On Location

Play Episode Listen Later Aug 13, 2025 51:55


Join Pat O'Donnell of YoungWilliams and Brandi Gallebo ofFrankin County Child Support Enforcement Services for a very special episode of On Location where we honor the legacy of Ann Marie Ruskin through the Ann Marie Ruskin Child Support Leadership Award.   Ann Marie, former Executive Director of NCSEA, was a trailblazer whose work profoundly impacted child support professionals across the nation.  Our guests a re Diane Potts, the inaugural Ann Marie Ruskin Child Support Leadership Awardee and very specialguest, Glenn Ruskin, Ann Marie's husband and partner for more than 45 years.  Diane is the Co-Founder of the Center for Child Support Policy. As she talks about her journey, you'll hear she has dedicated her career to improving government human services programs so that they may better serve children and families.  Additionally, she has been an impactful and tireless volunteer contributor for NCSEA over many years.  Glenn shares precious memories of Ann Marie and reminds us of her commitment to NCSEA, her dedication to child support policy evolution and ensuring child supportprofessionals have access to ongoing professional development opportunities.  Diane and Glenn bring to life why the child support community is so very special.

GOLF's Subpar
Hal Sutton on his head to head battles with Tiger and Jack, advice for Keegan Bradley ahead of the Ryder Cup

GOLF's Subpar

Play Episode Listen Later Aug 12, 2025 59:00


On this week's episode of GOLF's Subpar, Colt Knost and Drew Stoltz are joined by 14-time PGA Tour winner Hal Sutton for an exclusive interview. The 2004 Ryder Cup captain reveals the advice he would give Keegan Bradley on playing at Bethpage, how often he still hears 'Be the right club today' and if it was more intimidating going head to head with Jack Nicklaus or Tiger Woods. --Want to join us for Ryder Cup week in New York City? Thanks to our friends at On Location, the Official Travel Package Provider of the 2025 Ryder Cup, you can now purchase an exclusive Daily Ticket Package. It includes Ryder Cup plus access, entry to the International Pavilion, and a special night with us at Five Iron Golf Grand Central.Spots are limited, so head to onlocationexp.com/subpar⁠ to secure your experience.Subpar is not directly affiliated with the PGA of America or the 2025 Ryder Cup. All packages and discounts mentioned in this episode are provided by On Location, the Official Travel Package Provider of the PGA of America and the 2025 Ryder Cup. 2025 Ryder Cup Daily Ticket Packages offered by On Location at onlocationexp.com/subpar are Subject to availability. Full purchase and privacy policy details are available at onlocationexp.com.--Thanks to our official sponsor Zone Nicotine. Warning: This product contains nicotine.  Nicotine is an additive chemical.  Underage sale prohibited.  Introducing Zone Nicotine Pouches - the perfect balance of unparalleled comfort - longer-lasting flavor - and nicotine that satisfies.  Whether you're zoning in for an important putt or zoning out after a tough day at work, Zone gets you there faster and keeps you there longer.  Available in seven flavors and in six and nine milligram strengths.  Want zone pouches at a discount and mailed right to your door? Head to⁠ Nicokick.com⁠ and enter code “SubPar20” at checkout for an additional 20% off.--Start your hair growth journey with Nutrafol.  For a limited time, Nutrafol is offering our listeners $10 off your first month's subscription and free shipping when you go to nutrafol.com and enter the code SUBPAR. Go to https://nutrafol.com/ now to place your order.--Carlisle, headquartered right here in Phoenix, is the professional contractor's choice for innovative building materials for more energy efficient homes and commercial buildings. Learn more at ⁠Carlisle.com⁠--Choose your style, pick your favorite Birdie Juice logo and shop from a line-up of top tier brands at ⁠shop.golf.com⁠ today!

ITSPmagazine | Technology. Cybersecurity. Society
From Fish Tanks to AI Agents: Why the Words “We're Secure” Means Nothing Without Proof | A Black Hat USA 2025 Conversation with Viktor Petersson | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 11, 2025 27:02


When security becomes more than a checkbox, the conversation shifts from “how much” to “how well.” At Black Hat USA 2025, Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Viktor Petersson, Founder of an SBOM artifact platform, unpack how regulatory forces, cultural change, and AI innovation are reshaping how organizations think about security.Viktor points to the growing role of Software Bill of Materials (SBOMs) as not just a best practice, but a likely requirement in future compliance frameworks. The shift, he notes, is driven largely by regulation—especially in Europe—where security is no longer a “nice to have” but a mandated operational function. Sean connects this to a market reality: companies increasingly see transparent security practices as a competitive differentiator, though the industry still struggles with the hollow claim of simply being “secure.”AI naturally dominates discussions, but the focus is nuanced. Rather than chasing hype, both stress the need for strong guardrails before scaling AI-driven development. Viktor envisions engineers supervising fleets of specialized AI agents—handling tasks from UX to code auditing—while Sean sees AI as a way to rethink entire operational models. Yet both caution that without foundational security practices, AI only amplifies existing risks.The conversation extends to IoT and supply chain security, where market failures allow insecure, end-of-life devices to persist in critical environments. The infamous “smart fish tank” hack in a Las Vegas casino serves as a reminder: the weakest link often isn't the target itself, but the entry point it provides.DEFCON, Viktor notes, offers a playground for challenging assumptions—whether it's lock-picking to illustrate perceived versus actual security, or examining the human factor in breaches. For both hosts, events like Black Hat and DEFCON aren't just about the latest vulnerabilities or flashy demos—they're about the human exchange of ideas, the reframing of problems, and the collaboration that fuels more resilient security strategies.___________Guest:Viktor Petersson, Founder, sbomify | On LinkedIn: https://www.linkedin.com/in/vpetersson/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
How to Lose a CISO in 10 Words (or Less) | Straight Talk, Not Spin: Black Hat's Hard Truths | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 8, 2025 11:04


Black Hat USA 2025 has wrapped, and for Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Marco Ciappelli, Co-Founder of ITSPmagazine, the end of the event is both an exhale and a moment to reflect on what was learned, heard, and felt. After days of conversations with industry leaders, CISOs, vendors, and attendees from around the globe, one recurring message stands out: cybersecurity decision-makers are tired of buzzwords and hungry for real solutions.Sean shares that during sessions and informal meetups, CISOs expressed frustration with marketing pitches that fail to connect to their real challenges. Sitting across from security leaders, marketers heard it directly—stop with the jargon and explain how your solution genuinely makes their lives easier, reduces stress, and improves security outcomes. In other words, trust and honesty carry far more weight than flashy claims.Marco emphasizes that hype not only wastes time but also adds “noise” to the already complex job of running a security program. The more a vendor can be direct about what they do—and what they don't do—the more likely they are to earn a lasting relationship with a CISO and their team. Both agree that connecting the dots between a product and an organization's operational reality is key: what does adoption require, how will it fit into existing systems, and will it force a major operational shift?Beyond the messaging critique, the duo reflects on the community element of Black Hat. They reconnected with peers, met new contacts from as far as Toronto, and discussed future events in places like Melbourne, Barcelona, and Amsterdam. They also teased the upcoming “Transatlantic Broadcast” podcast series, which will explore cybersecurity voices from across Europe while maintaining a global view.While the Black Hat booths are now dismantled and the floors mopped, the conversations are far from over. Sean and Marco head back to Los Angeles ready to produce interviews, publish articles, and share the many stories captured during the week—stories that cut through the noise and get to the heart of what matters in cybersecurity.___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Studio: https://www.itspmagazine.studio/Learn more about ITSPmagazine Europe: https://www.itspmagazine.com/europeCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceWant to tell your Brand Story Briefing as part of our event coverage? Learn More

GOLF's Subpar
Hudson Swafford talks the potential path back to the PGA Tour for those leaving LIV Golf

GOLF's Subpar

Play Episode Listen Later Aug 5, 2025 92:58


On this week's episode of GOLF's Subpar Colt Knost and Drew Stoltz are joined by 3-time PGA Tour winner Hudson Swafford for an exclusive interview. The former LIV Golf player talks his initial decision to join the rival league, what path he may have to rejoining the PGA Tour and what to expect when the contracts of LIV's biggest stars expire following the 2026 season. --Thanks to our official sponsor Zone Nicotine. Warning: This product contains nicotine.  Nicotine is an additive chemical.  Underage sale prohibited.  Introducing Zone Nicotine Pouches - the perfect balance of unparalleled comfort - longer-lasting flavor - and nicotine that satisfies.  Whether you're zoning in for an important putt or zoning out after a tough day at work, Zone gets you there faster and keeps you there longer.  Available in seven flavors and in six and nine milligram strengths.  Want zone pouches at a discount and mailed right to your door? Head to Nicokick.com and enter code “SubPar20” at checkout for an additional 20% off.--Want to join us for Ryder Cup week in New York City? Thanks to our friends at On Location, the Official Travel Package Provider of the 2025 Ryder Cup, you can now purchase an exclusive Daily Ticket Package. It includes Ryder Cup plus access, entry to the International Pavilion, and a special night with us at Five Iron Golf Grand Central.Spots are limited, so head to onlocationexp.com/subpar to secure your experience.Subpar is not directly affiliated with the PGA of America or the 2025 Ryder Cup. All packages and discounts mentioned in this episode are provided by On Location, the Official Travel Package Provider of the PGA of America and the 2025 Ryder Cup. 2025 Ryder Cup Daily Ticket Packages offered by On Location at onlocationexp.com/subpar are Subject to availability. Full purchase and privacy policy details are available at onlocationexp.com.--Head to shadyrays.com and use code SUBPAR for 35% off premium polarized sunglasses: https://shadyrays.com/collections/green-wolf--homeofgolf.com is the place to go for your next golf trip to the Pinehurst, Southern Pines, Aberdeen Area of North Carolina. Walk in the footsteps of legends at iconic Pinehurst No. 2, host to the 2024 U.S. Open, or nearly 40 other courses within a 15-mile radius.Learn more at homeofgolf.com.--Carlisle, headquartered right here in Phoenix, is the professional contractor's choice for innovative building materials for more energy efficient homes and commercial buildings. Learn more at Carlisle.com--Choose your style, pick your favorite Birdie Juice logo and shop from a line-up of top tier brands at shop.golf.com today!

ITSPmagazine | Technology. Cybersecurity. Society
From Hacker Defense to Civil Liberties: Threat Modeling Meets Constitutional Law | A Black Hat USA 2025 Keynote Conversation with Jennifer Granick | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 4, 2025 22:47


At Black Hat USA 2025, Jennifer Granick—Surveillance and Cybersecurity Counsel at the American Civil Liberties Union—takes the keynote stage to make a bold case: we are long overdue for a new threat model, one that sees government surveillance not as a background risk, but as a primary threat to constitutional privacy.Granick draws from decades of experience defending hackers, fighting surveillance overreach, and engaging with the security community since DEFCON 3. She challenges the audience to reconsider outdated assumptions about how the Fourth Amendment is interpreted and applied. While technology has made it easier than ever for governments to collect data, the legal system hasn't kept pace—and in many cases, fails to recognize the sheer scope and sensitivity of personal information exposed through modern services.Her talk doesn't just raise alarm; it calls for action. Granick suggests that while legal reform is sluggish—stymied by a lack of political will and lobbying power—there's an urgent opportunity for the technical community to step up. From encryption to data minimization and anonymization, technologists have the tools to protect civil liberties even when the law falls short.The session promises to be a wake-up call for engineers, designers, policymakers, and privacy advocates. Granick wants attendees to leave not only more informed, but motivated to build systems that limit the unnecessary collection, retention, and exposure of personal data.Her keynote also surfaces a critical cultural shift: from the “Spot the Fed” days of DEFCON to a more nuanced understanding of government roles—welcoming collaboration where it serves the public good, but not at the expense of unchecked surveillance.This conversation reframes privacy as a design problem as much as a legal one—and one that requires collective effort to address. If the law can't fix it, the question becomes: will the technology community rise to the challenge?___________Guest:Jennifer Granick, Surveillance and Cybersecurity Counsel at American Civil Liberties Union | On LinkedIn: https://www.linkedin.com/in/jennifergranick/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesKeynote: Threat Modeling and Constitutional Law: https://www.blackhat.com/us-25/briefings/schedule/index.html#keynote-threat-modeling-and-constitutional-law-48276Learn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Fake Identities, Real Consequences: The Data Trail Behind Your Political Donation | A Black Hat USA 2025 Conversation with Virginia Tech's Alan Michaels and Jared Byers | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Aug 4, 2025 19:25


What happens when you inject thousands of fake identities into the political ecosystem to monitor how personal data is used—or abused? That's the question Virginia Tech's Alan Michaels and Jared Byers explore through their multi-year research project, “Use and Abuse of Personal Information: The Politics Edition.”With support from 130 students across 21 majors, Michaels and Byers create realistic digital personas—complete with phone numbers, emails, and physical addresses—and sign them up across 1,400 political campaigns. Their goal? Understand how political organizations treat personal data: whether it's used ethically, shared with third parties, or even exposed through insecure systems.The findings are both fascinating and concerning. Their data shows that candidates across the political spectrum often prioritize fundraising above all else. The language and targeting vary, but the endgame is consistent: solicit donations and votes. And yes—these candidates frequently share or leak personal data. Sometimes it's deliberate, sometimes it's sloppy, and occasionally it's the result of potential breaches.The team examines differences in how data is handled based on whether an identity donates or not, or whether it's tied to in-state versus out-of-state addresses. They even explore how generative AI and psychometric modeling can craft convincing personalities for these fake identities—tools that can just as easily be used for political influence campaigns and psychological manipulation.But this project isn't about political sides—it's about accountability. The research remains strictly apolitical, letting the data speak for itself. Michaels and Byers are careful to avoid influencing public opinion through misinformation, focusing instead on documenting the reality of digital privacy in modern campaigning.As more of the political playbook shifts into the digital arena, this session at Black Hat USA 2025 pushes attendees to confront an uncomfortable truth: the cost of participation in political life may include the exploitation of your digital identity.___________Guests:Alan Michaels, Professor and Director, Spectrum Dominance Division at Virginia Tech | On LinkedIn: https://www.linkedin.com/in/alan-michaels-1066814/Jared Byers, Research Associate at Virginia Tech National Security Institute | On LinkedIn: https://www.linkedin.com/in/jared-byers-8a477324b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesSession: Use and Abuse of Personal Information -- Politics Edition: https://www.blackhat.com/us-25/briefings/schedule/#use-and-abuse-of-personal-information----politics-edition-45529Learn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Black Hat 2025: More Buzzwords, Same Breaches? | What's Heating Up Before Black Hat 2025: Top Trends Set to Shake Up this Year's Hacker Conference | An ITSPmagazine Webinar: On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 30, 2025 60:22


In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Good Mornings Podcast Edition
S24 E32: On Location for Stuff the Bus!

Good Mornings Podcast Edition

Play Episode Listen Later Jul 25, 2025 52:34


ON LOCATION at McDonald's on Tiffin Avenue for our annual Stuff the Bus communtiy school supplies drive --- Back-to-School time can bring a range of emotions for both kids and parents alike... today's show is sponsored by the Family Resource Center of Hancock County (at 10:49) --- Educators are getting ready to welcome students back to class... Findlay City Schools Superintendent Dr. Andy Hatton talks about preparing for a year of change (at 42:44)

ITSPmagazine | Technology. Cybersecurity. Society
Black Hat USA 2025: AI, Investment, and the Expanding Scope of Cybersecurity | Our Traditional Pre-Event Kick-Off Conversation with Steve Wylie | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 22, 2025 26:51


As Black Hat USA 2025 approaches, General Manager Steve Wylie joins Sean Martin and Marco Ciappelli for the annual pre-conference conversation to highlight what's new—and what's next—for one of cybersecurity's most iconic events. This year's themes and expansions signal a strong return to growth, technical depth, and strategic investment.AI Everywhere—from Training to the Show FloorArtificial intelligence emerges as the dominant force across the agenda. From the main stage to the training rooms, Black Hat is packed with AI-related content designed to meet the rising demand for education and clarity. New this year is a comprehensive lineup of instructor-led AI courses and expanded AI tool showcases in the Arsenal and Arsenal Labs programs. As Wylie notes, three of the four Spotlight competition finalists—FireTail, Keep Aware, and Twine Security—are AI-driven solutions, underscoring the technology's influence on innovation.Investor Energy and Startup MomentumCybersecurity investment is back. That momentum is reflected in the expanded Innovators and Investors Summit and the largest-ever Startup Zone on the show floor, now hosting more than 80 companies. This year's program builds on last year's debut and aims to connect entrepreneurs, investors, and CISOs in a more targeted and collaborative setting.Expanding the Audience: New Summits and KeynotesTo better serve cybersecurity leaders across sectors, Black Hat has introduced new summits tailored to financial services and supply chain security. These gatherings offer strategic-level insights for professionals who don't typically engage in technical briefings. Meanwhile, the keynote lineup includes prominent voices from both public and private sectors—such as Miko Hyppönen, Nicole Perlroth, and Chris Inglis—offering grounded perspectives in a time of uncertainty.Interactive Additions and Community GrowthAttendees can expect hands-on experiences like a new drone hacking zone and an expanded hardware lab area. A Career Development Zone also debuts this year, offering sessions designed to help attendees build or pivot their cybersecurity careers.___________Guest: Steve Wylie, Vice President, Cybersecurity Market at Informa Tech and General Manager at Black Hat | On LinkedIn: https://www.linkedin.com/in/swylie650/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Catching Up With Ken Munro After Infosecurity Europe 2025 — Hacking the Planet, One Car, One Plane, and One System at a Time | On Location Podcast With Sean Martin & Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jul 17, 2025 23:25


Title: "Catching Up With Ken Munro After Infosecurity Europe 2025 — Hacking the Planet, One Car, One Plane, and One System at a Time"A Post–Infosecurity Europe 2025 Conversation with Ken MunroGuestsKen Munro Security writer & speakerhttps://www.linkedin.com/in/ken-munro-17899b1/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________After a whirlwind week at Infosecurity Europe 2025, I had the chance to reconnect with Ken Munro from Pen Test Partners — a longtime friend, hacker, and educator who brings cybersecurity to life in the most tangible ways. From car hacking escape rooms to flight simulators in pubs, we talked about why touching tech matters, how myth-busting makes us safer, and how learning through play might just be the key to securing our increasingly complex world. Tune in, and maybe bring a cocktail.⸻There's something special about catching up with someone who's not just an expert in cybersecurity, but also someone who reminds you why this industry can — and should — be fun. Ken Munro and I go back to the early days of DEFCON's Aviation Village, and this post-Infosecurity Europe 2025 chat brought all that hacker spirit right back to the surface.Ken and his crew from Pen Test Partners set up shop next to the main Infosecurity Europe venue in a traditional London pub — but this wasn't your average afterparty. They transformed it into a hands-on hacking village, complete with a car demo, flight simulator, ICS cocktail CTF, and of course… a bar. The goal? Show that cybersecurity isn't just theory — it's something you can touch. Something that moves. Something that can break — and be fixed — before it breaks us.We talked about the infamous “Otto the Autopilot” from Airplane, the Renault Clio-turned-Mario Kart console, and why knowing how TCAS (collision avoidance) works on an Airbus matters just as much as knowing your Wi-Fi password. We also dug into the real-world cybersecurity concerns of industrial systems, electronic flight bags, and why European regulation might be outpacing the U.S. in some areas — for better or worse.One of the biggest takeaways? It's time to stop fearing the hacker mindset and start embracing it. Curiosity isn't a threat — it's a superpower. And when channeled correctly, it leads to safer skies, smarter cars, and fewer surprises in the water we drink or the power we use.There's a lot to reflect on from our conversation, but above all: education, community, and creativity are still the most powerful tools we have in security — and Ken is out there proving that, one demo and one pint at a time.Thanks again, Ken. See you at the next village — whichever pub, hangar, or DEFCON corner it ends up in.⸻Keywords: cybersecurity, ethical hacking, pen testing, Infosecurity Europe, embedded systems, car hacking, flight simulator, ICS security, industrial control systems, aviation cybersecurity, hacker mindset, DEFCON___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

The College Football Chaps
College Chaps Podcast From SEC Media Days

The College Football Chaps

Play Episode Listen Later Jul 16, 2025 39:57


On this episode the Chaps talk about all of the news coming out of SEC Media Days in Atlanta FROM the College Football Hall of Fame. Yes, for the first time our podcast comes to you On Location.We chat...LSU prospects for the 2025/26 seasonReview QB prospects :Simmons, Pavia & of course Arch Madness!the launch of the new NETLFIX show featuring SEC Football - "Any Given Saturday"Rumours of a Saban return?

Tu dosis diaria de noticias
16 de julio - Ya sabemos cuánto costarán los boletos premium del Mundial 2026

Tu dosis diaria de noticias

Play Episode Listen Later Jul 16, 2025 13:42


¿Eres de los que sí o sí quieren vivir el Mundial 2026 en vivo y a todo color? La FIFA ya anunció que la venta oficial de boletos será por fases y la primera arrancará el 10 de septiembre; las siguientes se extenderán hasta el 19 de julio del próximo año. Además, ya sacó los primeros paquetes premium junto con su socio oficial On Location.La Fiscalía de Brasil pidió que Jair Bolsonaro vaya a la cárcel, acusado del intento de golpe de Estado contra Lula da Silva en 2023. Específicamente pidió que sea condenado por cinco delitos, cuyas penas máximas superarían los 43 años de cárcel. Además… La Comisión Nacional Bancaria y de Valores le impuso una multa millonaria a Intercam, CIBanco y Vector Casa de Bolsa; La economía estadounidense ya está empezando a resentir los tan queridos aranceles de Donald Trump; Se vivieron lluvias intensas en Estados Unidos, que provocaron la muerte de dos personas; Los legisladores republicanos en Estados Unidos están buscando evitar a toda costa que se liberen los Epstein files; Alejandro González Iñárritu ya forma parte del Colegio Nacional; ¡Ya están aquí los nominados a la 77ª edición de los Premios Emmy! Y para #ElVasoMedioLleno… Dos congresistas latinas presentaron la “Ley Dignidad” ante la Cámara de Representantes, que busca ayudar a los inmigrantes en Estados Unidos. Para enterarte de más noticias como estas, síguenos en redes sociales. Estamos en todas las plataformas como @telokwento. Hosted on Acast. See acast.com/privacy for more information.

Smokin' & Toastin'
EP #439 The Boutique Cigar Company You REALLY NEED To Know About

Smokin' & Toastin'

Play Episode Listen Later Jul 5, 2025 91:05


ON LOCATION at our Home Away From Studio, Vinyl Draft Social Club in Kemah, TX Special Guests: Doug Messinger from Vinyl Draft and Tony Barrios from Stallone Cigars Cigars from STALLONE Cigars Beer Tasting: Old Thunder Brewing Company "Forever Bright" German-Style Pilsner (Pittsburgh, PA) Beer Tasting: Drowned Lands Brewery "Spring Terra" Double IPA (Warwick, NY) Beer Tasting: Goose Island Beer Company "Bourbon County Original Stout 2024" (Chicago, IL) Spirit Tasting: Signatory Vintage "Knockando" 10 Year Spec's Barrel Pick Single Malt Scotch (Scotland)

Sunny 16 Presents
On Location: The Great Film Photo Meetup - Chattanooga

Sunny 16 Presents

Play Episode Listen Later Jul 3, 2025 21:44


In this episode of On Location, several film photography podcasters who are located generally in the southeast United States gathered to discuss a film photography weekend event they have been planning. There will be multiple events, but it will all start with a photowalk at the Tennessee Aquarium at 10:00 am on Saturday the 9th of August and they would love for as many film photographers as possible to attend.   The event on Photowalk.me - https://www.photowalk.me/photowalk/the-great-film-photo-meetup-chattanooga   The Facebook event - https://www.facebook.com/share/1FZ3v3sRj5/   On the episode you hear Joe Pollock, Clayton Sharp, Mike Kukavica, Kevin Lane, Mike Gutterman, Wayne Setser and Billy Sanford representing a mix of film photography podcasts. You can follow along with all of them on IG at: @joeclaytonmikepod @joepollockphotos @claytonsharpphoto @drunk.darkroom @ujcpodcast @chattalogphotography @wayne_setser @negativepositives @guttermanphoto @bsanfordjr   You can join the conversation over on the Sunny 16 Discord.    Get in touch at sunny16presents@gmail.com   Music used is: Positive Fat Bass Intro Loop by WinnieTheMoog Link: https://filmmusic.io/song/6093-positive-fat-bass-intro-loop License: http://creativecommons.org/licenses/by-sa/4.0/

Two Doomed Men
Montauk

Two Doomed Men

Play Episode Listen Later Jul 1, 2025 61:53


The Legion Of Doom head out to Montauk, NY for our 13th year in a row. This time we bring the Podcast with us, we discuss:- US strikes on Iranian nuclear facilities-Religion and what happens in the afterlife-Predictive programming in movies-Artificial Intelligence and it's consequencesText us comments or questions we can answer on the showPatriot Cigar Company Premium Cigars from Nicaragua, use our Promo Code: DOOMED for 15% off your purchase. https://www.mypatriotcigars.com/usa/DOOMED Support our show by subscribing using the link: https://www.buzzsprout.com/796727/support Support the showGo to Linktree.com/TwoDoomedMen for all our socials where we continue the conversation in between episodes.

NCSEA On Location
AUG in the ATL:  A Preview of the 2025 NCSEA Leadership Symposium

NCSEA On Location

Play Episode Listen Later Jun 25, 2025 36:43


This week's On Location podcast features the two co-chairs of the NCSEA Leadership Symposium, Diane Potts (Co-founder and Director for the Center for Child Support Policy, prior NCSEA President and former member of the NCSEA Board of Directors), and Kelly Micka (IT Senior Manager with NTT Data, and current member of the NCSEA Board of Directors).  Listen as they share a preview of what is to come for the 2025 NCSEA Leadership Symposium, happening this August in Atlanta, Georgia. You will get the scoop of plenaries, learning labs, workshops – and even a heads up for what to see and where to eat in the conference area.Home Page - NCSEA Leadership Symposium 2025

ITSPmagazine | Technology. Cybersecurity. Society
“These Aren't Soft Skills — They're Human Skills” A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'Alton

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 19, 2025 27:52


Title: “These Aren't Soft Skills — They're Human Skills”A Post–Infosecurity Europe 2025 Conversation with Rob Black and Anthony D'AltonGuestsRob BlackUK Cyber Citizen of the Year 2024 | International Keynote Speaker | Master of Ceremonies | Cyber Leaders Challenge | Professor | Community Builder | Facilitator | Cyber Security | Cyber Deceptionhttps://www.linkedin.com/in/rob-black-30440819/Anthony D'AltonProduct marketing | brand | reputation for cybersecurity growthhttps://www.linkedin.com/in/anthonydalton/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ Yes, Infosecurity Europe 2025 may be over, but the most important conversations are just getting started — and they're far from over. In this post-event follow-up, Marco Ciappelli reconnects from Florence with Rob Black and brings in Anthony D'Alton for a deep-dive into something we all talk about but rarely define clearly: so-called soft skills — or, as we prefer to call them… human skills.From storytelling to structured exercises, team communication to burnout prevention, this episode explores how communication, collaboration, and trust aren't just “nice to have” in cybersecurity — they're critical, measurable capabilities. Rob and Anthony share their experience designing real-world training environments where people — not just tools — are the difference-makers in effective incident response and security leadership.Whether you're a CISO, a SOC leader, or just tired of seeing tech get all the credit while humans carry the weight, this is a practical, honest conversation about building better teams — and redefining what really matters in cybersecurity today.If you still think “soft skills” are soft… you haven't been paying attention.⸻Keywords: Cybersecurity, Infosecurity Europe 2025, Soft Skills, Human Skills, Cyber Resilience, Cyber Training, Security Leadership, Incident Response, Teamwork, Storytelling in Cyber, Marco Ciappelli, Rob Black, Anthony Dalton, On Location, ITSPmagazine, Communication Skills, Cyber Crisis Simulation, RangeForce, Trust in Teams, Post Event Podcast, Security Culture___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Revenue Above Replacement
Keith Friedenberg

Revenue Above Replacement

Play Episode Listen Later Jun 18, 2025 57:00


Keith Friedenberg serves as Chief Analytics & Insights Officer of Endeavor Group Holdings, Inc. which owns and operates Ultimate Fighting Championship (UFC), World Wrestling Entertainment (WWE), William Morris Endeavor (WME), IMG, 160over90, On Location, and OpenBet/IMG Arena. Keith is founder of Endeavor Analytics, LLC, a global knowledge and insights company that provides strategic consulting, media intelligence, valuation services, and consumer insights. Endeavor Analytics boasts a global team of 80 who leverage AI & machine learning and third-party data providers to inform decision-making across media & sports properties, talent & athletes, and Fortune 500 brands. Prior to joining Endeavor in 2008, Friedenberg spent eleven years with Warner Bros. Media Research & Insights, where he supervised consumer, media and brand research operations for divisions including domestic television distribution, gaming, consumer products and emerging technology. Keith is an alumnus of the Marshall School of Business, University of Southern California.

NCSEA On Location
Combining Human Talents with Professional Skills in Child Support

NCSEA On Location

Play Episode Listen Later Jun 18, 2025 36:28


On today's program, On Location brings you a conversationwith Mary Ann Wellbank who has made such significant contributions to the child support program and NCSEA. Hosted by Pat O'Donnell of YoungWilliams, Mary Ann shares her perspectives on the importance of the “human connections” as we engage with program participants such as active listening, empathy and self-awareness. Mary Ann shares her rich and diverse experiences reminding us to “not assume” but to “actively engage”.

Those Were The Days
Saved By The Bell - S5E2

Those Were The Days

Play Episode Listen Later Jun 17, 2025 69:09


We're going to a 90s classic that still seems to entrance audiences even today. The stories of a bunch of high school kids trying to figure it out while making us laugh along the way are among some of the most memorable. That's right, we're going to Saved By The Bell! But we're not visiting Bayside High this time because we're also "On Location" at a beach club. This little deviation in the story was a exciting because it gave us a new romance for Zack, and a whole different setting to get into new kinds of trouble. What did we think about the show? Tune in and find out!Next week, Stephen is taking us to Hawaii with The Brady Bunch! Watch Season S4E2 on Paramount+Send us feedback about the show on BlueSky at @thosedaysshow.bsky.social or email us thosewerethedaysshow@gmail.comFollow us on socials!StephenAmyAudieTvsTravisThose Were The Days on BlueSkySend us a Voicemail!Support 2Dorks on PatreonJoin us every Monday at 9pm ET on Twitch to watch live! Hosted on Acast. See acast.com/privacy for more information.

ITSPmagazine | Technology. Cybersecurity. Society
Inside the Mind of the UK's Top Cyber Intelligence Officer: A Ransomware 3.0 Reality Check | An Infosecurity EU 2025 Conversation with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA)

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 16, 2025 17:47


William Lyne of the UK's National Crime Agency joins us live at Infosecurity Europe to talk ransomware, AI threats, and the future of cybercrime disruption.When the UK's top cyber intelligence strategist sits down with you in London, you listen — and you hit record.At Infosecurity Europe 2025, the ITSPmagazine podcast team — Marco Ciappelli and Sean Martin — sat down with William Lyne, Deputy Director and Head of Cyber Intelligence at the UK's National Crime Agency (NCA). This is the guy who not only leads cyber strategy for the NCA, but has also represented the UK at the FBI in the U.S. and now oversees national-level ransomware disruption efforts. It's not just a conversation — it's a rare front-row seat into how one of the world's most serious crime-fighting agencies is tackling ransomware 3.0.The message? Ransomware isn't just a cyber issue. It's a societal one. And it's evolving faster than we're prepared for — unless we change the game.“It went from niche to national threat fast,” Lyne explains. “The tools were always there. It just took a few threat actors to stitch them together.”From banking malware to fully operational cybercrime-as-a-service ecosystems, Lyne walks us through how the underground economy has industrialized. Ransomware isn't just about tech — it's about access, scale, and business models. And most importantly, it's no longer limited to elite coders or closed-door Russian-speaking forums. The barrier to entry is gone, and the dark web is wide open for business.Sean brings up the obvious: “Why does this still feel like we're always reacting?”Lyne responds: “We've shifted. We're going after the ecosystem — the people, the infrastructure, the business model — not just the payload.” That includes disrupting ransomware-as-a-service, targeting marketplaces, and yes, investing in preemptive intelligence.Marco flips the script by comparing today's cyber landscape to something deeply human. “Extortion is nothing new — we've just digitalized it. This is human behavior, scaled by tech.”From there, the conversation takes a future-facing turn. Deepfakes, AI-powered phishing, the commoditization of generative tools — Lyne confirms it's all on their radar. But he's quick to note that cybercriminals aren't bleeding-edge innovators. “They adopt when the ROI is right. But AI-as-a-service? That's coming. And it will reshape how efficient — and damaging — these threats become.”And then the real insight lands:“You can't wait to be a victim to talk to law enforcement. We may already have access to the infrastructure. The earlier we hear from you, the better we can act — and fast.”That kind of operational openness isn't something you heard from law enforcement five years ago. It signals a cultural shift — one where collaboration is not optional, it's essential.William also highlights the NCA's partnerships with private sector firms, academia, and international agencies, including the Kronos operation targeting LockBit infrastructure. These kinds of collaborations prove that when information moves, so does impact.Why does this matter?Because while most cybersecurity media gets stuck in product buzzwords and vendor hype, this is the real stuff — how ransomware groups behave, how law enforcement thinks, and how society can respond. It's not theory. It's strategy, lived on the front lines. 

ITSPmagazine | Technology. Cybersecurity. Society
What Hump? Thirty Years of Cybersecurity and the Fine Art of Pretending It's Not a Human Problem | A Musing On Society & Technology Newsletter Written By Marco Ciappelli | Read by TAPE3

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 15, 2025 9:59


What Hump? Thirty Years of Cybersecurity and the Fine Art of Pretending It's Not a Human ProblemA new transmission from Musing On Society and Technology Newsletter, by Marco CiappelliJune 6, 2025A Post-Infosecurity Europe Reflection on the Strange but Predictable Ways We've Spent Thirty Years Pretending Cybersecurity Isn't About People.⸻ Once there was a movie titled “Young Frankenstein” (1974) — a black-and-white comedy directed by Mel Brooks, written with Gene Wilder, and starring Wilder and Marty Feldman, who delivers the iconic “What hump?” line.Let me describe the scene:[Train station, late at night. Thunder rumbles. Dr. Frederick Frankenstein steps off the train, greeted by a hunched figure holding a lantern — Igor.]Igor: Dr. Frankenstein?Dr. Frederick Frankenstein: It's Franken-steen.Igor: Oh. Well, they told me it was Frankenstein.Dr. Frederick Frankenstein: I'm not a Frankenstein. I'm a Franken-steen.Igor (cheerfully): All right.Dr. Frederick Frankenstein (noticing Igor's eyes): You must be Igor.Igor: No, it's pronounced Eye-gor.Dr. Frederick Frankenstein (confused): But they told me it was Igor.Igor: Well, they were wrong then, weren't they?[They begin walking toward the carriage.]Dr. Frederick Frankenstein (noticing Igor's severe hunchback): You know… I'm a rather brilliant surgeon. Perhaps I could help you with that hump.Igor (looks puzzled, deadpan): What hump?[Cut to them boarding the carriage, Igor climbing on the outside like a spider, grinning wildly.]It's a joke, of course. One of the best. A perfectly delivered absurdity that only Mel Brooks and Marty Feldman could pull off. But like all great comedy, it tells a deeper truth.Last night, standing in front of the Tower of London, recording one of our On Location recaps with Sean Martin, that scene came rushing back. We joked about invisible humps and cybersecurity. And the moment passed. Or so I thought.Because hours later — in bed, hotel window cracked open to the London night — I was still hearing it: “What hump?”And that's when it hit me: this isn't just a comedy bit. It's a diagnosis. Here we are at Infosecurity Europe, celebrating its 30th anniversary. Three decades of cybersecurity: a field born of optimism and fear, grown in complexity and contradiction.We've built incredible tools. We've formed global communities of defenders. We've turned “hacker” from rebel to professional job title — with a 401(k), branded hoodies, and a sponsorship deal. But we've also built an industry that — much like poor Igor — refuses to admit something's wrong.The hump is right there. You can see it. Everyone can see it. And yet… we smile and say: “What hump?”We say cybersecurity is a priority. We put it in slide decks. We hold awareness months. We write policies thick enough to be used as doorstops. But then we underfund training. We silo the security team. We click links in emails that say whatever will make us think it's important — just like those pieces of snail mail stamped URGENT that we somehow believe, even though it turns out to be an offer for a new credit card we didn't ask for and don't want. Except this time, the payload isn't junk mail — it's a clown on a spring exploding out of a fun box.Igor The hump moves, shifts, sometimes disappears from view — but it never actually goes away. And if you ask about it? Well… they were wrong then, weren't they?That's because it's not a technology problem. This is the part that still seems hard to swallow for some: Cybersecurity is not a technology problem. It never was.Yes, we need technology. But technology has never been the weak link.The weak link is the same as it was in 1995: us. The same it was before the internet and before computers: Humans.With our habits, assumptions, incentives, egos, and blind spots. We are the walking, clicking, swiping hump in the system. We've had encryption for decades. We've known about phishing since the days of AOL. Zero Trust was already discussed in 2004 — it just didn't have a cool name yet.So why do we still get breached? Why does a ransomware gang with poor grammar and a Telegram channel take down entire hospitals?Because culture doesn't change with patches. Because compliance is not belief. Because we keep treating behavior as a footnote, instead of the core.The Problem We Refuse to See at the heart of this mess is a very human phenomenon:vIf we can't see it, we pretend it doesn't exist.We can quantify risk, but we rarely internalize it. We trust our tech stack but don't trust our users. We fund detection but ignore education.And not just at work — we ignore it from the start. We still teach children how to cross the street, but not how to navigate a phishing attempt or recognize algorithmic manipulation. We give them connected devices before we teach them what being connected means. In this Hybrid Analog Digital Society, we need to treat cybersecurity not as an optional adult concern, but as a foundational part of growing up. Because by the time someone gets to the workforce, the behavior has already been set.And worst of all, we operate under the illusion that awareness equals transformation.Let's be real: Awareness is cheap. Change is expensive. It costs time, leadership, discomfort. It requires honesty. It means admitting we are all Igor, in some way. And that's the hardest part. Because no one likes to admit they've got a hump — especially when it's been there so long, it feels like part of the uniform.We have been looking the other way for over thirty years. I don't want to downplay the progress. We've come a long way, but that only makes the stubbornness more baffling.We've seen attacks evolve from digital graffiti to full-scale extortion. We've watched cybercrime move from subculture to multi-billion-dollar global enterprise. And yet, our default strategy is still: “Let's build a bigger wall, buy a shinier tool, and hope marketing doesn't fall for that PDF again.”We know what works: Psychological safety in reporting. Continuous learning. Leadership that models security values. Systems designed for humans, not just admins.But those are hard. They're invisible on the balance sheet. They don't come with dashboards or demos. So instead… We grin. We adjust our gait. And we whisper, politely:“What hump?”So what Happens now? If you're still reading this, you're probably one of the people who does see it. You see the hump. You've tried to point it out. Maybe you've been told you're imagining things. Maybe you've been told it's “not a priority this quarter.” And maybe now you're tired. I get it.But here's the thing: Nothing truly changes until we name the hump.Call it bias.Call it culture.Call it education.Call it the human condition.But don't pretend it's not there. Not anymore. Because every time we say “What hump?” — we're giving up a little more of the future. A future that depends not just on clever code and cleverer machines, but on something far more fragile:Belief. Behavior. And the choice to finally stop pretending.We joked in front of a thousand-year-old fortress. Because sometimes jokes tell the truth better than keynote stages do. And maybe the real lesson isn't about cybersecurity at all.Maybe it's just this: If we want to survive what's coming next, we have to see what's already here.- The End➤ Infosecurity Europe: https://www.itspmagazine.com/infosecurity-europe-2025-infosec-london-cybersecurity-event-coverageAnd ... we're not done yet ... stay tuned and follow Sean and Marco as they will be On Location at the following conferences over the next few months:➤ Black Hat USA in Las Vegas in August: https://www.itspmagazine.com/black-hat-usa-2025-hacker-summer-camp-2025-cybersecurity-event-coverage-in-las-vegasFOLLOW ALL OF OUR ON LOCATION CONFERENCE COVERAGEhttps://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageShare this newsletter and invite anyone you think would enjoy it!As always, let's keep thinking!— Marco [https://www.marcociappelli.com]

Fore Golfers Network Podcast
On Location at The Meijer LPGA Classic for Simply Give - MGL Radio June 14

Fore Golfers Network Podcast

Play Episode Listen Later Jun 14, 2025 84:16


This is the Michigan Golf Live Radio June 14th edition On Location at The Meijer LPGA Classic for Simply Give We're broadcasting from the 11th edition of the Meijer LPGA Classic for Simply Give at Blythefield CC near Grand Rapids - a premier LPGA tournment drawing one of the strongest fields of the year to a venue that is the template for incredible community/corporate teamwork and a family-friendly tournament. You'll hear from Lexi Thompson and other players, key Meijer LPGA officials, Blythefield CC leadership, and families who came to explore and enjoy the event. It's one of our favorite broadcasts every year as the Meijer LPGA just keeps getting better and better! ---------------- MGL 24/7 Listener Hotline - (989) 272-2383 - we want to hear from you! Subscribe to the MGL/FGN Podcast Watch our videos on YouTube  

Those Were The Days
Josie and the Pussycats - S1E6

Those Were The Days

Play Episode Listen Later Jun 11, 2025 47:48


This week, Travis takes us back to the animated classics, and back to that marvelous world that is Hanna-Barbara cartoons! Josie and the Pussycats joins a classic set of shows that seemed to exist at least in part to sell records. Does the show hold up? Let's find out!Next week, we're kicking off our "On Location" theme by letting Audie take us ... somewhere? We'll let you know! Follow us on the socials below and you'll be sure to hear when we do.Send us feedback about the show on BlueSky at @thosedaysshow.bsky.social or email us thosewerethedaysshow@gmail.comFollow us on socials!StephenAmyAudieTvsTravisThose Were The Days on BlueSkySend us a Voicemail!Support 2Dorks on PatreonJoin us every Monday at 9pm ET on Twitch to watch live! Hosted on Acast. See acast.com/privacy for more information.

NCSEA On Location
The New NTCSA Newsletter -- Connections:  Tribal Child Support News

NCSEA On Location

Play Episode Listen Later Jun 11, 2025 28:38


On this week's program, join Tim Lightner (eWorld Enterprise Solutions Inc.) as he welcomes Bill Woods  (Vice President, National Tribal Child Support Association) to the On Location studio.  Bill joins us to share about himself, and the newest endeavor of the National Tribal Child Support Association.  Hear about Connections:  Tribal Child Support News – how it got started, what to expect, and how to sign up.  And as a bonus, find out more about the 24th Annual NTCSA Conference coming up next week in Albuquerque, New Mexico.  To submit an article, please reach out to NTCSA4children@gmail.comHome Page - NTCSA - National Tribal Child Support AssociationNTCSA Conference - NTCSA - National Tribal Child Support Association

ITSPmagazine | Technology. Cybersecurity. Society
Beyond the Hoodie: Redefining Who Belongs in Cybersecurity with Community as the Missing Link in Cyber Resilience | An Infosecurity Europe 2025 Conversation with Amanda Finch | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 27:03


In this episode, Amanda Finch, Chief Executive Officer of the Chartered Institute of Information Security, offers a perspective shaped by decades of experience in a field she has grown with and helped shape. She shares how cybersecurity has transformed from an obscure technical pursuit into a formalized profession with recognized pathways, development programs, and charters. Her focus is clear: we need to support individuals and organizations at every level to ensure cybersecurity is inclusive, sustainable, and effective.Amanda outlines how the Chartered Institute has developed a structured framework to support cybersecurity careers from entry-level to fellowship. Programs such as the Associate Development Program and the Full Membership Development Program help individuals grow into leadership roles, especially those who come from technical backgrounds and must now influence strategy, policy, and people. She emphasizes that supporting this journey isn't just about skills—it's about building confidence and community.A significant part of the conversation centers on representation and diversity. Amanda speaks candidly about being one of the only women in the room early in her career and acknowledges the progress made, but she also highlights the structural issues still holding many back. From the branding of cybersecurity as overly technical, to the inaccessibility of school programs for under-resourced communities, the industry has work to do. She argues for a wider understanding of the skills needed in cybersecurity—communication, analysis, problem-solving—not just coding or technical specialization.Amanda also addresses the growing threat to small and medium-sized businesses. While large organizations may have teams and resources to manage security, smaller businesses face the same threats without the same support. She calls for a renewed emphasis on community-based solutions—knowledge sharing, mentorship, and collaborative platforms—that extend the reach of cyber defense to those with fewer resources.In closing, Amanda urges us not to forget the enduring principles of security—know what you're protecting, understand the consequences if it fails, and use foundational practices to stay grounded even when new technologies like AI and deepfakes arrive. And just as importantly, she reminds us that human principles—trust, empathy, responsibility—are vital tools in facing cybersecurity's biggest challenges.___________Guest: Amanda Finch, CEO of the Chartered Institute of Information Security | https://www.linkedin.com/in/amanda-finch-fciis-b1b1951/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Code to Culture: Why Technical Tools Alone Won't Save Cybersecurity | An Infosecurity Europe 2025 Conversation with Rob Black | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 22:33


What if the key to cybersecurity isn't more tech—but more humanity?In this On Location episode of ITSPmagazine, Rob Black—UK Cyber Citizen of the Year and founder of the Global Institute of Cyber Deception—joins hosts Marco Ciappelli and Sean Martin to challenge conventional thinking around cyber defense. With a background spanning military operations and human sciences, Rob brings a fresh perspective that prioritizes multidisciplinary thinking, behavioral insight, and creative disruption over brute-force technology.Rob highlights the importance of soft skills and critical thinking through initiatives like the UK Cyber Leaders Challenge, where students take on crisis simulation roles to sharpen leadership and communication in real-world scenarios. These experiences underscore the need to cultivate professionals who can think dynamically, not just code efficiently.A key focus of the conversation is the strategic use of deception in cybersecurity. Rob points out that while organizations obsess over vulnerabilities and zero-days, they often overlook attacker intent. Instead of just locking down infrastructure, defenders should disrupt decision-making—using tools, tactics, and even perception itself to sow doubt and hesitation. From publicizing the use of deception technologies to crafting networks that appear already compromised by rival threat actors, Rob argues for a smarter, more psychological approach to defense.He also pushes back against the industry's obsession with tools for every symptom—drawing a parallel to big pharma's model of selling treatments without tackling root causes. If cybersecurity is to become more resilient, he argues, it needs to embrace a systems mindset that includes governance, behavioral science, and even cultural analysis.This episode is a must-listen for anyone tired of buzzwords and ready to rethink cybersecurity as a socio-technical system—not just a digital one. From geopolitics to psychology, deception to diplomacy, Rob Black connects the dots between how we live with technology and how we must protect it—not just through code, but through creativity, context, and compassion. Listen now to explore how cybersecurity can grow up—and get smarter—by getting more human.___________Guest: Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The Digital Dark Alley: Teaching Cybersecurity Like Fire Safety by Building Cyber Habits That Stick | An Infosecurity Europe 2025 Conversation with Jemma Davis | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 21:06


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Saima Poorghobad, Portfolio Director at Reed Exhibitions | https://www.linkedin.com/in/saima-poorghobad-6a37791b/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Stay Calm, But Be Ready: What Trust Looks Like in the Middle of a Breach | An Infosecurity Europe 2025 Conversation with Steve Wright | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 28:57


What does it really mean to be crisis-ready? In this conversation from InfoSecurity Europe 2025, Steve Wright—a data privacy and cybersecurity leader with three decades of experience spanning Siemens, Unilever, John Lewis, and the Bank of England—joins Sean Martin and Marco Ciappelli to unpack the heart of effective crisis management. With a career that's evolved from risk, through cybersecurity, and now into privacy, Wright offers a refreshingly grounded perspective: crisis management starts with staying calm—but only if you've done the work beforehand.Preparation Over PanicCrisis management isn't just a technical checklist—it's a cultural discipline. Wright emphasizes that calm only comes from consistent practice. From live simulations to cross-functional coordination, he warns that too many organizations are underprepared, relying on ad hoc responses when a breach or outage occurs. Drawing on a real-life ransomware scenario from his time at John Lewis, Wright illustrates the importance of verification, collaboration with law enforcement, and informed decision-making over knee-jerk reactions.Containment, Communication, and CulturePreparation leads naturally to containment—an organization's ability to limit the damage. Whether it's pulling cables or isolating systems, quick thinking can prevent weeks of downtime. But just as important is how you communicate. Wright points to the contrast between companies that respond with transparency and empathy versus those that go silent, risking public trust. Modern crisis management requires the ability to shift the narrative and speak directly to affected stakeholders—before speculation takes over.Trust and Accountability in a Global EcosystemDigital trust has become a board-level concern, not just a technical one. Wright notes that conversations with executives have moved beyond compliance to include broader questions of data ownership, consumer expectations, and supply chain accountability. As global systems grow more complex, clarity about who owns what—and who's responsible when things go wrong—becomes harder to establish, but more important than ever.Looking AheadWright ends with a look to the future, imagining a world where individuals control their data through biometric locks and personal data brokers. Whether this utopia (or dystopia) arrives remains to be seen—but the path forward demands organizations prioritize practice, transparency, and trust today.___________Guest: Steve Wright, Data Protection Officer, Financial Services Compensation Scheme | https://www.linkedin.com/in/stevewright1970/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Understanding Cybersecurity Behavior: From Social Engineering to Shadow AI | An Infosecurity Europe 2025 Conversation with Jason Nurse | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 10, 2025 15:21


Dr. Jason Nurse, academic and cybersecurity behavior researcher, joins Marco Ciappelli at Infosecurity Europe to unpack the shift in cybersecurity thinking—away from purely technical measures and toward a deeper understanding of human behavior and psychology. Nurse focuses his work on why people act the way they do when it comes to security decisions, and how culture, community, and workplace influences shape those actions.Behavior is increasingly taking center stage in security conversations, and for good reason. Nurse points to recent attacks that succeed not because of flaws in technology but due to the manipulation of individuals—such as social engineering tactics that target help desk personnel. These incidents highlight how behavioral cues and psychological triggers are weaponized, making it critical for organizations to address not just systems, but the people using them.The conversation then shifts to artificial intelligence, particularly the growing issue of “shadow AI” in corporate settings. Nurse cites research from the National Cybersecurity Alliance's Behavior Report, revealing that approximately 40% of employees who use AI admit to sharing sensitive corporate information with these tools—often without their employer's awareness. Even more concerning, over half of those organizations offer no training on safe or responsible AI use.Rather than banning AI outright, Nurse advocates for responsible use grounded in training and transparency. He acknowledges that some companies attempt to enforce boundaries by deploying internal AI systems, but these are often limited in capability. Others are exploring solutions to filter or sanitize inputs, though achieving a practical balance remains elusive.The conversation also touches on the emotional and psychological bonds forming between individuals and AI. Nurse notes that users increasingly treat AI like a companion, trusting it with personal information and seeking advice, even in sensitive contexts such as mental health. That trust, while understandable, opens new avenues for misuse and misjudgment—especially when users forget AI lacks genuine understanding.This episode prompts an important question: as AI becomes part of our daily routines, how do we maintain control, context, and caution in our interactions with it—and what does that mean for the future of security?___________Guest: Dr. Jason R.C. Nurse, Associate Professor in Cybersecurity at the University of Kent | https://www.linkedin.com/in/jasonrcnurse/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The Billion-Dollar Blueprint: Following the Digital Trail of Criminal Cash and the Human Cost of Cybercrime | An Infosecurity Europe 2025 Conversation with Geoff White | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 24:04


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Geoff White, Author, Speaker, Investigative Journalist, Podcast Creator | https://www.linkedin.com/in/geoffwhitetech/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Collaboration Isn't Fluffy: It's Fundamental to Cybersecurity—Rethinking the Role of Humans in Cyber Defense | An Infosecurity Europe 2025 Conversation with Purvi Kay and Rob Black | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 16:45


Cybersecurity isn't just about code, controls, or compliance—it's about people. That's the core message from Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems, and Rob Black, founder of the UK Cyber Leaders Challenge, as they share how genuine collaboration is reshaping security success in high-stakes environments.In this InfoSecurity Europe conversation, Purvi emphasizes that cybersecurity is still too often seen as an IT issue, when in reality it cuts across every aspect of business. Her role spans cybersecurity strategy, leadership development, and advocacy—serving also as Chair of BAE's Women in Cyber program and as a neurodiversity champion. For her, inclusion is more than a policy—it's essential to mission success, especially when coordinating across trilateral government and industry teams on programs as complex as next-gen fighter aircraft.Rob reinforces this point with his focus on developing soft skills in future cybersecurity leaders. His work brings non-traditional talent into cyber, prioritizing communication, empathy, and multidisciplinary collaboration. These human-centric capabilities are crucial when bridging divides between security, legal, HR, and operations.Both guests highlight how assumptions, language, and siloed thinking obstruct progress. Purvi shares how cybersecurity has often been seen as a barrier—brought in too late, misunderstood, or left out of key decisions. She now champions “secure by design” practices through early involvement of cross-functional teams. Rob brings a memorable example: using marriage counseling techniques to help auditors and developers understand each other better—not to resolve personal conflict, but to decode cultural and professional misalignments.Their conversation also touches on practical methods for building shared understanding, from sketching “river journeys” to map project dynamics, to fostering stakeholder buy-in through intentional communication. Whether aligning three governments or managing internal procurement, they show that collaboration isn't just a buzzword—it's a structured, repeatable approach to managing complexity.This episode offers a thoughtful and grounded look at how meaningful human connection—across functions, cultures, and roles—forms the foundation of effective cybersecurity. It's a timely reminder that the path to resilience begins with listening, empathy, and a clear sense of shared purpose.___________Guests:Purvi Kay, Head of Cybersecurity for the Future Combat Air System at BAE Systems | https://www.linkedin.com/in/purvikay/Rob Black, Director, UK Cyber Leaders Challenge | https://www.linkedin.com/in/rob-black-30440819/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
When Automation Meets Ethics, Budget, Data, and Risk: The Real Factors Behind AI Deployment | An Infosecurity Europe 2025 Conversation with Andrea Isoni | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 9, 2025 29:35


As Infosecurity Europe prepares to mark its 30th anniversary, Portfolio Director Saima Poorghobad shares how the event continues to evolve to meet the needs of cybersecurity professionals across industries, sectors, and career stages. What began in 1996 as a niche IT gathering has grown into a strategic hub for over 14,000 visitors, offering much more than just vendor booths and keynotes. Saima outlines how the event has become a dynamic space for learning, collaboration, and strategic alignment—balancing deep technical insight with the broader social, political, and technological shifts impacting the cybersecurity community.The Power of the Crowd: Community, Policy, and Lifelong LearningThis year's programming reflects the diverse needs of the cybersecurity community. Attendees range from early-career practitioners to seasoned decision-makers, with representation growing from academia and public policy. The UK government will participate in sessions designed to engage with the community and gather feedback to inform future regulation—a sign of how the show has expanded beyond its commercial roots. Universities are also getting special attention, with new student guides and tailored experiences to help emerging professionals find their place in the ecosystem.Tackling Today's and Tomorrow's Threats—From Quantum to GeopoliticsInfosecurity Europe 2024 is not shying away from bold topics. Professor Brian Cox will open the event by exploring the intersection of quantum science and cybersecurity, setting the tone for a future-facing agenda. Immediately following, BBC's Joe Tidy will moderate a session on how organizations can prepare for the cryptographic disruption quantum computing could bring. Rory Stewart will bring a geopolitical lens to the conversation, examining how shifting alliances, global trade tensions, and international conflicts are reshaping the threat landscape and influencing cybersecurity priorities across regions.Maximizing the Experience: Prep, Participate, and PartyFrom hands-on tech demos to peer-led table talks and new formats like the AI and Cloud Security Theater, the show is designed to be navigable—even for first-time attendees. Saima emphasizes preparation, networking, and follow-up as keys to success, with a new content download feature helping attendees retain insights post-event. The celebration culminates with a 90s-themed 30th anniversary party and a strong sense of pride in what this event has helped the community build—and protect—over three decades.The message is clear: cybersecurity is no longer just a technical field—it's a societal one.___________Guest: Saima Poorghobad, Portfolio Director at Reed Exhibitions | https://www.linkedin.com/in/saima-poorghobad-6a37791b/ Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
More Than Code: Why Human Skills Matter in AppSec | An OWASP AppSec Global 2025 Conversation with Maria Mora | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 3, 2025 15:37


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Maria Mora, Staff Application Security Engineer and active OWASP lifetime member, shares how her experience at the OWASP AppSec Global conference in Barcelona has reaffirmed the power of community in security. While many attendees chase back-to-back talks and technical training, Maria highlights something often overlooked—connection. Whether at the member lounge ping-pong table, during late-night beach meetups, or over keynote reflections, it's the relationships and shared purpose that make this event resonate.Maria emphasizes how her own journey into OWASP began with uncertainty but evolved into a meaningful path of participation. Through volunteering, serving on the events committee, and mentoring others, she has expanded not only her technical toolkit but also her ability to collaborate and communicate—skills she notes are essential in InfoSec but rarely prioritized. By stepping into the OWASP community, she's learned that you don't need decades of experience to contribute—just a willingness to start.Keynotes and sessions this year reinforced a similar message: security isn't just about hard skills. It's about bridging academia and industry, engaging first-time attendees, and creating welcoming spaces where no one feels like an outsider. Talks like Sarah Jané's encouraged attendees to find their own ways to give back, whether by submitting to the call for papers, helping with logistics, or simply sparking hallway conversations.Maria also points to how OWASP structures participation to make it accessible. Through demo rooms, project hubs, and informal lounge chats, attendees find ways to contribute to global initiatives like the OWASP Top 10 or volunteer-led trainings. Whether it's your first conference or your tenth, there's always room to jump in.For Maria, OWASP no longer feels like a secret club—it's a growing, open collective focused on helping people bring their best selves to security. That's the power of community: not just lifting up software, but lifting up each other.And for those thinking of taking the next step, Maria reminds us that the call for papers for OWASP DC is open through June 24th. As she puts it, “We all have something valuable to share—sometimes you just need the nudge to start.”GUEST: Maria Mora | Staff Application Security Engineer and OWASP events committee member | https://www.linkedin.com/in/riamaria/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Fraud to Fixes: Designing Usable Security for Financial Applications | An OWASP AppSec Global 2025 Conversation with Wojciech Dworakowski | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Jun 2, 2025 11:29


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sean Martin connects with event speaker, Wojciech Dworakowski, to unpack a critical and underexamined issue in today's financial systems: the vulnerability of mobile-only banking apps when it comes to transaction authorization.Wojciech points out that modern banking has embraced the mobile-first model—sometimes at the cost of fundamental security principles. Most banks now concentrate transaction initiation, security configuration, and transaction authorization into a single device: the user's smartphone. While this offers unmatched convenience, it also creates a single point of failure. If an attacker successfully pairs their phone with a victim's account, they can bypass multiple layers of security, often without needing traditional credentials.The discussion explores the limitations of relying solely on biometric options like Face ID or Touch ID. These conveniences may appear secure but often weaken the overall security posture when used without additional independent verification mechanisms. Wojciech outlines how common attack strategies have shifted from stealing credit card numbers to full account takeover—enabled by social engineering and weak device-pairing controls.He proposes a “raise the bar” strategy rather than relying on a single silver-bullet solution. Suggestions include enhanced device fingerprinting, detection of emulators or rooted environments, and shared interbank databases for device reputation and account pairing anomalies. While some of these are already in motion under new EU and UK regulations, they remain fragmented.Wojciech also introduces a bold idea: giving users a slider in the app to adjust their personal balance of convenience vs. security. This kind of usability-driven approach could empower users while still offering layered defense.For CISOs, developers, and FinTech leaders, the message is clear—evaluate your app security as if attackers already know the shortcuts. Watch the full conversation to hear Wojciech's real-world examples, including a cautionary tale from his own family. Catch the episode and learn how to design financial security that's not just strong—but usable.GUEST: Wojciech Dworakowski | OWASP Poland Chapter Board Member and Managing Partner at SecuRing | https://www.linkedin.com/in/wojciechdworakowski/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
From Dashboards to Decisions: Why Your Security Metrics Might Be Leading You Astray | An OWASP AppSec Global 2025 Conversation with Aram Hovsepyan | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 31, 2025 16:18


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Aram Hovsepyan, an active contributor to the OWASP SAMM project, brings a critical perspective to how the industry approaches security metrics, especially in vulnerability management. His message is clear: the way we collect and use metrics needs a serious rethink if we want to make real progress in reducing risk.Too often, organizations rely on readily available tool-generated metrics—like vulnerability counts—without pausing to ask what those numbers actually mean in context. These metrics may look impressive in a dashboard or board report, but as Aram points out, they're often disconnected from business goals. Worse, they can drive the wrong behaviors, such as trying to reduce raw vulnerability counts without considering exploitability or actual impact.Aram emphasizes the importance of starting with organizational goals, formulating questions that reflect progress toward those goals, and only then identifying metrics that provide meaningful answers. It's a research-backed approach that has been known for decades but is often ignored in favor of convenience.False positives, inflated dashboards, and a lack of alignment between metrics and strategy are recurring issues. Aram notes that many tools err on the side of overreporting to avoid false negatives, which leads to overwhelming—and often irrelevant—volumes of data. In some cases, up to 80% of identified vulnerabilities may be false positives, leaving security teams drowning in noise and chasing issues that may not matter.What's missing, he argues, is a strategic lens. Vulnerability management should be one component of a broader application security program, not the centerpiece. The OWASP Software Assurance Maturity Model (SAMM) offers a framework for evaluating and improving across a range of practices—strategy, risk analysis, and threat modeling among them—that collectively support better decision-making.To move forward, organizations need to stop treating vulnerability data as a performance metric and start treating it as a signal in a larger conversation about risk, impact, and architectural choices. Aram's call to action is simple: ask better questions, use tools more purposefully, and build security strategies that actually serve the business.GUEST: Aram Hovsepyan | OWASP SAMM Project Core Team member and CEO/Founder at CODIFIC | https://www.linkedin.com/in/aramhovsep/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Holding the Line on Quality in an AI-Driven SDLC | An OWASP AppSec Global 2025 Conversation with Sarah-Jane Madden | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 30, 2025 14:48


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sarah-Jane Madden brings a unique lens to application security, shaped by her journey from developer to security leader and CSO. Speaking at OWASP AppSec Global, she tackles one of today's most pressing concerns: how AI is reshaping software engineering—and how we must respond without compromising core values like quality and security.Madden emphasizes that AI is only the latest in a series of major disruptions, comparing it to shifts like remote work triggered by COVID. Her message is clear: organizations must prepare for continuous change, not just chase the current trend. That means prioritizing adaptability and ensuring critical practices like application security are not sacrificed in the rush to speed up delivery.She makes the case for a layered, iterative approach to development—rejecting the outdated linear mindset. Developers, she argues, should leverage AI as an accelerator, not a replacement. Think of AI as your digital intern: handling the drudgery, automating boilerplate code, and even applying internal security standards to code before it reaches human hands. This frees developers to focus on creative problem-solving and thoughtful architecture.However, Madden cautions against blind enthusiasm. While experimentation is healthy, organizations must be discerning about outcomes. Speed is meaningless without quality, and quality includes security. She calls on developers to advocate for high standards and reminds business leaders not to fall for the allure of shortcut statistics or flashy claims that promise results without skilled labor. Her analogy of microwave dinners vs. proper cuisine illustrates the risk of prioritizing convenience over substance—especially in complex problem-solving environments.For line-of-business leaders, Madden urges realistic expectations. AI can enhance productivity, but it doesn't eliminate the need for thoughtful development. Ultimately, customers will notice if quality drops, and reputational damage is hard to undo.In closing, Madden celebrates OWASP as more than an organization—it's a source of support, camaraderie, and genuine community for those working to build secure, reliable systems. Her message? Embrace change, use tools wisely, protect your standards, and never forget the human side of engineering.GUEST: Sarah-Jane Madden | Global Director of Cyber Defense at Fortive | https://www.linkedin.com/in/sarahjanemadden/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Why Global Community-Led Innovation Is Driving Real Application Security Progress | An OWASP AppSec Global 2025 Conversation with Starr Brown | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 30, 2025 9:06


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Starr Brown, Director of Open Source Projects and Programs at OWASP, unpacks the real engine behind the organization's impact: the projects and the people driving them forward.With over 130 active projects, OWASP continues to expand its open source contributions to improve software security across the board. While the OWASP Top 10 remains its most recognized initiative, Starr points out that it's just one among many. Other significant projects include the Application Security Verification Standard (ASVS), the Software Assurance Maturity Model (SAMM), and the increasingly popular security games like Cornucopia, which use gamification to bring security concepts into business conversations and development workflows.AI is playing an increasingly prominent role in OWASP's work. Starr highlights the GenAI Security Project as a focal point, encompassing tools and guidance for LLM use, agentic AI, red teaming, and more. The scale of community engagement is equally impressive: around 33,000 people are active on Slack, and hundreds contribute to individual initiatives, reflecting the organization's truly global and grassroots structure.Beyond tools and documentation, OWASP is influencing regulation and policy through initiatives like the AI Exchange and the Transparency Exchange. These projects connect with government entities and standards bodies such as the European Commission and CEN/CENELEC to help shape responsible governance frameworks around software, AI, and cybersecurity.Listeners also get a glimpse into what's ahead. From upcoming events in Washington, D.C., to the OWASP Community Room at DEF CON in Las Vegas, the goal is to keep fostering connections and hands-on engagement. These gatherings not only showcase flagship tools and frameworks but create space for open dialogue, prototyping, and collaboration—whether you're breaking things or building them.To get involved, Starr encourages exploring the OWASP Projects page and joining their Slack community. The conversation makes it clear: OWASP is not just a collection of tools—it's a living, breathing network of contributors shaping the future of secure software.GUEST: Starr Brown | Director of Open Source Projects and Programs at OWASP | https://www.linkedin.com/in/starr-brown-8837547/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
The API That Could Transform Software Transparency | An OWASP AppSec Global 2025 Conversation with Olle E Johansson | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 29, 2025 14:29


The introduction of the Cyber Resilience Act (CRA) marks a major shift for the software industry: for the first time, manufacturers are being held accountable for the cybersecurity of their products. Olle E. Johansson, a long-time open source developer and contributor to the Asterisk PBX project, explains how this new regulation reshapes the role of software creators and introduces the need for transparency across the entire supply chain.In this episode, Johansson breaks down the complexity of today's software supply ecosystems—where manufacturers rely heavily on open source components, and end users struggle to identify vulnerabilities buried deep in third-party dependencies. With the CRA in place, the burden now falls on manufacturers to not only track but also report on the components in their products. That includes actively communicating which vulnerabilities affect users—and which do not.To make this manageable, Johansson introduces the Transparency Exchange API (TEA), a project rooted in the OWASP CycloneDX standard. What started as a simple Software Bill of Materials (SBOM) delivery mechanism has evolved into a broader platform for sharing vulnerability information, attestations, documentation, and even cryptographic data necessary for the post-quantum transition. Standardizing this API through Ecma International is a major step toward a scalable, automated supply chain security infrastructure.The episode also highlights the importance of automation and shared data formats in enabling companies to react quickly to threats like Log4j. Johansson notes that, historically, security teams spent countless hours manually assessing whether they were affected by a specific vulnerability. The Transparency Exchange API aims to change that by automating the entire feedback loop from developer to manufacturer to end user.Although still in beta, the project is gaining traction with organizations like the Apache Foundation integrating it into their release processes. Johansson emphasizes that community feedback is essential and invites listeners to engage through GitHub to help shape the project's future.For Johansson, OWASP stands for global knowledge and collaboration in application security. As Europe's regulatory influence grows, initiatives like this are essential to build a stronger, more accountable software ecosystem.GUEST: Olle E Johansson | Co-Founder, SBOM Europe | https://www.linkedin.com/in/ollejohansson/HOST:Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESCycloneDX/transparency-exchange-api on GitHub: https://github.com/CycloneDX/transparency-exchange-apiVIDEO: The Cyber Resilience Act: How the EU is Reshaping Digital Product Security | With Sarah Fluchs: https://youtu.be/c30eG5kzqnYLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Redefining What Secure Application Development Looks Like: Bringing Application Security into Focus with ASVS v5 | An OWASP AppSec Global 2025 Conversation with Josh Grossman | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 29, 2025 13:32


In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Josh Grossman, co-leader of the OWASP Application Security Verification Standard (ASVS) project, shares key updates and strategic thinking behind the release of ASVS version 5. This release, years in the making, reflects a renewed focus on making the standard more approachable, practical, and actionable for development teams and security leaders alike.ASVS is designed to provide a comprehensive and verifiable set of security requirements for building and maintaining secure applications. More than just a checklist, it offers a clear blueprint for what a secure application should look like—making it easier to benchmark progress, develop secure design requirements, and implement effective controls. Version 5 emphasizes accessibility, particularly by lowering the barrier to entry for organizations adopting Level 1 of the standard, reducing the threshold of required controls from nearly 50% to under 30%.One of the major shifts in this new version is the tighter focus on the application itself, moving away from system-level topics like backup policies that tend to fall outside the scope of app development teams. This makes the standard more relevant to software architects, developers, and QA engineers—providing requirements that fall within their sphere of influence, while still covering the full software lifecycle from design to deployment.Grossman explains how organizations can customize ASVS to include their internal controls and build out secure coding checklists, implementation guides, and requirements documents tailored to their environments. He also highlights how ASVS aligns with other OWASP projects, like the Cheat Sheet Series and SAMM, for both control-level guidance and organizational process development.For security leaders looking to improve their application security programs, ASVS v5 offers a foundation to build on—clear, community-driven, and extensible. And true to OWASP's spirit, the project is backed by a passionate community, from project co-leads like Grossman and Elar Lang to contributors around the world. As Grossman puts it, OWASP is about connection—people tackling similar challenges, working together to make software safer.If you're looking for a way to bring practical, standards-based security into your software lifecycle, this conversation is your starting point.GUEST: Josh Grossman | CTO of Bounce Security and co-leader of the OWASP Application Security Verification Standard (ASVS) project | https://www.linkedin.com/in/joshcgrossman/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESOWASP Application Security Verification Standard (ASVS): https://owasp.org/www-project-application-security-verification-standard/Learn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Turning AppSec into a Workflow, Not a Roadblock – Building Security Programs That Teams Actually Want to Use | An OWASP AppSec Global 2025 Conversation with Spyros Gasteratos | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 29, 2025 17:28


During the upcoming OWASP Global AppSec EU in Barcelona, Spyros Gasteratos, long-time OWASP contributor and co-founder of Smithy, to explore how automation, collaboration, and community resources are shaping the future of application security. Spyros shares the foundation of his talk at OWASP AppSec Global: building a DevSecOps program from scratch using existing community tools—blending technical guidance with a celebration of open-source achievements.Spyros emphasizes that true progress in security stems not from an ever-growing stack of tools, but from aligning the humans behind them. According to him, security failures often stem from fragmented information and misaligned incentives across teams. His solution? Bring the teams together with a shared, streamlined flow of information and automate wherever possible to reduce wasted cycles and miscommunication.At the core of Spyros' philosophy is the need to turn AppSec from a blocker into a builder. Rather than overwhelming developers with endless bug reports, or security leaders with red dashboards, programs need to reflect the actual risk appetite of the business—prioritizing issues dynamically based on impact, timing, and operational goals. He challenges the one-size-fits-all approach, advocating instead for tagging systems that defer certain risks and encode organizational priorities in automation logic.A major part of that transformation lies in Smithy, the platform he's helping build. It's designed to be “Zapier for security”—an automation engine rooted in open-source standards that allows for custom workflows without creating a tangle of fragile scripts. The idea is to let teams focus on what's unique to them, while relying on battle-tested components for the rest.Looking ahead, Spyros doesn't buy into the doom-and-gloom narrative about AI limiting developer creativity. On the contrary, he argues that AI-enabled coding frees up cognitive space for better architecture and secure design thinking. In his view, creativity doesn't die—it just shifts from syntax to strategy.This episode is more than a discussion—it's a blueprint for how teams can rally around a common goal, and how OWASP's community can be the catalyst. Tune in to hear how open-source, automation, and human alignment are redefining AppSec from the ground up.GUEST: Spyros Gasteratos | OpenCRE co-lead and Founder of smithy.security | https://www.linkedin.com/in/spyr/HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.comSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESSpyros' Session: A completely pluggable DevSecOps programme, for free, using community resources (https://owasp2025globalappseceu.sched.com/event/1whCB/a-completely-pluggable-devsecops-programme-for-free-using-community-resources)Learn more and catch more stories from OWASP Global AppSec EU 2025 Conference coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

ITSPmagazine | Technology. Cybersecurity. Society
Outside the Ivory Tower: Connecting Practice and Science — Why Human-Centered Cybersecurity Needs Both | OWASP AppSec Global 2025 Pre-Event Keynote Conversation with Kate Labunets | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later May 26, 2025 19:39


During the upcoming OWASP Global AppSec EU in Barcelona, Kate Labunets, a cybersecurity researcher focused on human factors and usable security, takes the stage to confront a disconnect that too often holds the industry back: the gap between academic research and real-world cybersecurity practice.In her keynote, “Outside the Ivory Tower: Connecting Practice and Science,” Kate invites practitioners to reconsider their relationship with academic research—not as something removed from their daily reality, but as a vital tool that can lead to better decisions, more targeted security programs, and improved organizational resilience.Drawing from her current research, Kate shares how interviews and surveys with employees reveal the hidden motivations behind the use of shadow IT—tools and technologies adopted without formal approval. These aren't simply acts of rebellion or ignorance. They reflect misalignments between human behavior, workplace needs, and policy communication. By understanding these mindsets, organizations can move beyond one-size-fits-all training and begin designing interventions grounded in evidence.This is where science meets practice. Kate's work isn't about generating abstract theories. It's about applying research methods—like anonymous interviews and behavior-focused surveys—to surface insights that security leaders can act on. But for this to happen, researchers need access, and that depends on building trust with practitioners.The keynote also raises a critical point about time. In industries like medicine, the gap between a published discovery and its application in the real world can be 15 years. Kate argues that cybersecurity faces a similar delay, citing the example of multi-factor authentication: patented in 1998, but still not universally adopted today. Her goal is to accelerate this timeline by helping practitioners see themselves as contributors to science—not just consumers of its outcomes.By inviting companies to participate in research and engage with universities, Kate's message is clear: collaboration benefits everyone. The path to smarter, more human-aligned cybersecurity isn't gated behind academic walls. It's open to any team curious enough to ask better questions—and brave enough to challenge assumptions.GUEST: Kate Labunets | Assistant Professor (UD1) in Cyber Security at Utrecht University | https://www.linkedin.com/in/klabunets/HOSTS:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliSPONSORSManicode Security: https://itspm.ag/manicode-security-7q8iRESOURCESKate's Session: https://owasp2025globalappseceu.sched.com/event/1v86U/keynote-outside-the-ivory-tower-connecting-practice-and-scienceLearn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spainCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More