POPULARITY
AI Dependency Crisis + EV Infrastructure Failures: Tech Reality Check 2025When Two Infrastructure Promises Collide with RealityThe promise was simple: AI would augment human intelligence, and electric vehicles would transform transportation. The reality in 2025? Both are hitting infrastructure walls that expose uncomfortable truths about how technology actually scales.Sean Martin and Marco Ciappelli didn't plan to connect these dots in their latest Random and Unscripted weekly recap, but the conversation naturally evolved from AI dependency concerns to electric vehicle infrastructure challenges—revealing how both represent the same fundamental problem: mistaking technological capability for systemic readiness."The AI is telling us what success looks like and we're measuring against that, and who knows if it's right or wrong," Sean observed, describing what's become an AI dependency crisis in cybersecurity teams. Organizations aren't just using AI as a tool; they're letting it define their decision-making frameworks without maintaining the critical thinking skills to evaluate those frameworks.Marco connected this to their recent Black Cat analysis, describing the "paradox loop"—where teams lose both the ability to take independent action and think clearly because they're constantly feeding questions to AI, creating echo chambers of circular reasoning. "We're gonna be screwed," he said with characteristic directness. "We go back to something being magic again."This isn't academic hand-wringing. Both hosts developed their expertise when understanding fundamental technology was mandatory—when you had to grasp cables, connections, and core systems to make anything work. Their concern is for teams that might never develop that foundational knowledge, mistaking AI convenience for actual competence.The electric vehicle discussion, triggered by Marco's conversation with Swedish consultant Matt Larson, revealed parallel infrastructure failures. "Upgrading to electric vehicles isn't like updating software," Sean noted, recalling his own experience renting an EV and losing an hour to charging—"That's not how you're gonna sell it."Larson's suggestion of an "Apollo Program" for EV infrastructure acknowledges what the industry often ignores: some technological transitions require massive, coordinated investment beyond individual company capabilities. The cars work; the surrounding ecosystem barely exists. Sound familiar to anyone implementing AI without considering organizational infrastructure?From his Object First webinar on backup systems, Sean extracted a deceptively simple insight: immutability matters precisely because bad actors specifically target backups to enable ransomware success. "You might think you're safe and resilient until something happens and you realize you're not."Marco's philosophical take—comparing immutable backups to never stepping in the same river twice—highlights why both cybersecurity and infrastructure transitions demand unchanging foundations even as everything else evolves rapidly.The episode's most significant development was their expanded event coverage announcement. Moving beyond traditional cybersecurity conferences to cover IBC Amsterdam (broadcasting technology since 1967), automotive security events, gaming conferences, and virtual reality gatherings represents recognition that infrastructure challenges cross every industry."That's where things really get interesting," Sean noted about broader tech events. When cybersecurity professionals only discuss security in isolation, they miss how infrastructure problems manifest across music production, autonomous vehicles, live streaming, and emerging technologies.Both AI dependency and EV infrastructure failures share the same root cause: assuming technological capability automatically translates to systemic implementation. The gap between "this works in a lab" and "this works in reality" represents the most critical challenge facing technology leaders in 2025.Their call to action extends beyond cybersecurity: if you know about events that address infrastructure challenges at the intersection of technology and society, reach out. The "usual suspects" of security conferences aren't where these broader infrastructure conversations are happening.What infrastructure gaps are you seeing between technology promises and implementation reality? Join the conversation on LinkedIn or connect through ITSP Magazine.________________Hosts links:
I had one of those conversations that reminded me why I'm so passionate about exploring the intersection of technology and society. Speaking with Mark Smith, a board member at IBC and co-lead of their accelerator program, I found myself transported back to my roots in communication and media studies, but with eyes wide open to what's coming next.Mark has spent over 30 years in media technology, including 23 years building Mobile World Congress in Barcelona. When someone with that depth of experience gets excited about what's happening now, you pay attention. And what's happening at IBC 2025 in Amsterdam this September is nothing short of a redefinition of how we create, distribute, and authenticate content.The numbers alone are staggering: 1,350 exhibitors across 14 halls, nearly 300 speakers, 45,000 visitors. But what struck me wasn't the scale—it's the philosophical shift happening in how we think about media production. We're witnessing television's centennial year, with the first demonstrations happening in 1925, and yet we're simultaneously seeing the birth of entirely new forms of creative expression.What fascinated me most was Mark's description of their Accelerator Media Innovation Program. Since 2019, they've run over 50 projects involving 350 organizations, creating what he calls "a safe environment" for collaboration. This isn't just about showcasing new gadgets—it's about solving real challenges that keep media professionals awake at night. In our Hybrid Analog Digital Society, the traditional boundaries between broadcaster and audience, between creator and consumer, are dissolving faster than ever.The AI revolution in media production particularly caught my attention. Mark spoke about "AI assistant agents" and "agentic AI" with the enthusiasm of someone who sees liberation rather than replacement. As he put it, "It's an opportunity to take out a lot of laborious processes." But more importantly, he emphasized that it's creating new jobs—who would have thought "AI prompter" would become a legitimate profession?This perspective challenges the dystopian narrative often surrounding AI adoption. Instead of fearing the technology, the media industry seems to be embracing it as a tool for enhanced creativity. Mark's excitement was infectious when describing how AI can remove the "boring" aspects of production, allowing creative minds to focus on what they do best—tell stories that matter.But here's where it gets really interesting from a sociological perspective: the other side of the screen. We talked about how streaming revolutionized content consumption, giving viewers unprecedented control over their experience. Yet Mark observed something I've noticed too—while the technology exists for viewers to be their own directors (choosing camera angles in sports, for instance), many prefer to trust the professional's vision. We're not necessarily seeking more control; we're seeking more relevance and authenticity.This brings us to one of the most critical challenges of our time: content provenance. In a world where anyone can create content that looks professional, how do we distinguish between authentic journalism and manufactured narratives? Mark highlighted their work on C2PA (content provenance initiative), developing tools that can sign and verify media sources, tracking where content has been manipulated.This isn't just a technical challenge—it's a societal imperative. As Mark noted, YouTube is now the second most viewed platform in the UK. When user-generated content competes directly with traditional media, we need new frameworks for understanding truth and authenticity. The old editorial gatekeepers are gone; we need technological solutions that preserve trust while enabling creativity.What gives me hope is the approach I heard from Mark and his colleagues. They're not trying to control technology's impact on society—they're trying to shape it consciously. The IBC Accelerator Program represents something profound: an industry taking responsibility for its own transformation, creating spaces for collaboration rather than competition, focusing on solving real problems rather than just building cool technology.The Google Hackfest they're launching this year perfectly embodies this philosophy. Young broadcast engineers and software developers working together on real challenges, supported by established companies like Formula E. It's not about replacing human creativity with artificial intelligence—it's about augmenting human potential with technological tools.As I wrapped up our conversation, I found myself thinking about my own journey from studying sociology of communication in a pre-internet world to hosting podcasts about our digital transformation. Technology doesn't just change how we communicate—it changes who we are as communicators, as creators, as human beings sharing stories.IBC 2025 isn't just a trade show; it's a glimpse into how we're choosing to redefine our relationship with media technology. And that choice—that conscious decision to shape rather than simply react—gives me genuine optimism about our Hybrid Analog Digital Society.Subscribe to Redefining Society and Technology Podcast for more conversations exploring how we're consciously shaping our technological future. Your thoughts and reflections always enrich these discussions.
⬥GUEST⬥Andy Ellis, Legendary CISO [https://howtociso.com] | On LinkedIn: https://www.linkedin.com/in/csoandy/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin speaks with Andy Ellis, former CSO at Akamai and current independent advisor, about the shifting expectations of security leadership in today's SaaS-powered, AI-enabled business environment.Andy highlights that many organizations—especially mid-sized startups—struggle not because they lack resources, but because they don't know how to contextualize what security means to their business goals. Often, security professionals aren't equipped to communicate with executives or boards in a way that builds shared understanding. That's where advisors like Andy step in: not to provide a playbook, but to help translate and align.One of the core ideas discussed is the reframing of security as an enabler rather than a gatekeeper. With businesses built almost entirely on SaaS platforms and outsourced operations, IT and security should no longer be siloed. Andy encourages security teams to “own the stack”—not just protect it—by integrating IT management, vendor oversight, and security into a single discipline.The conversation also explores how AI and automation empower employees at every level to “vibe code” their own solutions, shifting innovation away from centralized control. This democratization of tech raises new opportunities—and risks—that security teams must support, not resist. Success comes from guiding, not gatekeeping.Andy shares practical ways CISOs can build influence, including a deceptively simple yet powerful technique: ask every stakeholder what security practice they hate the most and what critical practice is missing. These questions uncover quick wins that earn political capital—critical fuel for driving long-term transformation.From his “First 91 Days” guide for CISOs to his book 1% Leadership, Andy offers not just theory but actionable frameworks for influencing culture, improving retention, and measuring success in ways that matter.Whether you're a CISO, a founder, or an aspiring security leader, this episode will challenge how you think about the role security plays in business—and what it means to lead from the middle.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/csoandy_how-to-ciso-the-first-91-days-ugcPost-7330619155353632768-BXQT/Book: “How to CISO: The First 91-Day Guide” by Andy Ellis — https://howtociso.com/library/first-91-days-guide/Book: “1% Leadership: Master the Small Daily Habits that Build Exceptional Teams” — https://www.amazon.com/1-Leadership-Daily-Habits-Exceptional/dp/B0BSV7T2KZ⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
What happens when a cybersecurity incident requires legal precision, operational coordination, and business empathy—all at once? That's the core question addressed in this origin story with Bryan Marlatt, Chief Regional Officer for North America at CyXcel.Bryan brings over 30 years of experience in IT and cybersecurity, with a history as a CISO, consultant, and advisor. He now helps lead an organization that sits at the intersection of law, cyber, and geopolitics—an uncommon combination that reflects the complexity of modern risk. CyXcel was founded to address this reality head-on, integrating legal counsel, cybersecurity expertise, and operational insight into a single, business-first consulting model.Rather than treat cybersecurity as a checklist or a technical hurdle, Bryan frames it as a service that should start with the business itself: its goals, values, partnerships, and operating environment. That's why their engagements often begin with conversations with sales, finance, or operations—not just the CIO or CISO. It's about understanding what needs to be protected and why, before prescribing how.CyXcel supports clients before, during, and after incidents—ranging from tailored tabletop exercises to legal coordination during breach response and post-incident recovery planning. Their work spans critical sectors like healthcare, utilities, finance, manufacturing, and agriculture—where technology, law, and regulation often converge under pressure.Importantly, Bryan emphasizes the need for tailored guidance, not generic frameworks. He notes that many companies don't realize how incomplete their protections are until it's too late. In one example, he recounts a hospital system that chose to “pay the fine” rather than invest in cybersecurity—a decision that risks reputational and operational harm far beyond the regulatory penalty.From privacy laws and third-party contract reviews to incident forensics and geopolitical risk analysis, this episode reveals how cybersecurity consulting is evolving to meet a broader—and more human—set of business needs.Learn more about CyXcel: https://itspm.ag/cyxcel-922331Note: This story contains promotional content. Learn more.Guest: Bryan Marlatt, Chief Regional Officer (North America) at CyXcel | On LinkedIn: https://www.linkedin.com/in/marlattb/ResourcesLearn more and catch more stories from CyXcel: https://www.itspmagazine.com/directory/cyxcelLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
This year at Black Hat USA 2025, the conversation is impossible to escape: artificial intelligence. But while every vendor claims an AI-powered edge, the real question is how organizations can separate meaningful innovation from noise.In our discussion with Evgeniy Kharam, Vice President of Cybersecurity Architecture at Herjavec Group (formerly), Chief Strategy Officer (CSO) at Discern Security, and long-time security leader and author, the theme of AI confusion takes center stage. Evgeniy notes that CISOs and security architects don't have the time or resources to analyze what “AI” means in every product pitch. With over 4,000 vendors in the ecosystem, each layering its own flavor of AI, the burden falls on security leaders to distinguish hype from usable automation.From Gondola Pitches to AI OverloadEvgeniy shares how his creative networking events—skiing, biking, and beyond—mirror the industry's need for genuine connection and trust. Just as his “gondola pitch” builds authentic engagement, buyers want clarity and honesty from technology providers. The proliferation of AI labels, however, makes that trust harder to establish.Where AI Can HelpEvgeniy highlights areas where AI can reduce friction, from vulnerability management and detection to policy writing and compliance. Yet, even here, issues such as hallucinations, privacy tradeoffs, and ethics cannot be ignored. When AI begins influencing employee monitoring or analyzing sensitive data, organizations face difficult questions about fairness, transparency, and control.The Unspoken Challenge: Surveillance and TrustAs we discuss the balance between employee privacy and corporate protection, it becomes clear that AI introduces new layers of surveillance. In Europe, cultural and legal boundaries create clear separation between personal and professional lives. In North America, the lines blur, raising ethical debates that may ultimately be tested in courts.The takeaway? AI has the potential to unlock workflows that were previously too costly or complex. But without transparency, governance, and a commitment to responsible use, the “AI in everything” trend risks overwhelming the very leaders it is meant to help.___________Guest:Evgeniy Kharam, Chief Strategy Officer (CSO), Discern Security | On LinkedIn: https://www.linkedin.com/in/ekharam/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
We're Becoming Dumb and Numb": Why Black Hat 2025's AI Hype Is Killing Cybersecurity -- And Our Ability to Think Random and Unscripted Weekly Update Podcast with Sean Martin and Marco Ciappelli__________________SummarySean and Marco dissect Black Hat USA 2025, where every vendor claimed to have "agentic AI" solutions. They expose how marketing buzzwords create noise that frustrates CISOs seeking real value. Marco references the Greek myth of Talos - an ancient AI robot that seemed invincible until one fatal flaw destroyed it - as a metaphor for today's overinflated AI promises. The discussion spirals into deeper concerns: are we becoming too dependent on AI decision-making? They warn about echo chambers, lowest common denominators, and losing our ability to think critically. The solution? Stop selling perfection, embrace product limitations, and keep humans in control. __________________10 Notable QuotesSean:"It's hard for them to siphon the noise. Sift through the noise, I should say, and figure out what the heck is really going on.""If we completely just use it for the easy button, we'll stop thinking and we won't use it as a tool to make things better.""We'll stop thinking and we won't use it as a tool to make our minds better, to make our decisions better.""We are told then that this is the reality. This is what good looks like.""Maybe there's a different way to even look at things. So it's kind of become uniform... a very low common denominator that is just good enough for everybody."Marco:"Do you really wanna trust the weapon to just go and shoot everybody? At least you can tell it's a human factor and that's the people that ultimately decide.""If we don't make decision anymore, we're gonna turn out in a lot of those sci-fi stories, like the time machine where we become dumb.""We all perceive reality to be different from what it is, and then it creates a circular knowledge learning where we use AI to create the knowledge, then to ask the question, then to give the answers.""We're just becoming dumb and numb. More than dumb, but we become numb to everything else because we're just not thinking with our own head.""You're selling the illusion of security and that could be something that then you replicate in other industries." Picture this: You walk into the world's largest cybersecurity conference, and every single vendor booth is screaming the same thing – "agentic AI." Different companies, different products, but somehow they all taste like the same marketing milkshake.That's exactly what Sean Martin and Marco Ciappelli witnessed at Black Hat USA 2025, and their latest Random and Unscripted with Sean and Marco episode pulls no punches in exposing what's really happening behind the buzzwords."Marketing just took all the cool technology that each vendor had, put it in a blender and made a shake that just tastes the same," Marco reveals on Random and Unscripted with Sean and Marco, describing how the conference floor felt like one giant echo chamber where innovation got lost in translation.But this isn't just another rant about marketing speak. The Random and Unscripted with Sean and Marco conversation takes a darker turn when Marco introduces the ancient Greek myth of Talos – a bronze giant powered by divine ichor who was tasked with autonomously defending Crete. Powerful, seemingly invincible, until one small vulnerability brought the entire system crashing down.Sound familiar?"Do you really wanna trust the weapon to just go and shoot everybody?" Marco asks, drawing parallels between ancient mythology and today's rush to hand over decision-making to AI systems we don't fully understand.Sean, meanwhile, talked to frustrated CISOs throughout the event who shared a common complaint: "It's hard for them to sift through the noise and figure out what the heck is really going on." When every vendor claims their AI is autonomous and perfect, how do you choose? How do you even know what you're buying?The real danger, they argue on Random and Unscripted with Sean and Marco, isn't just bad purchasing decisions. It's what happens when we stop thinking altogether."If we completely just use it for the easy button, we'll stop thinking and we won't use it as a tool to make our minds better," Sean warns. We risk settling for what he calls the "lowest common denominator" – a world where AI tells us what success looks like, and we never question whether we could do better.Marco goes even further, describing a "circular knowledge learning" trap where "we use AI to create the knowledge, then to ask the question, then to give the answers." The result? "We're just becoming dumb and numb. More than dumb, but we become numb to everything else because we're just not thinking with our own head."Their solution isn't to abandon AI – it's to get honest about what it can and can't do. "Stop looking for the easy button and stop selling the easy button," Marco urges vendors on Random and Unscripted with Sean and Marco. "Your product is probably as good as it is."Sean adds: "Don't be afraid to share your blemishes, share your weaknesses. Share your gaps."Because here's the thing CISOs know that vendors often forget: "CISOs are not stupid. They talk to each other. The truth will come out."In an industry built on protecting against deception, maybe it's time to stop deceiving ourselves about what AI can actually deliver. ________________ Keywordscybersecurity, artificialintelligence, blackhat2025, agentic, ai, marketing, ciso, cybersec, infosec, technology, leadership, vendor, innovation, automation, security, tech, AI, machinelearning, enterprise, business________________Hosts links:
Goz alongside Sean Martin filling in for Levack
Goz and Sean Martin filling for Levack
Goz along side Sean Martin filling in for Levack
Dave Hondel has a in-depth conversation with Sean Martin about his music career, his new project with The Quarantined entitled "Aversion to Normalcy" and his advocacy for veterans and their families suffering with PTSD. If you or someone you know suffers from bullying, PTSD or mental health struggles, go to free2luv.org to reach out and get help.
At Black Hat 2025, Sean Martin sits down with Ofir Stein, CTO and Co-Founder of Apono, to discuss the pressing challenges of identity and access management in today's hybrid, AI-driven environments. Stein's background in technology infrastructure and DevOps, paired with his co-founder's deep cybersecurity expertise, positions the company to address one of the most common yet critical problems in enterprise security: how to secure permissions without slowing the pace of business.Organizations often face a tug-of-war between security teams seeking to minimize risk and engineering or business units pushing for rapid access to systems. Stein explains that traditional approaches to access control — where permissions are either always on or granted through manual processes — create friction and risk. Over-provisioned accounts become prime targets for attackers, while delayed access slows innovation.Apono addresses this through a Zero Standing Privilege approach, where no user — human or non-human — retains permanent permissions. Instead, access is dynamically granted based on business context and automatically revoked when no longer needed. This ensures engineers and systems get the right access at the right time, without exposing unnecessary attack surfaces.The platform integrates seamlessly with existing identity providers, governance systems, and IT workflows, allowing organizations to centralize visibility and control without replacing existing tools. Dynamic, context-based policies replace static rules, enabling access that adapts to changing conditions, including the unpredictable needs of AI agents and automated workflows.Stein also highlights continuous discovery and anomaly detection capabilities, enabling organizations to see and act on changes in privilege usage in real time. By coupling visibility with automated policy enforcement, organizations can not only identify over-privileged accounts but also remediate them immediately — avoiding the cycle of one-off audits followed by privilege creep.The result is a solution that scales with modern enterprise needs, reduces risk, and empowers both security teams and end users. As Stein notes, giving engineers control over their own access — including the ability to revoke it — fosters a culture of shared responsibility for security, rather than one of gatekeeping.Learn more about Apono: https://itspm.ag/apono-1034Note: This story contains promotional content. Learn more.Guest:Ofir Stein, CTO and Co-Founder of Apono | On LinkedIn: https://www.linkedin.com/in/ofir-stein/ResourcesLearn more and catch more stories from Apono: https://www.itspmagazine.com/directory/aponoLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, ofir stein, apono, zero standing privilege, access management, identity security, privilege creep, just in time access, ai security, governance, cloud security, black hat, black hat usa 2025, cybersecurity, permissions
At Black Hat USA 2025, artificial intelligence wasn't the shiny new thing — it was the baseline. Nearly every product launch, feature update, and hallway conversation had an “AI-powered” stamp on it. But when AI becomes the lowest common denominator for security, the questions shift.In this episode, I read my latest opinion piece exploring what happens when the tools we build to protect us are the same ones that can obscure reality — or rewrite it entirely. Drawing from the Lock Note discussion, Jennifer Granick's keynote on threat modeling and constitutional law, my own CISO hallway conversations, and a deep review of 60+ vendor announcements, I examine the operational, legal, and governance risks that emerge when speed and scale take priority over transparency and accountability.We talk about model poisoning — not just in the technical sense, but in how our industry narrative can get corrupted by hype and shallow problem-solving. We look at the dangers of replacing entry-level security roles with black-box automation, where a single model misstep can cascade into thousands of bad calls at machine speed. And yes, we address the potential liability for CISOs and executives who let it happen without oversight.Using Mikko Hyppönen's “Game of Tetris” metaphor, I explore how successes vanish quietly while failures pile up for all to see — and why in the AI era, that stack can build faster than ever.If AI is everywhere, what defines the premium layer above the baseline? How do we ensure we can still define success, measure it accurately, and prove it when challenged?Listen in, and then join the conversation: Can you trust the “reality” your systems present — and can you prove it?________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________✦ ResourcesArticle: When Artificial Intelligence Becomes the Baseline: Will We Even Know What Reality Is AInymore?https://www.linkedin.com/pulse/when-artificial-intelligence-becomes-baseline-we-even-martin-cissp-4idqe/The Future of Cybersecurity Article: How Novel Is Novelty? Security Leaders Try To Cut Through the Cybersecurity Vendor Echo Chamber at Black Hat 2025: https://www.linkedin.com/pulse/how-novel-novelty-security-leaders-try-cut-through-sean-martin-cissp-xtune/Black Hat 2025 On Location Closing Recap Video with Sean Martin, CISSP and Marco Ciappelli: https://youtu.be/13xP-LEwtEALearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Article: When Virtual Reality Is A Commodity, Will True Reality Come At A Premium? https://sean-martin.medium.com/when-virtual-reality-is-a-commodity-will-true-reality-come-at-a-premium-4a97bccb4d72Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageITSPmagazine Studio — A Brand & Marketing Advisory for Cybersecurity and Tech Companies: https://www.itspmagazine.studio/ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conference________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.
At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company's latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year's findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler
Mike Wayne, responsible for global sales at BlinkOps, joins ITSPmagazine host Sean Martin to discuss how organizations can harness agentic AI to transform security operations—and much more.The conversation begins with a clear reality: business processes are complex, and when security is added into the mix, orchestrating workflows efficiently becomes even more challenging. BlinkOps addresses this by providing a platform that not only automates security tasks but also extends across HR, finance, sales, and marketing. By enabling automation in areas like employee onboarding/offboarding or access management, the platform helps organizations improve efficiency, reduce risk, and free human talent for higher-value work.Mike explains that while traditional SOAR tools require heavy scripting and ongoing maintenance, BlinkOps takes a different approach. Its security co-pilot allows users to describe automations in plain language, which are then generated—90% complete—by the system. Whether the user is a SOC analyst or an HR manager, the platform supports low-code and no-code capabilities, making automation accessible to “citizen developers” across the organization.The concept of micro agents is central. Instead of relying on large, complex AI models that can hallucinate or act unpredictably, BlinkOps uses focused, purpose-built agents with smaller context windows. These agents handle specific tasks—such as enriching security alerts—within larger workflows, ensuring accuracy and control.The benefits are tangible. One customer's triage agent processed 400 alerts in just eight days without direct human intervention, while another saved $1.8 million in manual endpoint deployment costs over a single month. Outcomes like reduced mean time to respond (MTTR) and faster time to automation are key drivers for adoption, especially when facing zero-day vulnerabilities where speed is critical.BlinkOps runs as SaaS, hybrid, or in secure environments like GovCloud, making it adaptable for organizations of all sizes and compliance requirements.The takeaway is clear: AI-driven automation doesn't just improve security operations—it creates new efficiencies across the enterprise. As Mike puts it, when a process can be automated, “just blink it.”Learn more about BlinkOps: https://itspm.ag/blinkops-942780Note: This story contains promotional content. Learn more.Guest: Mike Wayne, Vice President, Global Sales at BlinkOps | On Linkedin: https://www.linkedin.com/in/mikejwayne/ResourcesLearn more and catch more stories from BlinkOps: https://www.itspmagazine.com/directory/blinkopsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, mike wayne, blink ops, ai automation, agentic ai, micro agents, security automation, soc automation, workflow automation, zero day response, alert triage, enrichment agent, low code automation, cyber security ai, enterprise automation, black hat usa, black hat 2025
In an era where organizations depend heavily on commercial applications to run their operations, the integrity of those applications has become a top security concern. Saša Zdjelar, Chief Trust Officer at ReversingLabs and Operating Partner at Crosspoint Capital, shares how protecting the software supply chain now extends far beyond open source risk.Zdjelar outlines how modern applications are built from a mix of first-party, contracted, open source, and proprietary third-party components. By the time software reaches production, its lineage spans geographies, development teams, and sometimes even AI-generated code. Incidents like SolarWinds, Kaseya, and CircleCI demonstrate that trusted vendors are no longer immune to compromise, and commercial software can introduce critical vulnerabilities or malicious payloads deep into enterprise systems.Regulatory drivers are increasing scrutiny. Executive Order 14028, Europe's Cyber Resilience Act, DORA, and U.S. Department of Defense software sourcing restrictions all require greater transparency, such as a Software Bill of Materials (SBOM). However, Zdjelar cautions that SBOMs—while valuable—are like ingredient lists without recipes: they don't reveal if a product is secure, just what's in it.ReversingLabs addresses this gap with a no-compromise analysis engine capable of deconstructing any file, of any size or complexity, to assess its safety. This capability enables organizations to make risk-based decisions, continuously monitor for unexpected changes between software versions, and operationalize controls at points such as procurement, SCCM deployments, or file transfers into critical environments.For CISOs, this represents a true technical control where previously only contractual clauses, questionnaires, or insurance policies existed. By placing analysis at the front of the software lifecycle, organizations can reduce reliance on costly manual testing and sandboxing, improve detection of tampering or hidden behavior, and even influence cyber insurance rates.The takeaway is clear: software supply chain security is a board-level concern, and the focus must expand beyond open source. With the right controls, organizations can avoid becoming the next headline-making breach and maintain trust with customers, partners, and regulators.Learn more about ReversingLabs: https://itspm.ag/reversinglabs-v57bNote: This story contains promotional content. Learn more.Guest: Saša Zdjelar, Chief Trust Officer at ReversingLabs and Operating Partner at Crosspoint Capital | On Linkedin: https://www.linkedin.com/in/sasazdjelar/ResourcesLearn more and catch more stories from ReversingLabs: https://www.itspmagazine.com/directory/reversinglabsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: Black Hat 2025, Black Hat USA, sean martin, saša zdjelar, software supply chain security, commercial software risk, binary analysis, software bill of materials, sbom security, malicious code detection, ciso strategies, third party software risk, software tampering detection, malware analysis tools, devsecops security, application security testing, cybersecurity compliance
Black Hat 2025: Crogl's CEO Monzy Merza Explains How AI Can Help Eliminate Alert Fatigue in CybersecurityCrogl CEO Monzy Merza discusses how AI-driven security platforms automate alert investigation using enterprise knowledge graphs, enabling analysts to focus on threat hunting while maintaining data privacy.Security teams drowning in alerts finally have a lifeline that doesn't compromise their data sovereignty. At Black Hat USA 2025, Crogl CEO Monzy Merza revealed how his company is tackling one of cybersecurity's most persistent challenges: the overwhelming volume of security alerts that leaves analysts either ignoring potential threats or burning out from investigation fatigue.The problem runs deeper than most organizations realize. Merza observed analysts routinely closing hundreds of alerts with a single click, not from laziness or malice, but from sheer necessity. "When you look at the history of breaches, the signal of the breach was there. And somebody ignored it," he explained during his ITSPmagazine interview, highlighting a critical gap between alert generation and meaningful investigation.Traditional approaches have failed because they expect human analysts to become "unicorns" - experts capable of mastering multiple data platforms simultaneously while remembering complex query languages and schemas. This unrealistic expectation has created what Merza calls the "human unicorn challenge," where organizations struggle to find personnel who can effectively navigate their increasingly complex security infrastructure.Crogl's solution fundamentally reimagines the relationship between human intuition and machine automation. Rather than forcing analysts to adapt to multiple tools, the platform creates a semantic knowledge graph that maps data relationships across an organization's entire security ecosystem. When alerts arrive, the system automatically conducts investigations using established kill chain methodologies, freeing analysts to focus on higher-value activities like threat hunting and strategic security initiatives.The privacy-first architecture addresses growing concerns about data sovereignty. Operating as a completely self-contained system with no internet dependencies, Crogl can run air-gapped in the most sensitive environments, including defense intelligence communities. The platform connects to existing tools through APIs without requiring data movement, duplication, or transformation.Real-world results demonstrate the platform's versatility. One customer discovered their analysts were using Crogl for fraud detection - an application never intended by the original design. The system's ability to process natural language descriptions and convert them into executable security processes has reduced response times from weeks to minutes for complex threat hunting operations.For security leaders evaluating AI integration, Merza advocates an experimental approach. Rather than attempting comprehensive transformation, he suggests starting with focused pilot programs that address specific pain points. This measured strategy allows organizations to validate AI's value while maintaining operational stability.The broader implications extend beyond security operations. By removing technical barriers and emphasizing domain expertise over tool competency, platforms like Crogl enable security teams to become strategic business enablers rather than reactive alert processors. Organizations gain the flexibility to maintain their preferred data architectures while ensuring comprehensive security coverage across distributed environments.As cyber threats continue evolving, the industry's response must prioritize both technological capability and human potential. Solutions that enhance analyst intuition while automating routine tasks represent a sustainable path forward for security operations at scale. Watch the full interview: https://youtu.be/0GqPtPXD2ik Learn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.Guest: Monzy Merza, Founder and CEO of CROGL | On Linkedin: https://www.linkedin.com/in/monzymerza/ResourcesLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
The often-overlooked truth in cybersecurity: Seeing the Unseen in Vulnerability ManagementIn this episode, Sean Martin speaks with HD Moore, Founder and CEO of RunZero, about the often-overlooked truth in cybersecurity: the greatest risks are usually the things you don't know exist in your environment.Moore's career has spanned decades of penetration testing, tool creation, and product development, including leading the creation of Metasploit. That background shapes his approach at RunZero—applying attacker-grade discovery techniques to uncover devices, networks, and vulnerabilities that traditional tools miss. Why Discovery Matters MostThrough repeated penetration tests for high-security organizations, Moore observed a consistent pattern: breaches rarely occurred because defenders ignored known issues, but rather because attackers exploited unknown assets. These unknowns often bypassed mitigation strategies simply because they weren't on the organization's radar. Beyond CVEsMoore emphasizes that an overreliance on CVE lists leaves organizations blind to real-world risks. Many breaches stem from misconfigurations, weak credentials, or overlooked systems—problems that can be exploited within days of a vulnerability being announced. The answer, he says, is to focus on exposure and attack paths in real time, not just lists of patchable flaws. Revealing the GapsRunZero's approach often doubles the asset count organizations believe they have, uncovering systems outside existing scanning or endpoint management coverage. By leveraging unauthenticated discovery techniques, they detect exploitable conditions from an attacker's perspective—identifying forgotten hardware, outdated firmware, and network segmentation issues that open dangerous pathways. Changing the GameThis depth of discovery enables security teams to prioritize the small subset of issues that pose the highest business risk, rather than drowning in thousands of low-impact findings. It also helps organizations rebuild their security programs from the ground up—ensuring that every device is accounted for, properly segmented, and monitored. Collaboration and CommunityMoore also shares his ongoing contributions to open source through Project Discovery, integrating and enhancing tools like the nuclei scanner to accelerate vulnerability detection for everyone—not just paying customers. The message is clear: if you want to close the gaps, you first need to know exactly where they are—and that requires a new level of visibility most teams have never had.Learn more about runZero: https://itspm.ag/runzero-5733Note: This story contains promotional content. Learn more.Guest: HD Moore, Founder and CEO of RunZero | On Linkedin: https://www.linkedin.com/in/hdmoore/ResourcesLearn more and catch more stories from runZero: https://www.itspmagazine.com/directory/runzeroAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Stellar Cyber Revolutionizes SOC Cybersecurity Operations with Human-Augmented Autonomous Platform at Black Hat 2025 A Stellar Cyber Event Coverage of Black Hat USA 2025 Las VegasAn ITSPmagazine Brand Story with Subo Guha, Senior Vice President Product, Stellar Cyber____________________________Security operations centers face an unprecedented challenge: thousands of daily alerts overwhelming analyst teams while sophisticated threats demand immediate response. At Black Hat USA 2025 in Las Vegas, Stellar Cyber presented a revolutionary approach that fundamentally reimagines how SOCs operate in the age of AI-driven threats.Speaking with ITSPmagazine's Sean Martin, Subo Guha, Senior Vice President of Products at Stellar Cyber, outlined the company's vision for transforming security operations through their human-augmented autonomous SOC platform. Unlike traditional approaches that simply pile on more automation, Stellar Cyber recognizes that effective security requires intelligent collaboration between AI and human expertise.The platform's three-layer architecture ingests data from any source – network devices, applications, identities, and endpoints – while maintaining vendor neutrality through open EDR integration. Organizations can seamlessly work with CrowdStrike, SentinelOne, Sophos, or other preferred solutions without vendor lock-in. This flexibility proves crucial for enterprises navigating complex security ecosystems where different departments may have invested in various endpoint protection solutions.What sets Stellar Cyber apart is their autonomous SOC concept, which dramatically reduces alert volume from hundreds of thousands to manageable numbers within days rather than weeks. The platform's AI-driven auto-triage capability identifies true positives among thousands of false alarms, presenting analysts with prioritized "verdicts" that demand attention. This transformation addresses one of security operations' most persistent challenges: alert fatigue that leads to missed threats and burned-out analysts.The revolutionary AI Investigator copilot enables natural language interaction, allowing analysts to query the system conversationally. An analyst can simply ask, "Show me all impossible travel incidents between midnight and 4 AM," and receive actionable intelligence immediately. This democratization of security operations means junior analysts can perform at senior levels without extensive coding knowledge or years of experience navigating complex query languages.Identity threat detection and response (ITDR) emerged as another critical focus area during the Black Hat presentation. With identity becoming the new perimeter, Stellar Cyber integrated sophisticated user and entity behavior analytics (UEBA) directly into the platform. The system detects impossible travel scenarios, credential attacks, and lateral movement patterns that indicate compromise. For instance, when a user logs in from Portland at 11 PM and then appears in Moscow 30 minutes later, the platform immediately flags this physical impossibility.The identity protection extends beyond human users to encompass non-human identities, addressing the growing threat of automated attacks powered by large language models. Hackers now leverage generative AI to create credential attacks at unprecedented scale and sophistication, making robust identity security more critical than ever.Guha emphasized that AI augmentation doesn't displace security professionals but elevates them. By automating mundane tasks, analysts focus on strategic decision-making and complex threat hunting. MSSPs report dramatic efficiency gains, scaling operations without proportionally increasing headcount. Where previously a hundred thousand alerts might take weeks to process, requiring extensive junior analyst teams, the platform now delivers actionable insights within days with smaller, more focused teams.The platform's unified approach eliminates tool sprawl, providing CISOs with real-time visualization of their security posture. Executive reporting becomes instantaneous, with high-priority verdicts clearly displayed for rapid decision-making. This visualization capability transforms how security teams communicate with leadership, replacing lengthy reports with dynamic dashboards that convey risk and response status at a glance.Real-world deployments demonstrate significant operational improvements. Organizations report faster mean time to detection and response, reduced false positive rates, and improved analyst satisfaction. The platform's learning capabilities mean it becomes more intelligent over time, adapting to each organization's unique threat landscape and operational patterns.As organizations face increasingly sophisticated threats powered by generative AI, Stellar Cyber's human-augmented approach represents a paradigm shift. By combining AI intelligence with human intuition, the platform delivers faster threat detection, reduced false positives, and empowered security teams ready for tomorrow's challenges. The company's commitment to continuous innovation, evidenced by rapid feature releases between RSA and Black Hat, positions them at the forefront of next-generation security operations. Learn more about Stellar Cyber: https://itspm.ag/stellar-cyber--inc--357947Note: This story contains promotional content. Learn more.Guest: Subo Guha, Senior Vice President Product, Stellar Cyber | https://www.linkedin.com/in/suboguha/ResourcesLearn more and catch more stories from Stellar Cyber: https://www.itspmagazine.com/directory/stellarcyberLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
At Black Hat USA 2025, Danny Jenkins, CEO of ThreatLocker, shares how his team is proving that effective cybersecurity doesn't have to be overly complex. The conversation centers on a straightforward yet powerful principle: security should be simple enough to implement quickly and consistently, while still addressing the evolving needs of diverse organizations.Jenkins emphasizes that the industry has moved beyond selling “magic” solutions that promise to find every threat. Instead, customers are demanding tangible results—tools that block threats by default, simplify approvals, and make exceptions easy to manage. ThreatLocker's platform is built on this premise, enabling over 54,000 organizations worldwide to maintain a secure environment without slowing business operations.A highlight from the event is ThreatLocker's Defense Against Configurations (DAC) module. This feature performs 170 daily checks on every endpoint, aligning them with compliance frameworks like NIST and FedRAMP. It not only detects misconfigurations but also explains why they matter and how to fix them. Jenkins admits the tool even revealed gaps in ThreatLocker's own environment—issues that were resolved in minutes—proving its practical value.The discussion also touches on the company's recent FedRAMP authorization process, a rigorous journey that validates both the product's and the company's security maturity. For federal agencies and contractors, this means faster compliance with CMMC and NIST requirements. For commercial clients, it's an assurance that they're working with a partner whose internal security practices meet some of the highest standards in the industry.As ThreatLocker expands its integrations and modules, Jenkins stresses that simplicity remains the guiding principle. This is achieved through constant engagement with customers—at trade shows, in the field, and within the company's own managed services operations. By actively using their own products at scale, the team identifies friction points and smooths them out before customers encounter them.In short, the message from the booth at Black Hat is clear: effective security comes from strong fundamentals, simplified management, and a relentless focus on the user experience.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Danny Jenkins, CEO of ThreatLocker | On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
When security becomes more than a checkbox, the conversation shifts from “how much” to “how well.” At Black Hat USA 2025, Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Viktor Petersson, Founder of an SBOM artifact platform, unpack how regulatory forces, cultural change, and AI innovation are reshaping how organizations think about security.Viktor points to the growing role of Software Bill of Materials (SBOMs) as not just a best practice, but a likely requirement in future compliance frameworks. The shift, he notes, is driven largely by regulation—especially in Europe—where security is no longer a “nice to have” but a mandated operational function. Sean connects this to a market reality: companies increasingly see transparent security practices as a competitive differentiator, though the industry still struggles with the hollow claim of simply being “secure.”AI naturally dominates discussions, but the focus is nuanced. Rather than chasing hype, both stress the need for strong guardrails before scaling AI-driven development. Viktor envisions engineers supervising fleets of specialized AI agents—handling tasks from UX to code auditing—while Sean sees AI as a way to rethink entire operational models. Yet both caution that without foundational security practices, AI only amplifies existing risks.The conversation extends to IoT and supply chain security, where market failures allow insecure, end-of-life devices to persist in critical environments. The infamous “smart fish tank” hack in a Las Vegas casino serves as a reminder: the weakest link often isn't the target itself, but the entry point it provides.DEFCON, Viktor notes, offers a playground for challenging assumptions—whether it's lock-picking to illustrate perceived versus actual security, or examining the human factor in breaches. For both hosts, events like Black Hat and DEFCON aren't just about the latest vulnerabilities or flashy demos—they're about the human exchange of ideas, the reframing of problems, and the collaboration that fuels more resilient security strategies.___________Guest:Viktor Petersson, Founder, sbomify | On LinkedIn: https://www.linkedin.com/in/vpetersson/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
At Black Hat USA 2025, Rupesh Chokshi, Senior Vice President and General Manager at Akamai Technologies, connected with ITSPmagazine's Sean Martin to discuss the dual realities shaping enterprise AI adoption—tremendous opportunity and significant risk.AI is driving a seismic transformation in business operations, with executive teams rapidly deploying proof-of-concept projects to capture competitive advantage. Yet, as Chokshi notes, many of these initiatives race ahead without fully integrating security teams into the process. While budgets for AI are expanding, funding for AI-specific security measures often lags behind, leaving organizations exposed.One of the most pressing concerns is the rise of AI bots—Akamai observes 150 billion such bots traversing networks daily. These bots scrape valuable digital content, train models on it, and, in some cases, replace direct customer interactions with summarized answers. The result? Lost marketing leads, disrupted sales funnels, and even manipulated product recommendations—all without traditional “breach” indicators.This is not just a security problem; it's a business continuity challenge. Organizations must develop strategies to block or manage scraping, including commercial agreements for content usage. Beyond this, the proliferation of conversational AI agents—whether for booking tickets, providing mortgage information, or recommending products—introduces new attack surfaces. Threat actors exploit prompt injections, jailbreaks, and code execution vulnerabilities to compromise these interfaces, risking both customer trust and brand reputation.Akamai's response includes capabilities such as Firewall for AI, providing in-line visibility and control over AI-driven sessions, and bot mitigation technologies that protect high-value content. By offering real-time threat intelligence tailored to customer environments, Akamai helps enterprises maintain agility without sacrificing protection.Chokshi's call to action is clear: every company is now an AI company, and security must be embedded from the outset. Boards should view security not as a budget line item, but as the foundation for innovation velocity, brand integrity, and long-term competitiveness.Learn more about Akamai: https://itspm.ag/akamailbwcNote: This story contains promotional content. Learn more.Guests:Rupesh Chokshi, SVP & General Manager, Application Security, Akamai | https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Black Hat 2025 was a showcase of cybersecurity innovation — or at least, that's how it appeared on the surface. With more than 60 vendor announcements over the course of the week, the event floor was full of “AI-powered” solutions promising to integrate seamlessly, reduce analyst fatigue, and transform SOC operations. But after walking the floor, talking with CISOs, and reviewing the press releases, a pattern emerged: much of the messaging sounded the same, making it hard to distinguish the truly game-changing from the merely loud.In this episode of The Future of Cybersecurity Newsletter, I take you behind the scenes to unpack the themes driving this year's announcements. Yes, AI dominated the conversation, but the real story is in how vendors are (or aren't) connecting their technology to the operational realities CISOs face every day. I share insights gathered from private conversations with security leaders — the unfiltered version of how these announcements are received when the marketing gloss is stripped away.We dig into why operational relevance, clarity, and proof points matter more than ever. If you can't explain what your AI does, what data it uses, and how it's secured, you're already losing the trust battle. For CISOs, I outline practical steps to evaluate vendor claims quickly and identify solutions that align with program goals, compliance needs, and available resources.And for vendors, this episode serves as a call to action: cut the fluff, be transparent, and frame your capabilities in terms of measurable program outcomes. I share a framework for how to break through the noise — not just by shouting louder, but by being more real, more specific, and more relevant to the people making the buying decisions.Whether you're building a security stack or selling into one, this conversation will help you see past the echo chamber and focus on what actually moves the needle.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________✦ ResourcesBlack Hat 2025 On Location Closing Recap Video with Sean Martin, CISSP and Marco Ciappelli: https://youtu.be/13xP-LEwtEAITSPmagazine Studio — A Brand & Marketing Advisory for Cybersecurity and Tech Companies: https://www.itspmagazine.studio/ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageCitations: Available in the full article________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.
Black Hat USA 2025 has wrapped, and for Sean Martin, CISSP, Co-Founder of ITSPmagazine, and Marco Ciappelli, Co-Founder of ITSPmagazine, the end of the event is both an exhale and a moment to reflect on what was learned, heard, and felt. After days of conversations with industry leaders, CISOs, vendors, and attendees from around the globe, one recurring message stands out: cybersecurity decision-makers are tired of buzzwords and hungry for real solutions.Sean shares that during sessions and informal meetups, CISOs expressed frustration with marketing pitches that fail to connect to their real challenges. Sitting across from security leaders, marketers heard it directly—stop with the jargon and explain how your solution genuinely makes their lives easier, reduces stress, and improves security outcomes. In other words, trust and honesty carry far more weight than flashy claims.Marco emphasizes that hype not only wastes time but also adds “noise” to the already complex job of running a security program. The more a vendor can be direct about what they do—and what they don't do—the more likely they are to earn a lasting relationship with a CISO and their team. Both agree that connecting the dots between a product and an organization's operational reality is key: what does adoption require, how will it fit into existing systems, and will it force a major operational shift?Beyond the messaging critique, the duo reflects on the community element of Black Hat. They reconnected with peers, met new contacts from as far as Toronto, and discussed future events in places like Melbourne, Barcelona, and Amsterdam. They also teased the upcoming “Transatlantic Broadcast” podcast series, which will explore cybersecurity voices from across Europe while maintaining a global view.While the Black Hat booths are now dismantled and the floors mopped, the conversations are far from over. Sean and Marco head back to Los Angeles ready to produce interviews, publish articles, and share the many stories captured during the week—stories that cut through the noise and get to the heart of what matters in cybersecurity.___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Studio: https://www.itspmagazine.studio/Learn more about ITSPmagazine Europe: https://www.itspmagazine.com/europeCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Governance, risk, and compliance (GRC) has long been burdened by heavy manual processes, slow assessments, and limited visibility. In this Brand Story episode, Sean Martin and Marco Ciappelli are joined by Anders Søborg, Co-Founder of Eve, and Mark Humphrey, who brings two decades of fraud and cybersecurity experience to the team. Together, they unpack how Eve is challenging traditional GRC tools by offering something entirely different: automation with evidence-based intelligence at its core.Anders shares how his experience as Chief Risk Officer and partner at major firms like Ernst & Young and PwC shaped Eve's mission. He describes a world where compliance doesn't have to mean complexity. Eve's AI engine evaluates more than a thousand controls in under 15 minutes—surpassing manual reviews that could take weeks—and goes a step further by offering recommendations, not just red flags.This isn't about replacing people. It's about helping overwhelmed compliance, risk, and audit teams regain control. Mark emphasizes how Eve operates like a true partner, delivering support with no ego and full transparency. Their approach combines deep regulatory knowledge, contextual AI agents trained on real-world frameworks, and a clear respect for data sovereignty and privacy—an essential requirement for global pharma, financial, and consulting clients already relying on the platform.More than a dashboard, Eve acts as an intelligent engine embedded into existing workflows via API, making it a natural complement—not a competitor—to existing GRC platforms. The platform is customizable, evidence-driven, and built with firsthand knowledge of what compliance professionals actually need: clear guidance, real-time answers, and fewer repetitive tasks.The episode leaves listeners with a compelling question: what if your compliance program could coach your team, reduce audit costs, and provide instant visibility—without sacrificing accuracy or control?Learn more about E-V-E GRC: https://itspm.ag/eve-grc-99Note: This story contains promotional content. Learn more.Guests:Anders Søborg, Co-founder, Director at E-V-E GRC | On LinkedIn: https://www.linkedin.com/in/anders-s%C3%B8borg-3826702/Mark Humphrey, Senior Sales and Channel Director EMEA at E-V-E GRC | On LinkedIn: https://www.linkedin.com/in/m-humphrey-mba-0020192b1/ResourcesRedefine Compliance. Unleash Your Potential with E-V-E GRC. Command Compliance: https://itspm.ag/e-v-e-i1mlLearn more and catch more stories from E-V-E GRC: https://www.itspmagazine.com/directory/evegrcLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
What happens when you inject thousands of fake identities into the political ecosystem to monitor how personal data is used—or abused? That's the question Virginia Tech's Alan Michaels and Jared Byers explore through their multi-year research project, “Use and Abuse of Personal Information: The Politics Edition.”With support from 130 students across 21 majors, Michaels and Byers create realistic digital personas—complete with phone numbers, emails, and physical addresses—and sign them up across 1,400 political campaigns. Their goal? Understand how political organizations treat personal data: whether it's used ethically, shared with third parties, or even exposed through insecure systems.The findings are both fascinating and concerning. Their data shows that candidates across the political spectrum often prioritize fundraising above all else. The language and targeting vary, but the endgame is consistent: solicit donations and votes. And yes—these candidates frequently share or leak personal data. Sometimes it's deliberate, sometimes it's sloppy, and occasionally it's the result of potential breaches.The team examines differences in how data is handled based on whether an identity donates or not, or whether it's tied to in-state versus out-of-state addresses. They even explore how generative AI and psychometric modeling can craft convincing personalities for these fake identities—tools that can just as easily be used for political influence campaigns and psychological manipulation.But this project isn't about political sides—it's about accountability. The research remains strictly apolitical, letting the data speak for itself. Michaels and Byers are careful to avoid influencing public opinion through misinformation, focusing instead on documenting the reality of digital privacy in modern campaigning.As more of the political playbook shifts into the digital arena, this session at Black Hat USA 2025 pushes attendees to confront an uncomfortable truth: the cost of participation in political life may include the exploitation of your digital identity.___________Guests:Alan Michaels, Professor and Director, Spectrum Dominance Division at Virginia Tech | On LinkedIn: https://www.linkedin.com/in/alan-michaels-1066814/Jared Byers, Research Associate at Virginia Tech National Security Institute | On LinkedIn: https://www.linkedin.com/in/jared-byers-8a477324b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesSession: Use and Abuse of Personal Information -- Politics Edition: https://www.blackhat.com/us-25/briefings/schedule/#use-and-abuse-of-personal-information----politics-edition-45529Learn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Digital risk is no longer confined to the enterprise perimeter. Executives and board members—along with their families—are increasingly targeted outside of work, in personal settings, and online. Dr. Chris Pierson, Founder and CEO of BlackCloak, joins Sean Martin and Marco Ciappelli to discuss the current state of digital executive protection and why a piecemeal approach is insufficient.Chris outlines how threats to privacy, cybersecurity, and physical safety intersect across personal and professional domains. A breached home network, a deepfake circulating online, or a targeted social engineering campaign could all become entry points back into a company's infrastructure—or lead to reputational or financial fallout. That's why BlackCloak takes a holistic view, combining identity protection, device hardening, social listening, concierge response, and physical risk monitoring into a single service.One of the key resources discussed is the vendor-agnostic Digital Executive Protection Framework. Free to download and use, it offers CISOs and CSOs a 14-point checklist covering areas like financial data protection, social media monitoring, physical threats, and personal cyber hygiene. According to Chris, it's designed to be practical, actionable, and easy to integrate into quarterly reviews and budget planning cycles.While many security vendors promise protection through tools alone, BlackCloak emphasizes relationships—human connection is built into the service. The platform includes real-time threat response and one-on-one interaction, going far beyond 1-800 numbers or chatbots.Whether you're managing executive risk for a Fortune 500 company or navigating new board-level cyber obligations, this conversation outlines the real gaps in current corporate protections—and a solution that meets executives where they are.Learn more about BlackCloak: https://itspm.ag/itspbcwebNote: This story contains promotional content.Learn more.Guest:Chris Pierson, Founder & CEO, BlackCloak | https://www.linkedin.com/in/drchristopherpierson/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operations
At Black Hat USA 2025, Jennifer Granick—Surveillance and Cybersecurity Counsel at the American Civil Liberties Union—takes the keynote stage to make a bold case: we are long overdue for a new threat model, one that sees government surveillance not as a background risk, but as a primary threat to constitutional privacy.Granick draws from decades of experience defending hackers, fighting surveillance overreach, and engaging with the security community since DEFCON 3. She challenges the audience to reconsider outdated assumptions about how the Fourth Amendment is interpreted and applied. While technology has made it easier than ever for governments to collect data, the legal system hasn't kept pace—and in many cases, fails to recognize the sheer scope and sensitivity of personal information exposed through modern services.Her talk doesn't just raise alarm; it calls for action. Granick suggests that while legal reform is sluggish—stymied by a lack of political will and lobbying power—there's an urgent opportunity for the technical community to step up. From encryption to data minimization and anonymization, technologists have the tools to protect civil liberties even when the law falls short.The session promises to be a wake-up call for engineers, designers, policymakers, and privacy advocates. Granick wants attendees to leave not only more informed, but motivated to build systems that limit the unnecessary collection, retention, and exposure of personal data.Her keynote also surfaces a critical cultural shift: from the “Spot the Fed” days of DEFCON to a more nuanced understanding of government roles—welcoming collaboration where it serves the public good, but not at the expense of unchecked surveillance.This conversation reframes privacy as a design problem as much as a legal one—and one that requires collective effort to address. If the law can't fix it, the question becomes: will the technology community rise to the challenge?___________Guest:Jennifer Granick, Surveillance and Cybersecurity Counsel at American Civil Liberties Union | On LinkedIn: https://www.linkedin.com/in/jennifergranick/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesKeynote: Threat Modeling and Constitutional Law: https://www.blackhat.com/us-25/briefings/schedule/index.html#keynote-threat-modeling-and-constitutional-law-48276Learn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
In this thought leadership session, ITSPmagazine co-founders Sean Martin and Marco Ciappelli moderate a dynamic conversation with five industry leaders offering their take on what will dominate the show floor and side-stage chatter at Black Hat USA 2025.Leslie Kesselring, Founder of Kesselring Communications, surfaces how media coverage is shifting in real time—no longer driven solely by talk submissions but now heavily influenced by breaking news, regulation, and public-private sector dynamics. From government briefings to cyberweapon disclosures, the pressure is on to cover what matters, not just what's scheduled.Daniel Cuthbert, member of the Black Hat Review Board and Global Head of Security Research at Banco Santander, pushes back on the hype. He notes that while tech moves fast, security research often revisits decades-old bugs. His sharp observation? “The same bugs from the ‘90s are still showing up—sometimes discovered by researchers younger than the vulnerabilities themselves.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners, shifts the conversation to operational risk. He raises concern over Model-Chained Prompting (MCP) and how AI agents can rewrite enterprise processes without visibility or traceability—especially alarming in environments lacking kill switches or proper controls.Richard Stiennon, Chief Research Analyst at IT-Harvest, offers market-level insights, forecasting AI agent saturation with over 20 vendors already present in the expo hall. While excited by real advancements, he warns of funding velocity outpacing substance and cautions against the cycle of overinvestment in vaporware.Rupesh Chokshi, SVP & GM at Akamai Technologies, brings the product and customer lens—framing the security conversation around how AI use cases are rolling out fast while security coverage is still catching up. From OT to LLMs, securing both AI and with AI is a top concern.This episode is not just about placing bets on buzzwords. It's about uncovering what's real, what's noise, and what still needs fixing—no matter how long we've been talking about it.___________Guests:Leslie Kesselring, Founder at Cyber PR Firm Kesselring Communications | On LinkedIn: https://www.linkedin.com/in/lesliekesselring/“This year, it's the news cycle—not the sessions—that's driving what media cover at Black Hat.”Daniel Cuthbert, Black Hat Training Review Board and Global Head of Security Research for Banco Santander | On LinkedIn: https://www.linkedin.com/in/daniel-cuthbert0x/“Why are we still finding bugs older than the people presenting the research?”Richard Stiennon, Chief Research Analyst at IT-Harvest | On LinkedIn: https://www.linkedin.com/in/stiennon/“The urge to consolidate tools is driven by procurement—not by what defenders actually need.”Michael Parisi, Chief Growth Officer at Steel Patriot Partners | On LinkedIn: https://www.linkedin.com/in/michael-parisi-4009b2261/“Responsible AI use isn't a policy—it's something we have to actually implement.”Rupesh Chokshi, SVP & General Manager at Akamai Technologies | On LinkedIn: https://www.linkedin.com/in/rupeshchokshi/“The business side is racing to deploy AI—but security still hasn't caught up.”Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
⬥GUEST⬥Sean Metcalf, Identity Security Architect at TrustedSec | On LinkedIn: https://www.linkedin.com/in/seanmmetcalf/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Sean Metcalf, a frequent speaker at conferences like Black Hat, DEF CON, and RSAC, brings a sharp focus to identity security—especially within Microsoft environments like Active Directory and Entra ID. In this episode, he walks through the practical and tactical role of honeypots and deception in detecting intrusions early and with higher fidelity.While traditional detection tools often aim for broad coverage, honeypots flip the script by offering precise signal amidst the noise. Metcalf discusses how defenders can take advantage of the attacker's need to enumerate systems and accounts after gaining access. That need becomes an opportunity to embed traps—accounts or assets that should never be touched unless someone is doing something suspicious.One core recommendation: repurpose old service accounts with long-lived passwords and believable naming conventions. These make excellent bait for Kerberoasting attempts, especially when paired with service principal names (SPNs) that mimic actual applications. Metcalf outlines how even subtle design choices—like naming conventions that fit organizational patterns—can make a honeypot more convincing and effective.He also draws a distinction between honeypots and deception technologies. While honeypots often consist of a few well-placed traps, deception platforms offer full-scale phantom environments. Regardless of approach, the goal remains the same: attackers shouldn't be able to move around your environment without tripping over something that alerts the defender.Importantly, Metcalf emphasizes that alerts triggered by honeypots are high-value. Since no legitimate user should interact with them, they provide early warning with low false positives. He also addresses the internal politics of deploying these traps, from coordinating with IT operations to ensuring SOC teams have the right procedures in place to respond effectively.Whether you're running a high-end deception platform or just deploying free tokens and traps, the message is clear: identity is the new perimeter, and a few strategic tripwires could mean the difference between breach detection and breach denial.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7353806074694541313-xzQl/Article: The Art of the Honeypot Account: Making the Unusual Look Normal: https://www.hub.trimarcsecurity.com/post/the-art-of-the-honeypot-account-making-the-unusual-look-normalArticle: Trimarc Research: Detecting Kerberoasting Activity: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-kerberoasting-activityArticle: Detecting Password Spraying with Security Event Auditing: https://www.hub.trimarcsecurity.com/post/trimarc-research-detecting-password-spraying-with-security-event-auditing⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
As digital infrastructure becomes increasingly interwoven with third-party code, APIs, and AI-generated components, organizations are realizing they can't ignore the origins—or the risks—of their software. Theresa Lanowitz, Chief Evangelist at LevelBlue, joins Sean Martin and Marco Ciappelli to unpack why software supply chain visibility has become a top concern not just for CISOs, but for CEOs as well.Drawing from LevelBlue's Data and AI Accelerator Report, part of their annual Futures Report series, Theresa highlights a striking correlation: 80% of organizations with low software supply chain visibility experienced a breach in the past year, while only 6% with high visibility did. That data underscores the critical role visibility plays in reducing business risk and maintaining operational resilience.More than a technical concern, software supply chain risk is now a boardroom topic. According to the report, CEOs have the highest awareness of this risk—even more than CIOs and CISOs—because of the direct impact on brand reputation, stock value, and partner trust. As Theresa puts it, software has become the “last mile” of digital business, and that makes it everyone's problem.The conversation explores why now is the time to act. Government regulations are increasing, adversarial attacks are intensifying, and organizations are finally beginning to connect software vulnerabilities with business outcomes. Theresa outlines four critical actions: leverage CEO awareness, understand and prioritize vulnerabilities, invest in modern security technologies, and demand transparency from third-party providers.Importantly, cybersecurity culture is emerging as a key differentiator. Companies that embed security KPIs across all business units—and align security with business priorities—are not only more secure, they're also more agile. As software creation moves faster and more modular, the organizations that prioritize visibility and responsibility throughout the supply chain will be best positioned to adapt, grow, and protect their operations.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesTo learn more, download the complete findings of the LevelBlue Threat Trends Report here: https://itspm.ag/levelbyqdpTo download the 2025 LevelBlue Data Accelerator: Software Supply Chain and Cybersecurity report, visit: https://itspm.ag/lbdaf6iLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
ThreatLocker to Unveil Game-Changing Zero Trust Innovations at Black Hat 2025 | Visit Them at Booth #1933 | A ThreatLocker Pre-Event Coverage of Black Hat USA 2025 Las Vegas | Brand Story with John LillistonJoin ITSP Magazine's Marco Ciappelli and Sean Martin as they preview ThreatLocker's exciting Black Hat 2025 presence with Detect Product Director John Lilliston. Discover upcoming major announcements, hands-on hacking demos, and how ThreatLocker's default deny approach is revolutionizing enterprise cybersecurity through comprehensive zero trust implementation.As Black Hat USA 2025 approaches, cybersecurity professionals are gearing up for one of the industry's most anticipated events. ITSP Magazine's Marco Ciappelli and Sean Martin recently sat down with John Lilliston, ThreatLocker's Detect Product Director, to preview what promises to be an exciting showcase of zero trust innovation at booth 1933.ThreatLocker has become synonymous with the "default deny" security approach, a philosophy that fundamentally changes how organizations protect their digital assets. Unlike traditional security models that allow by default and block known threats, ThreatLocker's approach denies everything by default and allows only approved applications, network communications, and storage operations. This comprehensive strategy operates across application, network, and storage levels, creating what Lilliston describes as a "hardened system that stops adversaries in their tracks."The company's rapid growth reflects the industry's embrace of zero trust principles, moving beyond buzzword status to practical, enterprise-ready solutions. Lilliston, who joined ThreatLocker in February after evaluating their products from the enterprise side, emphasizes how the platform's learning mode and ring fencing capabilities set it apart from competitors in the application control space.At Black Hat 2025, ThreatLocker will demonstrate their defense-in-depth strategy through their Detect product line. While their primary zero trust controls rarely fail, Detect provides crucial monitoring for applications that must run in enterprise environments but may have elevated risk profiles. The system can automatically orchestrate responses to threats, such as locking down browsers exhibiting irregular behavior that might indicate data exfiltration attempts.Visitors to booth 1933 can expect hands-on demonstrations and on-demand hacking scenarios that showcase real-world applications of ThreatLocker's technology. The company is preparing major announcements that CEO Danny Houlihan will reveal during the event, promising game-changing developments for both the organization and its client base.ThreatLocker's Black Hat agenda includes a welcome reception on Tuesday, August 5th, from 7-10 PM at the Mandalay Bay Complex, and Houlihan's presentation on "Simplifying Cybersecurity" on Thursday, August 7th, from 10:15-11:05 AM at Mandalay Bay J.The convergence of practical zero trust implementation, cutting-edge threat detection, and automated response capabilities positions ThreatLocker as a key player in the evolving cybersecurity landscape, making their Black Hat presence essential viewing for security professionals seeking comprehensive protection strategies.Keywords: Black Hat 2025, zero trust security, cybersecurity conference, ThreatLocker, default deny strategy, endpoint protection, application control, threat detection, enterprise security, network security, cybersecurity solutions, security automation, malware prevention, cyber threats, information security, security platform, Black Hat USA, cybersecurity innovation, managed detection response, security operationsLearn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content.Learn more.Guests:John LillistonCybersecurity Director | Threat Detection & Response | SOC Leadership | DFIR | EDR/XDR Strategy | GCFA, GISP | https://www.linkedin.com/in/john-lilliston-4725217b/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerThreatLocker® Welcome Reception | Don't gamble with your security! Join us at Black Hat for a lively Welcome Reception hosted by ThreatLocker®. Meet our Cyber Hero® Team and dive into discussions on the latest advancements in ThreatLocker®Endpoint Security. It's a great opportunity to connect and learn together! Time: 7PM - 10PM | Location: Mandalay Bay Complex RSVP below and we'll send you a confirmation email with all the details.[ Welcome Reception RSVP ]Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
With the 2025 season of men's majors fully in the rearview mirror, we've called upon friend of the pod, Sean Martin to challenge Soly and TC in the latest edition of our quiz show as DJ tests the guys on their knowledge of what we saw at Augusta, Quail Hollow, Oakmont and Portrush. Join us in our support of the Evans Scholars Foundation: https://nolayingup.com/esf Support our Sponsors: Rhoback The Stack System If you enjoyed this episode, consider joining The Nest: No Laying Up's community of avid golfers. Nest members help us maintain our light commercial interruptions (3 minutes of ads per 90 minutes of content) and receive access to exclusive content, discounts in the pro shop, and an annual member gift. It's a $90 annual membership, and you can sign up or learn more at nolayingup.com/join Subscribe to the No Laying Up Newsletter here: https://newsletter.nolayingup.com/ Subscribe to the No Laying Up Podcast channel here: https://www.youtube.com/@NoLayingUpPodcast Learn more about your ad choices. Visit megaphone.fm/adchoices
Ahead of Black Hat USA 2025, Sean Martin and Marco Ciappelli sit down once again with Rupesh Chokshi, Senior Vice President and General Manager of the Application Security Group at Akamai, for a forward-looking conversation on the state of AI security. From new threat trends to enterprise missteps, Rupesh lays out three focal points for this year's security conversation: protecting generative AI at runtime, addressing the surge in AI scraper bots, and defending the APIs that serve as the foundation for AI systems.Rupesh shares that Akamai is now detecting over 150 billion AI scraping attempts—a staggering signal of the scale and sophistication of machine-to-machine activity. These scraper bots are not only siphoning off data but also undermining digital business models by bypassing monetization channels, especially in publishing, media, and content-driven sectors.While AI introduces productivity gains and operational efficiency, it also introduces new and uncharted risks. Agentic AI, where autonomous systems operate on behalf of users or other systems, is pushing cybersecurity teams to rethink their strategies. Traditional firewalls aren't enough—because these threats don't behave like yesterday's attacks. Prompt injection, toxic output, and AI-generated hallucinations are some of the issues now surfacing in enterprise environments, with over 70% of organizations already experiencing AI-related incidents.This brings the focus to the runtime. Akamai's newly launched Firewall for AI is purpose-built to detect and mitigate risks in generative AI and LLM applications—without disrupting performance. Designed to flag issues like toxic output, remote code execution, or compliance violations, it operates with real-time visibility across inputs and outputs. It's not just about defense—it's about building trust as AI moves deeper into decision-making and workflow automation.CISOs, says Rupesh, need to shift from high-level discussions to deep, tactical understanding of where and how their organizations are deploying AI. This means not only securing AI but also working hand-in-hand with the business to establish governance, drive discovery, and embed security into the fabric of innovation.Learn more about Akamai: https://itspm.ag/akamailbwcNote: This story contains promotional content. Learn more.Guests:Rupesh Chokshi, SVP & General Manager, Application Security, Akamai | https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
ITSPmagazine Weekly Update | From Black Hat to Black Sabbath / Ozzy: AI Agents and Guitars (again!) + Entry Level Cybersecurity Jobs, Robots Evolution, and the Weekly Recap You Didn't Expect - On Marco & Sean's Random & Unscripted Podcast __________________Marco Ciappelli and Sean Martin are back with another random and unscripted weekly recap—from pre-Black Hat buzz and AI agents to vintage wood guitars, talent gaps, and Glen Miller debates. This week's reflection hits tech, music, and philosophy in all the right ways. Tune in, ramble with us, and subscribe. __________________Full Blog Article This week's recap was a ride.Sean and I kicked things off with the big news: we're officially consistent. Weekly recap number… I lost count. But we're doing it. We covered what ITSPmagazine's been working on, what we've been publishing, and where our minds are wandering lately (spoiler: everywhere).Black Hat USA 2025 is just around the corner, and we're deep into prep mode. I even bought a paper map. Why? I don't know. But we've got some great pre-event conversations already out—like our annual chat with Black Hat GM Steve Wylie, plus briefings with Dropzone AI (get ready for “agentic automation” to be the next big buzzword) and Akamai (yes, bots and APIs again, but with a solid strategy twist).We also talked about a fantastic episode Sean did on resonance and reinvention—featuring Cindy, a luthier in NYC who builds custom guitars using century-old beams from historic buildings. The pickups even use the old nails. Music and wood with a past life. It's beautiful stuff.Speaking of stories, I officially closed down the Storytelling podcast. But don't worry—I'm still telling stories. I've just shifted focus to “Redefining Society and Technology,” my newsletter and podcast series where I explore how humans and tech evolve together. This week's edition tackled the merging of humans and machines as a new species. Isaac Asimov meets Andy Clark.We also got a bit philosophical about AI and jobs. If machines take over the “easy” roles, where do humans begin? Are we cutting off our own training paths?Sean's episode with John Solomon dug into the cybersecurity hiring crisis—challenging the idea that we have a “talent gap.” The real issue? We're not hiring or nurturing people properly.Oh, and I finally released my long-overdue interview with Michael Sheldrick from Global Citizen. Music. Social impact. Doing good. It's all there. I'm honored to support even a small piece of what he's building.And yes… Ozzy. RIP. Music never dies.So if you're into random reflections with meaning, tech with humanity, and stories that don't always follow the rules—subscribe, share, and join the ride.See you in Vegas. Or the future. Or somewhere in between.________________ KeywordsBlack Hat USA 2025, ITSPmagazine recap, Marco Ciappelli, Sean Martin, cybersecurity podcast, AI in cybersecurity, agentic automation, Dropzone AI, Akamai APIs, HITRUST security, Global Citizen, Michael Sheldrick, storytelling podcast, Redefining Society, Andy Clark, Isaac Asimov, human-machine evolution, cybersecurity talent gap, custom guitar NYC, Ozzy tributeHosts links:
⬥GUEST⬥John Salomon, Board Member, Cybersecurity Advisors Network (CyAN) | On LinkedIn: https://www.linkedin.com/in/johnsalomon/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥The cybersecurity industry keeps repeating a familiar line: there's a shortage of talent. But what if the real issue isn't the number of people—but the lack of access, mentorship, and investment in human potential?In this episode of Redefining CyberSecurity, Sean Martin speaks with John Salomon, an independent cybersecurity consultant and a contributor to the Cybersecurity Advisors Network (CyAN), about how the hiring structure in our industry may be the problem—not the solution. Together, they explore why entry-level roles rarely provide an actual point of entry, and how hiring practices have been shaped more by finance and compliance than by people development.Salomon draws on decades of experience to outline the problem: security is often treated as a pure cost center, so training and mentorship are deprioritized. Early-career professionals are expected to be “job-ready” from day one, and organizations rarely account for the long-term payoff of investing in apprenticeships or junior hires.He also points to the silent collapse of informal mentorship that once defined the field. Leaders used to take risks on new talent. Now, hiring decisions are driven by headcount limitations and performance metrics that leave no room for experimentation or learning through failure.The conversation shifts toward action. Business and security leaders need to reframe cybersecurity as a growth enabler and start viewing mentorship as a risk mitigation tool. Investing in new talent not only strengthens your team—it supports the stability of the industry as a whole.And it's not just on companies. Universities and student organizations must create more opportunities for experiential learning and interdisciplinary collaboration. Leaders can support these efforts with time, not just budget, by showing up and sharing what they've learned.Whether you're a CISO, founder, or just getting started, this episode challenges the idea that “mentorship is nice to have” and shows how it's a cornerstone of sustainable cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7332679935557300224-1lBv/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
As Black Hat USA 2025 approaches, the cybersecurity world is buzzing with innovation—and Dropzone AI is right at the center of it. With roots in Seattle and a mission to bring true intelligence into the security operations center (SOC), the Dropzone AI team is gearing up for a packed week in Las Vegas, from BSides to the AI Summit, and finally at Startup City (booth #6427).Founded by Edward Wu, former Head of AI/ML at ExtraHop Networks, Dropzone AI was built on a key realization: the last thing SOCs need is another flood of alerts. Instead, they need help processing and acting on them. That's where Dropzone comes in—offering an AI-powered security analyst that doesn't just detect threats, but investigates, correlates, and takes action.During a recent pre-event chat with ITSPmagazine's Sean Martin and Marco Ciappelli, Edward explained the core philosophy behind the platform. Unlike hype-driven claims of “fully autonomous SOCs,” Dropzone takes a practical, tiered approach to automation. Their agentic AI system performs full investigations, determines the nature of alerts (true vs. false positives), and recommends or executes containment actions depending on risk tolerance and policy.The tech has found particular traction with lean security teams, or those expanding toward 24/7 coverage without adding headcount. Rather than replacing humans, the platform augments them—freeing analysts from the drudgery of low-priority alert triage and giving them space to focus on strategic work. As Edward put it, “Nobody wants to be a tier-one analyst forever.” Dropzone helps make sure they don't have to be.The platform integrates across existing security stacks and data sources, drawing from threat intel, logs, and endpoint signals to build a full picture of every alert. Security teams retain full control, with human-in-the-loop decision-making remaining the standard in most use cases. However, for low-risk assets and off-hours scenarios, some customers are already authorizing autonomous action.With conversations at Black Hat expected to revolve around the reality of AI in production—not just the vision—Dropzone is entering the perfect arena. From demonstrating real-world impact to sharing insights on agentic design and trust boundaries, their presence will resonate with everyone from analysts to CISOs.Whether you're building out your SOC, questioning your MDR provider, or simply overwhelmed with alert fatigue, this may be your signal. Dropzone AI isn't selling buzzwords. They're delivering results. Visit them at Startup City, booth #6427, and see for yourself what the future of alert triage and SOC efficiency looks like—one investigation at a time. Note: This story contains promotional content. Learn more.Guests:Edward Wu, Founder/CEO at Dropzone AI On LinkedIn: https://www.linkedin.com/in/edwardxwu/DROPZONE AI: https://itspm.ag/dropzoneai-641Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com______________________ResourcesVisit the DROPZONE Website to learn more: https://itspm.ag/dropzoneai-641Learn more and catch more stories from Dropzone on ITSPmagazine: https://www.itspmagazine.com/directory/dropzoneaiLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
⬥GUEST⬥John Salomon, Board Member, Cybersecurity Advisors Network (CyAN) | On LinkedIn: https://www.linkedin.com/in/johnsalomon/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥The cybersecurity industry keeps repeating a familiar line: there's a shortage of talent. But what if the real issue isn't the number of people—but the lack of access, mentorship, and investment in human potential?In this episode of Redefining CyberSecurity, Sean Martin speaks with John Salomon, an independent cybersecurity consultant and a contributor to the Cybersecurity Advisors Network (CyAN), about how the hiring structure in our industry may be the problem—not the solution. Together, they explore why entry-level roles rarely provide an actual point of entry, and how hiring practices have been shaped more by finance and compliance than by people development.Salomon draws on decades of experience to outline the problem: security is often treated as a pure cost center, so training and mentorship are deprioritized. Early-career professionals are expected to be “job-ready” from day one, and organizations rarely account for the long-term payoff of investing in apprenticeships or junior hires.He also points to the silent collapse of informal mentorship that once defined the field. Leaders used to take risks on new talent. Now, hiring decisions are driven by headcount limitations and performance metrics that leave no room for experimentation or learning through failure.The conversation shifts toward action. Business and security leaders need to reframe cybersecurity as a growth enabler and start viewing mentorship as a risk mitigation tool. Investing in new talent not only strengthens your team—it supports the stability of the industry as a whole.And it's not just on companies. Universities and student organizations must create more opportunities for experiential learning and interdisciplinary collaboration. Leaders can support these efforts with time, not just budget, by showing up and sharing what they've learned.Whether you're a CISO, founder, or just getting started, this episode challenges the idea that “mentorship is nice to have” and shows how it's a cornerstone of sustainable cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/activity-7332679935557300224-1lBv/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
The HITRUST 2025 Trust Report sheds light on a critical question organizations continue to ask: can you really rely on a certification to mean what it says? According to Vincent Bennekers, Vice President of Quality, and Bimal Sheth, Executive Vice President of Standards Development and Assurance Operations at HITRUST, the answer comes down to one word: reliability.The conversation highlights how HITRUST goes beyond a simple checklist by layering in both threat intelligence and maturity modeling. Their framework isn't just built on abstract risk—it incorporates real-world attack techniques, aligning controls to the MITRE ATT&CK framework. This means that the certification reflects actual adversarial tactics rather than hypothetical risk scenarios.Bennekers shares that 99.41% of HITRUST-certified organizations did not report a breach in the last year, and that consistency over two annual reports points to meaningful outcomes—not just marketing claims. Sheth explains how each certification is reviewed in full by HITRUST, not just sampled, and every control is assessed for maturity—not pass/fail. It's a model that helps companies continuously improve, while also giving relying parties better information.For executive teams and boards, the report surfaces where organizations commonly struggle, including access control, vulnerability management, and third-party risk. It also highlights a growing use of external inheritance—leveraging cloud service providers' security posture—as a strategic move for organizations with tighter budgets.Looking ahead, the conversation points to continuous assurance and the evolving role of AI—both as a source of new risks and a tool to enhance security operations. HITRUST is already exploring certification models that reduce drift and increase visibility year-round.For organizations wanting to build more than just a paper shield, this episode unpacks how certification—done right—can be a strategic, measurable advantage.Note: This story contains promotional content. Learn more.Guests:Bimal Sheth, Executive Vice President of Standards Development and Assurance Operations at HITRUST | On LinkedIn: https://www.linkedin.com/in/bimal-sheth-248219130/Vincent Bennekers, Vice President of Quality at HITRUST | On LinkedIn: https://www.linkedin.com/in/vincent-bennekers-a0b3201/Host:Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.com/______________________Keywords: sean martin, bimal sheth, vincent bennekers, hitrust, trust report, cybersecurity, compliance, certification, quality assurance, risk management, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesHITRUST 2025 Trust Report: https://itspm.ag/hitrusz49cWebinar: Beyond the Checkbox: Rethinking SOC 2, Cybersecurity, and Third-Party Risk in 2025 — An ITSPmagazine Webinar with HITRUST (https://www.crowdcast.io/c/beyond-the-checkbox-rethinking-soc-2-cybersecurity-and-third-party-risk-in-2025-an-itspmagazine-webinar-with-hitrust)Visit the HITRUST Website to learn more: https://itspm.ag/itsphitwebLearn more and catch more stories from HITRUST on ITSPmagazine: https://www.itspmagazine.com/directory/hitrustLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
As Black Hat USA 2025 approaches, General Manager Steve Wylie joins Sean Martin and Marco Ciappelli for the annual pre-conference conversation to highlight what's new—and what's next—for one of cybersecurity's most iconic events. This year's themes and expansions signal a strong return to growth, technical depth, and strategic investment.AI Everywhere—from Training to the Show FloorArtificial intelligence emerges as the dominant force across the agenda. From the main stage to the training rooms, Black Hat is packed with AI-related content designed to meet the rising demand for education and clarity. New this year is a comprehensive lineup of instructor-led AI courses and expanded AI tool showcases in the Arsenal and Arsenal Labs programs. As Wylie notes, three of the four Spotlight competition finalists—FireTail, Keep Aware, and Twine Security—are AI-driven solutions, underscoring the technology's influence on innovation.Investor Energy and Startup MomentumCybersecurity investment is back. That momentum is reflected in the expanded Innovators and Investors Summit and the largest-ever Startup Zone on the show floor, now hosting more than 80 companies. This year's program builds on last year's debut and aims to connect entrepreneurs, investors, and CISOs in a more targeted and collaborative setting.Expanding the Audience: New Summits and KeynotesTo better serve cybersecurity leaders across sectors, Black Hat has introduced new summits tailored to financial services and supply chain security. These gatherings offer strategic-level insights for professionals who don't typically engage in technical briefings. Meanwhile, the keynote lineup includes prominent voices from both public and private sectors—such as Miko Hyppönen, Nicole Perlroth, and Chris Inglis—offering grounded perspectives in a time of uncertainty.Interactive Additions and Community GrowthAttendees can expect hands-on experiences like a new drone hacking zone and an expanded hardware lab area. A Career Development Zone also debuts this year, offering sessions designed to help attendees build or pivot their cybersecurity careers.___________Guest: Steve Wylie, Vice President, Cybersecurity Market at Informa Tech and General Manager at Black Hat | On LinkedIn: https://www.linkedin.com/in/swylie650/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974BlackCloak: https://itspm.ag/itspbcwebAkamai: https://itspm.ag/akamailbwcDropzoneAI: https://itspm.ag/dropzoneai-641Stellar Cyber: https://itspm.ag/stellar-9dj3___________ResourcesLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25ITSPmagazine Webinar: What's Heating Up Before Black Hat 2025: Place Your Bet on the Top Trends Set to Shake Up this Year's Hacker Conference — An ITSPmagazine Thought Leadership Webinar | https://www.crowdcast.io/c/whats-heating-up-before-black-hat-2025-place-your-bet-on-the-top-trends-set-to-shake-up-this-years-hacker-conferenceCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Guest and HostGuest: Cindy Hulej, Luthier/Artist | Website: https://www.cindyguitars.com/Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesWhat happens when the story of a city becomes part of the music we make? In this episode of Music Evolves, host Sean Martin sits down with luthier and artist Cindy Hulej of Cindy Guitars to explore how reclaimed wood from historic New York buildings is transformed into custom electric guitars—each one uniquely shaped by memory, material, and imagination.Craft as InnovationCindy's process at Carmine Street Guitars isn't just about building instruments—it's about listening to what the material has to say. The beams salvaged from landmarks like the Chelsea Hotel and John Lennon's former home aren't just structural—they carry decades of vibration, weather, and presence. That physical history directly shapes how these guitars sound, feel, and resonate—offering a kind of analog innovation rooted in human touch and intention.Cindy describes how she and her husband Johnny repurpose old beams, often salvaged from 1800s-era buildings, and transform them into guitars that are not only playable but deeply resonant—physically and emotionally. The aged wood, shaped by centuries of seasonal change, yields a tone that's warm and chimey, with a resonance modern lumber can't match. “You're working with material that's already lived a hundred lives,” she explains. “You just have to unlock the next one.”Creativity Beyond ConventionEach guitar is made by hand, down to the smallest detail. From collaborating with boutique pickup winders to mixing finishes from shellac flakes, Cindy builds instruments that are both sonic and visual statements. No two are alike—because the creative process isn't about repeating perfection, it's about shaping something personal and alive. Whether players come with a precise vision or just a feeling, Cindy helps translate that into tone and form.Reimagining the Past to Shape the FutureThis isn't just about guitars. It's about the convergence of history, artistry, community, and sound. This episode challenges the idea that innovation must come from new tech or flashy trends. Sometimes, the most meaningful advances come from rethinking old materials and techniques.Cindy's guitars are a form of living history—reminding us that sound isn't just produced, it's inherited, interpreted, and carried forward. And, Cindy's path from bartending to building some of the most soulful instruments in New York is a reminder that craft isn't just skill—it's commitment to meaning.About Rick Kelly and Carmine Street GuitarsCarmine Street Guitars, located in New York City's Greenwich Village, is a hand-built electric guitar workshop led by legendary luthier Rick Kelly. Known for using reclaimed old-growth wood from historic buildings across the city, Rick has built instruments for renowned musicians such as Lou Reed, Patti Smith, Bob Dylan, and many others. His approach blends time-honored techniques with a reverence for the city's past, crafting guitars that are as storied as the musicians who play them. At the heart of the shop's ethos is a commitment to individuality, craftsmanship, and sonic integrity—values continued today through Cindy Guitars and the growing creative community within the space.SponsorsAre you interested in sponsoring this show or placing an ad in the podcast?Sponsorship
ITSPmagazine Weekly Update | From AI Agents to Tape Mixes, to Guitars and Black Hat Buzzwords and much more with Marco & Sean's Random & Unscripted Podcast ⸻ In this weekly unscripted update, Marco Ciappelli and Sean Martin catch up on their latest stories, from AI agents replacing SOC analysts to mixtape nostalgia and vintage guitars made from NYC history. They also tease big things coming at Black Hat USA and reflect on why collaboration is core to ITSPmagazine. ⸻ In this week's Random and Unscripted episode, Marco Ciappelli and Sean Martin return with another lively behind-the-scenes update from the ITSPmagazine world. As always, the conversation flows unpredictably—from music and nostalgia to cybersecurity, AI, and everything in between. Marco kicks off the episode by confessing he saw ASIS live—twice—and is now on a mission for the perfect mod haircut. Sean follows with an unexpected review of an avant-garde opera at Lincoln Center, which explores humanity's attempt to extend life through technology. That sets the stage for deeper reflection on AI, with both co-founders digging into the role of AI agents in cybersecurity operations. Sean recaps his recent contributor-led newsletters on threat intelligence and AI-powered SOC roles. Marco, meanwhile, teases the next chapter in his “Robbie the Robot” newsletter series, which will explore the merger of humans and machines. The episode also spotlights a series of published interviews: a brand story with Greg and John from White Knight Labs, Marco's conversation with Ken Munro wrapping up Infosecurity Europe 2025, and an episode with Abadesi from the Women in Cybersecurity track—discussing how diverse teams build better tech. Sean also drops new Music Evolves episodes, including a conversation with Summer McCoy of the Mixtape Museum and a new story on Carmine Guitars, where vintage NYC wood is repurposed into one-of-a-kind instruments. That sparks a philosophical reflection from Marco on the contrast between analog warmth and digital impermanence. As the episode winds down, Marco and Sean turn their attention to Black Hat USA 2025. With sponsorships nearly sold out, they encourage companies to claim one of the last remaining spots. They also preview an upcoming live webinar where they'll debate the event's inevitable buzzwords with industry peers. As always, the tone is informal, curious, and community-driven. If you want the inside scoop on what's shaping the stories and strategies at ITSPmagazine—this is the episode to hear. ⸻ Keywords: cybersecurity, AI agents, threat intelligence, SOC analyst, mixtape museum, custom guitars, Black Hat USA 2025, ITSPmagazine, analog vs digital, diversity in tech, robotic automation, newsletter strategy, editorial collaboration, pen testing, brand storytelling, tech culture, cybersecurity events, operational technology, digital transformation, music and techHosts links:
⬥GUEST⬥Tobias Halmans, OT Incident Responder | GIAC Certified Incident Handler | Automation Security Consultant at admeritia GmbH | On LinkedIn: https://www.linkedin.com/in/tobias-halmans/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Business continuity planning is a familiar exercise for most IT and security leaders—but when you move into operational technology (OT), the rules change. In this episode of Redefining CyberSecurity, Sean Martin talks with Tobias Halmans, an incident responder at admeritia, who helps organizations prepare for and respond to incidents in OT environments. Tobias shares why disaster recovery planning in OT requires more than simply adapting IT frameworks. It demands a change in approach, mindset, and communication.OT engineers don't think in terms of “ransomware readiness.” They think in terms of safety, uptime, manual fallback options, and how long a plant can stay operational without a SCADA system. As Tobias explains, while IT teams worry about backup integrity and rapid rebooting, OT teams are focused on whether shutting down a system—even safely—is even an option. And when the recovery plan depends on third-party vendors, the assumptions made on both sides can derail the response before it begins.Tobias walks us through the nuances of defining success in OT recovery. Unlike the IT world's metrics like mean time to recover (MTTR), OT environments often hinge on production impacts and safety thresholds. Recovery Time Objectives (RTOs) still exist—but they must be anchored in real-world plant operations, often shaped by vendor limitations, legacy constraints, and tightly regulated safety requirements.Perhaps most importantly, Tobias stresses that business continuity planning for OT can't just be a cybersecurity add-on. It must be part of broader risk and operational conversations, ideally happening when systems are being designed or upgraded. But in reality, many organizations are only starting these conversations now—often driven more by compliance mandates than proactive risk strategy.Whether you're a CISO trying to bridge the gap with your OT counterparts or an engineer wondering why cyber teams keep showing up with playbooks that don't fit, this conversation offers grounded, real-world insight into what preparedness really means for critical operations.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Article: https://www.linkedin.com/posts/sarah-fluchs_notfallvorsorge-in-der-ot-traut-euch-activity-7308744270453092352-Q8X1⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
Title: "Catching Up With Ken Munro After Infosecurity Europe 2025 — Hacking the Planet, One Car, One Plane, and One System at a Time"A Post–Infosecurity Europe 2025 Conversation with Ken MunroGuestsKen Munro Security writer & speakerhttps://www.linkedin.com/in/ken-munro-17899b1/HostsSean Martin, Co-Founder at ITSPmagazineWebsite: https://www.seanmartin.comMarco Ciappelli, Co-Founder, CMO, and Creative Director at ITSPmagazineWebsite: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974___________After a whirlwind week at Infosecurity Europe 2025, I had the chance to reconnect with Ken Munro from Pen Test Partners — a longtime friend, hacker, and educator who brings cybersecurity to life in the most tangible ways. From car hacking escape rooms to flight simulators in pubs, we talked about why touching tech matters, how myth-busting makes us safer, and how learning through play might just be the key to securing our increasingly complex world. Tune in, and maybe bring a cocktail.⸻There's something special about catching up with someone who's not just an expert in cybersecurity, but also someone who reminds you why this industry can — and should — be fun. Ken Munro and I go back to the early days of DEFCON's Aviation Village, and this post-Infosecurity Europe 2025 chat brought all that hacker spirit right back to the surface.Ken and his crew from Pen Test Partners set up shop next to the main Infosecurity Europe venue in a traditional London pub — but this wasn't your average afterparty. They transformed it into a hands-on hacking village, complete with a car demo, flight simulator, ICS cocktail CTF, and of course… a bar. The goal? Show that cybersecurity isn't just theory — it's something you can touch. Something that moves. Something that can break — and be fixed — before it breaks us.We talked about the infamous “Otto the Autopilot” from Airplane, the Renault Clio-turned-Mario Kart console, and why knowing how TCAS (collision avoidance) works on an Airbus matters just as much as knowing your Wi-Fi password. We also dug into the real-world cybersecurity concerns of industrial systems, electronic flight bags, and why European regulation might be outpacing the U.S. in some areas — for better or worse.One of the biggest takeaways? It's time to stop fearing the hacker mindset and start embracing it. Curiosity isn't a threat — it's a superpower. And when channeled correctly, it leads to safer skies, smarter cars, and fewer surprises in the water we drink or the power we use.There's a lot to reflect on from our conversation, but above all: education, community, and creativity are still the most powerful tools we have in security — and Ken is out there proving that, one demo and one pint at a time.Thanks again, Ken. See you at the next village — whichever pub, hangar, or DEFCON corner it ends up in.⸻Keywords: cybersecurity, ethical hacking, pen testing, Infosecurity Europe, embedded systems, car hacking, flight simulator, ICS security, industrial control systems, aviation cybersecurity, hacker mindset, DEFCON___________ResourcesLearn more and catch more stories from Infosecurity Europe 2025 London coverage: https://www.itspmagazine.com/infosec25Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Andy Johnson is joined by Fried Egg Golf's Joseph LaMagna and Sean Martin of the PGA Tour for a Ryder Cup discussion ahead of the final men's major of 2025. The three discuss storylines they're watching as the season wraps up and give their rosters for both Team Europe and Team USA as things stand today. Andy, Joseph, and Sean also debate the impact of course setup at Bethpage Black and wonder how the Americans will change things up in order to gain in advantage in September.
Before a power crew rolls out to check a transformer, sensors on the grid have often already flagged the problem. Before your smart dishwasher starts its cycle, it might wait for off-peak energy rates. And in the world of autonomous vehicles, lightweight systems constantly scan road conditions before a decision ever reaches the car's central processor.These aren't the heroes of their respective systems. They're the scouts, the context-builders: automated agents that make the entire operation more efficient, timely, and scalable.Cybersecurity is beginning to follow the same path.In an era of relentless digital noise and limited human capacity, AI agents are being deployed to look first, think fast, and flag what matters before security teams ever engage. But these aren't the cartoonish “AI firefighters” some might suggest. They're logical engines operating at scale: pruning data, enriching signals, simulating outcomes, and preparing workflows with precision."AI agents are redefining how security teams operate, especially when time and talent are limited," says Kumar Saurabh, CEO of AirMDR. "These agents do more than filter noise. They interpret signals, build context, and prepare response actions before a human ever gets involved."This shift from reactive firefighting to proactive triage is happening across cybersecurity domains. In detection, AI agents monitor user behavior and flag anomalies in real time, often initiating mitigation actions like isolating compromised devices before escalation is needed. In prevention, they simulate attacker behaviors and pressure-test systems, flagging unseen vulnerabilities and attack paths. In response, they compile investigation-ready case files that allow human analysts to jump straight into action."Low-latency, on-device AI agents can operate closer to the data source, better enabling anomaly detection, threat triaging, and mitigation in milliseconds," explains Shomron Jacob, Head of Applied Machine Learning and Platform at Iterate.ai. "This not only accelerates response but also frees up human analysts to focus on complex, high-impact investigations."Fred Wilmot, Co-Founder and CEO of Detecteam, points out that agentic systems are advancing limited expertise by amplifying professionals in multiple ways. "Large foundation models are driving faster response, greater context and more continuous optimization in places like SOC process and tools, threat hunting, detection engineering and threat intelligence operationalization," Wilmot explains. "We're seeing the dawn of a new way to understand data, behavior and process, while optimizing how we ask the question efficiently, confirm the answer is correct and improve the next answer from the data interaction our agents just had."Still, real-world challenges persist. Costs for tokens and computing power can quickly outstrip the immediate benefit of agentic approaches at scale. Organizations leaning on smaller, customized models may see greater returns but must invest in AI engineering practices to truly realize this advantage. "Companies have to get comfortable with the time and energy required to produce incremental gains," Wilmot adds, "but the incentive to innovate from zero to one in minutes should outweigh the cost of standing still."Analysts at Forrester have noted that while the buzz around so-called agentic AI is real, these systems are only as effective as the context and guardrails they operate within. The power of agentic systems lies in how well they stay grounded in real data, well-defined scopes, and human oversight. ¹ ²While approaches differ, the business case is clear. AI agents can reduce toil, speed up analysis, and extend the reach of small teams. As Saurabh observes, AI agents that handle triage and enrichment in minutes can significantly reduce investigation times and allow analysts to focus on the incidents that truly require human judgment.As organizations wrestle with a growing attack surface and shrinking response windows, the real value of AI agents might not lie in what they replace, but in what they prepare. Rob Allen, Chief Product Officer at ThreatLocker, points out, "AI can help you detect faster. But Zero Trust stops malware before it ever runs. It's not about guessing smarter; it's about not having to guess at all." While AI speeds detection and response, attackers are also using AI to evade defenses, making it vital to pair smart automation with architectures that deny threats by default and only allow what's explicitly needed.These agents are the eyes ahead, the hands that set the table, and increasingly the reason why the real work can begin faster and smarter than ever before.References1. Forrester. (2024, February 8). Cybersecurity's latest buzzword has arrived: What agentic AI is — and isn't. Forrester Blogs. https://www.forrester.com/blogs/cybersecuritys-latest-buzzword-has-arrived-what-agentic-ai-is-and-isnt/ (cc: Allie Mellen and Rowan Curran)2. Forrester. (2024, March 13). The battle for grounding has begun. Forrester Blogs. https://www.forrester.com/blogs/the-battle-for-grounding-has-begun/ (cc: Ted Schadler)________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.
Cyber threat intelligence (CTI) is no longer just a technical stream of indicators or a feed for security operations center teams. In this episode, Ryan Patrick, Vice President at HITRUST; John Salomon, Board Member at the Cybersecurity Advisors Network (CyAN); Tod Beardsley, Vice President of Security Research at runZero; Wayne Lloyd, Federal Chief Technology Officer at RedSeal; Chip Witt, Principal Security Analyst at Radware; and Jason Kaplan, Chief Executive Officer at SixMap, each bring their perspective on why threat intelligence must become a leadership signal that shapes decisions far beyond the security team.From Risk Reduction to OpportunityRyan Patrick explains how organizations are shifting from compliance checkboxes to meaningful, risk-informed decisions that influence structure, operations, and investments. This point is reinforced by John Salomon, who describes CTI as a clear, relatable area of security that motivates chief information security officers to exchange threat information with peers — cooperation that multiplies each organization's resources and builds a stronger industry front against emerging threats.Real Business ContextTod Beardsley outlines how CTI can directly support business and investment moves, especially when organizations evaluate mergers and acquisitions. Wayne Lloyd highlights the importance of network context, showing how enriched intelligence helps teams move from reactive cleanups to proactive management that ties directly to operational resilience and insurance negotiations.Chip Witt pushes the conversation further by describing CTI as a business signal that aligns threat trends with organizational priorities. Jason Kaplan brings home the reality that for Fortune 500 security teams, threat intelligence is a race — whoever finds the gap first, the defender or the attacker, determines who stays ahead.More Than DefenseThe discussion makes clear that the real value of CTI is not the data alone but the way it helps organizations make decisions that protect, adapt, and grow. This episode challenges listeners to see CTI as more than a defensive feed — it is a strategic advantage when used to strengthen deals, influence product direction, and build trust where it matters most.Tune in to hear how these leaders see the role of threat intelligence changing and why treating it as a leadership signal can shape competitive edge.________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.
In this Random and Unscripted episode, Marco Ciappelli and Sean Martin connect the dots between AI, robotics, connected systems, and human behavior. How do machines reshape society—and how do we reshape ourselves in response? A conversation born from their latest articles.This Random and Unscripted episode is exactly what the title promises—a raw, thoughtful exchange between Marco Ciappelli and Sean Martin, sparked by their most recent written reflections. The starting point? Two timely articles. Sean unpacks the complexity of securing connected environments—what happens when devices, vehicles, sensors, and platforms become part of something bigger? It's no longer about protecting individual elements, but understanding how they operate as “systems of systems”—intertwined, dynamic, and vulnerable. Meanwhile, Marco revisits Robbie, Isaac Asimov's iconic robot story, to explore how our relationship with technology evolves over time. What felt like distant science fiction in the 1980s now hits closer to home, as AI simulates understanding, machines mimic empathy, and humans blur the lines between organic and artificial. The discussion drifts from cybersecurity to human psychology, questioning how interacting with AI reshapes society—and whether our own behavior starts reflecting the technology we create. Machines are learning, systems are growing more complex, and somewhere along the way, humanity is changing too. Stay random. Stay curious. ⸻
Getting a start in cybersecurity has never been easy — but for today's aspiring pen testers, the entry barriers are even higher than they were a decade ago. In this conversation, Sean Martin and Marco Ciappelli sit down with Greg Hatcher and John Stigerwalt from White Knight Labs to unpack why they decided to flip the script on entry-level offensive security training.Greg, a former Army Special Operations communicator, and John, who got his break as a self-taught hacker, agree that the traditional path — expensive certifications and theoretical labs — doesn't reflect the reality of the work. That's why White Knight Labs is launching the Entry Level Pen Tester (ELPT) program. The idea is straightforward: make high-quality, practical training accessible to anyone, anywhere.Unlike other courses that focus purely on the technical side, the ELPT emphasizes the full skill set a junior pen tester needs. This means not just breaking into systems, but learning how to write clear reports, communicate effectively with clients, and operate as part of a real engagement team. John explains that even the best technical find is worthless if it's not explained properly or delivered with clear guidance for fixing the issue.Greg points out that the team culture at White Knight Labs borrows from his Special Forces days — small, specialized teams where each individual goes deep on a specific domain but works in tight coordination with others. Their goal for trainees mirrors this: to develop focused, practical skills while understanding how their piece fits into bigger, complex attack scenarios.Affordability and global access are key parts of the mission. The team wants the ELPT to open doors for people who might not have thousands to spend on training. By combining hands-on labs, in-depth modules, real-world scenarios, and a tough final exam, they aim to ensure that passing the ELPT means you're truly job-ready.For anyone considering a start in offensive security, this episode is a glimpse into a program designed to create more than just hackers — it's building adaptable, communicative professionals ready to hit the ground running.Learn more about White Knight Labs: https://itspm.ag/white-knight-labs-vukrGuests:John Stigerwalt | Founder at White Knight Labs | Red Team Operations Leader | https://www.linkedin.com/in/john-stigerwalt-90a9b4110/Greg Hatcher | Founder at White Knight Labs | SOF veteran | Red Team | https://www.linkedin.com/in/gregoryhatcher2/______________________Keywords: sean martin, marco ciappelli, greg hatcher, john stigerwalt, cybersecurity, pentesting, training, certification, whiteknightlabs, hacking, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesVisit the White Knight Labs Website to learn more: https://itspm.ag/white-knight-labs-vukrLearn more and catch more stories from White Knight Labs on ITSPmagazine: https://www.itspmagazine.com/directory/white-knight-labsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story