Podcast appearances and mentions of Sean Martin

Joining us are two of golf's most insightful voices—Normal Sport Founder, Kyle Porter—PGA TOUR Lead Editor, and the Emmy-nominated Sean Martin, ready to dissect one grand thought each on Rory's Augusta breakthrough. Their expert perspective turns a chaotic start into a historical and emotional analysis of the significance of Rory's win and for his future in golf. The conversation covers his growth as a player, balancing confidence with humility, and navigating the pressures of being a major champion so early in his career. They also delve into the emotional and psychological aspects witnessed on Sunday at Augusta, focusing on themes of vulnerability and self-doubt that resonate with fans and nearly all golfers. The hosts reflect on Rory's emotional journey during the Masters, including family connections and key moments that will continue to define the historic moment for decades. Before signing off, KP shares what it was like to be on the grounds during that back nine on Sunday. Matt and Kevin highlight the role of media as 'fans' in experiencing these events, underscoring the humanity in sports journalism. NewClub > https://www.newclub.golf Titleist > https://www.titleist.com Normal Sport > https://www.normalsport.com/ PGA Tour > http://pgatour.com/ Chapters 00:00 Introduction to the Chaos this show (and Rory's Win) 03:01 The Significance of Rory's Masters Victory 05:46 Statistics and Historical Context of Rory's Win 09:02 The Impact of Winning on Rory's Future 12:10 Guest Insights: Kyle Porter and Sean Martin Join the Discussion 14:58 Exploring Rory's Evolution and Future Challenges 18:01 The Balance of Confidence and Humility in Rory's Game 28:38 The Emotional Weight of Golf 31:41 Burden and Release: The Human Experience in Sports 34:15 The Power of Vulnerability and Hope 40:09 Doubt and Performance Anxiety in Golf 48:51 Overcoming Self-Doubt: A Personal Journey 57:46 A Heartfelt Connection: Rory and Family 01:00:34 The Weight of Expectations: Rory's Final Round 01:03:07 The Roller Coaster of Emotions: Analyzing Key Shots 01:06:08 The Journey of a Champion: Rory's Evolution 01:08:24 The Impact of Legacy: Rory and the Masters 01:10:49 The Emotional Experience: Media and Fan Perspectives 01:17:27 The Humanity of Golf: Writers and Emotion

LevelBlue's latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they're accelerating. In this episode of ITSPmagazine's Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It's Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue's next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue's Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The RSA Conference has long served as a meeting point for innovation and collaboration in cybersecurity—and in this pre-RSAC episode, ITSPmagazine co-founders Marco Ciappelli and Sean Martin welcome Akamai's Rupesh Chokshi to the conversation. With RSAC 2025 on the horizon, they discuss Akamai's presence at the event and dig into the challenges and opportunities surrounding AI, threat intelligence, and enterprise security.Chokshi, who leads Akamai's Application Security business, describes a landscape marked by explosive growth in web and API attacks—and a parallel shift as enterprises embrace generative AI. The double-edged nature of AI is central to the discussion: while it offers breakthrough productivity and automation, it also creates new vulnerabilities. Akamai's dual focus, says Chokshi, is both using AI to strengthen defenses and securing AI-powered applications themselves.The conversation touches on the scale and sophistication of modern threats, including an eye-opening stat: Akamai is now tracking over 500 million large language model (LLM)-driven scraping requests per day. As these threats extend from e-commerce to healthcare and beyond, Chokshi emphasizes the need for layered defense strategies and real-time adaptability.Ciappelli brings a sociological lens to the AI discussion, noting the hype-to-reality shift the industry is experiencing. “We're no longer asking if AI will change the game,” he suggests. “We're asking how to implement it responsibly—and how to protect it.”At RSAC 2025, Akamai will showcase a range of innovations, including updates to its Guardicore platform and new App & API Protection Hybrid solutions. Their booth (6245) will feature interactive demos, theater sessions, and one-on-one briefings. The Akamai team will also release a new edition of their State of the Internet report, packed with actionable threat data and insights.The episode closes with a reminder: in a world that's both accelerating and fragmenting, cybersecurity must serve not just as a barrier—but as a catalyst. “Security,” says Chokshi, “has to enable innovation, not hinder it.”⸻Keywords: RSAC 2025, Akamai, cybersecurity, generative AI, API protection, web attacks, application security, LLM scraping, Guardicore, State of the Internet report, Zero Trust, hybrid digital world, enterprise resilience, AI security, threat intelligence, prompt injection, data privacy, RSA Conference, Sean Martin, Marco Ciappelli______________________Guest: Rupesh Chokshi, SVP & GM, Akamai https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsAKAMAI:https://itspm.ag/akamailbwc____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageRupesh Chokshi Session at RSAC 2025The New Attack Frontier: Research Shows Apps & APIs Are the Targets - [PART1-W09]____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

⬥GUEST⬥Izar Tarandach, Sr. Principal Security Architect for a large media company | On LinkedIn: https://www.linkedin.com/in/izartarandach/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin sits down with Izar Tarandach, Senior Principal Security Architect at a major entertainment company, to unpack a concept gaining traction across some developer circles: vibe coding.Vibe coding, as discussed by Izar and Sean, isn't just about AI-assisted development—it's about coding based on a feeling or a flow, often driven by prompts to large language models (LLMs). It's being explored in organizations from startups to large tech companies, where the appeal lies in speed and ease: describe what you want, and the machine generates the code. But this emerging approach is raising significant concerns, particularly in security circles.Izar, who co-hosts the Security Table podcast with Matt Coles and Chris Romeo, calls attention to the deeper implications of vibe coding. At the heart of his concern is the risk of ignoring past lessons. Generating code through AI may feel like progress, but without understanding what's being written or how it fits into the broader architecture, teams risk reintroducing old vulnerabilities—at scale.One major issue: the assumption that code generated by AI is inherently good or secure. Izar challenges that notion, reminding listeners that today's coding models function like junior developers—they may produce working code, but they're also prone to mistakes, hallucinations, and a lack of contextual understanding. Worse yet, organizations may begin to skip traditional checks like code reviews and secure development lifecycles, assuming the machine already got it right.Sean highlights a potential opportunity—if used wisely, vibe coding could allow developers to focus more on outcomes and user needs, rather than syntax and structure. But even he acknowledges that, without collaboration and proper feedback loops, it's more of a one-way zone than a true jam session between human and machine.Together, Sean and Izar explore whether security leaders are aware of vibe-coded systems running in their environments—and how they should respond. Their advice: assume you already have vibe-coded components in play, treat that code with the same scrutiny as anything else, and don't trust blindly. Review it, test it, threat model it, and hold it to the same standards.Tune in to hear how this new style of development is reshaping conversations about security, responsibility, and collaboration in software engineering.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring LinkedIn Post — https://www.linkedin.com/posts/izartarandach_sigh-vibecoding-when-will-we-be-able-activity-7308105048926879744-fNMSSecurity Table Podcast: Vibe Coding: What Could Possibly Go Wrong? — https://securitytable.buzzsprout.com/2094080/episodes/16861651-vibe-coding-what-could-possibly-go-wrongWebinar: Secure Coding = Developer Power, An ITSPmagazine Webinar with Manicode Security — https://www.crowdcast.io/c/secure-coding-equals-developer-power-how-to-convince-your-boss-to-invest-in-you-an-itspmagazine-webinar-with-manicode-security-ad147fba034a⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

All Aboard the Innovation Express: RSAC 2025 On Track for Cybersecurity's FutureLet's face it—RSAC isn't just a conference anymore. It's a movement. A ritual. A block party for cybersecurity. And this year, it's pulling into the station with more tracks than ever before—figuratively and literally.In this On Location episode, we reconnect with Cecilia Murtagh Marinier, Vice President of Innovation and Scholars at RSAC, to dive into what makes the 2025 edition a can't-miss experience. And as always, Sean and Marco kick things off with a bit of improvisation, some travel jokes, and a whole lot of heart.From the 20th Anniversary of the Innovation Sandbox (with a massive $50M investment boost from Crosspoint Capital) to the growing Early Stage Expo, LaunchPad's Shark-Tank-style sessions, and the new Investor & Entrepreneur track, RSAC continues to set the stage for cybersecurity's next big thing.And this year, they're going bigger—literally. The expansion into the Yerba Buena Center for the Arts brings with it a mind-blowing immersive experience: DARPA's AI Cyber City, a physically interactive train ride through smart city scenarios, designed to show how cybersecurity touches everything—from water plants to hospitals, satellites to firmware.Add in eight hands-on villages, security scholars programs, coffee-fueled networking zones, and a renewed focus on inclusion, mentorship, and accessibility, and you've got something that feels less like an event and more like a living, breathing community.Cecilia also reminds us that RSAC is a place for everyone—from first-timers unsure where to begin to seasoned veterans ready to innovate and invest. It's about showing up, making a plan (or not), and being open to the unexpected conversations that happen in hallways, lounges, or over espresso in the sandbox village.And if you can't make it in person? RSAC has made sure that everything is accessible online—600 speakers, 600 vendors, and endless ways to engage, reflect, and be part of the global cybersecurity story.So whether you're hopping in the car, boarding a flight, or—who knows—riding a miniature DARPA train through Northridge City, one thing's for sure: RSAC 2025 is going full speed ahead—and we're bringing you along for the ride.⸻ 

In this Brand Story episode, Sean Martin and Marco Ciappelli sit down with Rob Allen, Chief Product Officer at ThreatLocker, to unpack how the company is reshaping endpoint security through a unique, control-first approach. Rob shares how ThreatLocker is challenging long-held assumptions about trust, visibility, and control in enterprise environments—and why the traditional “trust but verify” model is no longer good enough.From Default Permit to Default DenyThreatLocker's philosophy centers on a fundamental shift: moving from a default permit posture to a default deny stance. This approach, according to Rob, doesn't hinder operations—it creates boundaries that allow organizations to function safely and efficiently. It's not about locking systems down; it's about granting permissions with precision, so users can operate without even noticing security is present.Product Innovation Driven by Real FeedbackThe conversation highlights how customer input—and CEO Danny Jenkins' relentless presence at industry events—drives product development. New solutions like Web Control and Patch Management are designed as logical extensions of existing tools, allowing security teams to reduce risk without creating friction for end users. The addition of a software store, suggested by enterprise customers, gives users clarity on what's approved while reducing IT support tickets.Insights and the Detect DashboardRob also explains how ThreatLocker is unlocking the value of big data. With billions of data points collected every hour, their new Insights platform aggregates and analyzes cross-customer trends to better inform security decisions. Combined with the Detect Dashboard, teams now gain not only visibility but actionable intelligence—supported by polished visuals and streamlined workflows.More Than Just Tech—It's Peace of MindWhile the technology is impressive, Rob says the most rewarding feedback is simple: “ThreatLocker helps me sleep at night.” For many customers, that level of confidence is priceless. And in unexpected situations—like a blue-screen incident caused by third-party software—ThreatLocker has even been used to mitigate impacts in creative ways.Whether you're leading a global IT team or managing a growing MSP, this episode will make you think differently about how security fits into your operational strategy. Tune in to hear how ThreatLocker is turning bold ideas into real-world control.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer at ThreatLockerOn LinkedIn | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

As the cybersecurity world gears up for RSAC 2025 in San Francisco, we hit the road again—this time with Chris Pierson, Founder and CEO of BlackCloak, for a pre-event chat packed with insight, community spirit, and some big news.Chris is no stranger to the RSA stage—this year marks his 21st year presenting—and he's bringing his energy to two powerful sessions. The first, titled “Protecting What Matters: Your Family and Home,” kicks off bright and early on Monday, April 28. It's not about blinky lights or enterprise networks—it's about us. The cybersecurity community often talks about protecting organizations, but what about protecting ourselves and our families? Chris will explore how security pros can apply their skills at home, covering identity theft, scams, and home network safety. It's a refreshing and much-needed call to action that connects the personal and professional.On Wednesday, Chris returns with co-presenter James Shreve for a two-hour Learning Lab, “When Things Go Boom: Supply Chain Risk.” This Chatham House Rule session dives deep into one of today's most complex challenges: managing third-party risk without stopping the business in its tracks. Participants will step into different roles—board members, CISOs, legal, finance—to engage in a live, collaborative scenario that pushes them to think beyond checklists. Real talk. Real collaboration. And practical takeaways.But that's not all. BlackCloak is also unveiling its new Digital Executive Protection Framework, designed to help organizations assess and strengthen protections for executives and their families. Chris teases that this framework includes 14 essential tenets that blend physical, digital, and organizational awareness—and he'll be sitting down with us again at the event to go deeper.With 15–20 BlackCloak team members on site, a full schedule of meetings, events, and community conversations, this year is shaping up to be a milestone for BlackCloak at RSAC. If you're attending, keep an eye on their LinkedIn page for updates, booking links, and suite details.As Chris says, it's about lifting our heads, scanning the horizon, and showing up for our community—and our families.Keywords: RSAC2025, Chris Pierson, BlackCloak, cybersecurity, RSA Conference, digital protection, executive protection, supply chain risk, identity theft, privacy, home network security, third-party risk, CISOs, cybersecurity community, digital executive protection framework, GRC, threat intelligence, infosec, personal security, cybersecurity awareness______________________Guest: Chris Pierson, Founder & CEO of BLACKCLOAK | Digital Executive Protection | Concierge Cybersecurity & Privacy Protection . . . in their Personal Lives | On LinkedIn: https://www.linkedin.com/in/drchristopherpierson/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsBLACKCLOAK:https://itspm.ag/itspbcweb____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageChris SessionsProtecting What Matters—Your Family & Home https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739369849404001eWtUWhen Things Go Boom! Your Supply Chain Riskhttps://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1727434586212001yGwMBLACKCLOAK WEBSITE:https://itspm.ag/itspbcweb____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Have you ever wondered how someone can overcome addiction and time in prison and still find fulfillment in life? In this episode of the Life Shift podcast, I sit down with Sean Martin, a once-incarcerated individual turned successful entrepreneur and mentor who shares his remarkable journey of transformation and self-discovery.Sean takes us through his early years growing up in New York City's Parkside Projects, where he witnessed the devastating effects of the crack cocaine epidemic. Despite the challenges, Sean's mother instilled in him the belief that he could achieve anything he set his mind to. However, this drive for success eventually led him down a dangerous path.From Prison Cell to Personal GrowthHow Sean used his time in prison to map out his future goalsThe power of self-reflection and taking responsibility for one's actionsOvercoming addiction and finding sobriety later in lifeEmbracing Fatherhood and PurposeSean's initial reluctance to start a family and how it changed his lifeThe importance of breaking generational cycles and being present for your childrenFinding fulfillment through mentorship and giving back to the communityRedefining Success and Personal GrowthHow Sean's definition of success evolved beyond financial achievementsThe role of continuous self-improvement and surrounding yourself with positive influencesEmbracing discomfort as a catalyst for personal growthAs you listen to this episode, consider:What limiting beliefs might be holding you back from reaching your full potential?How can you use your past experiences, both positive and negative, to shape a better future?How can you contribute to your community and find fulfillment through helping others?Join us for this inspiring conversation that reminds us it's never too late to change your life's direction and find purpose in helping others. Sean's journey is a testament to the power of perseverance, self-reflection, and the courage to embrace new possibilities.Sean Martin is an entrepreneur, nonprofit advocate, podcast host, and motivational speaker dedicated to inspiring others through his story of resilience and transformation. Growing up in the Bronx during the crack epidemic, Sean faced significant challenges, including addiction and incarceration. However, he turned his life around through self-reflection and a commitment to personal growth. Today, Sean leads multiple successful businesses, supports underserved communities through his nonprofit work, and hosts the R.E.A.L Mentors Podcast, highlighting impactful stories of entrepreneurship and service. Sean's first book, Beyond the Bronx, will be released in 2025. As a devoted husband and father, Sean inspires and empowers others to overcome adversity and achieve their full potential.Connect with Sean MartinInstagram: @TheSeanMartinPodcast: R.E.A.L Mentors Podcast, available on all major platformsUpcoming Book: Beyond the Bronx (2025)Resources: To listen in on more conversations about pivotal moments that changed lives forever, subscribe to "The Life Shift" on Apple Podcasts or wherever you listen to podcasts. If you enjoyed this episode, please take a moment to rate the show 5 stars and leave a review! ⭐️⭐️⭐️⭐️⭐️Access ad-free episodes released two days early: ht

Join Marco and Sean in their annual pre-RSAC conversation with Linda Gray Martin and Britta Glade. Discover what's new and exciting at RSAC 2025—expanded campuses, innovative programming, and compelling guest speakers like Magic Johnson and Ron Howard. Dive into special events, immersive experiences, and the launch of a vibrant community platform aimed at fostering continuous learning and connection among cybersecurity professionals. Get ready for another unforgettable year celebrating many voices within one united community.Full Intro/Blog:RSA Conference 2025 is here, and Marco and Sean continue their beloved tradition with a vibrant preview conversation featuring Linda Gray Martin, Chief of Staff and Senior Vice President at RSAC, and Britta Glade, Senior Vice President, Content & Communities. This year's conference theme, "Many Voices, One Community," highlights the collaborative and inclusive spirit driving the cybersecurity world forward.In this engaging discussion, Marco and Sean explore the exciting expansions and innovations attendees can anticipate. RSAC is expanding its campus, taking over San Francisco's stunning Yerba Buena Center for the Arts, enhancing the attendee experience with a new keynote auditorium and the DARPA AI Cyber Challenge. The Sandbox area promises captivating interactive experiences, including a fictional town simulation designed to showcase AI's role in safeguarding critical infrastructure.Keynotes remain a conference highlight, with influential voices like NBA legend Magic Johnson sharing insights on teamwork, and filmmaker Ron Howard discussing storytelling and human connections in a unique father-daughter interview format. Closing celebrations feature an exciting conversation with Jamie Foxx, alongside vibrant performances from DJ Irie and local sensation Jazz Mafia.New educational tracks addressing essential topics such as Protecting Home and Family and Security Foundations ensure that content remains both relevant and accessible. The introduction of a new community membership platform is set to revolutionize ongoing engagement, offering secure messaging, tailored cybersecurity content, and collaborative opportunities long after the conference ends.Embrace the spirit of innovation, unity, and continuous growth at RSAC 2025, where the cybersecurity community comes together to drive meaningful change.Keywords:RSAC 2025, RSA Conference, cybersecurity, community, innovation, Magic Johnson, Ron Howard, Jamie Foxx, DARPA AI Cyber Challenge, Sandbox, Yerba Buena Center for the Arts, keynote speakers, networking, continuous learning, community membership platform, protecting home and family, security foundations, technology, inclusive community, immersive experience.__________________________________Guest: Linda Gray Martin | Chief of Staff, RSAC and Senior Vice President, RSA Conferencehttps://www.linkedin.com/in/linda-gray-martin-223708/Britta Glade | Senior Vice President, Content & Communities, RSA Conferencehttps://www.linkedin.com/in/britta-glade-5251003/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society & Technology stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-and-technology-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Guest and HostGuest: George Platsis (AKA DJ Zeus) | Website: https://www.djzeus.com/home.htmlHost: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesIn this episode of Music Evolves, host Sean Martin is joined by George Platsis—known on stage and online as DJ Zeus—for a conversation about the art, the science, and the soul of DJing.DJ Zeus brings a unique perspective to the turntables, shaped by a classical music education, years performing in Toronto's largest clubs, and a deep appreciation for music that tells a story. From early days making mixtapes on cassette to manipulating multiple turntables live, he shares how his journey started with rock, shifted into dance music, and eventually settled into a world of layered soundscapes and emotional storytelling.From Mixes to SoundtracksDJ Zeus doesn't just play music—he creates moments. He explains that making a great mix isn't about throwing popular songs together; it's about reading the room, responding to energy, and creating a journey. Whether it's a club performance or a recorded set in Ableton Live, each mix is built like a story—with dynamics, tension, release, and emotion.This philosophy carries through to how he uses technology. Instead of letting it do the work for him, Zeus uses tools like pitch shifting, EQ manipulation, and harmonic mixing to craft something that couldn't exist without human touch. “If you're not pushing the technology,” he says, “you're not adding your own soul to it.”When Technology Meets FeelZeus shares how today's tools can isolate vocals, remix tracks on the fly, and even keep beats perfectly aligned—but warns that without intuition, timing, and feel, you're just making playlists. The difference between a DJ and a playlist? Emotion. Surprise. Humanity.He also reflects on two tracks that changed everything: Daft Punk's One More Time and Cher's Believe. One brought club music into mainstream pop; the other proved pop could crush in the clubs. Both used vocal manipulation in new ways and redefined the sound of their time.This episode isn't about nostalgia—it's about remembering why music matters. DJ Zeus reminds us that great DJing isn't just what you hear—it's what you feel.SponsorsAre you interested in sponsoring this show or placing an ad in the podcast?Sponsorship

In a conversation that sets the tone for this year's RSA Conference, Steve Wilson, shares a candid look at how AI is intersecting with cybersecurity in real and measurable ways. Wilson, who also leads the OWASP Top 10 for Large Language Models project and recently authored a book published by O'Reilly on the topic, brings a multi-layered perspective to a discussion that blends strategy, technology, and organizational behavior.Wilson's session title at RSA Conference—“Are the Machines Learning, or Are We?”—asks a timely question. Security teams are inundated with data, but without meaningful visibility—defined not just as seeing, but understanding and acting on what you see—confidence in defense capabilities may be misplaced. Wilson references a study conducted with IDC that highlights this very disconnect: organizations feel secure, yet admit they can't see enough of their environment to justify that confidence.This episode tackles one of the core paradoxes of AI in cybersecurity: it offers the promise of enhanced detection, speed, and insight, but only if applied thoughtfully. Generative AI and large language models (LLMs) aren't magical fixes, and they struggle with large datasets. But when layered atop refined systems like user and entity behavior analytics (UEBA), they can help junior analysts punch above their weight—or even automate early-stage investigations.Wilson doesn't stop at the tools. He zooms out to the business implications, where visibility, talent shortages, and tech complexity converge. He challenges security leaders to rethink what visibility truly means and to recognize the mounting noise problem. The industry is chasing 40% more CVEs year over year—an unsustainable growth curve that demands better signal-to-noise filtering.At its heart, the episode raises important strategic questions: Are businesses merely offloading thinking to machines? Or are they learning how to apply these technologies to think more clearly, act more decisively, and structure teams differently?Whether you're building a SOC strategy, rethinking tooling, or just navigating the AI hype cycle, this conversation with Steve Wilson offers grounded insights with real implications for today—and tomorrow.

Guest and HostGuest: Aaron Friedman, Executive Director, Make Music Alliance | On LinkedIn: https://www.linkedin.com/in/aaron-friedman-7068014/Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesWhat if June 21st wasn't just another day on the calendar—but the one day a year where the world collectively said: go ahead, make noise?In this episode of Music Evolves, host Sean Martin talks with Aaron Friedman, composer and founder of the Make Music Alliance, about the day that flips the script on who gets to perform. Make Music Day isn't about headliners, stages, or ticket sales. It's about showing up with your sound—whatever that is—and putting it out into the world.What started in 1982 as a spontaneous moment in the streets of France has become a global celebration of music made by everyone. And Aaron's been part of growing that idea across more than 150 U.S. cities—and beyond. There's no audition. No gatekeeping. Whether it's a punk band on a rooftop, a saxophonist on a stoop, or 200 people sight-reading Sousa marches in a park, it's all fair game.What makes this work? A custom-built matchmaking platform connects performers with unexpected venues—think record shops, laundromats, patios, public steps. There's even room for big group experiences like Mass Appeal, where companies donate instruments and anyone can join in. No gear? No problem.Aaron shares why this kind of open access matters, especially now. In a world of algorithm-driven listening and self-curated playlists, real connection—hearing music you didn't expect, played by someone you don't know—hits different. It's discovery in its purest form.Make Music Day isn't just about performance. It's about participation. It's about remembering that music doesn't need permission—it just needs a spark.So mark the date: June 21. Wherever you are, find a way to join in. Visit makemusicday.org to find your city or start your own.Because the world doesn't need more noise.It needs more music. Your music.SponsorsAre you interested in sponsoring this show or placing an ad in the podcast?Sponsorship

⬥GUEST⬥Ken Huang, Co-Chair, AI Safety Working Groups at Cloud Security Alliance | On LinkedIn: https://www.linkedin.com/in/kenhuang8/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin speaks with Ken Huang, Co-Chair of the Cloud Security Alliance (CSA) AI Working Group and author of several books including Generative AI Security and the upcoming Agent AI: Theory and Practice. The conversation centers on what agentic AI is, how it is being implemented, and what security, development, and business leaders need to consider as adoption grows.Agentic AI refers to systems that can autonomously plan, execute, and adapt tasks using large language models (LLMs) and integrated tools. Unlike traditional chatbots, agentic systems handle multi-step workflows, delegate tasks to specialized agents, and dynamically respond to inputs using tools like vector databases or APIs. This creates new possibilities for business automation but also introduces complex security and governance challenges.Practical Applications and Emerging Use CasesKen outlines current use cases where agentic AI is being applied: startups using agentic models to support scientific research, enterprise tools like Salesforce's AgentForce automating workflows, and internal chatbots acting as co-workers by tapping into proprietary data. As agentic AI matures, these systems may manage travel bookings, orchestrate ticketing operations, or even assist in robotic engineering—all with minimal human intervention.Implications for Development and Security TeamsDevelopment teams adopting agentic AI frameworks—such as AutoGen or CrewAI—must recognize that most do not come with out-of-the-box security controls. Ken emphasizes the need for SDKs that add authentication, monitoring, and access controls. For IT and security operations, agentic systems challenge traditional boundaries; agents often span across cloud environments, demanding a zero-trust mindset and dynamic policy enforcement.Security leaders are urged to rethink their programs. Agentic systems must be validated for accuracy, reliability, and risk—especially when multiple agents operate together. Threat modeling and continuous risk assessment are no longer optional. Enterprises are encouraged to start small: deploy a single-agent system, understand the workflow, validate security controls, and scale as needed.The Call for Collaboration and Mindset ShiftAgentic AI isn't just a technological shift—it requires a cultural one. Huang recommends cross-functional engagement and alignment with working groups at CSA, OWASP, and other communities to build resilient frameworks and avoid duplicated effort. Zero Trust becomes more than an architecture—it becomes a guiding principle for how agentic AI is developed, deployed, and defended.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥BOOK | Generative AI Security: https://link.springer.com/book/10.1007/978-3-031-54252-7BOOK | Agentic AI: Theories and Practices, to be published August by Springer: https://link.springer.com/book/9783031900259BOOK | The Handbook of CAIO (with a business focus): https://www.amazon.com/Handbook-Chief-AI-Officers-Revolution/dp/B0DFYNXGMRMore books at Amazon, including books published by Cambridge University Press and John Wiley, etc.: https://www.amazon.com/stores/Ken-Huang/author/B0D3J7L7GNVideo Course Mentioned During this Episode: "Generative AI for Cybersecurity" video course by EC-Council with 255 people rated averaged 5 starts: https://codered.eccouncil.org/course/generative-ai-for-cybersecurity-course?logged=falsePodcast: The 2025 OWASP Top 10 for LLMs: What's Changed and Why It Matters | A Conversation with Sandy Dunn and Rock Lambros⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

⬥GUEST⬥Ken Huang, Co-Chair, AI Safety Working Groups at Cloud Security Alliance | On LinkedIn: https://www.linkedin.com/in/kenhuang8/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin speaks with Ken Huang, Co-Chair of the Cloud Security Alliance (CSA) AI Working Group and author of several books including Generative AI Security and the upcoming Agent AI: Theory and Practice. The conversation centers on what agentic AI is, how it is being implemented, and what security, development, and business leaders need to consider as adoption grows.Agentic AI refers to systems that can autonomously plan, execute, and adapt tasks using large language models (LLMs) and integrated tools. Unlike traditional chatbots, agentic systems handle multi-step workflows, delegate tasks to specialized agents, and dynamically respond to inputs using tools like vector databases or APIs. This creates new possibilities for business automation but also introduces complex security and governance challenges.Practical Applications and Emerging Use CasesKen outlines current use cases where agentic AI is being applied: startups using agentic models to support scientific research, enterprise tools like Salesforce's AgentForce automating workflows, and internal chatbots acting as co-workers by tapping into proprietary data. As agentic AI matures, these systems may manage travel bookings, orchestrate ticketing operations, or even assist in robotic engineering—all with minimal human intervention.Implications for Development and Security TeamsDevelopment teams adopting agentic AI frameworks—such as AutoGen or CrewAI—must recognize that most do not come with out-of-the-box security controls. Ken emphasizes the need for SDKs that add authentication, monitoring, and access controls. For IT and security operations, agentic systems challenge traditional boundaries; agents often span across cloud environments, demanding a zero-trust mindset and dynamic policy enforcement.Security leaders are urged to rethink their programs. Agentic systems must be validated for accuracy, reliability, and risk—especially when multiple agents operate together. Threat modeling and continuous risk assessment are no longer optional. Enterprises are encouraged to start small: deploy a single-agent system, understand the workflow, validate security controls, and scale as needed.The Call for Collaboration and Mindset ShiftAgentic AI isn't just a technological shift—it requires a cultural one. Huang recommends cross-functional engagement and alignment with working groups at CSA, OWASP, and other communities to build resilient frameworks and avoid duplicated effort. Zero Trust becomes more than an architecture—it becomes a guiding principle for how agentic AI is developed, deployed, and defended.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥BOOK | Generative AI Security: https://link.springer.com/book/10.1007/978-3-031-54252-7BOOK | Agentic AI: Theories and Practices, to be published August by Springer: https://link.springer.com/book/9783031900259BOOK | The Handbook of CAIO (with a business focus): https://www.amazon.com/Handbook-Chief-AI-Officers-Revolution/dp/B0DFYNXGMRMore books at Amazon, including books published by Cambridge University Press and John Wiley, etc.: https://www.amazon.com/stores/Ken-Huang/author/B0D3J7L7GNVideo Course Mentioned During this Episode: "Generative AI for Cybersecurity" video course by EC-Council with 255 people rated averaged 5 starts: https://codered.eccouncil.org/course/generative-ai-for-cybersecurity-course?logged=falsePodcast: The 2025 OWASP Top 10 for LLMs: What's Changed and Why It Matters | A Conversation with Sandy Dunn and Rock Lambros⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

Guest and HostGuest: Seth Cluett, Director of Columbia University's Computer Music Center | On LinkedIn: https://www.linkedin.com/in/seth-cluett-7631065/ | Columbia University Computer Music Center Bio: https://cmc.music.columbia.edu/bios/seth-cluettHost: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesMusic and technology have always shaped each other, and few places embody that relationship as deeply as the Computer Music Center (CMC) at Columbia University. In this episode of Music Evolves, Sean Martin sits down with Seth Cluett, Director of the Computer Music Center and Assistant Director of the Sound Art MFA program at Columbia, to explore the center's rich history, its role in advancing music technology, and how it continues to shape the future of sound.The Legacy and Mission of the Computer Music CenterThe CMC is housed in the same 6,000-square-foot space as the original Columbia-Princeton Electronic Music Center, which dates back to 1951 and is one of the world's oldest university-based electronic music research facilities. This was the birthplace of early electronic music, where pioneers learned to use cutting-edge technology to create new sounds. Many of those musicians went on to establish their own studios around the world, from Egypt to Japan.The center has played a role in major milestones in music history, including the work of Wendy Carlos, a former student known for Switched-On Bach, the score for Tron, and The Shining. The first piece of electronic music to win a Pulitzer Prize was also composed here. Today, under Cluett's leadership, the focus remains on creativity-driven technological innovation—allowing composers and artists to explore technology freely and push the boundaries of what's possible in sound and music.One of the center's guiding principles is accessibility. Cluett emphasizes the importance of lowering barriers to entry for students who may not have had prior access to music technology. The goal is to make sure that anyone, regardless of background, can walk into the studio and begin working with 80% of its capabilities within the first 20 minutes.Exploring the Labs and StudiosThe episode also includes a tour of the labs and studios, showcasing some of the center's groundbreaking equipment. One highlight is the RCA Mark II Synthesizer, the world's first programmable music synthesizer. Built in the late 1950s, this massive machine—seven feet tall and weighing over a ton—was instrumental in shaping the sound of early electronic music. The system worked by punching holes into paper to control sound generation, similar to a player piano. While no longer in use, the CMC has collaborated with iZotope to model some of its effects digitally.The tour also features Columbia's electronic music studio, which houses synthesizers from Buchla, Serge, and Moog—the latter being developed by Bob Moog, who was once an undergraduate at Columbia. The center's modern design emphasizes a seamless workflow between analog and digital technologies, allowing students to quickly create, process, and experiment with sound.Another key space is the immersive media and spatial audio research facility, which features a 12.1-channel loudspeaker sphere for ambisonic sound, along with a 32-capsule microphone that captures highly detailed audio environments. This technology is not only shaping music but also fields like virtual reality, data sonification, and interactive media.The Future of Music TechnologyLooking ahead, Cluett highlights the increasing interplay between AI, machine learning, and music composition. While some companies promote AI-generated melodies, he believes that truly expressive, human-driven composition remains essential. The role of technology, he argues, is not to replace human creativity but to enable new forms of expression. The CMC is at the forefront of this shift, experimenting with real-time audio processing, interactive performance systems, and embedded sensors that enhance live music experiences.As music and technology continue to merge, Columbia's Computer Music Center remains a key player in shaping the future of sound. Whether through pioneering hardware, software innovation, or fostering the next generation of creative minds, the center proves that music technology is not just about engineering—it's about expression, accessibility, and the pursuit of artistic joy.

The HIMSS Global Conference brings together healthcare professionals, technology providers, and industry leaders to discuss the most pressing challenges in healthcare. One of the key conversations this year focused on security, risk management, and the role of HITRUST in ensuring trust across the healthcare ecosystem.HITRUST's Expanding Role in Healthcare SecurityRyan Patrick, VP of Adoption at HITRUST, joined the discussion to share insights from the conference floor. One of the most striking takeaways was the sheer scale of engagement—attendance at HIMSS was at an all-time high, reflecting a growing focus on healthcare security and compliance. Organizations across the industry are looking for solutions that support innovation while maintaining security, and HITRUST is at the center of those conversations.A common misconception about HITRUST is that it only provides a single, rigorous cybersecurity assessment. Patrick clarified that HITRUST now offers a tiered approach, including the E1 (entry-level), I1 (intermediate), and R2 (comprehensive) assessments, allowing organizations to align their security and compliance efforts with their level of maturity. The E1 assessment, in particular, has gained rapid adoption as organizations look for a scalable way to demonstrate security and compliance without the complexity of a full certification process.The Role of HITRUST in Third-Party Risk ManagementWith interoperability becoming a priority in healthcare, third-party risk management is a growing concern. Many healthcare organizations work with hundreds—if not thousands—of vendors, and ensuring security across this extended network is critical. Patrick emphasized that HITRUST is not just a cybersecurity framework but a tool for managing third-party risk at scale. HITRUST assessments provide structured, standardized data that can be integrated into risk management platforms, allowing organizations to evaluate their vendors with greater efficiency and confidence.As discussions around security and compliance continue, Patrick encourages healthcare organizations to educate themselves on the full range of HITRUST offerings. Whether an organization is starting its security journey or looking to optimize third-party risk management, HITRUST provides a structured path to achieving trust and resilience.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guest: Ryan Patrick, Vice President of Adoption at HITRUST | On LinkedIn: https://www.linkedin.com/in/ryan-patrick-3699117a/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsLearn more and catch more stories from HITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more and catch more stories from HIMSS 2025 coverage: https://www.itspmagazine.com/himss-2025-health-technology-and-cybersecurity-event-coverage-las-vegasHITRUST 2025 Trust Report: https://itspm.ag/hitrusz49c____________________________Catch all of our event coverage: https://www.itspmagazine.com/on-locationTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Cybersecurity in Italy: ITASEC 2025 Recap & Future Outlook with Professor Alessandro ArmandoCybersecurity is no longer a niche topic—it's a fundamental pillar of modern society. And in Italy, ITASEC has become the go-to event for bringing together researchers, government officials, and industry leaders to tackle the biggest security challenges of our time.Although we weren't there in person this year, we're diving into everything that happened at ITASEC 2025 in this special On Location recap with Professor Alessandro Armando. As Deputy Director of the Cybersecurity National Laboratory at CINI and Chairman of the Scientific Committee of the SERICS Foundation, Alessandro has a front-row seat to the evolution of cybersecurity in Italy.This year's event, held in Bologna, showcased the growing maturity of Italy's cybersecurity landscape, featuring keynotes, technical sessions, and even hands-on experiences for the next generation of security professionals. From government regulations like DORA (Digital Operational Resilience Act) to the challenges of AI security, ITASEC 2025 covered a vast range of topics shaping the future of digital defense.One major theme? Cybersecurity as an investment, not just a cost. Italian companies are increasingly recognizing security as a competitive advantage—something that enhances trust and reputation rather than just a compliance checkbox.We also discuss the critical role of education in cybersecurity, from university initiatives to national competitions that are training the next wave of security experts. With programs like Cyber Challenge.IT, Italy is making significant strides in developing a strong cybersecurity workforce, ensuring that organizations are prepared for the evolving threat landscape.And of course, Alessandro shares a big reveal: ITASEC 2026 is heading to Sardinia! A stunning location for what promises to be another exciting edition of the conference.Join us for this insightful discussion as we reflect on where cybersecurity in Italy is today, where it's headed, and why events like ITASEC matter now more than ever.

⬥GUEST⬥Allie Mellen, Principal Analyst,  Forrester | On LinkedIn: https://www.linkedin.com/in/hackerxbella/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥In this episode, Allie Mellen, Principal Analyst on the Security and Risk Team at Forrester, joins Sean Martin to discuss the latest results from the MITRE ATT&CK Ingenuity Evaluations and what they reveal about detection and response technologies.The Role of MITRE ATT&CK EvaluationsMITRE ATT&CK is a widely adopted framework that maps out the tactics, techniques, and procedures (TTPs) used by threat actors. Security vendors use it to improve detection capabilities, and organizations rely on it to assess their security posture. The MITRE Ingenuity Evaluations test how different security tools detect and respond to simulated attacks, helping organizations understand their strengths and gaps.Mellen emphasizes that MITRE's evaluations do not assign scores or rank vendors, which allows security leaders to focus on analyzing performance rather than chasing a “winner.” Instead, organizations must assess raw data to determine how well a tool aligns with their needs.Alert Volume and the Cost of Security DataOne key insight from this year's evaluation is the significant variation in alert volume among vendors. Some solutions generate thousands of alerts for a single attack scenario, while others consolidate related activity into just a handful of actionable incidents. Mellen notes that excessive alerting contributes to analyst burnout and operational inefficiencies, making alert volume a critical metric to assess.Forrester's analysis includes a cost calculator that estimates the financial impact of alert ingestion into a SIEM. The results highlight how certain vendors create a massive data burden, leading to increased costs for organizations trying to balance security effectiveness with budget constraints.The Shift Toward Detection and Response EngineeringMellen stresses the importance of detection engineering, where security teams take a structured approach to developing and maintaining high-quality detection rules. Instead of passively consuming vendor-generated alerts, teams must actively refine and tune detections to align with real threats while minimizing noise.Detection and response should also be tightly integrated. Forrester's research advocates linking every detection to a corresponding response playbook. By automating these processes through security orchestration, automation, and response (SOAR) solutions, teams can accelerate investigations and reduce manual workloads.Vendor Claims and the Reality of Security ToolsWhile many vendors promote their performance in the MITRE ATT&CK Evaluations, Mellen cautions against taking marketing claims at face value. Organizations should review MITRE's raw evaluation data, including screenshots and alert details, to get an unbiased view of how a tool operates in practice.For security leaders, these evaluations offer an opportunity to reassess their detection strategy, optimize alert management, and ensure their investments in security tools align with operational needs.For a deeper dive into these insights, including discussions on AI-driven correlation, alert fatigue, and security team efficiency, listen to the full episode.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/hackerxbella_go-beyond-the-mitre-attck-evaluation-to-activity-7295460112935075845-N8GW/Blog | Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes: https://www.forrester.com/blogs/go-beyond-the-mitre-attck-evaluation-to-the-true-cost-of-alert-volumes/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

⬥GUEST⬥Allie Mellen, Principal Analyst,  Forrester | On LinkedIn: https://www.linkedin.com/in/hackerxbella/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥In this episode, Allie Mellen, Principal Analyst on the Security and Risk Team at Forrester, joins Sean Martin to discuss the latest results from the MITRE ATT&CK Ingenuity Evaluations and what they reveal about detection and response technologies.The Role of MITRE ATT&CK EvaluationsMITRE ATT&CK is a widely adopted framework that maps out the tactics, techniques, and procedures (TTPs) used by threat actors. Security vendors use it to improve detection capabilities, and organizations rely on it to assess their security posture. The MITRE Ingenuity Evaluations test how different security tools detect and respond to simulated attacks, helping organizations understand their strengths and gaps.Mellen emphasizes that MITRE's evaluations do not assign scores or rank vendors, which allows security leaders to focus on analyzing performance rather than chasing a “winner.” Instead, organizations must assess raw data to determine how well a tool aligns with their needs.Alert Volume and the Cost of Security DataOne key insight from this year's evaluation is the significant variation in alert volume among vendors. Some solutions generate thousands of alerts for a single attack scenario, while others consolidate related activity into just a handful of actionable incidents. Mellen notes that excessive alerting contributes to analyst burnout and operational inefficiencies, making alert volume a critical metric to assess.Forrester's analysis includes a cost calculator that estimates the financial impact of alert ingestion into a SIEM. The results highlight how certain vendors create a massive data burden, leading to increased costs for organizations trying to balance security effectiveness with budget constraints.The Shift Toward Detection and Response EngineeringMellen stresses the importance of detection engineering, where security teams take a structured approach to developing and maintaining high-quality detection rules. Instead of passively consuming vendor-generated alerts, teams must actively refine and tune detections to align with real threats while minimizing noise.Detection and response should also be tightly integrated. Forrester's research advocates linking every detection to a corresponding response playbook. By automating these processes through security orchestration, automation, and response (SOAR) solutions, teams can accelerate investigations and reduce manual workloads.Vendor Claims and the Reality of Security ToolsWhile many vendors promote their performance in the MITRE ATT&CK Evaluations, Mellen cautions against taking marketing claims at face value. Organizations should review MITRE's raw evaluation data, including screenshots and alert details, to get an unbiased view of how a tool operates in practice.For security leaders, these evaluations offer an opportunity to reassess their detection strategy, optimize alert management, and ensure their investments in security tools align with operational needs.For a deeper dive into these insights, including discussions on AI-driven correlation, alert fatigue, and security team efficiency, listen to the full episode.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/hackerxbella_go-beyond-the-mitre-attck-evaluation-to-activity-7295460112935075845-N8GW/Blog | Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes: https://www.forrester.com/blogs/go-beyond-the-mitre-attck-evaluation-to-the-true-cost-of-alert-volumes/⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 

Guest and HostGuest: Scott “Shagghie” Scheferman, Artist: Raw. Analogue Techno. | On LinkedIn: https://www.linkedin.com/in/scottscheferman/ | Bandcamp: https://highsage.bandcamp.com/Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesThe latest episode of Music Evolves brings a fascinating discussion with Scott “Shagghie” Scheferman, a longtime cybersecurity professional and electronic music creator. Host Sean Martin sits down with Scheferman to explore the intersection of creativity, technology, and music—challenging the traditional definitions of hacking and how it applies to the artistic process.The Hacker Mindset in MusicScheferman, who has spent decades working in cybersecurity, explains how his approach to music is deeply influenced by the hacker mindset. Traditionally associated with computers and networks, hacking is about problem-solving, exploration, and pushing boundaries. For Scheferman, that same mentality extends to music—whether modifying effects pedals beyond their intended use, experimenting with modular synthesizers, or applying unconventional methods to sound creation.This perspective reframes the way we think about creativity: hacking isn't just breaking things—it's about finding new ways to build. In music, that could mean repurposing technology, combining analog and digital tools, or embracing unexpected results to drive innovation.The Role of Technology in Music CreationA core theme of the conversation is how technology shapes the way music is created and experienced. From the early days of analog synthesizers to today's AI-driven tools, technology has always played a role in expanding musical possibilities. Scheferman describes his studio setup, filled with modular synthesizers, custom effects pedals, and digital sequencing tools, as an evolving playground for sound experimentation.One of the key takeaways is that while technology can enable creativity, it can also introduce constraints. Whether it's the frustration of a technical failure or the overwhelming options provided by AI-driven music tools, technology isn't just a tool—it's a collaborator. Sometimes, the best results come from working within limitations or intentionally breaking the rules.AI, Automation, and the Future of MusicThe conversation also touches on artificial intelligence and its growing role in music composition. AI tools can generate melodies, suggest chord progressions, and even simulate human-like performances. But does AI-enhanced music lose something essential?Scheferman shares his thoughts on where technology ends and artistry begins. While AI can assist in generating ideas or automating tedious processes, it doesn't replace the human connection to music. He sees AI as a tool for acceleration rather than substitution—something that can help musicians explore new ideas but should not dictate creative choices.This is particularly relevant when it comes to live performance and improvisation. A computer can generate perfect beats and sequences, but can it capture the spontaneous interplay between musicians, the imperfections that make a performance feel alive? That's still an open question.The Human Element in SoundBeyond the technical aspects, Scheferman and Martin discuss the emotional power of music. Whether it's an acoustic guitar, an electrified soundscape, or a fully synthesized production, music has the ability to transport listeners to different states of mind.They reflect on how people connect with sound—how live performances create an irreplaceable energy, how vinyl records provide a tactile experience that digital streaming lacks, and how technology might change the way future generations perceive and create music. The question remains: as digital tools become more dominant, will we continue to crave raw, unprocessed sound?A Collaboration of Sound and EmotionAs the episode wraps up, Scheferman shares a track he created with his wife, Kati Rockit, blending electronic production with rock-influenced vocals. Their collaboration highlights another key theme of the episode—music as dialogue. Whether between humans and technology or between two creative partners, the best results often come from interplay, not isolation.This episode of Music Evolves is a must-listen for anyone interested in how technology and creativity intersect. It challenges assumptions about what it means to be a musician in the digital age and invites listeners to rethink how they interact with sound.

Artificial intelligence continues to shape the future of healthcare, and this year's HIMSS Global Conference 2025 reflected both the momentum and the uncertainties surrounding its adoption. In a conversation with Robert Havasy, Senior Director, Connected Health at HIMSS, the discussion focused on how AI, interoperability, and regulatory policy are influencing healthcare delivery, patient engagement, and the broader industry landscape.AI in Healthcare: From Concept to ImplementationGenerative AI has moved beyond the hype stage, embedding itself into real-world applications. Oracle's announcement of an AI-driven electronic health record (EHR) platform signals a shift in how hospitals and healthcare systems are rethinking data management. However, the conversation is no longer just about the technology itself—it's about how governments, regulatory bodies, and healthcare institutions will set guardrails to ensure AI's responsible and effective use.The Role of Policy in Shaping AI's FutureWhile AI adoption surges, regulatory uncertainty remains a key challenge. The Biden administration had proposed executive orders and regulations to guide AI's role in healthcare, but with political shifts and differing global regulatory approaches, the direction remains unclear. HIMSS has observed that different regions—the U.S., Europe, and Asia—may take separate paths in AI governance, raising questions about whether a unified best-practice framework will emerge or if multiple regulatory approaches will lead to diverging standards.Interoperability and the Shift Back to CustomizationFor years, healthcare institutions moved away from building their own systems in favor of purchasing standardized EHR solutions from dominant industry players. Now, there's a return to in-house development, driven by the need for flexibility, adaptability, and deeper AI integration. At the same time, interoperability remains a hurdle, as institutions seek to make AI work across disparate systems while maintaining security and compliance.The Patient's Role in AI-Driven HealthcareAI's potential to close the information gap between patients and providers is one of the most promising developments. From personal health monitoring through wearables to AI-powered tools that help individuals interpret medical research and their own health data, the patient's role in healthcare decision-making is evolving. The ability for AI to synthesize complex medical data and provide insights in real-time is reshaping how people engage with their health, making them more active participants in their care.What's Next?As HIMSS 2025 highlighted, AI in healthcare is not a distant vision—it's happening now. The question is no longer whether AI will be a part of healthcare, but rather how it will be implemented, regulated, and integrated into existing frameworks to maximize its benefits while mitigating risks. The conversation with Robert Havasy underscores the critical need for collaboration between healthcare providers, policymakers, and technologists to ensure AI delivers on its promise while keeping patients at the center of the equation.Listen to the full episode for deeper insights into how AI, interoperability, and patient-centered care are shaping the future of healthcare.Guest: Robert Havasy, Senior Director, Connected Health at HIMSS | On LinkedIn: https://www.linkedin.com/in/rhavasy/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsHITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more and catch more stories from HIMSS 2025 coverage: https://www.itspmagazine.com/himss-2025-health-technology-and-cybersecurity-event-coverage-las-vegasHIMSS 2024 Cybersecurity Report: https://www.himss.org/resources/himss-healthcare-cybersecurity-survey/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

⬥GUEST⬥Sarah Fluchs, CTO at admeritia | CRA Expert Group at EU Commission | On LinkedIn: https://www.linkedin.com/in/sarah-fluchs/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥The European Commission's Cyber Resilience Act (CRA) introduces a regulatory framework designed to improve the security of digital products sold within the European Union. In a recent episode of Redefining CyberSecurity, host Sean Martin spoke with Sarah Fluchs, Chief Technology Officer at admeritia and a member of the CRA expert group at the EU Commission. Fluchs, who has spent her career in industrial control system cybersecurity, offers critical insights into what the CRA means for manufacturers, retailers, and consumers.A Broad Scope: More Than Just Industrial AutomationUnlike previous security regulations that focused on specific sectors, the CRA applies to virtually all digital products. Fluchs emphasizes that if a device is digital and sold in the EU, it likely falls under the CRA's requirements. From smartwatches and baby monitors to firewalls and industrial control systems, the regulation covers a wide array of consumer and business-facing products.The CRA also extends beyond just hardware—software and services required for product functionality (such as cloud-based components) are also in scope. This broad application is part of what makes the regulation so impactful. Manufacturers now face mandatory cybersecurity requirements that will shape product design, development, and post-sale support.What the CRA RequiresThe CRA introduces mandatory cybersecurity standards across the product lifecycle. Manufacturers will need to:Ensure products are free from known, exploitable vulnerabilities at the time of release.Implement security by design, considering cybersecurity from the earliest stages of product development.Provide security patches for the product's defined lifecycle, with a minimum of five years unless justified otherwise.Maintain a vulnerability disclosure process, ensuring consumers and authorities are informed of security risks.Include cybersecurity documentation, requiring manufacturers to provide detailed security instructions to users.Fluchs notes that these requirements align with established security best practices. For businesses already committed to cybersecurity, the CRA should feel like a structured extension of what they are already doing, rather than a disruptive change.Compliance Challenges: No Detailed Checklist YetOne of the biggest concerns among manufacturers is the lack of detailed compliance guidance. While other EU regulations provide extensive technical specifications, the CRA's security requirements span just one and a half pages. This ambiguity is intentional—it allows flexibility across different industries—but it also creates uncertainty.To address this, the EU will introduce harmonized standards to help manufacturers interpret the CRA. However, with tight deadlines, many of these standards may not be ready before enforcement begins. As a result, companies will need to conduct their own cybersecurity risk assessments and demonstrate due diligence in securing their products.The Impact on Critical Infrastructure and Industrial SystemsWhile the CRA is not specifically a critical infrastructure regulation, it has major implications for industrial environments. Operators of critical systems, such as utilities and manufacturing plants, will benefit from stronger security in the components they rely on.Fluchs highlights that many security gaps in industrial environments stem from weak product security. The CRA aims to fix this by ensuring that manufacturers, rather than operators, bear the responsibility for secure-by-design components. This shift could significantly reduce cybersecurity risks for organizations that rely on complex supply chains.A Security Milestone: Holding Manufacturers AccountableThe CRA represents a fundamental shift in cybersecurity responsibility. For the first time, manufacturers, importers, and retailers must guarantee the security of their products or risk being banned from selling in the EU.Fluchs points out that while the burden of compliance is significant, the benefits for consumers and businesses will be substantial. Security-conscious companies may even gain a competitive advantage, as customers start to prioritize products that meet CRA security standards.For those in the industry wondering how strictly the EU will enforce compliance, Fluchs reassures that the goal is not to punish manufacturers for small mistakes. Instead, the EU Commission aims to improve cybersecurity without unnecessary bureaucracy.The Bottom LineThe Cyber Resilience Act is set to reshape cybersecurity expectations for digital products. While manufacturers face new compliance challenges, consumers and businesses will benefit from stronger security measures, better vulnerability management, and increased transparency.Want to learn more? Listen to the full episode of Redefining CyberSecurity with Sean Martin and Sarah Fluchs to hear more insights into the CRA and what it means for the future of cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/sarah-fluchs_aaand-its-official-the-cyber-resilience-activity-7250162223493300224-zECA/Adopted CRA text: https://data.consilium.europa.eu/doc/document/PE-100-2023-INIT/en/pdfA list of Sarah's blog posts to get your CRA knowledge up to speed:1️⃣ Introduction to the CRA, the CE marking, and the regulatory ecosystem around it: https://fluchsfriction.medium.com/eu-cyber-resilience-act-9e092fffbd732️⃣ Explanation how the standards ("harmonised European norms, hEN") are defined that will detail the actual cybersecurity requirements in the CRA (2023): https://fluchsfriction.medium.com/what-cybersecurity-standards-will-products-in-the-eu-soon-have-to-meet-590854ba3c8c3️⃣ Overview of the essential requirements outlined in the CRA (2024): https://fluchsfriction.medium.com/what-the-cyber-resilience-act-requires-from-manufacturers-0ee0b917d2094️⃣ Overview of the global product security regulation landscape and how the CRA fits into it (2024): https://fluchsfriction.medium.com/product-security-regulation-in-2024-93ddc6dd89005️⃣ Good-practice example for the "information and instructions to the user," one of the central documentations that need to be written for CRA compliance and the only one that must be provided to the product's users (2024): https://fluchsfriction.medium.com/how-to-be-cra-compliant-and-make-your-critical-infrastructure-clients-happy-441ecd859f52⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity: 

⬥GUEST⬥Sarah Fluchs, CTO at admeritia | CRA Expert Group at EU Commission | On LinkedIn: https://www.linkedin.com/in/sarah-fluchs/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥The European Commission's Cyber Resilience Act (CRA) introduces a regulatory framework designed to improve the security of digital products sold within the European Union. In a recent episode of Redefining CyberSecurity, host Sean Martin spoke with Sarah Fluchs, Chief Technology Officer at admeritia and a member of the CRA expert group at the EU Commission. Fluchs, who has spent her career in industrial control system cybersecurity, offers critical insights into what the CRA means for manufacturers, retailers, and consumers.A Broad Scope: More Than Just Industrial AutomationUnlike previous security regulations that focused on specific sectors, the CRA applies to virtually all digital products. Fluchs emphasizes that if a device is digital and sold in the EU, it likely falls under the CRA's requirements. From smartwatches and baby monitors to firewalls and industrial control systems, the regulation covers a wide array of consumer and business-facing products.The CRA also extends beyond just hardware—software and services required for product functionality (such as cloud-based components) are also in scope. This broad application is part of what makes the regulation so impactful. Manufacturers now face mandatory cybersecurity requirements that will shape product design, development, and post-sale support.What the CRA RequiresThe CRA introduces mandatory cybersecurity standards across the product lifecycle. Manufacturers will need to:Ensure products are free from known, exploitable vulnerabilities at the time of release.Implement security by design, considering cybersecurity from the earliest stages of product development.Provide security patches for the product's defined lifecycle, with a minimum of five years unless justified otherwise.Maintain a vulnerability disclosure process, ensuring consumers and authorities are informed of security risks.Include cybersecurity documentation, requiring manufacturers to provide detailed security instructions to users.Fluchs notes that these requirements align with established security best practices. For businesses already committed to cybersecurity, the CRA should feel like a structured extension of what they are already doing, rather than a disruptive change.Compliance Challenges: No Detailed Checklist YetOne of the biggest concerns among manufacturers is the lack of detailed compliance guidance. While other EU regulations provide extensive technical specifications, the CRA's security requirements span just one and a half pages. This ambiguity is intentional—it allows flexibility across different industries—but it also creates uncertainty.To address this, the EU will introduce harmonized standards to help manufacturers interpret the CRA. However, with tight deadlines, many of these standards may not be ready before enforcement begins. As a result, companies will need to conduct their own cybersecurity risk assessments and demonstrate due diligence in securing their products.The Impact on Critical Infrastructure and Industrial SystemsWhile the CRA is not specifically a critical infrastructure regulation, it has major implications for industrial environments. Operators of critical systems, such as utilities and manufacturing plants, will benefit from stronger security in the components they rely on.Fluchs highlights that many security gaps in industrial environments stem from weak product security. The CRA aims to fix this by ensuring that manufacturers, rather than operators, bear the responsibility for secure-by-design components. This shift could significantly reduce cybersecurity risks for organizations that rely on complex supply chains.A Security Milestone: Holding Manufacturers AccountableThe CRA represents a fundamental shift in cybersecurity responsibility. For the first time, manufacturers, importers, and retailers must guarantee the security of their products or risk being banned from selling in the EU.Fluchs points out that while the burden of compliance is significant, the benefits for consumers and businesses will be substantial. Security-conscious companies may even gain a competitive advantage, as customers start to prioritize products that meet CRA security standards.For those in the industry wondering how strictly the EU will enforce compliance, Fluchs reassures that the goal is not to punish manufacturers for small mistakes. Instead, the EU Commission aims to improve cybersecurity without unnecessary bureaucracy.The Bottom LineThe Cyber Resilience Act is set to reshape cybersecurity expectations for digital products. While manufacturers face new compliance challenges, consumers and businesses will benefit from stronger security measures, better vulnerability management, and increased transparency.Want to learn more? Listen to the full episode of Redefining CyberSecurity with Sean Martin and Sarah Fluchs to hear more insights into the CRA and what it means for the future of cybersecurity.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Post: https://www.linkedin.com/posts/sarah-fluchs_aaand-its-official-the-cyber-resilience-activity-7250162223493300224-zECA/Adopted CRA text: https://data.consilium.europa.eu/doc/document/PE-100-2023-INIT/en/pdfA list of Sarah's blog posts to get your CRA knowledge up to speed:1️⃣ Introduction to the CRA, the CE marking, and the regulatory ecosystem around it: https://fluchsfriction.medium.com/eu-cyber-resilience-act-9e092fffbd732️⃣ Explanation how the standards ("harmonised European norms, hEN") are defined that will detail the actual cybersecurity requirements in the CRA (2023): https://fluchsfriction.medium.com/what-cybersecurity-standards-will-products-in-the-eu-soon-have-to-meet-590854ba3c8c3️⃣ Overview of the essential requirements outlined in the CRA (2024): https://fluchsfriction.medium.com/what-the-cyber-resilience-act-requires-from-manufacturers-0ee0b917d2094️⃣ Overview of the global product security regulation landscape and how the CRA fits into it (2024): https://fluchsfriction.medium.com/product-security-regulation-in-2024-93ddc6dd89005️⃣ Good-practice example for the "information and instructions to the user," one of the central documentations that need to be written for CRA compliance and the only one that must be provided to the product's users (2024): https://fluchsfriction.medium.com/how-to-be-cra-compliant-and-make-your-critical-infrastructure-clients-happy-441ecd859f52⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity: 

Guest and HostGuest: Precious Perez, President at RAMPD | On LinkedIn: https://www.linkedin.com/in/precious-perez-a0548915b/ | Website: https://preciousperezmusica.com/Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesThe intersection of music, technology, and accessibility is shaping how artists create, perform, and share their work. In this episode of Music Evolves, host Sean Martin speaks with singer, songwriter, and educator Precious Perez, a Berklee College of Music graduate with degrees in music education and vocal performance. As a blind Latina artist and disability advocate, Perez shares her journey in music, the role of technology in her creative process, and how she works to increase opportunities for musicians with disabilities.A Life Shaped by MusicPerez's passion for music started early, surrounded by the diverse sounds of her Puerto Rican household. From salsa and reggaeton to R&B and pop, her exposure to various genres helped shape her identity as an artist. She recalls her first songwriting experience in fourth grade, when she transformed a poem into a song with the help of a music teacher. That moment solidified her desire to pursue music professionally, leading her to Berklee, where she refined her skills in both performance and education.As a blind musician, Perez explains how she interacts with music differently from sighted artists. She describes her early experiences learning Braille music and how tactile memory plays a role in understanding composition. While she primarily relies on her ear, her knowledge of Braille notation helps her analyze rhythm and structure in a unique way.Technology as a Tool for InclusionFor Perez, technology has been both a gateway and a challenge. She demonstrates how she uses a BrailleSense note taker, a device that allows her to type lyrics and read them in Braille while composing. She also shares how screen reading software enables her to navigate recording software like Logic Pro and Pro Tools, ensuring she can produce and edit her music independently.Beyond the studio, accessibility in live performance is another key consideration. Whether using in-ear monitors or giving cues to her bandmates through verbal or physical signals, Perez emphasizes that clear communication and collaboration make performances seamless.Advocating for Disability Representation in MusicPerez is also the president of RAMPD (Recording Artists and Music Professionals with Disabilities), an organization founded by recording artist Lachi and NPR Tiny Desk Contest winner Gaelynn Lea. RAMPD is dedicated to amplifying disability culture, promoting accessibility, and ensuring that disabled artists have equitable opportunities in the music industry. The organization consults with major industry events like the Grammys, NAMM, and Folk Alliance to improve accessibility and representation.She stresses that disability is an often-overlooked part of diversity and that anyone, at any time, could join this community due to illness, injury, or aging. Through RAMPD, Perez and her colleagues are breaking down barriers and proving that disabled musicians are just as competitive and professional as their peers.A New Era of MusicPerez is embracing a new era in her music, blending her Latin roots with her pop and R&B influences. She performs her latest song, Rosé, a Spanish-language track about embracing the present moment with a loved one despite life's difficulties. With plans to record a new project with We Could Be Music in Costa Rica, she is leaning into the Latin music space in a way she has always envisioned.Her story is one of resilience, innovation, and passion. From navigating music education as a blind student to advocating for industry-wide accessibility, Perez is proving that talent and determination—not sight—define an artist's success.Listen to the full episode to hear Precious Perez's insights on technology, performance, and advocacy in music.SponsorsAre you interested in sponsoring this show or placing an ad in the podcast?Sponsorship

Organizations build and deploy applications at an unprecedented pace, but security is often an afterthought. This episode of ITSPmagazine's Brand Story features Jim Manico, founder of Manicode Security, in conversation with hosts Sean Martin and Marco Ciappelli. The discussion explores the current state of application security, the importance of developer training, and how organizations can integrate security from the ground up to drive better business outcomes.The Foundation of Secure DevelopmentJim Manico has spent decades helping engineers and architects understand and implement secure coding practices. His work with the Open Web Application Security Project (OWASP), including contributions to the OWASP Top 10 and the OWASP Cheat Sheet Series, has influenced how security is approached in software development. He emphasizes that security should not be an afterthought but a fundamental part of the development process.He highlights OWASP's role in providing documentation, security tools, and standards like the Application Security Verification Standard (ASVS), which is now in its 5.0 release. These resources help organizations build secure applications, but Manico points out that simply having the guidance available isn't enough—engineers need the right training to apply security principles effectively.Why Training MattersManico has trained thousands of engineers worldwide and sees firsthand the impact of hands-on education. He explains that developers often lack formal security training, which leads to common mistakes such as insecure authentication, improper data handling, and vulnerabilities in third-party dependencies. His training programs focus on practical, real-world applications, allowing developers to immediately integrate security into their work.Security training also helps businesses beyond just compliance. While some companies initially engage in training to meet regulatory requirements, many realize the long-term value of security in reducing risk, improving product quality, and building customer trust. Manico shares an example of a startup that embedded security from the beginning, investing heavily in training early on. That approach helped differentiate them in the market and contributed to their success as a multi-billion-dollar company.The Role of AI and Continuous LearningManico acknowledges that the speed of technological change presents challenges for security training. Frameworks, programming languages, and attack techniques evolve constantly, requiring continuous learning. He has integrated AI tools into his training workflow to help answer complex questions, identify knowledge gaps, and refine content. AI serves as an augmentation tool, not a replacement, and he encourages developers to use it as an assistant to strengthen their understanding of security concepts.Security as a Business EnablerThe conversation reinforces that secure coding is not just about avoiding breaches—it is about building better software. Organizations that prioritize security early can reduce costs, improve reliability, and increase customer confidence. Manico's approach to education is about empowering developers to think beyond compliance and see security as a critical component of software quality and business success.For organizations looking to enhance their security posture, developer training is an investment that pays off. Manicode Security offers customized training programs to meet the specific needs of teams, covering topics from secure coding fundamentals to advanced application security techniques. To learn more or schedule a session, Jim Manico can be reached at Jim@manicode.com.Tune in to the full episode to hear more insights from Jim Manico on how security training is shaping the future of application security.Learn more about Manicode: https://itspm.ag/manicode-security-7q8iNote: This story contains promotional content. Learn more.Guest: Jim Manico, Founder and Secure Coding Educator at Manicode Security | On Linkedin: https://www.linkedin.com/in/jmanico/ResourcesDownload the Course Catalog: https://itspm.ag/manicode-x684Learn more and catch more stories from Manicode Security: https://www.itspmagazine.com/directory/manicode-securityAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In an era where personal and professional lives are increasingly intertwined in the digital realm, the security of high-profile individuals extends far beyond corporate firewalls. Executives, board members, and high-net-worth individuals face growing threats not just to their businesses but also to their families and personal lives. The convergence of cybersecurity and physical security has never been more evident, and BlackCloak is at the forefront of addressing this modern challenge.In this episode of ITSPmagazine's Brand Story series, hosts Marco Ciappelli and Sean Martin sit down with Dr. Chris Pierson, CEO and Founder of BlackCloak, to explore the increasing risks posed by cybercriminals, data brokers, and even nation-state actors, all of whom exploit publicly available information to orchestrate real-world threats. With the rise of doxing, swatting, and targeted attacks on corporate leadership, it is clear that safeguarding digital identities is no longer optional—it is essential.Dr. Pierson shares insights on how BlackCloak's concierge approach blends cutting-edge technology with a personalized human touch, ensuring that executives and their families can navigate the digital world securely. From removing personal information from data broker websites to mitigating deep web threats, BlackCloak's unique approach focuses on proactive protection rather than reactive crisis management. The conversation also touches on recent high-profile security breaches and their implications, highlighting the urgent need for businesses to extend cybersecurity measures beyond the enterprise network.As digital and physical threats continue to merge, organizations must rethink their approach to executive security. This episode is a wake-up call for leaders who may underestimate the exposure they and their families face. Tune in to learn why digital executive protection is no longer a luxury but a necessity, and how BlackCloak is setting the standard for safeguarding the modern executive.For those looking to take control of their digital privacy and security, visit BlackCloak.io and connect with Dr. Chris Pierson on LinkedIn. The intersection of cybersecurity and personal safety is here—how prepared are you?Learn more about BlackCloak: https://itspm.ag/itspbcwebNote: This story contains promotional content. Learn more. Guest: Chris Pierson, Founder and CEO of BlackCloak | On Linkedin: https://www.linkedin.com/in/drchristopherpierson/ResourcesDownload the Whitepaper | Executive Protection at Home is the Major Gap in Cybersecurity: https://itspm.ag/blackcue74Learn more and catch more stories from BlackCloak: https://www.itspmagazine.com/directory/blackcloakAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The intersection of cybersecurity and healthcare is more critical than ever, as technology continues to shape the way patient care is delivered. At HIMSS 2025 in Las Vegas, we sat down with Lee Kim, Senior Principal of Cybersecurity and Privacy at HIMSS, to discuss the pressing security challenges facing healthcare organizations, the role of artificial intelligence, and the balance between innovation and risk.AI in Healthcare: Promise and PerilArtificial intelligence is rapidly being adopted across the healthcare sector, yet many organizations still lack structured governance around its use. Kim highlights the “wild west” nature of AI adoption, where policies are either non-existent or underdeveloped, creating risks related to privacy, data security, and patient outcomes. While AI-powered diagnostic tools, like those used in radiology, have the potential to improve patient care by identifying critical conditions early, blind trust in AI-generated results presents serious risks. Without proper oversight, reliance on AI could lead to incorrect medical decisions, putting patient safety in jeopardy.Cybersecurity Gaps in Healthcare OrganizationsOne of the biggest concerns in healthcare cybersecurity is the over-reliance on security tools without a clear strategy. Many organizations invest in the latest technology but neglect foundational security practices, such as governance, policy development, and staff training. Kim points out that less than half of cybersecurity budgets are allocated to governance, leading to disorganized security programs.Another persistent challenge is the human factor. Social engineering and phishing attacks remain the top attack vectors, exploiting the inherent culture of healthcare professionals who are trained to help and trust others. Organizations must focus on proactive security measures, such as regular training and simulated attacks, to reduce human error and strengthen defenses.The Financial and Operational RealityBudget constraints continue to be a challenge, particularly for smaller hospitals and community healthcare providers. While larger organizations may have more resources, cybersecurity spending often focuses on acquiring new tools rather than optimizing existing defenses. Kim stresses the importance of a balanced approach—investing in both technology and governance to ensure long-term resilience.Another concern is the increasing dependence on third-party services and cloud-based AI tools. If these services become too expensive or go offline, healthcare organizations may face operational disruptions. The lack of contingency planning, such as backup vendors or alternative systems, leaves many institutions vulnerable to supply chain risks.Building a More Resilient Healthcare Security ModelAs technology continues to drive innovation in healthcare, organizations must adopt a proactive cybersecurity stance. Business impact analyses, vendor risk assessments, and tabletop exercises should be standard practice to prepare for disruptions. Kim also raises the idea of cyber mutual aid—a model similar to emergency medical mutual aid, where healthcare organizations collaborate to support each other in times of crisis.HIMSS 2025 provides a forum for these critical conversations, bringing together global healthcare leaders to share insights, challenges, and solutions. For those interested in diving deeper, the HIMSS Cybersecurity Survey is available online, offering a comprehensive look at the current state of healthcare security.To hear the full discussion on these topics and more, listen to the episode featuring Lee Kim, Sean Martin, and Marco Ciappelli from HIMSS 2025 On Location.Guest: Lee Kim, Senior Principal of Cybersecurity and Privacy at HIMSS | On LinkedIn: https://www.linkedin.com/in/leekim/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsHITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more and catch more stories from HIMSS 2025 coverage: https://www.itspmagazine.com/himss-2025-health-technology-and-cybersecurity-event-coverage-las-vegasHIMSS 2024 Cybersecurity Report: https://www.himss.org/resources/himss-healthcare-cybersecurity-survey/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

⬥GUEST⬥Jake Braun, Acting Principal Deputy National Cyber Director, The White House | On LinkedIn: https://www.linkedin.com/in/jake-braun-77372539/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin⬥EPISODE NOTES⬥Cybersecurity is often framed as a battle between attackers and defenders, but what happens when hackers take on a different role—one of informing policy, protecting critical infrastructure, and even saving lives? That's the focus of the latest Redefining Cybersecurity podcast episode, where host Sean Martin speaks with Jake Braun, former Acting Principal Deputy National Cyber Director at the White House and current Executive Director of the Cyber Policy Initiative at the University of Chicago.Braun discusses The Hackers' Almanack, a project developed in partnership with DEF CON and the Franklin Project to document key cybersecurity findings that policymakers, industry leaders, and technologists should be aware of. This initiative captures some of the most pressing security challenges emerging from DEF CON's research community and translates them into actionable insights that could drive meaningful policy change.DEF CON, The Hackers' Almanack, and the Franklin ProjectDEF CON, one of the world's largest hacker conferences, brings together tens of thousands of security researchers each year. While the event is known for its groundbreaking technical discoveries, Braun explains that too often, these findings fail to make their way into the hands of policymakers who need them most. That's why The Hackers' Almanack was created—to serve as a bridge between the security research community and decision-makers who shape regulations and national security strategies.This effort is an extension of the Franklin Project, named after Benjamin Franklin, who embodied the intersection of science and civics. The initiative includes not only The Hackers' Almanack but also a volunteer-driven cybersecurity support network for under-resourced water utilities, a critical infrastructure sector under increasing attack.Ransomware: Hackers Filling the Gaps Where Governments Have StruggledOne of the most striking sections of The Hackers' Almanack examines the state of ransomware. Despite significant government efforts to disrupt ransomware groups, attacks remain as damaging as ever. Braun highlights the work of security researcher Vangelis Stykas, who successfully infiltrated ransomware gangs—not to attack them, but to gather intelligence and warn potential victims before they were hit.While governments have long opposed private-sector hacking in retaliation against cybercriminals, Braun raises an important question: Should independent security researchers be allowed to operate in this space if they can help prevent attacks? This isn't just about hacktivism—it's about whether traditional methods of law enforcement and national security are enough to combat the ransomware crisis.AI Security: No Standards, No Rules, Just ChaosArtificial intelligence is dominating conversations in cybersecurity, but according to Braun, the industry still hasn't figured out how to secure AI effectively. DEF CON's AI Village, which has been studying AI security for years, made a bold statement: AI red teaming, as it exists today, lacks clear definitions and standards. Companies are selling AI security assessments with no universally accepted benchmarks, leaving buyers to wonder what they're really getting.Braun argues that industry leaders, academia, and government must quickly come together to define what AI security actually means. Are we testing AI applications? The algorithms? The data sets? Without clarity, AI red teaming risks becoming little more than a marketing term, rather than a meaningful security practice.Biohacking: The Blurry Line Between Innovation and BioterrorismPerhaps the most controversial section of The Hackers' Almanack explores biohacking and its potential risks. Researchers at the Four Thieves Vinegar Collective demonstrated how AI and 3D printing could allow individuals to manufacture vaccines and medical devices at home—at a fraction of the cost of commercial options. While this raises exciting possibilities for healthcare accessibility, it also raises serious regulatory and ethical concerns.Current laws classify unauthorized vaccine production as bioterrorism, but Braun questions whether that definition should evolve. If underserved communities have no access to life-saving treatments, should they be allowed to manufacture their own? And if so, how can regulators ensure safety without stifling innovation?A Call to ActionThe Hackers' Almanack isn't just a technical report—it's a call for governments, industry leaders, and the security community to rethink how we approach cybersecurity, technology policy, and even healthcare. Braun and his team at the Franklin Project are actively recruiting volunteers, particularly those with cybersecurity expertise, to help protect vulnerable infrastructure like water utilities.For policymakers, the message is clear: Pay attention to what the hacker community is discovering. These findings aren't theoretical—they impact national security, public safety, and technological advancement in ways that require immediate action.Want to learn more? Listen to the full episode and explore The Hackers' Almanack to see how cybersecurity research is shaping the future.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥The DEF CON 32 Hackers' Almanack: https://thehackersalmanack.com/defcon32-hackers-almanackDEF CON Franklin Project: https://defconfranklin.com/ | On LinkedIn: https://www.linkedin.com/company/def-con-franklin/DEF CON: https://defcon.org/Cyber Policy Initiative: https://harris.uchicago.edu/research-impact/initiatives-partnerships/cyber-policy-initiative⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity: 

Title: The Art of Being Random, Ravioli In London, Having Unscripted Conversations, and Writing Magical Short Stories for Kids and the Young at Heart Some people meticulously plan their podcasts, carefully outlining each segment, scripting the perfect transitions, and staying laser-focused on a central theme.This is not that podcast. Nope!Welcome to Random and Unscripted, where Sean Martin and Marco Ciappelli hit record and let the conversation take on a life of its own. No structure, no rules—just whatever happens to pop into their heads. And, as it turns out, quite a lot pops in.In this latest episode, we kick things off with a deep philosophical debate about… hats. Specifically, the mysterious origins of Sean's recently rediscovered headwear, which may or may not be Australian (or possibly extraterrestrial). Naturally, this segues into a discussion on the architecture of New York and London, the peculiar planning rules that keep St. Paul's Cathedral in view, and, of course, eating amazing ravioli. Because why not? It's ravioli! What's the matter with you?!From there, things take a turn into the creative process behind Storie Sotto Le Stelle, the podcast and story series Marco has been creating with his mother. What started as a way to preserve small-town grocery store memories turned into a whimsical collection of tales featuring talking shoes, mad cats, colorful bicycle races, enchanted gardens, and even a robot studying humanity from an observatory made of glass. Sean marvels at the sheer volume of stories Marco's mom has written (over 40 in the pipeline!), while Marco contemplates the life choices that led to him having yet another unpaid creative job. LOL!Somewhere along the way, they also tackle the nature of creativity, the fine line between genius and madness, and whether there's a market for on-demand, custom-made stories (spoiler: Marco is not taking commissions… yet. Go ahead, make him an offer).In true Random and Unscripted fashion, we wrap things up with musings on personal passions—writing, music, storytelling, and the simple joy of doing something just because it makes life more interesting. It's the kind of conversation best enjoyed over coffee, a glass of wine, or while wearing a completely unnecessary but highly stylish hat.New episodes drop when they drop. Expect the unexpected.Guest links:

The latest On Location with Sean Martin and Marco Ciappelli episode takes listeners behind the scenes of the NAMM 2025 show, featuring a vibrant discussion with John Mlynczak, NAMM President and CEO. The conversation is not just a recap of an incredible event but a celebration of music's enduring power and the evolving role of technology in the music industry.A Legacy of Music and CommunityFounded in 1901, NAMM (National Association of Music Merchants) has become the world's largest trade association representing the musical products industry. John Mlynczak shares how NAMM operates year-round to support manufacturers, retailers, and music educators through research, advocacy, and events. The annual NAMM show is the pinnacle of this work, gathering thousands of music makers, industry professionals, and artists to spark creativity and innovation.Technology Meets TraditionOne of the episode's key themes is the blend of modern technology with nostalgic sounds. The 2025 NAMM show showcased groundbreaking technologies, from AI-driven music tools to hardware-software collaborations. Mlynczak discusses how companies are innovating to create real-time processing tools, allowing musicians to produce music faster and more intuitively than ever before. He emphasizes that the goal is not to replace traditional methods but to enhance creativity and make music more accessible to all.The Power of InspirationNAMM's mission to create more music makers worldwide is a central focus. Mlynczak explains how the NAMM Foundation supports educational programs across all ages, from K-12 schools to community groups and adult learners. The foundation's work aims to ensure everyone has the opportunity to explore music, whether through formal education or new digital tools that lower the barrier to entry.A Moment to Remember: Jon Batiste at NAMMA standout moment from the show was Mlynczak's interview with Grammy-winning artist Jon Batiste [https://youtu.be/Lfq35enGq58]. Initially uncertain, the conversation transformed into a genuine exchange about music's influence and the industry's impact on artists. This interaction highlighted NAMM's broader vision of not just serving as a trade show but as a cultural hub that fosters creativity and community.Looking Ahead to NAMM 2026The episode concludes with anticipation for NAMM 2026, scheduled for January 20-24 in Anaheim, California. As Sean, Marco, and John reflect on this year's successes, they invite listeners to join them next year to explore the intersection of music, technology, and inspiration.Tune in to The Music Evolves Podcast to dive deeper into these insights and discover how NAMM continues to shape the future of music. Be sure to stay tuned for more On Location with Sean Martin and Marco Ciappelli as they cover more technology and society events around the world.Guest: John Mlynczak, President and CEO of NAMM | View Website | Visit NAMMHost: Sean Martin, Co-Founder at ITSPmagazine Podcasts and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martinHost: Marco Ciappelli, Co-Founder at ITSPmagazine Podcasts and Host of Redefining Society and Technology Podcast | On ITSPmagazine: https://www.itspmagazine.com/marco-ciappelli____________________________This Episode's SponsorsTo learn about event coverage sponsorship options, please visit https://itspm.ag/event-coverage-package____________________________ResourcesCatch more stories from NAMM Show 2025 coverage: https://itspmagazine.com/the-2025-namm-show-namm-music-conference-music-technology-event-coverage-anaheim-californiaNAMM Organization: https://www.namm.org/The NAMM Show 2025: https://www.namm.org/thenammshow/attendMusic Evolves: Sonic Frontiers Newsletter | The 2025 NAMM Show: Honoring Tradition, Pioneering the Future: https://www.linkedin.com/pulse/2025-namm-show-honoring-tradition-pioneering-future-sean-martin-6jcge/Music Evolves Episode | The debut episode of Music Evolves explores how technology is transforming music creation, performance, and production, with insights from the NAMM Show 2025____________________________Catch all of our event coverage:https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Music Evolves stories on ITSPmagazine, visit:https://www.itspmagazine.com/music-evolves-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

During the HIMSS Global Conference 2025 in Las Vegas, Sean Martin and Marco Ciappelli sat down with Ryan Patrick, Vice President of Adoption at HITRUST, for an insightful conversation about cybersecurity and risk management in healthcare. Rather than a traditional recap of the conference session, this discussion delved into the critical role HITRUST plays in helping healthcare organizations navigate regulatory requirements, manage risk, and ensure patient safety through robust cybersecurity practices.Bridging Regulation and Real-World ApplicationRyan Patrick shared that HITRUST has spent over 17 years translating federal healthcare regulations into actionable frameworks for organizations. His role involves educating the market about HITRUST's initiatives while continuously learning from industry feedback. This bi-directional exchange ensures that HITRUST's frameworks and controls remain relevant and effective. Patrick emphasized the importance of HITRUST's dynamic approach, highlighting that their framework is updated quarterly to address the latest cybersecurity threats. This frequency sets HITRUST apart from other frameworks like HIPAA, which, despite being nearly 30 years old, struggles to keep pace with modern challenges.Real Results: 2025 Trust Report HighlightsOne of the standout points of the conversation was the 2025 HITRUST Trust Report. The data is compelling—while roughly 45% of organizations reported breaches last year, less than 1% of HITRUST-certified environments experienced incidents. The 2025 report shows this number decreasing even further to 0.59%. According to Patrick, this success is driven by HITRUST's focus on threat intelligence and its rigorous assurance mechanism, which goes beyond checkbox compliance to ensure controls are effective and actively reducing risk.Addressing AI and Emerging TechnologiesWith AI being a hot topic at HIMSS, Patrick discussed HITRUST's proactive approach to managing AI risks. In December 2024, HITRUST introduced an AI security certification designed to help organizations securely integrate AI technologies. This certification follows HITRUST's established quality assurance model, offering the same level of scrutiny and validation as its other programs. Patrick likened the current AI landscape to the early days of cloud computing—initial uncertainty followed by widespread adoption, underscoring the need for secure practices as the technology matures.Listen to the Full ConversationThis episode offers more than just surface-level insights. Ryan Patrick's perspectives on risk management, the measurable success of HITRUST frameworks, and the thoughtful approach to AI in healthcare cybersecurity provide valuable takeaways for professionals looking to enhance their security posture. Tune in to the full episode for an in-depth look at how HITRUST is setting new standards in healthcare cybersecurity and what organizations can do to stay ahead of the curve.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guest: Ryan Patrick, Vice President of Adoption at HITRUST | On LinkedIn: https://www.linkedin.com/in/ryan-patrick-3699117a/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsLearn more and catch more stories from HITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more and catch more stories from HIMSS 2025 coverage: https://www.itspmagazine.com/himss-2025-health-technology-and-cybersecurity-event-coverage-las-vegasHITRUST 2025 Trust Report: https://itspm.ag/hitrusz49c____________________________Catch all of our event coverage: https://www.itspmagazine.com/on-locationTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Recorded during ThreatLocker Zero Trust World 2025 in Orlando, this episode of the On Location series features an engaging conversation with Alex Benton, Special Projects at ThreatLocker. Benton shares insights from his Metasploit lab, a beginner-friendly session that demonstrates the power of tools like Metasploit and Nmap in cybersecurity. The lab's objective is clear: to illustrate how easily unpatched systems can be exploited and reinforce the critical need for consistent patch management.Understanding the Metasploit LabBenton explains how participants in the lab learned to execute a hack manually before leveraging Metasploit's streamlined capabilities. The manual process involves identifying vulnerable machines, gathering IP addresses, examining open ports, and assessing software vulnerabilities. With Metasploit, these steps become as simple as selecting an exploit and running it, underscoring the tool's efficiency.A key demonstration in the lab involved Eternal Blue, the exploit associated with the WannaCry virus in 2017. Benton emphasizes how Metasploit simplifies this complex attack, highlighting the importance of maintaining patched systems to prevent similar vulnerabilities.The Real-World Implications of Unpatched SystemsThe discussion dives into the risks posed by cybercriminals who use tools like Metasploit to automate attacks. Benton points out that malicious actors often analyze patch notes to identify potential vulnerabilities and create scripts to exploit unpatched systems quickly. The conversation touches on the dark web's role in providing detailed information about exposed systems, making it even easier for attackers to target vulnerable machines.Lessons from WannaCryThe episode revisits the WannaCry incident, where a vulnerability in Windows systems led to a global cybersecurity crisis. Benton recounts how outdated systems and the absence of a strong security culture created an environment ripe for exploitation. He also shares the story of cybersecurity researchers, including Marcus Hutchins, who played pivotal roles in mitigating the virus's impact by identifying and activating its kill switch.Tune in to Learn MoreThis episode offers valuable insights into cybersecurity practices, the dangers of unpatched environments, and the tools that both ethical hackers and cybercriminals use. Listen in to gain a deeper understanding of how to secure your systems and why proactive security measures are more crucial than ever.Guest: Alex Benton, Special Projects at ThreatLocker | On LinkedIn: https://www.linkedin.com/in/alex-benton-b805065/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this episode of the On Location series recorded for HIMSS 2025 in Las Vegas, hosts Marco Ciappelli and Sean Martin sit down with Albe Zakes, Director of Strategic Communications at HIMSS, to discuss the transformative impact of technology on healthcare and the upcoming conference's role in driving innovation. HIMSS, a global society of health and technology professionals, brings together leaders, clinicians, practitioners, and innovators to harness the power of information and technology for improved patient outcomes and expanded access to healthcare.A Focus on Collaboration Over ExpertiseZakes emphasizes a significant shift in how the HIMSS conference operates. While traditional conferences often rely on a top-down approach with speakers sharing insights, HIMSS is increasingly prioritizing collaboration. The 2025 event will feature expanded networking opportunities and dedicated breaks to foster real-time partnerships and relationships that can extend beyond the conference. The approach underscores the organization's belief in the “symbiotic triangle” of people, technology, and process—highlighting that technology alone is not enough without empowering the people who use it.Exploring Key Topics: AI, Cybersecurity, and Health EquityArtificial intelligence (AI) is set to take center stage at HIMSS 2025, reflecting its transition from a speculative technology to a practical tool reshaping healthcare. With dozens of educational sessions dedicated to AI, the conference will explore how clean data and strong governance are critical to unlocking AI's potential in improving healthcare delivery.Cybersecurity is another major focus, with a dedicated Healthcare Cybersecurity Forum and a Cybersecurity Command Center on the exhibit floor. Notably, former U.S. Cyber Command and NSA Director General Paul Nakasone will deliver a keynote on maintaining security in an AI-driven world. The emphasis on cybersecurity aligns with the critical need to protect patient data and maintain trust within the healthcare ecosystem.Zakes also highlights the Health Equity Forum, which aligns with HIMSS's mission to ensure that technology advancements translate into equitable healthcare access. The forum will gather leaders from governments and nonprofits worldwide to discuss strategies to improve health equity globally.Innovation and Emerging TechnologiesThe conference aims to showcase not only established tech giants like Oracle and AWS but also emerging companies and startups. The “First-Time Exhibitors Pavilion” and the “Emerge Innovation Experience” will offer opportunities for attendees to engage with new technologies and ideas. The Emerge Innovation Experience will feature a pitch contest and networking events for entrepreneurs and investors, driving forward-thinking solutions in healthcare technology.The Power of People, Technology, and ProcessThis episode offers a glimpse into the critical themes that will dominate HIMSS 2025, providing valuable insights into how technology, collaboration, and innovation are reshaping healthcare. With thought-provoking discussions on AI, cybersecurity, and health equity, listeners are invited to explore how these advancements impact not only healthcare systems but also society at large. Tune in to hear more about the initiatives and opportunities at HIMSS 2025, and how you can be part of the conversation shaping the future of healthcare.Guest: Albe Zakes, Director of Strategic Communications at HIMSS | On LinkedIn: https://www.linkedin.com/in/albezakes/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsTo learn about event coverage sponsorship options, please visit https://itspm.ag/event-coverage-package____________________________ResourcesLearn more and catch more stories from HIMSS 2025 coverage: https://www.itspmagazine.com/on-location____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

The latest episode of the On Location series, recorded at ThreatLocker's Zero Trust World 2025 in Orlando, brings forward a deep and practical conversation about implementing Zero Trust principles in real-world environments. Hosted by Marco Ciappelli and Sean Martin, this episode features Avi Solomon, CIO of a law firm with nearly 30 years in IT and a strong focus on cybersecurity.The Journey to Proactive SecurityAvi Solomon shares his experience transitioning from traditional security models to a proactive, preventive approach with ThreatLocker. With a background in engineering, consulting, and security (CISSP certified), Solomon outlines his initial concerns with reactive endpoint detection and response (EDR) solutions. While EDR tools act as a secondary insurance policy, he emphasizes the need for a preventive layer to block threats before they manifest.Solomon's firm adopted ThreatLocker a year ago, replacing a legacy product to integrate its proactive security measures. He highlights the platform's maturation, including network control, storage control, application whitelisting, and cloud integration. The shift was not only a technological change but also a cultural one, aligning with the broader philosophy of Zero Trust—approaching security with a mindset that nothing within or outside the network should be trusted by default.Implementing Zero Trust with EaseA standout moment in the episode is Solomon's recount of his implementation process. His conservative approach included running ThreatLocker in observation mode for two months before transitioning fully to a secure mode. When the switch was finally flipped, the result was remarkable—zero disruptions, no pushback from users, and a smooth transition to a less risky security posture. Solomon attributes this success to ThreatLocker's intuitive deployment and adaptive learning capabilities, which allowed the system to understand normal processes and minimize false positives.Redefining Zero Trust: “Near Zero Trust”Solomon introduces a pragmatic take on Zero Trust, coining the term “Near Zero Trust” (NZT). While achieving absolute Zero Trust is an ideal, Solomon argues that organizations should strive to get as close as possible by layering strategic solutions. He draws a clever analogy comparing Zero Trust to driving safely before relying on a seatbelt—proactive behavior backed by reactive safeguards.Tune in to the full episode to explore more of Avi Solomon's insights, hear stories from the conference floor, and learn practical approaches to embedding Zero Trust principles in your organization's security strategy.Guest: Avi Solomon, Chief Information Officer at Rumberger | Kirk | On LinkedIn: https://www.linkedin.com/in/aviesolomon/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

At ThreatLocker's Zero Trust World 2025 in Orlando, Kieran Human, Special Projects Engineer at ThreatLocker, showcased the practical dangers of everyday cybersecurity threats through engaging, hands-on labs. Attendees, ranging from CISOs to IT technicians, were offered the chance to experience real-world hacking scenarios using devices like the infamous “rubber ducky.”The Rubber Ducky ExperienceThe rubber ducky, which resembles a standard USB drive, acts as a keyboard when plugged into a computer, executing automated scripts. Human demonstrated how this device could disable Windows Defender, exfiltrate data, and execute scripts—highlighting how accessible hacking tools have become. Attendees left with both new knowledge and their own rubber ducky, reinforcing the event's educational impact.From Learning to DefenseThe lab sessions underscored the importance of understanding threats to effectively defend against them. Human emphasized that cybersecurity isn't just for seasoned professionals; even attendees with minimal experience learned how to execute data exfiltration and bypass security protocols within an hour. This revelation stressed the necessity of robust security measures, even for general IT professionals who may not specialize in cybersecurity.Mitigating Threats with ThreatLockerThreatLocker's solutions, including features like ring-fencing PowerShell and applying layered protections, were showcased as effective countermeasures. Human explained how ThreatLocker's tools could prevent malicious scripts from accessing the internet or sensitive folders, offering a tangible defense against the types of attacks demonstrated in the labs.Looking AheadLooking toward next year, Human hinted at more advanced demonstrations, potentially including ransomware scenarios. This forward-thinking approach aligns with ThreatLocker's commitment to preparing IT and security professionals for the evolving challenges they face.Why This MattersThe episode captures how ThreatLocker is not just educating but empowering IT and security professionals. By providing a controlled environment to experience cyberattacks firsthand, the event bridged the gap between theory and practice. Listen to the full episode for insights into how these experiences translate into actionable strategies for building stronger, more resilient cybersecurity defenses.Guest: Kieran Human, Special Projects Engineer at ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Mike and Katelyn did their first DEKA event at Underdog Fitness in Wallingford, CT to support Kevin "Bubbles the Clowne" Gregory and his wife and co-owner Jess!  Not only was Kevin a coach for Mike for about a year but Underdog Fitness is known to be a prominent gym in the DEKA community.  Due to both of those reasons, Mike wanted to continue his support for the gym by driving down to Hartford, CT and covering the first official DEKA ATLAS! You'll hear from some athletes who competed in the DEKA STRONG and their thoughts on the new DEKA ATLAS event before we talk to the first 11 out of 12 people to officially do the DEKA ATLAS! Check out DEKA and their many events including the DEKA ATLAS, as well as the gym and community who hosted this event, Underdog Fitness! Start – 3:28 – Intro 3:28 – 11:39 – Quick News 11:39 – 14:06 – Content Preface 14:06 – 1:19:12 - Interviews (Joe Rucco, Kortney and Sean Martin, Kaitlyn Troy, Joe Michael, Billy Richards, Hudson Maynard, Matt Duval, Billy Nowitzke and Zack Morello, Katie Brown, Adam Mazorski, AJ Lang, Kevin Gregory, Kayla Cittadino) 1:19:12 – End – Outro Next weekend we either will air an interview with an author or go and cover the Boston Outdoor Expo!  ____ News Stories: Join Us @ ROXFIT hosted by Mud Sweat Tears Crossfit Use Code ADVENTURE for 15% off your next ObstacleWonderland Weekend Stijn Graduated New England OCR Expo Code Update Chandler Smith Not Competing in Crossfit Jakob Ingebrigtsen World Record Jakob Ingebrigtsen Another World Record Jessica Gregory's Grandmother Team Achilles Application for Sydney Marathon Melissa Linden 1K Followers Thomas Van Tonder Injury National Parks in Danger Level 99 Going to Disney Springs Badass Lady Gang is Hiring Andrew Robinson Injury VJ Ultra 3 Announced Muddy Princess Medals World's Toughest Mudder Prize Money Update The OCR Report Needs Rabbits for Jacksonville Drinking Darts Secret Link Bigfoot Scare Secret Link Senior Prank Secret Link Deadpan Zoo Secret Link Birthday Bus Secret Link ____ Related Episodes: 235. Bubbles the Clowne aka Kevin Gregory on Underdog Fitness, Deka Strong, and More! 362. Deka World Championships with Kevin Gregory! 379. Deka Mile Live Coverage at Underdog Fitness! ____ The OCR Report Patreon Supporters: Jason Dupree, Kim DeVoss, Samantha Thompson, Matt Puntin, Brad Kiehl, Charlotte Engelman, Erin Grindstaff, Hank Stefano, Arlene Stefano, Laura Ritter, Steven Ritter, Sofia Harnedy, Kenny West, Cheryl Miller, Jessica Johnson, Scott "The Fayne" Knowles, Nick Ryker, Christopher Hoover, Kevin Gregory Jr., Evan Eirich, Ashley Reis, Brent George, Justin Manning, Wendell Lagosh, Logan Nagle, Angela Bowers, Asa Coddington, Thomas Petersen, Seth Rinderknecht, Bonnie Wilson, and Steve Bacon from The New England OCR Expo. Sponsored Athletes: Javier Escobar, Kelly Sullivan, Ryan Brizzolara, Joshua Reid, and Kevin Gregory! Support us on Patreon for exclusive content and access to our Facebook group Check out our Threadless Shop Use coupon code "adventure" for 15% off MudGear products Use coupon code "ocrreport20" for 20% off Caterpy products Like us on Facebook: Obstacle Running Adventures Follow our podcast on Instagram: @ObstacleRunningAdventures Write us an email: obstaclerunningadventures@gmail.com Subscribe on Youtube: Obstacle Running Adventures Intro music - "Streaker" by: Straight Up Outro music - "Iron Paw" by: Dubbest

At ThreatLocker Zero Trust World 2025 in Orlando, Art Ocain, VP of Cybersecurity & Incident Response at Airiam, shared valuable insights into applying zero trust principles to incident response. The conversation, hosted by Marco Ciappelli and Sean Martin, highlighted the critical role of zero trust in preparing for and managing security incidents.The Zero Trust Mindset in Incident Response Ocain discussed how zero trust methodology—embracing the principles of "assume breach" and "always verify, never trust"—can significantly enhance incident response strategies. Instead of merely securing the perimeter or endpoints, his approach involves identifying and protecting core systems through micro-segmentation and robust identity management. By securing each component individually, organizations can minimize the impact of potential breaches.For example, Ocain described a scenario where segmenting a SQL server from an application server could prevent data loss during an attack. Even if an application server is compromised, critical data remains secure, allowing quicker recovery and continuity of operations.Dynamic Containment Strategies Ocain emphasized the importance of dynamic containment when responding to incidents. Traditional methods, such as using Endpoint Detection and Response (EDR) tools, are effective for forensic analysis but may not stop active threats quickly. Instead, he advocated for an "allow list only" approach that restricts access to systems and data, effectively containing threats while maintaining critical business functions.In practice, when Ocain is called into a crisis, he often implements a deny-by-default solution to isolate compromised systems. This strategy allows him to perform forensics and bring systems back online selectively, ensuring threat actors cannot access recovered systems.Balancing Security with Business Needs A significant challenge in adopting zero trust is gaining executive buy-in. Ocain noted that executive teams often push back against zero trust measures, either out of a desire for convenience or because of misconceptions about its impact on business culture. His approach involves demonstrating real-world scenarios where zero trust could mitigate damage during breaches. By focusing on critical systems and showing the potential consequences of compromised identities or systems, Ocain effectively bridges the gap between security and business priorities.A Cultural Shift Toward Security The discussion also touched on the cultural shift required to fully integrate zero trust into an organization. Zero trust is not just a technological framework but a mindset that influences how every employee views access and security. Through scenario-driven exercises and engaging executive teams early in the process, Ocain helps organizations transition from a "department of no" mentality to a collaborative, security-first culture.Listen to the full episode to explore more strategies on implementing zero trust in incident response and how to align security initiatives with business goals.Guest: Art Ocain, VP of Cybersecurity & Incident Response at Airiam | On LinkedIn: https://www.linkedin.com/in/artocain/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

This episode of the “On Location” series, recorded during ThreatLocker Zero Trust World 2025 in Orlando, features an insightful conversation with Amanda Makowsky, Solution Engineer at ThreatLocker. Amanda shares how ThreatLocker maintains a human touch in cybersecurity while delivering robust solutions for organizations of all sizes.The Human Element in TechnologyAmanda explains how ThreatLocker emphasizes human interaction from the first demo through implementation and beyond. When potential customers engage with ThreatLocker, they are assigned a dedicated Solution Engineer as their technical point of contact. Amanda highlights how this relationship extends beyond the sales process, ensuring partners have continuous support as they mature their security environments. Whether working with small businesses or large enterprises, the focus remains on personalized service and hands-on assistance.Support That Stands OutThreatLocker's commitment to human-centric support is evident through its 24/7 live helpdesk, staffed by real people in Orlando, Florida. Amanda notes the goal of responding to chat requests within a minute, providing immediate support without relying on bots or automated responses. This approach fosters trust and ensures that customers, regardless of their organization's size, receive timely and effective help.Customization and Real-World ImpactAmanda shares how every partner's environment is unique, requiring tailored solutions to accommodate different software, hardware, and operational needs. She emphasizes the importance of building specific and intentional roles within ThreatLocker's systems to match the diverse environments of their partners. The impact of this customization is profound, as partners express a sense of security that allows them to “sleep better at night.”Listen to this episode to explore how ThreatLocker combines technology with human connection, offering a refreshing perspective in the cybersecurity industry.Guest

At ThreatLocker Zero Trust World 2025 in Orlando, Chase Cunningham, often referred to as “Dr. Zero Trust,” delivered a thought-provoking session titled The Grand Delusion. The event, filled with IT professionals, managed service providers (MSPs), and small to midsize business (SMB) leaders, provided the perfect backdrop for a candid discussion about the state of cybersecurity and the real-world application of Zero Trust strategies.Challenging the Status QuoCunningham emphasized the need for businesses to adopt realistic cybersecurity practices that align with their resources and needs. He pointed out the pitfalls of smaller organizations attempting to emulate enterprise-level security strategies without the necessary infrastructure. “Cyber shouldn't be any different” than outsourcing taxes or other specialized tasks, he explained, advocating for MSPs and external services as practical solutions.Zero Trust as a Strategy, Not Just a TermThe session underscored that Zero Trust is not merely a buzzword but a strategic approach to security. Cunningham stressed the importance of questioning the validity of industry claims and seeking concrete data to support cybersecurity initiatives. He encouraged attendees to avoid being “delusional” by blindly accepting security solutions without a critical evaluation of their impact and effectiveness.Actionable Steps for Small BusinessesCunningham shared practical advice for implementing Zero Trust principles within smaller organizations. He recommended focusing on foundational controls like identity and access management, micro-segmentation, and application allow and block lists. He noted that achieving security is a journey, requiring a structured, strategic approach and an acceptance that immediate results are unlikely.The Future of Zero TrustLooking ahead, Cunningham expressed optimism about the continued evolution of Zero Trust. He highlighted its growing global significance, with his upcoming engagements in Taiwan, Colombia, and Europe serving as evidence of its widespread adoption. Ultimately, he framed Zero Trust as not only a business imperative but a fundamental human right in today's digital world.Tune in to this episode to hear more insights from Chase Cunningham and explore what Zero Trust means for businesses of all sizes.Guest

Zero Trust World 2025: Strengthening Cybersecurity Through Zero TrustZero Trust World 2025 has come to a close, leaving behind a series of thought-provoking discussions on what it truly means to build a culture of security. Hosted by ThreatLocker, the event brought together security professionals, IT leaders, and decision-makers to explore the complexities of Zero Trust—not just as a concept but as an operational mindset.A Deep Dive into Windows Security and Zero Trust

Zero Trust World 2025 is officially underway, and the conversation centers around what it means to build a culture of security. Hosted by ThreatLocker, this event brings together security professionals, IT leaders, and decision-makers to explore the complexities of Zero Trust—not just as a concept but as an operational mindset.Defining Zero Trust in PracticeSean Martin and Marco Ciappelli set the stage with a key takeaway: Zero Trust is not a one-size-fits-all solution. Each organization must define its own approach based on its unique environment, leadership structure, and operational needs. It is not about a single tool or quick fix but about establishing a continuous process of verification and risk management.A Focus on Security OperationsSecurity operations and incident response are among the core themes of this year's discussions. Speakers and panelists examine how organizations can implement Zero Trust principles effectively while maintaining business agility. Artificial intelligence, its intersection with cybersecurity, and its potential to both strengthen and challenge security frameworks are also on the agenda.Learning Through EngagementOne of the standout aspects of Zero Trust World is its emphasis on education. From hands-on training and certification opportunities to interactive challenges—such as hacking a device to win it—attendees gain practical experience in real-world security scenarios. The event fosters a culture of learning, with participation from help desk professionals, CIOs, CTOs, and cybersecurity practitioners alike.The Power of CommunityBeyond the technical discussions, the event underscores the importance of community. Conferences like these are not just about discovering new technologies or solutions; they are about forging connections, sharing knowledge, and strengthening the collective approach to security.Zero Trust World 2025 is just getting started, and there's much more to come. Stay tuned as Sean and Marco continue to bring insights from the conference floor, capturing the voices that are shaping the future of cybersecurity.Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Guests and HostGuest: Larry Jaffee, Author, Journalist, Professor, and Co-Founder of Making Vinyl | On LinkedIn: https://www.linkedin.com/in/larry-jaffee-1379bb2/Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martinShow NotesVinyl records have experienced one of the most unexpected resurgences in music history. Once considered obsolete, the format has reestablished its presence in the music sales market, attracting collectors, audiophiles, and younger generations discovering the medium for the first time. On this episode of Music Evolves, host Sean Martin is joined by Larry Jaffee, journalist, author, and co-founder of Making Vinyl, to explore the past, present, and future of vinyl records.The History and Evolution of VinylLarry Jaffee's passion for music began early, shaped by childhood experiences with radio, tape recorders, and eventually, his first turntable. His journey mirrors that of recorded music itself—from early reel-to-reel tapes and cassettes to the dominance of LPs. Jaffee explains how vinyl records initially took hold in the 1940s, replacing fragile shellac 78s, and how the industry saw its first format war between Thomas Edison's cylinders and Emil Berliner's flat disc records.By the 1980s, however, vinyl was rapidly losing ground to compact discs, and later, digital streaming. The shift was largely driven by convenience, corporate pressure, and the record industry's aggressive push for higher-priced CDs. As labels stopped accepting returns on LPs, retailers began phasing them out. Yet, as Jaffee points out, the format never truly disappeared. Audiophile labels, collectors, and independent artists kept vinyl alive, setting the stage for its resurgence decades later.The Vinyl RevivalVinyl's comeback has been driven by multiple factors, including nostalgia, superior sound quality, and a renewed appreciation for physical media. Jaffee highlights Record Store Day, the annual event launched in 2008 that played a key role in reigniting public interest in records. Starting with just a dozen exclusive releases and a high-profile in-store appearance by Metallica, Record Store Day quickly gained traction, attracting major labels and leading to hundreds of special vinyl releases each year.Independent artists and labels have also embraced vinyl as a way to connect with fans and generate revenue. Unlike streaming, where payouts are minimal, selling a physical album—especially directly to fans—can be a major source of income for musicians. Jaffee notes that younger generations are playing a key role in sustaining the trend, with millennial and Gen Z listeners making up a growing portion of vinyl buyers.Sound Quality and the Vinyl ExperienceOne of the biggest debates in music is whether vinyl actually sounds better than digital formats. While some argue that CDs and high-resolution digital files offer cleaner sound, vinyl enthusiasts appreciate the warmth, depth, and dynamic range that analog recordings provide. The experience of playing a record—removing it from the sleeve, placing it on the turntable, and carefully dropping the needle—also adds a tactile, immersive element that digital music lacks.Jaffee discusses how vinyl manufacturing has improved in recent years, with pressing plants refining quality control and experimenting with new formulations, including colored and marbled vinyl. However, the resurgence has also exposed industry bottlenecks, with pressing plants struggling to keep up with demand.The Future of Vinyl: Sustainability and InnovationAs vinyl production increases, concerns about its environmental impact have also grown. Traditional records are made from polyvinyl chloride (PVC), a material that Greenpeace considers among the most harmful plastics. Jaffee is now involved in efforts to create plant-based, sustainable alternatives, and his team recently produced their first eco-friendly record using a new biodegradable material.With new pressing plants opening, younger audiences embracing the format, and innovations in sustainability, vinyl's future looks promising. While digital music remains dominant, the continued demand for physical media proves that records are more than just a nostalgic novelty—they offer an experience that streaming cannot replicate.Listen to the Full EpisodeLarry Jaffee's deep knowledge of music history, industry shifts, and the cultural significance of vinyl makes this an essential episode for music fans. Tune in to Music Evolves to hear more about the making of records, the role of packaging and design, and what's next for the format that refuses to fade.SponsorsAre you interested in sponsoring this show or running ad placement in the podcast?Sponsorship

How do black and white and color influence the way we perceive images? In this episode, Marco Ciappelli and Sean Martin examine the role of black-and-white and color in film, photography, and visual storytelling. The conversation moves through history, from silent films to modern cinema, touching on the technological and artistic decisions that shape how we experience visuals.The Psychology of Color in FilmCiappelli shares insights from the Academy Museum's Color Emotion: Chromatic Exploration of Cinema exhibit, which explores how filmmakers use color to create mood and evoke emotion. The discussion highlights the transition from black-and-white films to color and how directors leverage lighting, camera technology, and costume choices to enhance storytelling. The Wizard of Oz, a defining moment in cinematic history, is discussed as a key example—the shift from black-and-white Kansas to the Technicolor world of Oz wasn't just a technical innovation but an intentional artistic decision.Black-and-White as an Artistic ChoiceMartin, who also has a background in photography, reflects on how black-and-white imagery forces viewers to focus on different elements—contrast, shadows, and composition—rather than being distracted by color. He notes that black-and-white isn't just about nostalgia; it's often used to create a sense of timelessness or emphasize emotional depth. The conversation extends to legendary photographer Ansel Adams, whose landscapes showcase how black-and-white photography can transform light and texture into a powerful visual experience.Photography and the Role of Digital ManipulationThe episode also touches on how digital photography has changed the creative process. The ability to capture dozens of images in seconds and manipulate them in post-production raises questions about authenticity. Is there more artistic value in an image that is captured perfectly in the moment, or is post-processing just another tool in the creative toolbox?This thought-provoking conversation connects film, photography, and personal experience, inviting listeners to reconsider how they engage with visual storytelling.Tune in to hear more about the relationship between black, white, and color in the way we see the world.

⬥GUESTS⬥Sandy Dunn, Consultant Artificial Intelligence & Cybersecurity, Adjunct Professor Institute for Pervasive Security Boise State University | On Linkedin: https://www.linkedin.com/in/sandydunnciso/Rock Lambros, CEO and founder of RockCyber | On LinkedIn | https://www.linkedin.com/in/rocklambros/Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martinView This Show's Sponsors⬥EPISODE NOTES⬥The rise of large language models (LLMs) has reshaped industries, bringing both opportunities and risks. The latest OWASP Top 10 for LLMs aims to help organizations understand and mitigate these risks. In a recent episode of Redefining Cybersecurity, host Sean Martin sat down with Sandy Dunn and Rock Lambros to discuss the latest updates to this essential security framework.The OWASP Top 10 for LLMs: What It Is and Why It MattersOWASP has long been a trusted source for security best practices, and its LLM-specific Top 10 is designed to guide organizations in identifying and addressing key vulnerabilities in AI-driven applications. This initiative has rapidly gained traction, becoming a reference point for AI security governance, testing, and implementation. Organizations developing or integrating AI solutions are now evaluating their security posture against this list, ensuring safer deployment of LLM technologies.Key Updates for 2025The 2025 iteration of the OWASP Top 10 for LLMs introduces refinements and new focus areas based on industry feedback. Some categories have been consolidated for clarity, while new risks have been added to reflect emerging threats.• System Prompt Leakage (New) – Attackers may manipulate LLMs to extract system prompts, potentially revealing sensitive operational instructions and security mechanisms.• Vector and Embedding Risks (New) – Security concerns around vector databases and embeddings, which can lead to unauthorized data exposure or manipulation.Other notable changes include reordering certain risks based on real-world impact. Prompt Injection remains the top concern, while Sensitive Information Disclosure and Supply Chain Vulnerabilities have been elevated in priority.The Challenge of AI SecurityUnlike traditional software vulnerabilities, LLMs introduce non-deterministic behavior, making security testing more complex. Jailbreaking attacks—where adversaries bypass system safeguards through manipulative prompts—remain a persistent issue. Prompt injection attacks, where unauthorized instructions are inserted to manipulate output, are also difficult to fully eliminate.As Dunn explains, “There's no absolute fix. It's an architecture issue. Until we fundamentally redesign how we build LLMs, there will always be risk.”Beyond Compliance: A Holistic Approach to AI SecurityBoth Dunn and Lambros emphasize that organizations need to integrate AI security into their overall IT and cybersecurity strategy, rather than treating it as a separate issue. AI governance, supply chain integrity, and operational resilience must all be considered.Lambros highlights the importance of risk management over rigid compliance: “Organizations have to balance innovation with security. You don't have to lock everything down, but you need to understand where your vulnerabilities are and how they impact your business.”Real-World Impact and AdoptionThe OWASP Top 10 for LLMs has already been widely adopted, with companies incorporating it into their security frameworks. It has been translated into multiple languages and is serving as a global benchmark for AI security best practices.Additionally, initiatives like HackerPrompt 2.0 are helping security professionals stress-test AI models in real-world scenarios. OWASP is also facilitating industry collaboration through working groups on AI governance, threat intelligence, and agentic AI security.How to Get InvolvedFor those interested in contributing, OWASP provides open-access resources and welcomes participants to its AI security initiatives. Anyone can join the discussion, whether as an observer or an active contributor.As AI becomes more ingrained in business and society, frameworks like the OWASP Top 10 for LLMs are essential for guiding responsible innovation. To learn more, listen to the full episode and explore OWASP's latest AI security resources.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥OWASP GenAI: https://genai.owasp.org/Link to the 2025 version of the Top 10 for LLM Applications: https://genai.owasp.org/llm-top-10/Getting Involved: https://genai.owasp.org/contribute/OWASP LLM & Gen AI Security Summit at RSAC 2025: https://genai.owasp.org/event/rsa-conference-2025/AI Threat Mind Map: https://github.com/subzer0girl2/AI-Threat-Mind-MapGuide for Preparing and Responding to Deepfake Events: https://genai.owasp.org/resource/guide-for-preparing-and-responding-to-deepfake-events/AI Security Solution Cheat Sheet Q1-2025:https://genai.owasp.org/resource/ai-security-solution-cheat-sheet-q1-2025/HackAPrompt 2.0: https://www.hackaprompt.com/⬥ADDITIONAL INFORMATION⬥✨ To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist on YouTube:

IT and security teams are under constant pressure to streamline operations while maintaining strong security and compliance. In this Brand Story episode, Chase Doelling, Principal Strategist at JumpCloud, shares insights from the company's latest SME IT Trends Report. The discussion highlights key trends, challenges, and opportunities that IT teams face, particularly in small and medium-sized businesses (SMBs).The Role of IT in Business OperationsDoelling emphasizes the increasing responsibility placed on IT teams. Historically seen as cost centers, IT and security functions are now recognized as critical to business success. More organizations are merging IT and security efforts, ensuring that security considerations are built into every decision rather than being addressed reactively.A major takeaway from the report is the shift toward decentralization in IT decision-making. Departments are increasingly adopting tools independently, leading to an explosion of software-as-a-service (SaaS) applications. While this autonomy can boost efficiency, it also creates risks. Shadow IT—where employees use unauthorized tools—has become a top concern, with 88% of organizations identifying it as a risk.AI, Security, and IT InvestmentThe report also reveals a growing divide in AI adoption. Organizations are either moving aggressively into AI initiatives or staying completely on the sidelines. Those embracing AI often integrate it into security and IT operations, balancing innovation with risk management.Budget trends indicate that IT spending is rising, with security tools accounting for a significant portion. The need for robust cybersecurity measures has pushed organizations to prioritize visibility, access management, and compliance. A notable shift is occurring in remote and hybrid work models. While remote work surged in previous years, only 9% of organizations now report being fully remote. This return to office environments introduces new IT challenges, particularly in managing networks and devices across hybrid workplaces.How JumpCloud Supports IT TeamsJumpCloud's platform simplifies IT and security operations by unifying identity and access management, device management, and security policies. One key challenge IT teams face is visibility—knowing who has access to what systems and ensuring compliance with security policies. JumpCloud's approach allows organizations to manage users and devices from a single platform, reducing complexity and improving security posture.An example of JumpCloud's impact is its ability to detect and manage SaaS usage. If an employee tries to use an unauthorized tool, JumpCloud can guide them toward an approved alternative, preventing security risks without stifling productivity. This balance between security and efficiency is essential, particularly for SMBs that lack dedicated security teams.Looking Ahead: IT and Security ConvergenceDoelling teases upcoming research that will explore the relationship between IT and security teams. With these functions blending more than ever, organizations need insights into how to align strategies, resources, and budgets effectively.For IT and security professionals navigating a landscape of increased threats, shifting work environments, and AI-driven innovation, the insights from JumpCloud's research provide a valuable benchmark. To gain a deeper understanding of these trends and their implications, listen to the full episode and explore the latest SME IT Trends Report.Note: This story contains promotional content. Learn more. Guest: Chase Doelling, Principal Strategist, JumpCloud [@JumpCloud], On LinkedIn | https://www.linkedin.com/in/chasedoelling/ResourcesLearn more about JumpCloud and their offering: https://itspm.ag/jumpcloud-pg7zTo download the SME IT Trends Report: https://itspm.ag/jumpcljqywCatch more stories from JumpCloud at https://www.itspmagazine.com/directory/jumpcloudAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Most people dream of visiting Italy for its rich history, world-renowned food, and breathtaking landscapes. But what happens when a trip is more than just sightseeing? In this episode of Random and Unscripted, Sean shares his deeply personal journey through Italy—one that wasn't about ticking destinations off a list but about rediscovering roots, embracing spontaneity, and letting the experience shape itself.Trains, Food, and Ancestral ConnectionsWhat starts as a casual discussion quickly turns into a story about traveling through Italy by train, stopping in places both famous and obscure, and experiencing the country in an unstructured, immersive way. Sean recounts his journey from Pisa to Sicily, highlighting the unexpected moments that made the trip unforgettable—like eating fresh mozzarella and tomatoes straight from local markets or navigating train strikes with a mix of patience and humor.But this wasn't just a trip for the sake of travel. It was a return to his family's origins, a search for something deeper. In Palermo, Sean attempts to track down official birth records of his ancestors, stepping into a municipal building filled with centuries-old documents. Meanwhile, in a small Sicilian town, a chance encounter at a local café connects him to a relative by marriage, proving that sometimes, history has a way of finding you.The Beauty of Unplanned TravelThere's something about wandering without a rigid itinerary that leads to the most unexpected discoveries. Whether it's finding the best gelato in Salerno, getting swept up in a local festival, or realizing that his great-grandfather's name is inscribed on a town's war memorial, Sean's experience proves that travel isn't just about places—it's about stories.This episode isn't just about Italy. It's about the joy of unscripted moments, the importance of stepping off the beaten path, and the power of exploring where you come from. If you've ever thought about taking a trip just to see where the road leads, this conversation might be the push you need.Listen now and let the randomness take you somewhere unexpected.Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martinMore Random and Unscripted Podcast content: https://www.randomandunscripted.comRandom and Unscripted Podcast  playlist on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllQx7EJswMWTfaTdzzU3Dh1RITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazineBe sure to share and subscribe!

Zero Trust World 2025, hosted by ThreatLocker, is fast approaching (February 19-21), bringing together security professionals, IT leaders, and business executives to discuss the principles and implementation of Zero Trust. Hosted by ThreatLocker, this event offers a unique opportunity to explore real-world security challenges and solutions.In a special On Location with Sean and Marco episode recorded ahead of the event, Ryan Bowman, VP of Solutions Engineering at ThreatLocker, shares insights into his upcoming session, The Dangers of Shadow IT. Shadow IT—the use of unauthorized applications and systems within an organization—poses a significant risk to security, operations, and compliance. Bowman's session aims to shed light on this issue and equip attendees with strategies to address it effectively.Understanding Shadow IT and Its RisksBowman explains that Shadow IT is more than just an inconvenience—it's a growing challenge for businesses of all sizes. Employees often turn to unauthorized tools and services because they perceive them as more efficient, cost-effective, or user-friendly than the official solutions provided by IT teams. While this may seem harmless, the reality is that these unsanctioned applications create serious security vulnerabilities, increase operational risk, and complicate compliance efforts.One of the most pressing concerns is data security. Employees using unauthorized platforms for communication, file sharing, or project management may unknowingly expose sensitive company data to external risks. When employees leave the organization or access is revoked, data stored in these unofficial systems can remain accessible, increasing the risk of breaches or data loss.Procurement issues also play a role in the Shadow IT problem. Bowman highlights cases where organizations unknowingly pay for redundant software services, such as using both Teams and Slack for communication, leading to unnecessary expenses. A lack of centralized oversight results in wasted resources and fragmented security controls.Zero Trust as a MindsetA recurring theme throughout the discussion is that Zero Trust is not just a technology or a product—it's a mindset. Bowman emphasizes that implementing Zero Trust requires organizations to reassess their approach to security at every level. Instead of inherently trusting employees or systems, organizations must critically evaluate every access request, application, and data exchange.This mindset shift extends beyond security teams. IT leaders must work closely with employees to understand why Shadow IT is being used and find secure, approved alternatives that still support productivity. By fostering open communication and making security a shared responsibility, organizations can reduce the temptation for employees to bypass official IT policies.Practical Strategies to Combat Shadow ITBowman's session will not only highlight the risks associated with Shadow IT but also provide actionable strategies to mitigate them. Attendees can expect insights into:• Identifying and monitoring unauthorized applications within their organization• Implementing policies and security controls that balance security with user needs• Enhancing employee engagement and education to prevent unauthorized technology use• Leveraging solutions like ThreatLocker to enforce security policies while maintaining operational efficiencyBowman also stresses the importance of rethinking traditional IT stereotypes. While security teams often impose strict policies to minimize risk, they must also ensure that these policies do not create unnecessary obstacles for employees. The key is to strike a balance between control and usability.Why This Session MattersWith organizations constantly facing new security threats, understanding the implications of Shadow IT is critical. Bowman's session at Zero Trust World 2025 will provide a practical, real-world perspective on how organizations can protect themselves without stifling innovation and efficiency.Beyond the technical discussions, the conference itself offers a unique chance to engage with industry leaders, network with peers, and gain firsthand experience with security tools in hands-on labs. With high-energy sessions, interactive learning opportunities, and keynotes from industry leaders like ThreatLocker CEO Danny Jenkins and Dr. Zero Trust, Chase Cunningham, Zero Trust World 2025 is shaping up to be an essential event for anyone serious about cybersecurity.For those interested in staying ahead of security challenges, attending Bowman's session on The Dangers of Shadow IT is a must.Guest: Ryan Bowman, VP of Solutions Engineering, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/ryan-bowman-3358a71b/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Guest:Jaqueline (JJ) JayneJJ has worked with people and technology for over 25 years, wearing multiple hats, resulting in an enviable breadth and depth of experience, insights and knowledge. She successfully led a security awareness and training program that resulted in a strong security culture and observable behaviour change. Over the last 5-years, JJ worked at KnowBe4, where she quickly established herself as a trusted voice in the region. Now, JJ consults and advises organisations, appears at conferences and events with her thought leadership, and provides insights across all forms of media.On LinkedIn: https://www.linkedin.com/in/jacquelinejayne/Website: https://www.jacquelinejayne.com.au_____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society & Technology PodcastVisit Marco's website