POPULARITY
Categories
This segment explores how automated microsegmentation addresses critical Zero Trust gaps overlooked by traditional access controls and legacy segmentation solutions. We'll examine the limitations of perimeter-based defenses in today's dynamic threat landscape and reveal how automated microsegmentation enhances network security beyond conventional firewalls. From cutting-edge innovations to expert insights, discover what security leaders should prioritize to stay ahead of evolving threats. This segment is sponsored by Zero Networks. Visit https://securityweekly.com/zerorsac to learn more about them! In this segment, Keyfactor CSO Chris Hickman takes stock of industry progress towards quantum-resistant cryptography. Using recent guidance from NIST and his company's data on which certificates and keys pose the largest threats to organization now, Chris unpacks what it means to be risk intelligent and quantum safe. Segment Resources: • Command Risk Intelligence press release: https://www.keyfactor.com/press-releases/keyfactor-unveils-worlds-first-certificate-risk-management-solution/ • Recent blog post on the transition to PQC: https://www.keyfactor.com/blog/getting-quantum-ready-why-2030-matters-for-post-quantum-cryptography/ To learn more about the road to being quantum ready, stop by Keyfactor's booth at the conference, number #748, or visit: https://securityweekly.com/keyfactorrsac As cyber threats become increasingly difficult to detect and the technology to combat them continues to evolve, organizations must be prepared to move faster than ever. Looking ahead, the rise of post-quantum computing will bring both new opportunities and challenges, further reshaping the cybersecurity landscape. With the launch of Entrust's Cryptographic Security Platform (announcement coming April 16th) as a backdrop, Jordan can discuss why all organizations – large and small – must prioritize post-quantum preparedness before it's too late. He can also address emerging fraud technologies (e.g., deepfakes, GenAI) and fraud attacks (account takeovers, synthetic identities, impersonation), which are drawing more attention to the need for cyber-resilient methods, such as post-quantum cryptography, to protect against new fraud risks in the digital future. This segment is sponsored by Entrust. Visit https://securityweekly.com/entrustrsac to learn more about them! As quantum computing advances, the security foundations of our digital world face unprecedented challenges. This session explores how integrating Public Key Infrastructure (PKI) and Domain Name System (DNS) technologies can fortify digital trust in the quantum era. We'll delve into strategies for transitioning to post-quantum cryptography, ensuring interoperability, and maintaining the integrity of digital communications. Join us to understand the roadmap for achieving quantum resilience and safeguarding the future of digital trust. Segment Resources: https://www.digicert.com/what-is-pki https://www.digicert.com/faq/dns https://www.digicert.com/faq/dns/what-is-dns https://www.linkedin.com/posts/amitsinhadigitaltrust-trustsummit-pki-activity-7315749270505037824-lUBf?utmsource=share&utmmedium=memberdesktop&rcm=ACoAAAC22mYBCeB_s0YvGTVQsGiChh7wRXa4jRg https://www.digicert.com/blog/compliance-the-foundation-of-digital-trust https://www.digicert.com/blog/digital-trust-as-an-it-imperative This segment is sponsored by DigiCert. Visit https://securityweekly.com/digicertrsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-397
MathWorks, Creator of MATLAB, Confirms Ransomware Attack Adidas warns of data breach after customer service provider hack Dutch Intelligence Agencies Say Russian Hackers Stole Police Data in Cyberattack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Tim Jacobs, vp, CISO, Commonwealth Care Alliance. In this episode: Starting from zero Prepare for decisive decisions Working back from unacceptable Discovering inefficiencies A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Malicious npm and VS Code packages stealing data Nova Scotia Power confirms ransomware attack Researchers claim ChatGPT o3 bypassed shutdown in controlled test Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Get featured on the show by leaving us a Voice Mail: https://bit.ly/MIPVM FULL SHOW NOTES https://www.microsoftinnovationpodcast.com/691 What happens when cybercrime becomes as organized—and profitable—as a Fortune 500 company? In this episode, Louis Arthur-Brown, a cybersecurity leader and solutions partner at CodeStone, pulls back the curtain on the evolving threat landscape. From ransomware-as-a-service to deepfake deception, Louis shares real-world insights and practical strategies for defending your organization in an AI-accelerated world. Whether you're a tech leader or a curious professional, this conversation will sharpen your security instincts and help you build resilience where it matters most. KEY TAKEAWAYS Cybercrime is industrialized: Ransomware-as-a-service and affiliate models make it easy for anyone—even non-technical actors—to launch attacks for as little as $50. AI is amplifying threats: A 1,300% rise in phishing emails last year is just the beginning. Deepfakes and voice cloning are reshaping social engineering tactics. MFA and basic hygiene go a long way: Implementing multi-factor authentication and conditional access can block up to 92% of cyberattacks. Zero Trust is essential: Organizations must move beyond the “walled garden” mindset and adopt a “never trust, always verify” approach to access and data. Data strategy is security strategy: Tools like Microsoft Purview and Windows 365 help classify, protect, and monitor sensitive data—especially in AI-enabled environments. RESOURCES MENTIONED
CISA warns Commvault clients of campaign targeting cloud applications Russian hacker group Killnet returns with slightly adjusted mandate Fake VPN and browser NSIS installers used to deliver Winos 4.0 malware Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
As InfoSecurity Europe prepares to welcome cybersecurity professionals from across the globe, Rob Allen, Chief Product Officer at ThreatLocker, shares why this moment—and this location—matters. Allen doesn't frame the conversation around hype or headlines. Instead, he focuses on a universal truth: organizations want to sleep better at night knowing their environments are secure.ThreatLocker's mission is grounded in achieving Zero Trust in a simple, operationally feasible way. But more than that, Allen emphasizes their value as enablers of peace of mind. Whether helping customers prevent ransomware attacks or meet regional regulatory requirements like GDPR or Australia's Essential Eight, the company is working toward real-world solutions that reduce complexity without sacrificing security. Their presence at events like InfoSecurity Europe is key—not just for outreach, but to hear directly from customers and partners about what's working and where they need help.Why Being There MattersDifferent regions have different pressures. In Australia, adoption surged without any local team initially on the ground—driven purely by alignment with the Essential Eight framework. In the UK, it's conversations about Cyber Essentials that shape booth discussions. Regulations aren't just compliance checklists; they're also conversation starters that change how organizations prioritize security.The ThreatLocker team doesn't rely on generic demos or vague promises. They bring targeted examples to the booth—like asking attendees if they know what software can be run on their machines without alerting anyone. If tools like remote desktop applications or archive utilities can be freely executed, attackers can use them too. This is where ThreatLocker steps in: controlling what runs, identifying what's necessary, and blocking what isn't.Booth D90 and BeyondRob Allen invites anyone—whether they're new to ThreatLocker or longtime users—to visit booth D90. The team, built with a mix of technical skill and humor (ask about the “second-best beard” in the company), is there to listen and help. It's not just about showcasing technology; it's about building relationships and reinforcing a shared goal: practical, proactive cybersecurity that makes a measurable difference.If you're at InfoSecurity Europe, stop by. If you're not, this episode offers a meaningful glimpse into why showing up—both physically and philosophically—matters in cybersecurity.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerCyber Essentials Guide: https://threatlocker.kb.help/threatlocker-and-cyber-essentials-compliance/?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interview_rob&utm_term=podcastAustralia's Essential Eight Guide: https://www.threatlocker.com/whitepaper/australia-essential-eight?utm_source=itsp&utm_medium=sponsor&utm_campaign=infosec_europe_pre_interview_rob_q2_25&utm_content=infosec_europe_pre_interviLearn more and catch more event coverage stories from Infosecurity Europe 2025 in London: https://www.itspmagazine.com/infosec25 ______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, infosec, compliance, ransomware, endpoint, regulation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
At RSAC Conference 2025, the conversation with Rob Allen, Chief Product Officer at ThreatLocker, centered on something deceptively simple: making cybersecurity effective by making it manageable.During this on-location recap episode, Rob shares how ThreatLocker cut through the noise of flashy booths and AI buzzwords by focusing on meaningful, face-to-face conversations with customers and prospects. Their booth was an open, no-frills space—designed for real dialogue, not distractions. What caught people's attention, though, wasn't the booth layout—it was a live demonstration of a PowerShell-based attack using a rubber ducky device. It visually captured how traditional tools often miss malicious scripts and how ThreatLocker's controls shut it down immediately. That kind of simplicity, Rob explains, is the real differentiator.Zero Trust Is a Journey—But It Doesn't Have to Be ComplicatedOne key message Rob emphasizes is that true security doesn't come from piling on more tools. Too many organizations rely on overlapping detection and response solutions, which leads to confusion and technical debt. “If you have five different jackets and they're all winter coats, you're not prepared for summer,” Sean Martin jokes, reinforcing Rob's point that layers should be distinct, not redundant.ThreatLocker's approach simplifies Zero Trust by focusing on proactive control—limiting what can execute or communicate in the first place. Rob also points to the importance of vendor consolidation—not just from a purchasing standpoint but from an operational one. With ThreatLocker, multiple security capabilities are built natively into a single platform with one agent and one portal, avoiding the chaos of disjointed systems.From Technical Wins to Human ConnectionsThe conversation wraps with a reminder that cybersecurity isn't just about tools—it's about the people and community that make the work worthwhile. Rob, Marco Ciappelli, and Sean Martin reflect on their shared experiences around the event and even the lessons learned over a slice of Detroit-style pizza. While the crust may have been debatable, the camaraderie and commitment to doing security better were not.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974⸻Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, rob allen, cybersecurity, zero trust, threat prevention, powerShell, vendor consolidation, rsac2025, endpoint security, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Federal Tech Podcast: Listen and learn how successful companies get federal contracts
Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com AFCEA'S TechNet Cyber conference held in Baltimore, Maryland was the perfect opportunity to sit down with Bryan Rosensteel, Head of Public Sector Marketing at Wiz. Wiz is the “new kid on the block,” and it has had tremendous growth. During the interview, Bryan Rosensteel shows how agentless approaches can improve visibility and assist with compliance. We all know how complexity has infiltrated federal technology. We have the usual suspect of Cloud Service Providers, hybrid clouds, private clouds, and, if that was not complicated enough, alt-clouds. As a result, it is almost impossible to get a “bird's eye” visibility to provide cyber security. Two main ways have been proposed to secure this much-desired system's view. Agent. One approach is to put a bit of code on each device, called an “agent” method. It is good for granular control, but can slow down a scan and must be maintained Agentless. Bryan Rosensteel from Wiz describes something called a “agentless” method to gain visibility into complex systems. This method leverages infrastructure and protocols to accomplish the scanning objective much faster. Bryan Rosensteel states that in a world of constant attacks, this faster method allows for rapid updates to threats. Beyond better observation, an agentless method, like the one provided by Wiz, allows for compliance automation, continuous monitoring, and sets the groundwork for effective Zero Trust implementation.
Podcast: OT Security Made SimpleEpisode: How to implement Zero Trust in OT environments? | OT Security Made SimplePub date: 2025-05-06Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZero Trust expert Stefan Sebastian talks us through the process of Zero Trust in critical OT networks like substations - and explains why this will be the make segmentation obsolete.The podcast and artwork embedded on this page are from Klaus Mochalski, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
S2E6: Zscaler Mythbusting Zero Trust: Rethinking Cybersecurity in Healthcare Host: Frank Cutitta Guests: Tamer Baker, Zscaler CTO, and Nate Couture, AVP-Information Security- CISO at The University of Vermont Health Network To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen
Cisco patches a level 10 vulnerability in IOS XE President nominates former Unilever CISO to be Pentagon CIO SonicWall patches a new zero-day vulnerability Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Dan Holden, CISO, BigCommerce Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Howard Holton, COO, Gigaom. Joining us is our sponsored guest, Rob Allen, chief product officer at ThreatLocker. In this episode: Reinforcing zero trust Focus on effectiveness Understanding zero trust limitations What's next Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
Welcome to Episode 401 of the Microsoft Cloud IT Pro Podcast. In this episode, Ben Stegink and Scott Hoag dive into the intricacies of implementing Zero Trust principles within Microsoft 365 environments. They explore the foundational aspects of Zero Trust, starting with identity management and the importance of Entra ID. They also cover: Identity Management: The critical role of identity in Zero Trust, including MFA, password policies, and least privilege access. Endpoint Security: Strategies for verifying and managing devices, including compliance checks and the balance between corporate and BYOD devices. Networking: The complexities of securing network traffic in a SaaS environment, including conditional access policies and the emerging Global Secure Access feature. Application Management: The role of Defender for Cloud in monitoring shadow IT and ensuring data security across various applications. Data Protection: Techniques for safeguarding sensitive information, including DLP policies and the upcoming network-level DLP capabilities. Join us as we unpack these topics and provide practical insights for enhancing your organization's security posture with Zero Trust. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Zero Trust deployment for technology pillars Securing identity with Zero Trust Secure endpoints with Zero Trust Secure endpoints with Zero Trust Secure applications with Zero Trust Secure data with Zero Trust Microsoft Zero Trust Assessment About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!
Europol shuts down six DDoS-for-hire services used in global attacks CrowdStrike says it will lay off 500 workers Passkeys set to protect GOV.UK accounts against cyber-attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
According to Tom Niehaus, Executive Vice President at CTG, securing your own organization is not enough to prevent attacks. "You might do the best job in the world," but if your suppliers or business associates aren't secure, "your organization remains vulnerable." In this video, Niehaus and Chad Alessi, Managing Director of Cybersecurity at CTG, discuss some of today's challenges and how Artificial Intelligence (AI) and Zero Trust can help.Alessi warns that threat actors are already weaponizing AI to probe networks for vulnerabilities at an unprecedented speed and scale. In response, he advocates for defensive AI systems that can analyze network behavior patterns and detect anomalies invisible to traditional security tools.Learn more about CTG: https://www.ctg.com/industries/healthcareHealth IT Community: https://www.healthcareittoday.com/
Congress challenges Noem over proposed CISA cuts Texas school district breach impacts over 47,000 people NSO Group to pay WhatsApp $167 million in damages Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
The 2023 FBI Internet Crime Report reveals that nearly 21% of ransomware attacks targeted the healthcare and public health sectors—making them the top victims. This week on Feds At The Edge, we explore how agencies can defend against these growing threats. Benjamin Koshy, Chief Information Security Officer and Director, Division of Information Security of Indian Health Service, explains the unique identity management challenge in healthcare: balancing open patient access with strict data protection. Keith Busby, Acting CISO at CMS, outlines how to go beyond Zero Trust with real-world risk assessments and robust incident response plans - not just a three-ring binder gathering dust on a shelf. And Alec Lizanetz, Identity Protection Specialist from CrowdStrike, emphasizes the importance of prioritizing threats and using frameworks like CISA's to respond efficiently. Tune in on your favorite podcasting platform today to hear practical, high-impact strategies to secure critical systems and protect patient care, perfect for healthcare leaders who must protect both data and lives.
Cyber warfare is no longer something that happens behind closed doors or in some far-off digital corner. It's happening now—and reshaping the rules of conflict in real time. Drone strikes controlled by apps, ransomware attacks on hospitals—today's battleground is just as likely to be online as on the ground. That science fiction scenario is now a critical, constant threat-the kind that affects us all globally. I'm really excited to introduce you to Dr. Chase Cunningham. He's a retired Navy chief cryptologist with a wealth of experience in cyber operations for the NSA, CIA, FBI—and more. He's the one who pioneered zero-trust security strategies and advises top decision-makers in government and private industry. That gives him a front-row seat to how digital warfare is evolving—and what that means for all of us. He's also the author of Cyber Warfare and the gAbriel Series, where his real-world expertise comes to life in stories that are chillingly plausible. We talk about how cyber conflict is already playing out in Ukraine, how different threat actors operate—and why critical infrastructure is such a tempting target. Chase shares practical advice on what individuals and small businesses can do to better protect themselves. We also look at what governments are doing to defend against these growing threats. That conversation is eye-opening-and urgent. You won't want to miss it. Show Notes: [01:21] Chase is a retired Navy Chief and a cryptologist. He also worked at the NSA. He also put Zero Trust in the formal practice at Forrester research. [03:24] We learn how Chase got involved with computer work and cryptology. [05:29] We're seeing cyber war play out in real time with Russia and Ukraine. [07:13] We talk about the future of war and drones. [08:31] Cyber warfare is just the natural evolution of conflict in the digital space. It's the bridge between espionage and kinetic activity. [09:40] Chase talks about the different actors in the cyber warfare space and their primary targets. [12:05] Critical infrastructure includes oil and gas, piping, water systems, healthcare, and even schools. [14:12] Some of the unique issues with dealing with the attacks from cyber criminals. [19:20] How the CCP plays 3D chess. [22:26] Reducing risk and protecting ourselves includes following best practices. [25:10] What the government is doing to try to mitigate cyber risk. [27:23] Chasing money and finding cyber crime. [32:04] A lot of valuable assets are being developed in the context of war. [35:06] Chase talks about some of the things he covers in his book. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Chase Cunningham - Dr. Zero Trust Dr. Chase Cunningham - LinkedIn Cyber Warfare – Truth, Tactics, and Strategies gAbrIel: A Novel in the gAbrIel Series Unrestricted Warfare: China's Master Plan to Destroy America
Signal clone gets hacked Sounding the alarm on easyjson Ransomware group takes credit for UK retail attacks Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
In this on-location episode recorded at the RSAC Conference, Sean Martin and Marco Ciappelli sit down once again with Rob Allen, Chief Product Officer at ThreatLocker, to unpack what Zero Trust really looks like in practice—and how organizations can actually get started without feeling buried by complexity.Rather than focusing on theory or buzzwords, Rob lays out a clear path that begins with visibility. “You can't control what you can't see,” he explains. The first step toward Zero Trust is deploying lightweight agents that automatically build a view of the software running across your environment. From there, policies can be crafted to default-deny unknown applications, while still enabling legitimate business needs through controlled exceptions.The Zero Trust Mindset: Assume Breach, Limit AccessRob echoes the federal mandate definition of Zero Trust: assume a breach has already occurred and limit access to only what is needed. This assumption flips the defensive posture from reactive to proactive. It's not about waiting to detect bad behavior—it's about blocking the behavior before it starts.The ThreatLocker approach stands out because it focuses on removing the traditional “heavy lift” often associated with Zero Trust implementations. Rob highlights how some organizations have spent years trying (and failing) to activate overly complex systems, only to end up stuck with unused tools and endless false positives. ThreatLocker's automation is designed to lower that barrier and get organizations to meaningful control faster.Modern Threats, Simplified DefensesAs AI accelerates the creation of polymorphic malware and low-code attack scripts, Zero Trust offers a counterweight. Deny-by-default policies don't require knowing every new threat—just clear guardrails that prevent unauthorized activity, no matter how it's created. Whether it's PowerShell scripts exfiltrating data or AI-generated exploits, proactive controls make it harder for attackers to operate undetected.This episode reframes Zero Trust from an overwhelming project into a series of achievable, common-sense steps. If you're ready to hear what it takes to stop chasing false positives and start building a safer, more controlled environment, this conversation is for you.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, rob allen, zero trust, cybersecurity, visibility, access control, proactive defense, ai threats, policy automation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In today's threat environment, it's not enough to back up your data—you have to be able to trust that those backups will be there when you need them. That's the message from Sterling Wilson, Field CTO at Object First, during his conversation at RSAC Conference 2025.Object First is purpose-built for Veeam environments, offering out-of-the-box immutability (OOTBI) with a hardened, on-premises appliance. The goal is simple but critical: make backup security both powerful and practical. With backup credentials often doubling as access credentials for storage infrastructure, organizations expose themselves to unnecessary risk. Object First separates those duties by design, reducing the attack surface and protecting data even when attackers have admin credentials in hand.Immutability as a Foundation—Not a FeatureThe conversation highlights data from a recent ESG study showing that 81% of respondents recognize immutable object storage as the most secure way to protect backup data. True immutability means data cannot be modified or deleted until a set retention period expires—an essential safeguard when facing ransomware or insider threats. But Sterling emphasizes that immutability alone isn't enough. Backup policies, storage access, and data workflows must be segmented and secured.Zero Trust for Backup InfrastructureZero trust principles—verify explicitly, assume breach, enforce least privilege—have gained ground across networks and applications. But few organizations extend those principles into the backup layer. Object First applies zero trust directly to backup infrastructure through what they call zero trust data resilience. That includes verifying credentials at every step and ensuring backup jobs can't alter storage configurations.A Real-World Test: Marysville School DistrictWhen Marysville School District suffered a ransomware attack, nearly every system was compromised—except the Object First appliance. The attacker had administrative credentials, but couldn't access or encrypt the immutable backups. Thanks to the secure design and separation of permissions, recovery was possible—demonstrating that trust in your backups can't be assumed; it must be enforced by design.Meeting Customers Where They AreTo support both partners and end customers, Object First now offers OOTBI through a consumption-based model. Whether organizations are managing remote offices or scaling their environments quickly, the new model provides flexibility without compromising security or simplicity.Learn more about Object First: https://itspm.ag/object-first-2gjlNote: This story contains promotional content. Learn more.Guest: Sterling Wilson, Field CTO, Object First | https://www.linkedin.com/in/sterling-wilson/ResourcesLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, sterling wilson, ransomware, immutability, backups, cybersecurity, zero trust, data protection, veeam, recovery, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
Microsoft ends Authenticator password autofill in favor of Edge StealC malware enhanced with stealth upgrades and data theft White House proposes cutting $491M from CISA budget Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
RSAC 2025 is a wrap. The expo floor is closed, the conversations have ended, and the gear is packed — but the reflections are just beginning. Throughout the week, Sean Martin and Marco Ciappelli had powerful discussions around AI, identity, platform security, partnerships, the evolving legal and VC landscapes, and the growing importance of multi-layered defense strategies. But one moment stood out. While we were recording outside the conference, someone walking by asked us, “Is the world secure now?” Our answer was simple: “We're working on it.” That exchange captured the spirit of the entire event — security is not a destination, it's an ongoing effort. We learn, we adapt, and we move forward faster than the future is coming at us. Thank you to everyone who made RSAC 2025 such a meaningful experience. Next stops: AppSec Global in Barcelona, Infosec Europe in London, Black Hat and DEF CON in Las Vegas — and more conversations across the hybrid analog digital society we all share. Until next time, keep building, keep connecting, and keep moving forward. ___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage___________KEYWORDSsean martin, marco ciappelli, rsac 2025, quantum, ai, grc, devsecops, zero trust, appsec, resilience, event coverage, on location, conference___________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
RSAC 2025 comes to an end. Canadian power company hit by cyberattack. Ascension Health discloses another breach. UK luxury department store Harrods discloses attempted cyberattack. Microsoft fixes bug flagging Gmail as spam. An unofficial version of the Signal app shared in photo. EU fines TikTok for violating GDPR with China data transfer. US Treasury to cut off Southeast Asian cybercrime key player. Passwordless by default coming your way. Our guest is Kevin Magee, from Microsoft, sharing a medley of interviews he gathered on the show floor of RSAC 2025. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. Kevin on the Street Joining us this week from RSAC 2025, we have our partner Kevin Magee, Global Director of Cybersecurity Startups at Microsoft for Startups. Kevin closes out RSAC 2025 with a high-energy medley of interviews straight from the show floor, packed with sharp insights and bold ideas from some of cybersecurity's standout voices. It's a dynamic and fast-paced finale to our RSAC coverage—and you can find links to all of the guests featured in the show notes. In this segment, you'll hear from Christopher Simm, CTO at Bulletproof; Dr. Chase Cunningham (aka Dr. Zero Trust), Chief Strategy Officer at Ericom Software; Helen Patton, cybersecurity advisor at Cisco; Jeremy Vaughan, CEO and co-founder of Start Left Security; and Tzvika Shneider, CEO of Pynt. You can also catch Kevin on our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur, then speak with three Microsoft for Startups members: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. Whether you are building your own startup or just love a good innovation story, listen and learn more here. Selected Reading Day 4 Recap: Closing Celebration with Alicia Keys, RSAC College Day, and What's Ahead for 2025 (RSAC Conference) Canadian Electric Utility Hit by Cyberattack (SecurityWeek) Ascension discloses second major cyber attack in a year (The Register) Harrods latest retailer to be hit by cyber attack (BBC) Microsoft fixes Exchange Online bug flagging Gmail emails as spam (Bleeping Computer) Mike Waltz Accidentally Reveals Obscure App the Government Is Using to Archive Signal Messages (404 Media) TikTok hit with 530 million euro privacy fine in investigation into China data transfer (AP News) Ukrainian extradited to US for alleged Nefilim ransomware attack spree (CyberScoop) US wants to cut off key player in Southeast Asian cybercrime industry (The Record) Microsoft makes all new accounts passwordless by default (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
UK retailer Co-Op suffers cyberattack FBI shares list of 42,000 LabHost phishing domains NSO group looking at hefty damages in WhatsApp case Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest DJ Schleen, Head of Security, Boats Group Thanks to our show sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. All links and the video of this episode can be found on CISO Series.com
Podcast: Error Code (LS 27 · TOP 10% what is this?)Episode: EP 61: Applying Zero Trust to OT systemsPub date: 2025-04-30Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationZero Trust is a security model based on default-deny policies and fine-grained access control governed by identity, authentication, and contextual signals. For RSAC 2025, John Kindervag, Chief Evangelist of Illumio and the creator of Zero Trust, talks about introducing a "protect surface" into legacy OT systems —isolating critical data, applications, assets, or services into secure zones for targeted Zero Trust implementation.The podcast and artwork embedded on this page are from Robert Vamosi, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
In this closing update for the day from the RSAC conference show floor, Sean Martin and Marco Ciappelli reflect on the energy, conversations, and technology shaping cybersecurity today—and what's coming next. With dozens of interviews under their belts, the duo shares what's standing out across sessions and show-floor discussions.Resilience has become a key destination, with innovation—especially around AI and quantum technologies—paving the way forward. Conversations touch on how security leaders are adjusting to new threat models, merging traditional disciplines like AppSec and DevSecOps with emerging areas such as vibe coding and container security. There's a clear sense that the dialogue has shifted: zero trust isn't just a topic; it's embedded across many conversations. AI is no longer speculative—it's embedded in discussions about GRC, automation, and security architecture.Sean brings a technical and operational lens, while Marco plans to explore the societal implications in future conversations—something noticeably less discussed this year, but still deeply relevant. With more content being edited and released over the next few days, the team invites listeners to stay tuned for articles, panels, and post-conference reflections.From San Francisco to London, Vegas, and maybe even Australia—this conversation is just getting started.___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage___________KEYWORDSsean martin, marco ciappelli, rsac 2025, quantum, ai, grc, devsecops, zero trust, appsec, resilience, event coverage, on location, conference___________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
What's the current state of the cybersecurity world? This week, Technology Now explores the biggest threats we currently face, the way companies and businesses are securing themselves, and the future of cybersecurity. Our reporter, Jaye Tillson, is at the RSA Conference in San Francisco where he is joined by Jon Green, Chief Technology Officer and Chief Security Officer at HPE Networking, John Spiegel, CTO of Security and HPE Distinguished Technologist, and Gram Ludlow, a Security Product Line Manager at HPE, to tell us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it.About our contributorsJaye Tillson: https://www.linkedin.com/in/jaye-tillson/Jon Green: https://www.linkedin.com/in/jongreen4John Spiegel: https://www.linkedin.com/in/john-spiegel-2011543/Gram Ludlow: https://www.linkedin.com/in/gramludlow/Sources:Statista report: https://www.statista.com/statistics/305027/revenue-global-security-technology-and-services-market/RSA Conference: https://www.rsaconference.com/about/Today I Learned: Stretchable batteries Mohsen Mohammadi et al., Make it flow from solid to liquid: Redox-active electrofluids for intrinsically stretchable batteries.Sci. Adv.11,eadr9010(2025).DOI:10.1126/sciadv.adr9010This week in history: https://www.pbs.org/transistor/background1/events/icinv.html https://www.americanscientist.org/article/intel-insider3
Tech behind the Trends on The Element Podcast | Hewlett Packard Enterprise
What's the current state of the cybersecurity world? This week, Technology Now explores the biggest threats we currently face, the way companies and businesses are securing themselves, and the future of cybersecurity. Our reporter, Jaye Tillson, is at the RSA Conference in San Francisco where he is joined by Jon Green, Chief Technology Officer and Chief Security Officer at HPE Networking, John Spiegel, CTO of Security and HPE Distinguished Technologist, and Gram Ludlow, a Security Product Line Manager at HPE, to tell us more.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week, hosts Michael Bird and Aubrey Lovell look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what can be learnt from it.About our contributorsJaye Tillson: https://www.linkedin.com/in/jaye-tillson/Jon Green: https://www.linkedin.com/in/jongreen4John Spiegel: https://www.linkedin.com/in/john-spiegel-2011543/Gram Ludlow: https://www.linkedin.com/in/gramludlow/Sources:Statista report: https://www.statista.com/statistics/305027/revenue-global-security-technology-and-services-market/RSA Conference: https://www.rsaconference.com/about/Today I Learned: Stretchable batteries Mohsen Mohammadi et al., Make it flow from solid to liquid: Redox-active electrofluids for intrinsically stretchable batteries.Sci. Adv.11,eadr9010(2025).DOI:10.1126/sciadv.adr9010This week in history: https://www.pbs.org/transistor/background1/events/icinv.html https://www.americanscientist.org/article/intel-insider3
Alleged ‘Scattered Spider' member extradited to U.S. Experts see little progress after major Chinese telecom hack Polish police take down impersonation scammers Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. For the stories behind the headlines, visit CISOseries.com.
Podcast: Industrial Cybersecurity InsiderEpisode: Bridging IT/OT & Securing ICS: Kevin Kumpf, Chief OT / ICS Security Strategist, CyoloPub date: 2025-04-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationDino welcomes Kevin Kumpf, Chief OT/ICS Security Strategist at Cyolo to this episode. They discuss the growing challenges and evolving strategies around cybersecurity in industrial environments. Kevin shares a seasoned perspective on bridging the gap between IT and OT, busting myths about Zero Trust certifications, and the dangers of underutilized security tools - or "shelfware." From real-world examples involving breweries, milk production, and energy plants, the conversation uncovers how lack of visibility, broken remote access practices, and aging systems create critical vulnerabilities. Most importantly, Kevin offers actionable advice for CISOs, CTOs, and plant managers on building resilient cybersecurity frameworks without disrupting operations. Don't miss this episode full of practical advice from industry experts.Chapters:00:00:00 - Kicking Off: Why OT Cybersecurity Can't Wait00:01:18 - Meet Kevin Kumpf: From Bank Vaults to Industrial Battlegrounds00:02:56 - Hard Truths About Securing Operational Technology00:06:42 - Shelfware Syndrome: Why Tools Fail Without Strategy00:12:09 - Plant Managers, Vendors, and the Battle for Cyber Resilience00:23:56 - Remote Access Exposed: The Hidden Risks Inside Your Plant00:30:58 - Closing Thoughts: Building Stronger, Smarter Industrial DefensesLinks And Resources:Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Zero Trust is a security model based on default-deny policies and fine-grained access control governed by identity, authentication, and contextual signals. For RSAC 2025, John Kindervag, Chief Evangelist of Illumio and the creator of Zero Trust, talks about introducing a "protect surface" into legacy OT systems —isolating critical data, applications, assets, or services into secure zones for targeted Zero Trust implementation.
Millions of Apple Airplay-Enabled Devices Can Be Hacked via Wi-Fi Google tracked 75 zero days exploited in the wild in 2024 France ties Russian APT28 hackers to 12 cyberattacks on French orgs Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
Today's modern network has placed identity management in the forefront to manage a plethora of landscapes – on and off prem, public and private, hybrid, and the new kid on the block, alt-clouds. This week on Feds At The Edge, we explore how the Defense Information Systems Agency (DISA) is leading the charge in modern identity management, once a backwater concept, to center stage, with its ambitious program, Thunderdome. Chris Pymm, Portfolio Manager, Zero Trust & Division Chief for ID7 at DISA, shares how Thunderdome spans 50 sites and 12,000 users, automating identity controls to outpace threats like lateral movement. We also hear from Quest Software Public Sector cybersecurity expert Chris Roberts, who breaks identity management down to its core: know the user, know the device, know the behavior. Tune in on your favorite podcasting platform today to hear how DISA is redefining identity for today's distributed networks—and what your agency can take from their playbook.
Uyghur Language Software Hijacked to Deliver Malware Cloudflare sees a big jump in DDoS attacks 4chan back online Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
Join Chief Technologist, John Janek and Technical Director for Digital Security, Niroop Gonchikar, as they discuss the concept of Zero Trust and its practical applications in cybersecurity. They explore its application across various environments, emphasizing the philosophy behind constant authentication and authorization to enhance security. The conversation includes insights from Niroop's experience at the Zero Trust Summit, where government agencies and vendors discussed their progress and challenges.They highlight the importance of making security easy for users, leveraging AI, maintaining continuous delivery and monitoring, and the evolving complexities of modern digital environments. The discussion also touches on the necessity of mentoring, community, and systemic understanding in developing secure codes and systems.
When you feel the energy of RSAC week starting to build, you know it's going to be a memorable one. Conversations, collaborations, learning, connecting—it's what this community thrives on. And ahead of the big week, we had a chance to catch up with Sterling Wilson, Field CTO at Object First, to talk about their vision for data resilience and why backup security can't be an afterthought anymore.Sterling's career path reads like a masterclass in data protection. After working deep in the trenches as a Microsoft and virtualization architect for both government and private sectors, he transitioned into the vendor space—eventually joining Veeam Software, where he became immersed in the world of backups and data resilience. That journey eventually brought him to Object First, and it's clear that passion for simplifying security while strengthening infrastructure hasn't faded.One of the major shifts we talked about is how the world of cybersecurity is now fundamentally interconnected. Sterling emphasized what we've said many times ourselves: it's no longer about isolated tools or technologies. It's about how everything fits together. And at the center of it all? Data.Object First is hitting RSAC with a mission: making backup security radically simple without compromising strength. Their “Ootbi”—short for Out Of The Box Immutability—makes protecting backup data straightforward, automatic, and resilient. No special configuration needed. No extra security knowledge required. Just plug it in and let the design do the work.We loved hearing how Object First applies core Zero Trust principles—like assuming breach and strict segmentation—not to networks or apps, but directly to backup storage. It's a philosophy Sterling calls “Zero Trust Data Resilience.” Especially in a world where admins are juggling multiple roles, budgets are tighter, and attacks are getting smarter (yes, AI is helping the bad actors too), reducing complexity while increasing protection is a game-changer.Sterling also shared a hard truth that many organizations are realizing too late: a lot of backup storage solutions weren't built for today's threat landscape. They weren't designed with security-first thinking. Object First aims to fix that by focusing on simplicity, immutability, and speed—not just in backup, but in recovery when it matters most.If you're heading to RSAC 2025, make sure you swing by Booth S260 to check out Object First in person. There'll be demos, trivia, swag, and a few surprise announcements. Plus, Sterling will be speaking at the Insights Theater (South Expo Booth 2151) on April 30 at 10:30 AM. He'll dive deeper into what Zero Trust Data Resilience really means—and why it's time to rethink how we secure our most valuable digital assets.And if you can't make it to San Francisco? Don't worry—we'll be recording another conversation with Sterling on location during the conference, going even deeper into these critical topics. Be sure to follow our On Location coverage to stay connected with everything happening during RSAC 2025.The future of security isn't just about new firewalls, AI-driven analytics, or policy updates. It's about protecting what matters most—our data—with approaches that are built for the challenges of today, not yesterday. And with companies like Object First pushing the boundaries, we think the conversation around data resilience is about to get a whole lot louder.Guests:Sterling Wilson | Field CTO | Data Resilience Strategist | ZTDR AdvocateLinkedIn: https://www.linkedin.com/in/sterling-wilson-007______________________________Resources:Learn more about Object First: https://itspm.ag/object-first-2gjlLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstImmutable Storage for Everyone.Ransomware-proof and immutable out-of-the-box, Ootbi delivers secure, simple, and powerful backup storage: https://itspm.ag/objectzlju____________________________Keywords:RSAC 2025, backup security, data resilience, immutable storage, zero trust, object first, ootbi, zero trust data resilience, cybersecurity conference, backup protection, Veeam, ransomware, disaster recovery, storage security, simple cybersecurity, RSAC, securing backups, infosec, infosecurity_______________________Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
SAP zero-day vulnerability under widespread active exploitation Hackers abuse OAuth 2.0 workflows to hijack Microsoft 365 accounts Cybersecurity firm CEO charged with installing malware on hospital systems Thanks to today's episode sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
We're on the road to RSAC 2025 — or maybe on a quantum-powered highway — and this time, Sean and I had the pleasure of chatting with someone who's not just riding the future wave, but actually building it.Marc Manzano, General Manager of the Cybersecurity Group at SandboxAQ, joined us for this Brand Story conversation ahead of the big conference in San Francisco. For those who haven't heard of SandboxAQ yet, here's a quick headline: they're a spin-out from Google, operating at the intersection of AI and quantum technologies. Yes — that intersection.But let's keep our feet on the ground for a second, because this story isn't just about tech that sounds cool. It's about solving the very real, very painful problems that security teams face every day.Marc laid out their mission clearly: Active Guard, their flagship platform, is built to simplify and modernize two massive pain points in enterprise security — cryptographic asset management and non-human identity management. Think: rotating certificates without manual effort. Managing secrets and keys across cloud-native infrastructure. Automating compliance reporting for quantum-readiness. No fluff — just value, right out of the box.And it's not just about plugging a new tool into your already overloaded stack. What impressed us is how SandboxAQ sees themselves as the unifying layer — enhancing interoperability across existing systems, extracting more intelligence from the tools you already use, and giving teams a unified view through a single pane of glass.And yes, we also touched on AI SecOps — because as AI becomes a standard part of infrastructure, so must security for it. Active Guard is already poised to give security teams visibility and control over this evolving layer.Want to see it in action? Booth 6578, North Expo Hall. Swag will be there. Demos will be live. Conversations will be real.We'll be there too — recording a deeper Brand Story episode On Location during the event.Until then, enjoy this preview — and get ready to meet the future of cybersecurity.⸻Keywords:sandboxaq, active guard, rsa conference 2025, quantum cybersecurity, ai secops, cryptographic asset management, non-human identity, cybersecurity automation, security compliance, rsa 2025, cybersecurity innovation, certificate lifecycle management, secrets management, security operations, quantum readiness, rsa sandbox, cybersecurity saas, devsecops, interoperability, digital transformation______________________Guest: Marc Manzano,, General Manager of the Cybersecurity Group at SandboxAQMarc Manzano on LinkedIn
At this year's RSAC Conference, the team from ThreatLocker isn't just bringing tech—they're bringing a challenge. Rob Allen, Chief Product Officer at ThreatLocker, joins Sean Martin and Marco Ciappelli for a lively pre-conference episode that previews what attendees can expect at booth #854 in the South Expo Hall.From rubber ducky hacks to reframing how we think about Zero Trust, the conversation highlights the ways ThreatLocker moves beyond the industry's typical focus on reactive detection. Allen shares how most cybersecurity approaches still default to allowing access unless a threat is known, and why that mindset continues to leave organizations vulnerable. Instead, ThreatLocker's philosophy is to “deny by default and permit by exception”—a strategy that, when managed effectively, provides maximum protection without slowing down business operations.ThreatLocker's presence at the conference will feature live demos, short presentations, and hands-on challenges—including their popular Ducky Challenge, where participants test whether their endpoint defenses can prevent a rogue USB (disguised as a keyboard) from stealing their data. If your system passes, you win the rubber ducky. If it doesn't? They (temporarily) get your data. It's a simple but powerful reminder that what you think is secure might not be.The booth won't just be about tech. The team is focused on conversations—reconnecting with customers, engaging new audiences, and exploring how the community is responding to a threat landscape that's growing more sophisticated by the day. Allen emphasizes the importance of in-person dialogue, not only to share what ThreatLocker is building but to learn how security leaders are adapting and where gaps still exist.And yes, there will be merch—high-quality socks, t-shirts, and even a few surprise giveaways dropped at hotel doors (if you resist the temptation to open the envelope before visiting the booth).For those looking to rethink endpoint protection or better understand how proactive controls can complement detection-based tools, this episode is your preview into a very different kind of cybersecurity conversation—one that starts with a challenge and ends with community.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Keywords: rsac conference, cybersecurity, endpoint, zero trust, rubber ducky, threat detection, data exfiltration, security strategy, deny by default, permit by exception, proactive security, security demos, usb attack, cyber resilience, network control, security mindset, rsac 2025, event coverage, on location, conference____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More
The RSA Conference has long served as a meeting point for innovation and collaboration in cybersecurity—and in this pre-RSAC episode, ITSPmagazine co-founders Marco Ciappelli and Sean Martin welcome Akamai's Rupesh Chokshi to the conversation. With RSAC 2025 on the horizon, they discuss Akamai's presence at the event and dig into the challenges and opportunities surrounding AI, threat intelligence, and enterprise security.Chokshi, who leads Akamai's Application Security business, describes a landscape marked by explosive growth in web and API attacks—and a parallel shift as enterprises embrace generative AI. The double-edged nature of AI is central to the discussion: while it offers breakthrough productivity and automation, it also creates new vulnerabilities. Akamai's dual focus, says Chokshi, is both using AI to strengthen defenses and securing AI-powered applications themselves.The conversation touches on the scale and sophistication of modern threats, including an eye-opening stat: Akamai is now tracking over 500 million large language model (LLM)-driven scraping requests per day. As these threats extend from e-commerce to healthcare and beyond, Chokshi emphasizes the need for layered defense strategies and real-time adaptability.Ciappelli brings a sociological lens to the AI discussion, noting the hype-to-reality shift the industry is experiencing. “We're no longer asking if AI will change the game,” he suggests. “We're asking how to implement it responsibly—and how to protect it.”At RSAC 2025, Akamai will showcase a range of innovations, including updates to its Guardicore platform and new App & API Protection Hybrid solutions. Their booth (6245) will feature interactive demos, theater sessions, and one-on-one briefings. The Akamai team will also release a new edition of their State of the Internet report, packed with actionable threat data and insights.The episode closes with a reminder: in a world that's both accelerating and fragmenting, cybersecurity must serve not just as a barrier—but as a catalyst. “Security,” says Chokshi, “has to enable innovation, not hinder it.”⸻Keywords: RSAC 2025, Akamai, cybersecurity, generative AI, API protection, web attacks, application security, LLM scraping, Guardicore, State of the Internet report, Zero Trust, hybrid digital world, enterprise resilience, AI security, threat intelligence, prompt injection, data privacy, RSA Conference, Sean Martin, Marco Ciappelli______________________Guest: Rupesh Chokshi, SVP & GM, Akamai https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine: https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsAKAMAI:https://itspm.ag/akamailbwc____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageRupesh Chokshi Session at RSAC 2025The New Attack Frontier: Research Shows Apps & APIs Are the Targets - [PART1-W09]____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More
April 17, 2025: Ryan Winn, CISO at AdventHealth, and Tamer Baker, Healthcare CTO at Zscaler, discuss zero-trust solutions and questions in this webinar recording. The conversation explores AdventHealth's remarkable four-month implementation journey and the surprising benefits beyond security they've discovered. They discuss practical approaches to medical device security, strategies for gaining organization-wide buy-in, and why framing security initiatives as business enablers rather than technical mandates leads to success. As healthcare organizations face mounting technical debt and evolving threats, this discussion offers a refreshing roadmap to simplification and a more secure environment. Key Points: 08:48 Zero Trust Hospital: Concepts and Implementation 13:42 Challenges and Opportunities in Zero Trust 21:19 The Impact of Zero Trust on Patient Care 27:49 Implementing Zero Trust 33:58 Final Thoughts and Q&A Want to get your copy of the new book "Zero Trust Hospital: The CXO Vision" by Zscaler? Order now X: This Week Health LinkedIn: This Week Health Donate: Alex's Lemonade Stand: Foundation for Childhood Cancer
Zero Trust isn't a new concept, but not one easily implemented. How do organizations transform cybersecurity from a "default allow" model, where everything is permitted unless blocked, to a "default deny" model? Danny Jenkins, Co-founder and CEO at ThreatLocker, joins Business Security Weekly to discuss this approach. Deny by default means all actions are blocked by default, with only explicitly approved activities allowed. This shift enhances security, reduces vulnerabilities, and sets a new standard for protecting organizations from cyber threats. Danny will discuss how ThreatLocker not only protects your endpoints and data from zero-day malware, ransomware, and other malicious software, but provides solutions for easy onboarding, management, and eliminates the lengthy approval processes of traditional solutions. This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them! In the leadership and communications section, Bridging the Gap Between the CISO & the Board of Directors, CISO MindMap 2025: What do InfoSec Professionals Really Do?, How to Prevent Strategy Fatigue, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-391
All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Andy Ellis, partner, YL Ventures. Joining us is Mike D'Arezzo, executive director of infosec and GRC, Wellstar Health Systems. In this episode: The shift left myth Reconsidering CISO evaluations The power of “how” Building bridges Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
In this Brand Story episode, Sean Martin and Marco Ciappelli sit down with Rob Allen, Chief Product Officer at ThreatLocker, to unpack how the company is reshaping endpoint security through a unique, control-first approach. Rob shares how ThreatLocker is challenging long-held assumptions about trust, visibility, and control in enterprise environments—and why the traditional “trust but verify” model is no longer good enough.From Default Permit to Default DenyThreatLocker's philosophy centers on a fundamental shift: moving from a default permit posture to a default deny stance. This approach, according to Rob, doesn't hinder operations—it creates boundaries that allow organizations to function safely and efficiently. It's not about locking systems down; it's about granting permissions with precision, so users can operate without even noticing security is present.Product Innovation Driven by Real FeedbackThe conversation highlights how customer input—and CEO Danny Jenkins' relentless presence at industry events—drives product development. New solutions like Web Control and Patch Management are designed as logical extensions of existing tools, allowing security teams to reduce risk without creating friction for end users. The addition of a software store, suggested by enterprise customers, gives users clarity on what's approved while reducing IT support tickets.Insights and the Detect DashboardRob also explains how ThreatLocker is unlocking the value of big data. With billions of data points collected every hour, their new Insights platform aggregates and analyzes cross-customer trends to better inform security decisions. Combined with the Detect Dashboard, teams now gain not only visibility but actionable intelligence—supported by polished visuals and streamlined workflows.More Than Just Tech—It's Peace of MindWhile the technology is impressive, Rob says the most rewarding feedback is simple: “ThreatLocker helps me sleep at night.” For many customers, that level of confidence is priceless. And in unexpected situations—like a blue-screen incident caused by third-party software—ThreatLocker has even been used to mitigate impacts in creative ways.Whether you're leading a global IT team or managing a growing MSP, this episode will make you think differently about how security fits into your operational strategy. Tune in to hear how ThreatLocker is turning bold ideas into real-world control.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer at ThreatLockerOn LinkedIn | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Send us a textIt's April 3rd and Peaches is back with a fresh pile of Air Force, Space Force, and “what are we even doing anymore?” news.From commanders whining about drone threats and bureaucrats pushing Zero Trust Architecture™ (whatever that means), to Ukraine intel shifts, grounded pregnant pilots, and six B-2 bombers pulling up to the Red Sea like it's a boss level—this Daily Drop has it all.Oh, and in case you missed it: the DoD is still trying to lay off people with pay, we're throwing F-35s into the Middle East blender, and China is officially the “leaked” top threat—because apparently someone needed that in writing.
Grifter is a longtime hacker, DEF CON organizer, and respected voice in the infosec community. From his early days exploring networks to helping shape one of the largest hacker conferences in the world, Grifter has built a reputation for blending deep technical insight with a sharp sense of humor.Learn more about Grifter by visiting grifter.org.SponsorsSupport for this show comes from ThreatLocker®. ThreatLocker® is a Zero Trust Endpoint Protection Platform that strengthens your infrastructure from the ground up. With ThreatLocker® Allowlisting and Ringfencing™, you gain a more secure approach to blocking exploits of known and unknown vulnerabilities. ThreatLocker® provides Zero Trust control at the kernel level that enables you to allow everything you need and block everything else, including ransomware! Learn more at www.threatlocker.com.Support for this show comes from ZipRecruiter. ZipRecruiter has solved the hiring problem. Employers prefer it the most for so many reasons. Let's start by telling you about their matching technology. They work hard to find the best candidates for your needs, and will instantly show you results once you post a job listing. ZipRecruiter will speed up your hiring process. See it for yourself at www.ziprecruiter.com/DARKNET.This show is sponsored by Material Security. Your cloud office (think Google Workspace or Microsoft 365) is the core of your business, but it's often protected by scattered tools and manual fixes. Material is a purpose-built detection and response platform that closes the gaps those point solutions leave behind. From email threats to misconfigurations and account takeovers, Material monitors everything and steps in with real-time fixes to keep your data flowing where it should. Learn more at https://material.security.