Full Story
Editor
Cyber Heroes in Action: Delivering Advanced ...

In this Brand Story episode, we connect with Danny Jenkins, CEO of ThreatLocker, to explore innovative cybersecurity measures that proactively prevent threats by using dynamic firewalls, application ringfencing, and a zero trust framework. Discover how these advanced solutions simplify IT security management while ensuring your network and data remain uncompromised.

7 Minutes
Editor
The 3-2-1 Rule for Cyber Resiliency | 7 Minutes ...

Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.

Full Story
Editor
First of its Kind Cyber Insurance Product ...

Discover how HITRUST's R2 certification is revolutionizing cyber insurance by providing a quantifiable measure of cybersecurity maturity, easing the insurance acquisition process, and potentially lowering premiums. Join Sean Martin as he speaks with Robert Booker and Blake Sutherland to explore this groundbreaking approach and its benefits for organizations and underwriters alike.

7 Minutes, HITRUST
Editor
Bringing a Consistent, Personable and Hands-On ...

Join Sean Martin as he chats with Ian Terry and Robert Godard from IS Partners about making compliance fun and approachable for businesses, all while sharing insights from the HITRUST Collaborate event. Discover how IS Partners uses a collaborative and engaging work culture to navigate complex cybersecurity and compliance frameworks successfully.

7 Minutes, HITRUST
Editor
Guiding Organizations on the Next Steps in ...

In this episode of 7 Minutes on ITSPmagazine from HITRUST Collaborate 2024, Sean Martin is joined by Shreesh Bhattarai to share his insights on how A-LIGN has become the leading provider of high-quality, efficient cybersecurity compliance programs and provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI.

Their Story | Virsec | A Conversation With Willy Leichter

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Willy Leichter

Our guest today, Willy Leichter, points out that the National Vulnerability Database has been tracking between 5,000 to 7,000 vulnerabilities every year; a figure that went up to about 20,000 a couple years ago, and where we're now seeing 10,000 to 15,000 per month. Trying to keep up with this trend from a patch management perspective as the sole means to eliminate vulnerabilities and mitigate risk to the business isn't scalable; it isn't feasible.

Still, business marches on—technology marches on—security is always going to have to run fast to keep up. Most organizations accept that. But it can be daunting at times. Have a listen to this chat with Willy to get a different perspective on this problem. With any luck, you'll have a fighting chance to make it through tomorrow, and the next day, and the day after that without a serious problem with your apps.

Their Story | DataLocker | A Conversation With Jay Kim

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Jay Kim

How do organizations ensure that those devices (and related ports) don’t get misused and abused — especially when there are 10s of thousands of users, each potentially with multiple external devices?

That’s where centralized management comes into play, giving IT leaders and business owners the ability to define and enforce acceptable use policies aligned with their business needs and their risk appetite. Listen to today’s story by Jay Kim as he shares some detailed use cases.

Their Story | SIRP | A Conversation With Faiz Shuja

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Faiz Shuja

We’ve arrived at a time in business where we can no longer rely on manually fighting the status quo as a means to protect the organization from compromise. We’ve reached a point where organizations must prepare for the inevitable and take aim at defining and implementing the best possible breach response capabilities—driven by intelligence and orchestrated with automation. Listen to today’s episode as Faiz Shuja shares the SIRP story with us, giving us a view into what the future holds for the security orchestration and automated response market.

Have a listen to this story!

Their Story | BYOS | A Conversation With Matias Katz

A Their Story conversation with Sean Martin and Marco Ciappelli

Guest: Matias Katz

Listen to today’s episode as Matias Katz tells us the BYOS story: the origins of the company, how Matias’ upbringing and education helped to shape the company, and how his passion and drive for knowledge and learning are helping him to take the company into the future—a future full of countless bad actors looking to compromise and exploit some of the billions of Internet-connected devices for their financial gain.

Their Story | Prevailion | A Conversation With Karim Hijazi and Adam Flatley

A Their Story conversation with Sean Martin and Marco Ciappelli

Guests: Karim Hijazi and Adam Flatley

The question for you as you listen to this conversation is: “are you zeroing in on what matters for your entire business ecosystem, or are you stuck in a world where updating patches, changing firewall rules, and running AV scans is still your top priority?”

Reinventing Privileged Access Management | A Dialogue With Martin Cannard, VP, STEALTHbits

A Their Story interview with Sean Martin

Today’s guest is Martin Cannard, Vice President, Product Strategy (Privileged Access Management) at STEALTHbits Technologies. Martin and I look at the past to explore how the world of access control and privileged access management (PAM) has changed, mainly driven mobile, cloud, and the Internet of Things.

Martin shares some stories about how organizations are changing the way they define and implement privileged access management solutions, turning the technology—and their operational infrastructure—on its side business to better support business requirements without opening up the gates too wide nor closing them down too much.

Ultimately, it’s about finding that “just right” access model that accounts for changes in risk, threat, context. This isn’t an easy task when faced with growing technical complexities, increasingly-demanding business processes, and the need to scale to meet both market and end-user demands.

After you listen to this story by STEALTHbits, check to see if your perception of privileged access management has changed—and, if so, how.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Ronan Cremin, Afilias

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Ronan Cremin, CTO, Afilias

Marco and I are fortunate in that we get to hear a lot of stories. Of course, as one of our mantras spells out, we are always on the lookout for stories that are better than others.

This story is that and a bit more. It is made of the stuff that nightmares are made off; to the point that Marco has been inspired to write a Cybersecurity Halloween Short Story after hearing this one. We shall see if that is actually going to happen. 

in the meantime, it’s probably a good to take a deep breath before you listen (or watch a snippet of) our conversation with Ronan to the nightmare people may have gotten themselves into. Maybe it that new phone deal you got online wasn’t that good of a deal after all. Perchance it was just a nightmare. Perhaps it wasn’t.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Yaron Kassner, Silverfort

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Yaron Kassner, Co-Founder and CTO | Silverfort

What if you could have your cake and eat it too? No matter how many times you hear this, it still sounds good. Conversely, however, we can’t even remember how many conversations we’ve had over the years, about passwords and how inconvenient and old-fashioned they are—both for today’s businesses and for personal lives operating in the digital age.

Unfortunately not much has changed and, for a while, it looked like the best way to deal with adding extra security to a password was to verify it with yet another password. It felt like we were trying to maximize protection while minimizing disruptions; seemingly, this was (and still is?) as impossible as tasting that sweet cake and still having it. Drats!

Well, times are changing, and technology is finally coming to the rescue. Here is a story about it.

With over a decade in the cybersecurity industry, today’s guest — Yaron Kassner, Co-Founder of and CTO at Silverfort — tells a story of a career path that takes him through the data science and machine learning halls of Microsoft and Cisco before co-founding the Isreali-based firm, Silverfort, in 2015.

It's a good story. Have a listen. Just input your password when prompted.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Will Glazier and Matt Keil, Cequence Security

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guests: Will Glazier, Head of CQ Crime Research and Matt Keil, Director of Product Marketing | Cequence Security

During Black Hat, we had the chance to meet two of these individuals from Cequence Security: one is a security research veteran that has been with the company for a long time and the other a new-hire but with a long and solid history of looking after product marketing for another very well-known security brand.

During our chat, we get to talk about a lot of things, including the birth and evolution of a start-up; the potential liability a company may incur if they have a massive infrastructure built of IoT devices that get compromised, and; bots and other automated devices that can be turned into a cyber army with evil plans and unpleasant consequences for the Internet and its users.

It was a wild ride; a conversation that we truly enjoyed. We invite you to join us as Will and Matt take us up and down the rollercoaster of InfoSec.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Mahesh Rachakonda, CipherCloud

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Mahesh Rachakonda, CISSP, VP - Product & Solution Engineering | CipherCloud

With a background rooted in engineering, computer science, and middleware systems development, Mahesh Rachakonda, CISSP, VP Product & Solution Engineering at CipherCloud, has worked on several complex systems, including those found in hospitality, telecommunications, and even some military installments.

Taking the story beyond his role in the industry to that of CipherCloud’s story—which began back in 2010—Mahesh explains to us that the main company message and goal was all about enabling cloud adoption; something that initially took quite some effort to get organizations and people prepared and ready to trust this new operating environment.

As businesses adopted these cloud technologies, they also began to realize that there was a lot to understand concerning how and where security policies, controls, monitoring, and response were handled. This challenge is exacerbated given the sheer number of cloud environments running countless applications and services—which can vary dramatically depending on the industry and widespread use cases within each.

Listen to this story about Mahesh and CipherCloud. There is something interesting here for everyone — no doubt about it.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Jay Kim, DataLocker

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Jay Kim, CEO and Founder | DataLocker

For today’s story, Sean and I connect with a former pharmaceutical IT professional and now-CEO of DataLocker, Jay Kim. While focused on IT problems, Jay found himself in the crosshairs of the Y2K phenomenon and got a real taste for what the “A” meant in the information security CIA Triad (Confidentiality, Integrity, and Availability). As a consequence of his choice to be in IT, Jay found himself on a business trip where he met an engineer with a novel idea about manufacturing secure external hard drives.

The idea turned into a patented, secure external hard drive device that was a platform-independent device with a built-in keypad used for authentication—meaning all the users had to do was plug it in and type in their passcode to access the data on the drive. With this, the company, DataLocker, was formed.

There’s a decent amount of story told by Jay covering the years following their FIPS-validated product in 2009, and I would encourage you to listen to hear how the business was, founded and funded, how the team grew, and how the product line and overall solution set was enhanced. Listen up. We think you will find some inspiring words here. 

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Mounir Hahad, Juniper Networks

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Mounir Hahad, Head of Juniper Threat Labs | Juniper Networks

We’ve had a number of Their Story conversations with the team at Juniper Networks over the years; many of them happened to be with our good friend Mounir Hahad. We were happy to have the opportunity to sit down with him once more for another chat.

This time, however, we brought him back to the beginning of his career and what motivated him to chose this path. He speaks to living in a different country, separated from the rest of his family—and while leveraging technology as a means to keep in touch, when he realized how vulnerable the general public is against cybercrime. With this inner call, Mounir found his passion and mission: to be part of the solution to help combat cybercrime in business and throughout society.

By now, we know that the security ecosystem is never a static picture, but what does this constant change look like Have a listen to see if you agree with Mounir’s perspective; maybe now is a good time to double-check if you are doing everything you can when it comes to protecting your systems and data across the infrastructure you’ve deployed for your business.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Paul Russert, SecurityFirst

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Paul Russert, VP of Marketing | SecurityFirst

Most cybersecurity professionals we meet seem to have followed their passion when they stepped into this job—this career. Yes, this is the case for our today's guest—Paul Russert—who was blessed with an early retirement opportunity from the tech industry and found himself filling his time volunteering for Habitat for Humanity as a construction leader. While fulfilling, Paul realized that, after three years, he had "nobody to play with," and he needed to go back for more.

Paul was ready for the change—and the challenge—and made the jump back into the corporate world. He is now helping organizations protect the data they have with a solution that connects intelligent encryption with in-depth access control capabilities on top of existing identity management tools. This ensures that only those with approved access are allowed to see the data through an agreed set of applications bound to the time(s) specified within the approved policies.

Have a listen to our conversation as we try to find that perfect balance of capability and security driven by our a newfound desire to protect our personal privacy.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Darren Mar-Elia, Semperis

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Darren Mar-Elia, Head of Product | Semperis

We’ve said it many times and we won’t change our mind anytime soon: we go to conferences to meet old friends, make new ones, and have stimulating conversations. It can be a tour de force as we have a limited amount of time and an almost unlimited number of topics we can chat about. Yes, we can all agree that the InfoSec industry has become a variegated field with a great variety of people and stories. We sure love that, but when story time is also lunch time, it takes a special topic to get the the energy level up and starting the podcast by telling stories about the early days (1970’s) of the Atari 800 can have that reinvigorating effect. That’s exactly what Marco and I did when we spoke with Darren Mar-Elia from Semperis. That wasn’t all that we spoke about though—that was just the ice-breaker for the chat we had.

Thankfully, Darren is able to provide some seriously-valuable insight into the questions we had for him. However, for one final question, Darren had a different idea in mind.

Have a listen to hear what Darren’s plan is when this eventuality becomes reality.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Willy Leichter, Virsec Systems

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Willy Leichter, Vice President, Marketing, Virsec Systems

Keep it simple, they say. With technology—and cybersecurity—most of the time, this is way easier said than done; especially when you set out from the start to solve very complex problems. But you know what you can do? You can look at these problems from a different angle and make your mission and goal to find solutions that are simple to deploy and manage.

If a picture helps to describe what this looks like, you can use an analogy like Google Maps. Virsec maps what's supposed to happen within the app and then, in real-time—since they have it mapped—they can see if it's going off the rails, going somewhere different than where is supposed to go, or in our case, if it's doing what it's supposed to do. It's a fundamentally different view of security.

Listen to Willy and hear how he tells this story in full detail.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Andrew Brandt, Sophos

, ,

A Their Story interview with Sean Martin & Marco Ciappelli
Guest: Andrew Brandt, Principal Researcher | Sophos

ou’ve likely heard that cybercriminals run their underground businesses similar to those seen in public—they have employees, managers, executives—they have formal business processes, employ marketing tactics, use innovative technologies, and even employ machine learning, artificial intelligence, and automation to help them get the best return—they have a supply chain to help the cybercriminal community make the most of their business ventures—and, with this, of course, there is a ton of supply and demand up and down the cybercrime stack.

Don’t worry. For those of you that like to connect technology and research to the business end of things, we’re fortunate in that Andrew is able to take us down some intricate paths. Ready to dig deep beneath the underbelly of the world of cybercrime? Have a listen.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Dimitri Vlachos and Matt Mosley, Devo

, ,

A Their Story interview with Sean Martin & Marco Ciappelli

Guests: Guests: Dimitri Vlachos, CMO and Matt Mosley, VP of Products, Cyber Security | Devo

The timing was perfect to have this conversation about the role and success of the SOC analyst since the Ponemon Institute and Devo put together a new research-driven report covering this topic: Improving The Effectiveness Of The SOC. Marco was happy to join me to discuss the results with Dimitri and Matt, and we uncovered some additional elements to consider when a poor user experience is delivered with a security application or service. Without giving everything away, I will leave you with one word: burnout.

We looked at this issue with more vigor, exploring how the findings from this research, increased consideration for the SOC analyst and their career lifecycle, and a collection of better tools built with the user experience in mind can make the difference now and in the future.

Intrigued? If you use a security product or lead a team that uses security products, you should be. Have a listen and share this with your peers. They will appreciate it.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Sean Dillon (zerosum0x0) and Nate Caroe (The_Naterz), RiskSense

, ,

A Their Story interview with Sean Martin

Guests: Sean Dillon, Sr. Security Rǝsearcher and Nate Caroe, Security Analyst | RiskSense

Since the publication of a podcast I put out not too long ago where I explored the realities behind the BlueKeep RDP vulnerability, I was determined to find a time to connect with the leading research, Sean Dillon (aka zerosum) to get his perspective and an update on his research surrounding this vulnerability. Little did I know that we would not only be fortunate enough to connect with Sean to discuss BlueKeep during Black Hat in Las Vegas, but we would also get a chance to bring in Nate Caroe, who was also working on vulnerability research and open-source tool development to help identify and test these vulnerabilities.

This conversation gets even better as we dig deeper into BlueKeep than I thought we would/could—plus we got to discuss some other research and tool development on which this duo are working.

This is a great story that pulls back a few layers of technology. I hope you enjoy it and find it useful as well.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Stina Ehrensvard, Yubico

, ,

A Their Story interview with Marco Ciappelli & Sean Martin

Guest: Stina Ehrensvard, Founder and CEO, Yubico

Once upon a time, there was an idea. It was a good one. It was so good that it became a flawless product and an extremely successful company overnight.

And they lived successfully and happily ever after.

— The End

Do you want to hear this story, watch the movie, and even wear their t-shirt? Of course not. It is a bad story and most importantly, it’s not true.

The story of the latest “overnight success” took years to bring together. It happens to be the same overnight success that’s jumped countless hurdles and pushed through some really tough “because we’ve always done it this way” industry roadblocks.

, ,

Their Story At Hacker Summer Camp | Las Vegas 2019 | Mario Vuksan, ReversingLabs

, ,

A Their Story interview with Marco Ciappelli & Sean Martin

Guest: Mario Vuksan, Founder and CEO, ReversingLabs

This is a story that started about ten years ago; however, in some ways it goes back a bit further than that—and perhaps we will never catch up with the present.

Is a story about a different approach to cybersecurity that has, at its core, a profound desire to understand how technology works and evolves; that places security center-stage in every discipline related—not only to computer science—but to all activities connected to the well-being and progressive development of our society.

Stay Tuned on ITSPmagazine Podcasts

Broadcasting Ideas. Connecting Minds.
A Modern Innovative Multi-Media Platform.
A Global Space Where Intellectual Exchange Is Encouraged.


Musing On: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring | Creativity | Writing | Space Exploration and Security | Arts | Brands & Brand Marketing | …

Subscribe to the main ITSPmagazine Podcast Channel to listen to all our conversations directly on your favorite podcast player.

Note: These are links to the General ITSPmagazine Podcast where MOST episodes from our Podcast Channels are published.
To subscribe to your favorite shows, please visit Our Podcasts Page

If you do not see your favorite player above, open it and search for ITSPmagazine Podcast.