In this Brand Story episode, we connect with Danny Jenkins, CEO of ThreatLocker, to explore innovative cybersecurity measures that proactively prevent threats by using dynamic firewalls, application ringfencing, and a zero trust framework. Discover how these advanced solutions simplify IT security management while ensuring your network and data remain uncompromised.
Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.
Discover how HITRUST's R2 certification is revolutionizing cyber insurance by providing a quantifiable measure of cybersecurity maturity, easing the insurance acquisition process, and potentially lowering premiums. Join Sean Martin as he speaks with Robert Booker and Blake Sutherland to explore this groundbreaking approach and its benefits for organizations and underwriters alike.
Join Sean Martin as he chats with Ian Terry and Robert Godard from IS Partners about making compliance fun and approachable for businesses, all while sharing insights from the HITRUST Collaborate event. Discover how IS Partners uses a collaborative and engaging work culture to navigate complex cybersecurity and compliance frameworks successfully.
In this episode of 7 Minutes on ITSPmagazine from HITRUST Collaborate 2024, Sean Martin is joined by Shreesh Bhattarai to share his insights on how A-LIGN has become the leading provider of high-quality, efficient cybersecurity compliance programs and provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI.
A Their Story conversation with Sean Martin and Demetrios Lazarikos (Laz) + Andy Hoernecke from Blue Lava
Listen in to learn more from Laz and Andy as they share their experiences and expertise. Join us to examine what it means for InfoSec teams to achieve maturity and how a comprehensive program framework can help the group begin their journey by setting a baseline and establishing maturity measurements.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Philippe Humeau, CEO at CrowdSec
CrowdSec is joining the good guys on this battlefield and understands that by acting together and sharing important, relevant pieces of information, we can successfully counteract organized cybercrime. CrowdSec's CTI-driven IPS objective is to automate cybersecurity threat intelligence sharing and consumption on a large scale.
Learn more about what it means to join the crowd and how all the information can benefit businesses and organizations all over the globe. This is the value of authentic and accurate information sharing.
A Their Story conversation with Sean Martin, "Rock" Lambros of RockCyber, and Jen Sanford from Blue Lava
CISOs tend to talk to other technical personnel and don’t get involved in business conversations on a regular basis. To succeed in their role, however, CISOs need to get out from behind their keyboards and start discussions with executives so they can begin to translate what they do in security into what the business wants to hear. But finding those connection points between technology and the business is difficult.
With this story, Martin, Lambros and Sanford focus on strategy and planning because that’s what helps CISOs evolve into the role they want now and into the future. But it doesn’t happen magically. Only through understanding, research, and action, can CISOs reach that point.
It’s time to make your own magic happen. Have a listen.
A Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson with CyberSecurity and CISO veteran, Joel Fulton
It is not the first, nor the last, time we suggest studying our history to learn about our present and imagine the future. To get a view for how society reacts to scams and cons, we can look to the past for education, perhaps some inspiration, and maybe even some guidance. Yes, even when looking at cybersecurity and the video game industry.
In this new chapter of the BlackCloak story, we get to dive into a new report the team put together, looking at the world of gaming as the source of risk, threats, and compromise. And, to our liking, we got to use the report's findings to take a look back in time (way back, in fact), such that we can connect the dots between humanity, psychology, and security (cyber and not).
Listen in. Go back in time with us. And prepare for the future. Remember, while the report is about gaming — this isn't a game.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva executives
We live in a world where the only constant is change. We’ve managed to survive by anticipating and following the changes to our business models, data models, and threat models. Have we done a decent job bringing our business to the cloud thus far? What about where we head to next?
This is a 2-part podcast series with Imperva executives. The series will explore the past, present, and future paths organizations have and will need to take to the cloud with a data security model and solution designed to handle constant growth and change.
Now… please join us as we join you on this journey you’ve already begun.
A Their Story conversation with Rudi Perkins (Welvie) And Blaise Wabo (A-LIGN), customer and partner of HITRUST, respectively
Suppose you're like Rudi, who, six years ago, tried to bring his organization to an effective level of compliance and increase his security posture by managing multiple spreadsheets. In that case, you're probably finding yourself going nuts — just like Rudi did, and many others do, when faced with a similar complex and overwhelming situation.
Thankfully, this is when Rudi's and Blaise's stories — individually and collectively — can make a world of difference for you.
They've figured many things out: they found the right processes, tools, and partners to make this experience better overall. They've created an experience they want, driven by a common framework that maps all of those things together, giving you the means to do the controls assessment, identify and mitigate the gaps, and then apply that work to many standards, frameworks, and regulations in the US and abroad.
In short, what HITRUST and its Assessor community are doing here is to enable the business — individually and collectively as part of a larger supply chain — to operate securely within the boundaries of the regulatory and industry requirements for which they must abide.
“Our customers expect that of us. Our partners expect that of us. We should expect that of each other and of ourselves too.” —Sean Martin
A Their Story conversation with Sean Martin, Marco Ciappelli, and Key Resources CTO and co-founder, Ray Overby
The lack of InfoSec talent is something the cybersecurity industry complains about all the time. How does this challenge differ when we look at mainframe security? Once again, perception and reality are not a match.
We've come full circle with mainframes. They still do what they were designed to do — really well, in fact. Still, we need to understand the role of the human in the equation as we try to do two things at once: 1) run the critical business processes on the mainframe, and 2) remember that security doesn't happen magically; it requires human intervention.
It's time to put the humans back in the mainframe. History, as usual, can help us clarify the present and plan for a better future.
Have a listen to learn more.
A Their Story conversation with Sean Martin, Marco Ciappelli, and leaders from Semperis
Here is the truth: Active Directory remains a soft target for attackers attempting to steal credentials and deploy ransomware. However, there is another truth: it doesn't have to stay that way. There is a new Knight in the castle — it is purple, and it is here to change the game.
During this podcast, we learn more about Semperis' mission with its new free tool, Purple Knight, including what it can do, how it works, and what the end results can be once an organization takes concrete steps to protect the keys to its kingdom.
Join us on this new adventure and meet this new character in the Semperis saga.
Once upon a time...
A Their Story conversation with Sean Martin, Marco Ciappelli, and Eoin Keary from Edgescan
It is that jolly time of the year: The Edgescan vulnerability stats report has arrived! After six annual editions, it has become an industry pillar representing the global state of cybersecurity vulnerability management.
It is not for nothing that this large dataset is also part of other annual security analysis reports, such as the OWASP Top 10 and Verizon Data Breach Investigations Report (DBIR).
So, what's in it? A bunch of numbers, and they all mean something. They will help you and your organization improve the effectiveness of your vulnerability management program and, in turn, your risk profile. But do not take our word for it. We spoke directly with the founder of the report and the company behind it, Edgescan's CEO, Eoin Keary.
A Their Story conversation with Sean Martin, Marco Ciappelli, and leaders from Archer and RiskRecon
The third-party ecosystems of today’s organizations have become more complex, more digital, and more extensive than ever before. The need for an accurate picture of your vendor’s security posture is greater than ever, with public and private sector organizations reporting a surge in cyber-attacks, and at the same time, continuing to experience and react to substantial disruption to their third-party ecosystems.
Want to learn more? Have a listen and watch the on-demand webinar.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva
The 8th edition of the Bad Bot Report, produced using research and analysis from Imperva Research Labs, shows that more than 40% of all web traffic requests originated from a bot last year. The reduction in human traffic coupled with the increase in bot traffic, according to the report, suggests the growing scale and widespread impact of bots in daily life.
This is a 2-part podcast series with Imperva. In this series, we get to speak with Edward Roberts, Director of Strategy, Application Security at Imperva, to look at the findings in the report from two angles. Be sure to catch both episodes to get both perspectives.
A Their Story conversation with Sean Martin, Marco Ciappelli, and the team from Devo. This is a 5-part podcast series inspired by the Log’s Honest Truth video campaign recently published by Devo.
Logs do not lie. But, what is the true story that a company’s business data can tell to the security professionals that use these logs everyday to do their job? Perhaps more importantly, can these cybersecurity professionals candidly and openly talk about the way they feel about their job and how they would like the data to work better for them?
Sometimes we just need a safe space to share how we really feel.
Listen to each podcast episode, watch the accompanying Log’s Honest Truth confession video, and be sure to subscribe to our newsletter and podcasts to catch all of the episodes as they become available.
A Their Story conversation with Sean Martin, Marco Ciappelli, and leaders from Nintex and Protiviti
When defined and executed well, a Center of Excellence can be more than a model or process to follow; it can set the bar for the organization by which each part can play a role in making things better. It's not automatic—it requires dedication—and customization.
Have a listen to learn about what our guests hear every day from organizations of all sizes looking to make things better for the business by transforming their business processes with a clear view for what it means to be excellent in how things are built, managed, and executed.
Enjoy, and automate!
A Their Story conversation with Sean Martin, Marco Ciappelli, and Bugcrowd executives, business leaders, and security researchers
While similarities exist, the latest research indicates the next era of cybersecurity has more in common with the Renaissance, sharing its characteristics of humanism, exploration, and warfare.
This is a 4-part podcast and webcast series we have discussions with Bugcrowd executives, business leaders, and security researchers. The series will explore the traits, attributes, and mindset of the security researchers that enable the successful crowdsourced security assessment market, specifically focusing on these 4 areas: BUSINESS VALUE | GEOGRAPHICS | DEMOGRAPHICS | PSYCHOGRAPHICS
Bookmark this page to catch all of the episodes as they become available.
Listen and learn as you build out your security program by leveraging the global and diverse crowd.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Key Resources president and co-founder, Cynthia Overby
As secure as the mainframe is, it is still another operating system with software running on it. Many information security programs tend to offer these systems special treatment, exemptions, and exceptions — especially when it comes to zero-trust frameworks.
The last time we checked, they were not sitting underground, disconnected from the rest of the IT infrastructure, and in the general vicinity of Area 51. Nope. They are connected and making most of our lives work throughout society. Let's show them the respect — and the security — they deserve.
Enjoy the conversation, if you please.
The CYBERWISER.eu Cyber Range Platform and Training Environment — where IT specialists become highly-skilled, multi-disciplined cyber security professionals.
The need for effective cybersecurity training is more pressing than ever.
Join this free event for practical solutions, tools & opportunities.
A Their Story conversation with Sean Martin, Marco Ciappelli, BlackCloak executives, industry thought leaders, and security/risk practitioners
Balancing protection, responsibility, and liability for the safety of the employees and the safeguarding of company assets.
It may seem obvious and straightforward that there are clear lines between work time and personal time — work devices and personal devices — work networks and personal networks … and so on. It was never that simple before the work-from-home phenomenon and it’s only gotten even more complicated since.
In this three-part conversation, we’ll be looking at what it means to protect the employee as a means to protect the business. We will look at what may not be obvious for most organizations: how and where companies draw their lines of protection between their business and their employees matter. Get the responsibility lines drawn correctly and the business revenue and growth can be protected. Draw the protection line(s) incorrectly and you could be introducing liability can be added to the overall corporate risk profile.
This is a 3-part podcast series that will cover three different perspectives across these 3 episodes:
EXECUTIVES | EMPLOYEES | OPERATIONS
Bookmark this page to catch all of the episodes as they become available.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva executives
We live in a global economy with a global Internet—but is there just one Internet?
This is a 2-part podcast series with Imperva executives. The series will explore the role of the Internet(s) in defining and enforcing data privacy policies around the world.
Subscribe to the newsletter and Subscribe to the podcast to get notified of future episodes.
A Their Story conversation with Sean Martin, Marco Ciappelli, and Devo executives, business leaders, and security practitioners
What separates a highly effective SOC from a poor-performing SOC?
In this three-part conversation, we will discuss exactly that: the technology, the humans, and the synergistic relationship between the two. Together, with Devo, we explore the tale of Two SOCs: what defines success and what drives performance—plus, what doesn’t.
This is a 3-part podcast series with Devo executives, business leaders, and practitioners along with some of their strategic customers and partners. The series will explore the tale of 2 SOCs: what defines success and what drives performance—with the community-based research the Ponemon Institute performed that will effectively define these 3 episodes: TECHNOLOGY | HUMANS | BUSINESS
Bookmark this page to catch all of the episodes as they become available.
Listen and start tuning your SOC to achieve the performance the business deserves.
A Their Story conversation with Sean Martin and Marco Ciappelli
Guest: Erik Thoen
The last time we got together with ReversingLabs was during RSA Conference San Francisco 2020. Back then, we spoke with Mario Vuksan And Tyson Whitten to learn about how the black box of machine learning and artificial intelligence is giving InfoSec professionals a few headaches. A lot has remained the same on this front. Still, a lot has changed since then for many organizations’ SOC teams: work from home environments, disruptive digital and business transformation, rapid cloud deployments, and the ever-dreaded “do more with less budget” operational tactic — to mention just a few.
So, with all that we are now dealing with, how do we find the best path to better information security?
Have a listen.
Musing On: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring | Creativity | Writing | Space Exploration and Security | Arts | Brands & Brand Marketing | …
Subscribe to the main ITSPmagazine Podcast Channel to listen to all our conversations directly on your favorite podcast player.
Note: These are links to the General ITSPmagazine Podcast where MOST episodes from our Podcast Channels are published.
To subscribe to your favorite shows, please visit Our Podcasts Page
If you do not see your favorite player above, open it and search for ITSPmagazine Podcast.