Full Story
Editor
Cyber Heroes in Action: Delivering Advanced ...

In this Brand Story episode, we connect with Danny Jenkins, CEO of ThreatLocker, to explore innovative cybersecurity measures that proactively prevent threats by using dynamic firewalls, application ringfencing, and a zero trust framework. Discover how these advanced solutions simplify IT security management while ensuring your network and data remain uncompromised.

7 Minutes
Editor
The 3-2-1 Rule for Cyber Resiliency | 7 Minutes ...

Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.

Full Story
Editor
First of its Kind Cyber Insurance Product ...

Discover how HITRUST's R2 certification is revolutionizing cyber insurance by providing a quantifiable measure of cybersecurity maturity, easing the insurance acquisition process, and potentially lowering premiums. Join Sean Martin as he speaks with Robert Booker and Blake Sutherland to explore this groundbreaking approach and its benefits for organizations and underwriters alike.

7 Minutes, HITRUST
Editor
Bringing a Consistent, Personable and Hands-On ...

Join Sean Martin as he chats with Ian Terry and Robert Godard from IS Partners about making compliance fun and approachable for businesses, all while sharing insights from the HITRUST Collaborate event. Discover how IS Partners uses a collaborative and engaging work culture to navigate complex cybersecurity and compliance frameworks successfully.

7 Minutes, HITRUST
Editor
Guiding Organizations on the Next Steps in ...

In this episode of 7 Minutes on ITSPmagazine from HITRUST Collaborate 2024, Sean Martin is joined by Shreesh Bhattarai to share his insights on how A-LIGN has become the leading provider of high-quality, efficient cybersecurity compliance programs and provides the widest breadth and depth of services including SOC 2, ISO 27001, HITRUST, FedRAMP, and PCI.

,

See All of Your Security Findings in One Place. Act on Them Precisely. | A Collection of Brinqa Stories from RSA Conference 2023

,

Their Story conversation with Sean Martin, Marco Ciappelli, and Brinqa executives

Brinqa specializes in advanced vulnerability risk management, helping organizations manage findings and vulnerabilities across their diverse security tools. The Brinqa platform consolidates and analyzes data from multiple sources, enabling businesses to prioritize and communicate risks to relevant stakeholders. By fostering a more mature and cohesive approach to cybersecurity, Brinqa empowers organizations to align security strategies with their overall business objectives.

Join us here for a collection of stories from the Brinqa team.

Securing the Modern Business Riddled with Legacy Technology | Protecting Active Directory On-Premises and Azure AD in the Cloud | A Semperis Story with Guido Grillenmeier and Daniel Lattimer

Their Story conversation with Sean Martin and Marco Ciappelli and Semperis

As more companies adopt cloud technology, syncing Active Directory and Azure AD data between on-premises and cloud-based directories can become necessary but comes with risks. In this article, we discuss some of the most common mistakes made by organizations when syncing directory services and share practical tips on how to avoid them. Learn from Daniel Lattimer and Guido Grillenmeier from Semperis on the importance of assessing directory security posture, evaluating cloud security controls, implementing proper monitoring and detection rules, and establishing clear responsibilities and ownership.

Anticipating The Next Decade of Bot-Enabled Threats | Exploring 10 Years of Imperva Bad Bot Reports | An Imperva Story With Karl Triebes

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Advanced bots are becoming increasingly difficult to detect and defend against, leaving organizations vulnerable to attacks that can compromise sensitive data and personal information of customers. In this blog post, we explore key measures that organizations can take to protect themselves against bot attacks, including implementing an API security strategy, adopting a layered security approach, utilizing effective technologies like AI, and implementing best practices.

The Fog of More, the Risk of Cybersecurity Commoditization, and the Race to the Bottom | A Their Story Conversation from RSA Conference 2023 | A Schellman Story with Michael Parisi

Their Story conversation with Sean Martin and Michael Parisi from Schellman

Michael Parisi and Sean Martin discuss the challenges of compliance, cybersecurity, and the risk of commoditization. They explore the role of stakeholders and the need for education among non-technical individuals to prevent a race to the bottom in cybersecurity.

Stronger Together: The Power of Relationships in Defending the Digital Lives of Executives | A Their Story Conversation from RSA Conference 2023 | A BlackCloak Story with Chris Pierson

Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson.

Digital executive protection has become top of mind for many cybersecurity leaders and their business owners. Chris Pierson, the founder of BlackCloak, discusses relationships and human empathy in cybersecurity with Marco Ciappelli and Sean Martin as he unveils BlackCloak's innovative new CISO Protection Dashboard.

How AI and NLP are Transforming Third Party Risk Assessment | A Their Story Conversation from RSA Conference 2023 | A VISO TRUST Story with Paul Valente and Russell Sherman

Their Story conversation with Sean Martin and Paul Valente and Russell Sherman from VISO TRUST

Explore the innovative approach to third-party cyber risk assessments with Paul Valente and Russell Sherman, as they share their journey of creating a cutting-edge platform that revolutionizes the traditional process, using AI and NLP to save time, reduce friction, and build trust.

,

Protecting Data in a Post-Modern World: The Evolving World of APIs, Regulations, and Advanced Technology | Imperva Stories From RSA Conference 2023 with Pam Murphy (CEO) and Kunal Anand (CTO and CISO)

,

A pair of Their Story conversation with Sean Martin and Imperva executives, Pam Murphy (CEO) and Kunal Anand (CTO and CISO).

In an increasingly interconnected world where information is critical to business success, organizations face numerous challenges and threats to their data. From the growing prevalence of APIs and shadow APIs, to navigating the ever-evolving regulatory landscape, organizations must stay abreast of the latest developments in cybersecurity. As technology continues to advance, incorporating AI-driven solutions and modernizing security frameworks becomes crucial in order to protect valuable information.

Balancing their responsibilities, CEOs, CTOs and CISOs must communicated and collaborate to carefully assess their risk management and security solutions based on time to value and total cost of ownership. By leveraging the expertise of security enablers like Imperva, businesses can successfully navigate the postmodern paradigm shift in cybersecurity and secure their digital assets in a rapidly changing landscape.

Join is for two conversations that will make you think differently about how you protect your data at every turn, in every form, and every location.

Maximizing Security in Hybrid Active Directory Environments | A Their Story Conversation from RSA Conference 2023 | A Quest Story with Sergey Medved and Matthew Vinton

Their Story conversation with Sean Martin and Matthew Vinton and Sergey Medved from Quest

In this Their Story conversation Matthew Vinton and Sergey Medved from Quest discuss the challenges that organizations face in securing Active Directory (AD), covering the importance of keeping on top of legacy AD systems.

The Five Pillars of CyberSecurity: Preparing for Continuous Compliance | A Their Story Conversation from RSA Conference 2023 | A VigiTrust Story With Mathieu Gorge

Their Story conversation with Sean Martin and CEO at VigiTrust

Mathieu Gorge discusses GRC software and the VigiOne tool that enables continuous compliance. He shares his thoughts on cybersecurity risk and his Five Pillars of Security framework. Gorge also talks about the VigiTrust Global Advisory Board, a think-tank that brings together people from all over the world to discuss topics such as cybersecurity risk and critical infrastructure protection.

The Past of the Future: Pioneering Decryption with AI and Quantum Physics | A Their Story Conversation from RSA Conference 2023 | A SandboxAQ Story with Clément Jeanjean

Their Story conversation with Sean Martin, Marco Ciappelli, and Clément Jeanjean, Senior Director at SandboxAQ

Clément Jeanjean shares how SandboxAQ aims to tackle difficult problems by combining quantum physics and. He discusses the timeline, risks, and migration challenges linked to quantum computing's arrival.

It’s Difficult to Secure the Invisible: Reinventing Asset Management for Modern Challenges in IT, IoT, and OT | A RunZero Story with Huxley Barbee

Their Story conversation with Sean Martin, Marco Ciappelli, and Huxley Barbee, Security Evangelist at RunZero

In this Their Story podcast on ITSPmagazine, Huxley Barbee emphasizes the importance of comprehensive asset inventory in prioritizing security efforts. The discussion covers RunZero's approach to asset management, highlighting the role of visibility in addressing security challenges and improving business decision-making.

The Mainframe Advantage: Robust Security Meets Infrastructure Modernization | A Rocket Software and KRI Security Story with Phil Buckellew and Cynthia Overby

Their Story Conversation With Sean Martin, Marco Ciappelli, Rocket Software’s Phil Buckellew, And KRI Security’s Cynthia Overby

Explore the value of mainframes and the role of cybersecurity in advanced, critical operating environments. Join Sean Martin, Phil Buckellew, and Cynthia Overby to learn how businesses can modernize and secure mainframe infrastructures for business innovation and resiliency.

Don't miss out – listen now!

Robotic Waterway Crusaders | Harnessing Autonomous Tech to Tackle Waterway Pollution | A Ranmarine WasteShark Story with Alistair Longman

Their Story conversation with Sean Martin, Marco Ciappelli, and Alistair Longman, CTO and Chief Product Officer, Ranmarine Technology

Discover how Ranmarine Technology's WasteSharks are revolutionizing water cleanup using autonomous robots inspired by whale sharks, the world’s largest fish. Dive into this captivating podcast episode and explore the impact of their technology on the environment and the future of waste management.

Safeguarding the C-Suite | Pioneering the Future of the Executive Digital Protection Revolution | A BlackCloak Story from RSA Conference 2023 with Chris Pierson and Daniel Floyd

Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson, and CISO, Daniel Floyd.

Dive into the world of executive cybersecurity with BlackCloak, the ultimate protector of personal and corporate digital realms. Discover how their innovative solutions are transforming the cybersecurity landscape and securing the future for executives, high-profile individuals, and their families.

The Impact Of Log4j Since Its Disclosure | Steps Businesses Can Take To Maintain Software Supply Chain Security | An Imperva Story With Gabi Stapel And Peter Klimek

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

The December 2021 log4j vulnerability was a major event in the cybersecurity world. When it was released and exposed to the internet, it caused an explosion in attacks with five and a half million attacks per day and up to 25,000 sites attacked per hour.

The vulnerability affects any system running that version of Java lookup and could be at risk, even if it is only exposed internally to insiders. The attackers initially used scanning and checking to see which sites were vulnerable, and then it was automated. Attack tools were created to make it easier for attackers to reach as many targets as possible.

Public awareness campaigns have been effective, but vulnerabilities can reappear due to the prevalence of the software. 72% of organizations still had some level of vulnerability to log4j as of October 2022.

Why Protecting Your Business Data Is More Like Securing A Museum Than A Bank | Demystifying Data Protection | An Imperva Story With Terry Ray

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Data is dynamic. Data is unique. It's critical for businesses to maintain data security and integrity by treating it differently based on what it is, what it's for, who is accessing it, how it's being used, and the overall context surrounding these things.

Join us for a conversation with Terry Ray, SVP Data Security GTM, Field CTO, and Imperva Fellow, as we demystify data protection.

Why Privacy Compliance Is A Challenge For Many Organizations | Prepare To Meet Varying Compliance Requirements | An Imperva Story With Kate Barecchia

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Over 100+ countries and counting (along with a growing number is U.S. states) have enacted data privacy legislation, creating a super-complex global data privacy landscape. Unless, of course, you approach the situation with a different mindset.

Join us to explore the relationship between privacy, security, compliance, and ethics as organizations try to find the perfect balance in data creation, collection, storage, usage, and collaboration.

Don’t worry, we’ll set the record straight for the differences between the “DPO” and the “DPO” … as well as the participation and responsibilities of security, privacy, engineering, legal, compliance, and more.

DDoS: An Old Problem Taking On New Forms As Attack Vectors Evolve | Exploring The Imperva DDoS Threat Landscape Report | An Imperva Story With David Elmaleh

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

The “waves” of ransom-driven DDoS — Distributed Denial of Service — attacks continue to come as the attack vectors, techniques, and targets continue to evolve. Where does this leave us? Let's look to the DDoS Threat Landscape Report from Imperva to glean some answers.

As we connect with David Elmaleh, during this episode, we quickly realize there is a lot to catch up on — past, present and future — for what appears to be a never-ending problem in DDoS. Attacks seems to be be repeatedly targeting the same victims and are coming more quickly and running for shorter periods. Don't be fooled, however, the financial impact due to the unplanned and seemingly-uncontrolled downtime is wreaking havoc on industries and organizations all around the globe.

In addition to leveraging new techniques, bad actors are also using advanced technologies — artificial intelligence, the Internet of Things (IoT), and 5G to name but a few — to do their dirty deeds. They are investing in these technologies to help them scale their operations to reach more targets with fewer resources. On the other side of this coin, the bad actors' deep understanding of these technologies and the new, modern architectures and infrastructures that companies are building with them, makes them prime targets as well. The expanded business capabilities using these advanced technologies equate to expanded attack surface for the DDoS slingers to target.

We cover a lot from the first 2 quarters of this quarterly report while also getting to hear what some real-world cases from Imperva customers sound and look like.

It's time we found a way to handle these distributed attacks. Have a listen to hear what your business can do to mitigate this risk.

Automated Security Validation With Red Team Penetration Testing Software | There Is A Silver Lining | A Pentera Podcast Story With Aviv Cohen

A Their Story conversation with Sean Martin, Marco Ciappelli, and Pentera’s CMO, Aviv Cohen

This is a story that begins with the journey of Arik Liberzon, the founder and CTO and head of the R&D and product teams at Pentera. Arik was the head of the red team for the Israeli Defense Forces, chartered with pentesting — or red teaming — all of the strategic assets against nation state levels of threats. He did so with a great number of people, just like you would expect to do with an enterprise level red teaming program, tapping into a wealth of ethical hackers and red teamers. But he also had another part of his brain, which was all about software.

This story, and the broader capabilities, mission, and vision for the future at Pentera, was told to us by Aviv Cohen, Pentera's Chief Marketing Officer. Connecting the human element to software and operations, the team at Pentera believe it's important to have a human view for the challenges organizations face when managing their security programs. This is why Pentera created a series of cyber cartoons that are specialized to represent cybersecurity life. The cartoons connect the life of cybersecurity personnel and their role in society. This is a way for us to laugh, adding some humor to reality, connecting the technology products and services that we provide to this reality.

The software-enabled red team army is here and ready to join your team. Have a listen and connect with the team at Pentera to begin and continue your own red team journey.

Pentesting Done Right | It's Time To Re-Imagine You Penetration Testing Program To Achieve Outcomes Over Activity | A Bugcrowd Story With Justin Kestelyn

A Their Story conversation with Sean Martin, Marco Ciappelli, and Bugcrowd

Join us for a conversation with Justin Kestelyn as take a unique journey into the past, present, and future of penetration testing. We get the opportunity to explore the how the role of a pentest has evolved as part of a larger security program, how the tools have involved, how the technique and skills has transformed, and how the human element is still key when outcomes matter more than just showing the results of a scan.

It's time to re-imagine penetration testing. Let's do that together now.

Have a listen.

Stay Tuned on ITSPmagazine Podcasts

Broadcasting Ideas. Connecting Minds.
A Modern Innovative Multi-Media Platform.
A Global Space Where Intellectual Exchange Is Encouraged.


Musing On: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring | Creativity | Writing | Space Exploration and Security | Arts | Brands & Brand Marketing | …

Subscribe to the main ITSPmagazine Podcast Channel to listen to all our conversations directly on your favorite podcast player.

Note: These are links to the General ITSPmagazine Podcast where MOST episodes from our Podcast Channels are published.
To subscribe to your favorite shows, please visit Our Podcasts Page

If you do not see your favorite player above, open it and search for ITSPmagazine Podcast.