Redefining CyberSecurity

Archer is redefining what it means to manage governance, risk, and compliance in an environment defined by constant change. Steve Schlarman, Senior Director at Archer, has spent nearly two decades helping organizations understand why their traditional GRC approaches are falling short and what it takes to close the gap. The forces challenging organizations today are well known: velocity of change, volume of change, and the uncertainty that compounds both. What makes the problem acute is timing. Annual audit cycles and quarterly risk assessments produce reports that reflect a reality that has already shifted by the time decision makers see them. The result is drift between what GRC functions can see and what leadership actually needs to know, and every gap in that visibility carries potential exposure. Schlarman explains that this reactive posture is exactly what Archer is working to change. Rather than treating risk and compliance as periodic checkboxes, the goal is to build a program that runs continuously, projecting forward as the business expands into new jurisdictions, launches new products, or encounters emerging risks. What are the compliance obligations? How does exposure shift? Archer Evolv is designed to answer those questions in real time, keeping GRC moving alongside the business rather than scrambling to catch up. Central to Archer's strategy is AI applied with intention. Rather than deploying generic agents, Archer is building what Schlarman calls AI operators: focused, guardrailed tools designed specifically to solve GRC problems. That distinction matters because the complexity of risk and compliance work demands precision, not just automation. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Steve Schlarman, Senior Director, Archer | https://www.linkedin.com/in/steveschlarman/ RESOURCES Learn more about Archer and the Archer Evolv platform: https://www.archerirm.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Steve Schlarman, Archer, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, GRC, governance risk and compliance, adaptive GRC, integrated risk management, Archer Evolv, AI in GRC, risk management, compliance automation, enterprise risk, risk and compliance strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Nobody decided to build a human-optional workflow — they just kept making reasonable procurement decisions, task by task, until the human became optional across hiring, contracting, finance, and security operations. Sean Martin traces what organizations have actually assembled, where accountability lives when it goes wrong, and why the regulatory window for getting ahead of it is closing faster than most leaders realize. In this edition of Lens Four, Sean Martin looks at the agentic AI landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter. 🔍 In this episode: Fourth Lens: The vendors knew what they were building. The buyers didn't ask the right questions. The auditors haven't arrived yet. The organizations that use the remaining window to map what they've assembled — and make explicit decisions about what requires human judgment — will be positioned when the frameworks arrive. The ones that don't will discover that the workflow they built by default is not the workflow they would have chosen under scrutiny. 📖 Read the full Lens Four analysis on seanmartin.com: https://www.seanmartin.com/lens-four/task-by-task-workflows-handing-to-ai-one-decision-at-a-time 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Edward Wu of Dropzone AI at Black Hat USA 2025: https://www.itspmagazine.com/their-stories/dropzone-ai-brings-agentic-automation-to-black-hat-usa-2025-a-drop-zone-ai-pre-event-coverage-of-black-hat-usa-2025-las-vegas-brand-story-with-edward-wu-founder/ceo-at-dropzone-ai 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Subo Guha of Stellar Cyber at RSAC 2025: https://www.itspmagazine.com/their-stories/simplifying-cybersecurity-operations-at-scale-automation-with-a-human-touch-a-brand-story-with-subo-guha-from-stellar-cyber-an-on-location-rsac-conference-2025-brand-story 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Subo Guha of Stellar Cyber at Black Hat 2025: https://www.itspmagazine.com/their-stories/stellar-cyber-revolutionizes-soc-cybersecurity-operations-with-human-augmented-autonomous-platform-at-black-hat-2025a-stellar-cyber-event-coverage-of-black-hat-usa-2025-las-vegas 🎧 Listen to the Random and Unscripted episode — "We're Becoming Dumb and Numb" — with Sean Martin and Marco Ciappelli: https://randomandunscripted.com/episodes/were-becoming-dumb-and-numb-why-black-hat-2025s-ai-hype-is-killing-cybersecurity-and-our-ability-to-think-random-and-unscripted-weekly-update-with-sean-martin-and-marco-ciappelli | 🎬 Watch on YouTube 🔔 Subscribe to the Future of Cybersecurity newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to Lens Four on seanmartin.com and "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. 🔎 Keywords agentic AI, workflow automation, task-specific AI agents, AI hiring tools, resume screening automation, HireVue, Paradox Olivia, legal AI, Harvey AI, LegalOn, contract review automation, agentic SOC, Dropzone AI, Stellar Cyber, Token Security, AI agent...

Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter. 🔍 In this episode: Sean's Take: When attackers operate in minutes and defenders plan in quarters, the gap isn't technology — it's assumptions. The organizations closing the 72-minute gap aren't hiring faster. They're rethinking what humans are for and what machines should own. Catch the full companion article on Lens Four at seanmartin.com for the complete three-lens analysis with all references and data sources. For CISOs and security leaders: Can your program detect, investigate, and contain a threat in 72 minutes — or are you still measuring in days? For vendors and product teams: Is your platform solving the operational problem CISOs have today, or selling a vision their program can't execute on? For marketing and go-to-market teams: Are you connecting your messaging to measurable outcomes — or hiding behind buzzwords like "resilience" and "platform"? 📖 Read the full Lens Four analysis on seanmartin.com: https://www.seanmartin.com/lens-four/72-minute-gap-breaches-vendors-messaging 🎬 Watch the companion video summary — "Why Hackers Beat Your Security in Just 72 Minutes": https://youtu.be/EjsADm7faJ0 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Richard Stiennon on SOC automation: https://redefiningcybersecuritypodcast.com/episodes/soc-automation-and-the-ai-driven-future-of-cybersecurity-defense-a-redefining-cybersecurity-podcast-conversation-with-richard-stiennon-chief-research-analyst-of-it-harvest 🎬 Watch the video version of the Richard Stiennon conversation: https://youtu.be/si_fS4H-d3w 🔔 Subscribe to the Future of Cybersecurity newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to Lens Four on seanmartin.com and "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. 🔎 Keywords 72-minute gap, ai-driven cyberattacks, soc automation, unit 42, incident response, identity-driven attacks, credential theft, iam misconfigurations, cisa workforce, agentic ai, palo alto networks, crowdstrike, google wiz acquisition, cybersecurity spending, platform consolidation, ai security vendors, it-harvest, richard stiennon, gartner cybersecurity trends 2026, forrester predictions, clawjacked, enterprise management associates, board-ciso communication, cybersecurity resilience, managed security services, cyber insurance, redefining cybersecurity podcast, lens four, sean martin, tape9 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast:...

⬥EPISODE NOTES⬥ What happens when a cybersecurity professional knows exactly what's wrong but can't get anyone to act on it? It's a problem that affects security teams across every industry, and it's the central question driving Josh Mason's new book, Speaks Security with a Business Accent. In this conversation, Josh Mason joins Sean Martin to unpack why technical accuracy alone doesn't move the needle and what it takes to communicate security in terms the business actually understands. Josh Mason brings a perspective shaped by years as an Air Force pilot and cyber warfare officer, where mission-first thinking wasn't optional, it was survival. As a safety officer, he studied aircraft mishaps, analyzed black box recordings, and learned that risk awareness doesn't mean risk paralysis. The same philosophy, he argues, applies to cybersecurity: teams can acknowledge risk without letting fear of failure prevent them from supporting the mission. Drawing from books like Dale Carnegie's How to Win Friends and Influence People, The Phoenix Project, and The Goal, Josh Mason structured his own book as a narrative, telling the story of a CIO who transforms a disconnected security team into one that communicates effectively with colleagues, leadership, the board, and eventually beyond the organization. A recurring theme in this conversation is the danger of perfection as the enemy of progress. Josh Mason uses the Iron Man analogy of building an imperfect prototype, flying it, learning from the failure, and iterating, to argue that security teams need to embrace a similar mindset. DevOps teams have already adopted this approach, and security can learn from it. Inaction for perfection's sake, he warns, isn't going to get anyone anywhere. The conversation also examines whether the cybersecurity industry does enough to learn from its own incidents. Unlike aviation, where the FAA and NTSB mandate rigorous post-incident analysis, cybersecurity lacks a centralized authority enforcing that same discipline. Organizations like MITRE, Verizon, and Mandiant publish valuable trend reports, and the data is there for those willing to use it, but it ultimately comes down to individual responsibility and leadership within each organization. For anyone who has ever felt technically right but strategically sidelined, this conversation offers a practical lens on bridging the gap between what security teams know and what the business needs to hear. ⬥GUEST⬥ Josh Mason, Author of Speaks Security with a Business Accent | Air Force Veteran, Cybersecurity Professional, and Founder of Noob Village | Website: https://www.mason-sc.com | On LinkedIn: https://www.linkedin.com/in/joshuacmason/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Speaks Security with a Business Accent by Josh Mason | https://www.mason-sc.com The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ josh mason, sean martin, speaks security with a business accent, cybersecurity communication, business alignment, penetration testing, risk management, air force cybersecurity, security leadership,...

What does it take to turn the dream of an autonomous SOC into something organizations can actually deploy? Subo Guha, Senior Vice President of Product Management at Stellar Cyber, joins Sean Martin to share how the company's AI-driven security operations platform is making that vision a reality. Stellar Cyber serves SOC teams across more than 50 countries, with a primary focus on MSPs and MSSPs supporting the underserved mid-market, though marquee enterprise customers like Canon are also part of the portfolio. How can agentic AI change the way SOC teams handle alert overload? Guha describes what he calls a "digital army" of AI agents that work around the clock to automate alert triage and catch phishing attacks. The system filters 70 to 80 percent of incoming alerts, allowing analysts to focus on the 20 percent that matter most. With attackers using AI to launch faster and more frequent campaigns, Stellar Cyber takes a human-augmented approach, meaning the AI learns from analyst interactions and continuously guides the SOC team toward faster, more accurate remediation. Why does this matter for MSPs operating on thin margins? Guha explains that the autonomous SOC capability layered on top of Stellar Cyber's XDR platform allows MSSPs to serve more customers, reduce mean time to repair, and grow their tenant base without proportionally increasing staff. When MSSPs grow revenue, Stellar Cyber grows alongside them, creating a mutually beneficial model that ultimately means more organizations get protected. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Subo Guha, Senior Vice President of Product Management, Stellar Cyber @LinkedIn RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Subo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, autonomous SOC, agentic AI, security operations, XDR, NDR, MSSP, MSP, alert triage, AI-driven security, Open XDR, Gartner Magic Quadrant, phishing detection, SOC automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when AI agents inherit access to enterprise systems but nobody governs their identities? Ido Shlomo, Co-Founder and CTO of Token Security, joins the conversation to unpack a rapidly growing challenge that many organizations face but few have addressed. As businesses accelerate AI adoption, agents are being deployed to fetch data from CRMs, process emails, and execute actions across platforms. The problem is that these agents often operate with persistent access, no clear ownership, and little visibility into what they can reach. How should security teams approach AI agent identity governance? Shlomo explains that the first step is discovery. Most companies do not know what their AI agent inventory looks like, and without that baseline, effective governance is impossible. The good news, he notes, is that agents do not suffer from politics. They do exactly what they are told and operate within the boundaries they are given. That predictability makes the challenge more manageable if the right tooling is in place. What makes an effective access policy for AI agents? Rather than relying on prompt filtering or output controls that add latency and friction, Shlomo advocates for intent-based permission models that scope each agent to access only what it needs, when it needs it. He frames the prioritization process as a matrix of access and autonomy, where the agents with the highest levels of both deserve immediate attention. For business leaders, the visibility that comes from this approach also reveals waste and inefficiency, highlighting departments and services that are not delivering on their intended value. To learn more about how to identify, govern, and secure AI agent identities, connect with the Token Security team and follow Ido Shlomo for practical guidance. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Ido Shlomo, Co-Founder & CTO of Token Security On LinkedIn: https://il.linkedin.com/in/ido--shlomo RESOURCES Token Security (Website): https://www.token.security/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Ido Shlomo, Token Security, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, AI agent identity, non-human identity, identity governance, AI agent security, identity risk, least privilege, AI agent access, machine identity, NHI security, AI agent inventory, intent-based access Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The CISA Known Exploited Vulnerabilities (KEV) catalog is one of the most referenced resources in vulnerability management, but how well do security teams actually understand what it tells them? In this Brand Highlight, Tod Beardsley, Vice President of Security Research at runZero and former CISA section chief who helped manage the KEV on a daily basis, breaks down what the catalog is designed to do and, just as importantly, what it is not. What is the KEV catalog and who is it really for? The KEV is mandated by Binding Operational Directive 22-01 (BOD 22-01), which tasks CISA with identifying vulnerabilities that are known to be exploited and have an available fix. Its primary audience is federal civilian executive branch agencies, but because the catalog is public, organizations everywhere use it as a prioritization signal. Beardsley notes that inclusion on the KEV requires a CVE ID, evidence of active exploitation, a patch or mitigation, and relevance to federal interests, meaning zero-day vulnerabilities and end-of-life systems without CVEs never appear. How should organizations think about KEV entries that are not equally dangerous? Beardsley explains that only about a third of KEV-listed vulnerabilities represent straight-shot remote code execution with no user interaction and no authentication required. The rest span a wide spectrum of severity. EPSS data reveals an inverse bell curve: many KEV entries have extremely low probabilities of exploitation in the next 30 days, while others cluster at the high end with commodity exploits widely available. This means treating every KEV entry as equally critical leads to wasted effort and alert fatigue. That gap between the catalog and real-world decision-making is exactly what KEVology addresses. The research, produced by Beardsley at runZero, enriches KEV data with CVSS metrics, EPSS scores, exploit tooling indicators, and ATT&CK mappings to help security teams filter and prioritize vulnerabilities based on what actually matters to their environment. Rather than prescribing a single priority list, KEVology treats the KEV as data to be analyzed, not doctrine to be followed blindly. To make this analysis accessible and interactive, runZero built KEV Collider, a free, daily-updated web application at runzero.com/kev-collider. The tool lets defenders sort, filter, and layer multiple risk signals across the entire KEV catalog. Because every filter combination is encoded in URL parameters, teams can bookmark and share custom views with colleagues instantly. Beardsley describes KEV Collider as an evergreen companion to the research, updating automatically as new vulnerabilities are added to the catalog each week. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Tod Beardsley, Vice President of Security Research at runZero On LinkedIn: https://www.linkedin.com/in/todb/ RESOURCES Learn more about runZero: https://www.runzero.com KEVology research report: https://www.runzero.com/resources/kevology/ KEV Collider: https://www.runzero.com/kev-collider/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Tod Beardsley, runZero, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, KEVology, KEV Collider, CISA KEV, vulnerability management, exploit scoring, EPSS, CVSS, vulnerability prioritization, exposure management, BOD 22-01, known exploited vulnerabilities, cybersecurity risk, patch management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when AI safety filters fail to catch harmful content hidden inside images? Alessandro Pignati, AI Security Researcher at NeuralTrust, joins Sean Martin to reveal a newly discovered vulnerability that affects some of the most widely used image-generation models on the market today. The technique, called semantic chaining, is an image-based jailbreak attack discovered by the NeuralTrust research team, and it raises important questions about how enterprises secure their multimodal AI deployments. How does semantic chaining work? Pignati explains that the attack uses a single prompt composed of several parts. It begins with a benign scenario, such as a historical or educational context. A second instruction asks the model to make an innocent modification, like changing the color of a background. The final, critical step introduces a malicious directive, instructing the model to embed harmful content directly into the generated image. Because image-generation models apply fewer safety filters than their text-based counterparts, the harmful instructions are rendered inside the image without triggering the usual safeguards. The NeuralTrust research team tested semantic chaining against prominent models including Gemini Nano Pro, Grok 4, and Seedream 4.5 by ByteDance, finding the attack effective across all of them. For enterprises, the implications extend well beyond consumer use cases. Pignati notes that if an AI agent or chatbot has access to a knowledge base containing sensitive information or personal data, a carefully structured semantic chaining prompt can force the model to generate that data directly into an image, bypassing text-based safety mechanisms entirely. Organizations looking to learn more about semantic chaining and the broader landscape of AI agent security can visit the NeuralTrust blog, where the research team publishes detailed breakdowns of their findings. NeuralTrust also offers a newsletter with regular updates on agent security research and newly discovered vulnerabilities. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Alessandro Pignati, AI Security Researcher, NeuralTrust On LinkedIn: https://www.linkedin.com/in/alessandro-pignati/ RESOURCES Learn more about NeuralTrust: https://neuraltrust.ai/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Alessandro Pignati, NeuralTrust, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, semantic chaining, image jailbreak, AI security, agentic AI, multimodal AI, LLM safety, AI red teaming, prompt injection, AI agent security, image-based attacks, enterprise AI security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations. Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences. How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have. The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data. Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome. What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X] https://www.linkedin.com/in/monzymerza RESOURCES Crogl: https://www.crogl.com AI SOC Summit: https://www.aisocsummit.com/ Are you interested in telling your story? ▶︎ Full Length Brand Story:...

Show Notes Most organizations treat cybersecurity as a technology problem. They invest in layers of defense, run phishing tests, and deploy identity and access management tools. Yet headlines about breaches keep coming. Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at the MIT Sloan School of Management, argues that the real opportunity lies not in more technology but in changing how people across the organization think about and value cybersecurity. In this episode of the Human-Centered Cybersecurity Series, co-hosted by Julie Haney, Computer Scientist and Lead of the Human-Centered Cybersecurity Program at the National Institute of Standards and Technology (NIST), Dr. Keri Pearlson introduces her framework for cybersecurity culture built around values, attitudes, and beliefs. Rather than simply training employees on what to do, the focus shifts to shaping why they do it. When people genuinely believe cybersecurity matters, they take action without waiting for mandates or programs to tell them how. Dr. Pearlson shares vivid examples from her research: a CISO who hired a marketing professional to run the cybersecurity culture program, a CEO who opens every all-hands meeting with a five-minute cybersecurity story, and organizations that use creative rewards like chocolate chip cookies and digital badges to reinforce positive behaviors. She also outlines a five-stage maturity model for cybersecurity culture, from ad hoc efforts all the way to a dynamic culture that self-regulates as new threats like AI-driven vulnerabilities emerge. The conversation also tackles the relationship between organizational culture and cybersecurity culture, the role of group-level accountability, and why consequences matter just as much as rewards. Dr. Pearlson makes the case that cybersecurity should move from being viewed as an infrastructure play to a strategic advantage, one that can attract customers, reduce costs, and build competitive differentiation. For any leader looking to move the needle on security culture, this episode offers a research-backed roadmap and practical steps that anyone can take starting tomorrow. Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Guest(s) Dr. Keri Pearlson, Senior Lecturer and Principal Research Scientist at MIT Sloan School of Management | On LinkedIn: https://www.linkedin.com/in/kpearlson/ Julie Haney (Co-Host), Computer Scientist and Lead, Human-Centered Cybersecurity Program at National Institute of Standards and Technology (NIST) | On LinkedIn: https://www.linkedin.com/in/julie-haney-037449119/ Resources Learn more about Dr. Keri Pearlson's research: https://mitsloan.mit.edu/faculty/directory/keri-pearlson Learn more about the NIST Human-Centered Cybersecurity Program: https://csrc.nist.gov/projects/human-centered-cybersecurity Cybersecurity at MIT Sloan (CAMS): https://cams.mit.edu/ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords dr. keri pearlson, julie haney, mit sloan, nist, sean martin, cybersecurity culture, security culture, values attitudes beliefs, cyber resilience, human-centered cybersecurity, security awareness, phishing, cybersecurity maturity model, security behavior, cybersecurity strategy, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Across dozens of conversations centered on the CISO experience, one reality keeps surfacing: the role no longer exists to protect systems in isolation. It exists to protect the business itself. Today’s CISO operates at the intersection of operational risk, executive decision-making, and organizational trust. The responsibility is not just to identify threats, but to help leadership understand which risks matter, when they matter, and why they deserve attention. This shift changes what success looks like. It also changes how pressure is felt. During the early years of this transition, CISOs carry accountability without authority. They are expected to influence outcomes without always having control over budgets, priorities, or timelines. That tension forces a new skill set to the forefront. Technical knowledge is assumed. The differentiator becomes communication, translation, and relationship-building across the business. As organizations mature, the conversation evolves again. Security stops being framed around individual threats and starts being framed as an operational discipline. CISOs focus on prioritization, tradeoffs, and clarity rather than coverage for everything. This requires judgment more than tooling. The role also becomes deeply human. Fear shows up quietly. Fear of pushing too hard. Fear of slowing the business. Fear of being seen as the blocker. CISOs who succeed do not eliminate that fear. They learn how to manage it while building credibility with executive peers. AI enters the picture not as a replacement, but as a force multiplier. Automation supports scale, but judgment remains human. Security programs increasingly deny by default and permit intentionally, which demands a deep understanding of how the business actually works. That understanding cannot be automated. What emerges is a clearer definition of modern security leadership. The CISO is no longer a gatekeeper. This is a risk advisor, a translator, and a strategist who helps the organization focus its limited resources where they matter most. The role has not become easier. It has become more meaningful. Read the full article: TBA ________ This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 ________ Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of the On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Would you like Sean to work with you on a topic/series to help you tell your story? Visit his services page to learn more: https://www.seanmartin.com/services Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. Keywords: sean martin, marco ciappelli, steve katz, tim brown, jessica robinson, rob allen, rohit ghai, rich seiersen, steven j speer, chris pierson, mark lambert, jim manico, robin bylenga, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast, ciso, risk, leadership, ai, resilience, strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Across 152 conversations this year, a set of recurring patterns kept surfacing, regardless of whether the discussion focused on application security, software supply chain risk, AI systems, or creative work. The industries varied. The roles varied. The challenges did not. One theme rises above the rest: visibility remains the foundation of everything else, yet organizations continue to accept blind spots as normal. Asset inventories are incomplete. Build systems are poorly understood. Dependencies change faster than teams can track them. The issue is not a lack of tools. It is a willingness to tolerate uncertainty because discovery feels hard or disruptive. Another pattern is equally consistent. Integration matters more than novelty. New features, including AI-driven ones, sound compelling until they fail to connect with what teams already rely on. Security programs fracture when tools operate in isolation. Coverage looks strong on paper while gaps quietly expand in practice. When tools fail to integrate into existing environments, they create complexity instead of reducing risk. Security also continues to struggle with how it shows up in daily work. Programs succeed when security is embedded into workflows, automated where possible, and invisible until it matters. They fail when security acts as a gate that arrives after decisions are already made. Teams either adopt security naturally or route around it entirely. There is no neutral middle ground. Context repeatedly separates effective leadership from noise. Risk only becomes meaningful when it is framed in terms of business operations, delivery speed, and real tradeoffs. Leaders who understand how the business actually functions communicate risk clearly and make better decisions under pressure. Finally, creativity remains undervalued in security conversations. Automation should remove repetitive tasks so people can focus on judgment, problem solving, and design. The same mindset that produces elegant guitars, photographs, or products applies directly to building resilient security programs. These five patterns are not independent ideas. Together, they describe a shift toward security that is visible, integrated, contextual, workflow-driven, and human-centered. Read the full article: TBD ________ This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 ________ Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of the On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Would you like Sean to work with you on a topic/series to help you tell your story? Visit his services page to learn more: https://www.seanmartin.com/services Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Modern application development depends on open source packages moving at extraordinary speed. Paul McCarty, Offensive Security Specialist focused on software supply chain threats, explains why that speed has quietly reshaped risk across development pipelines, developer laptops, and CI environments. JavaScript dominates modern software delivery, and the npm registry has become the largest package ecosystem in the world. Millions of packages, thousands of daily updates, and deeply nested dependency chainsഴ് often exceeding a thousand indirect dependencies per application. That scale creates opportunity, not only for innovation, but for adversaries who understand how developers actually build software. This conversation focuses on a shift that security leaders can no longer ignore. Malicious packages are not exploiting accidental coding errors. They are intentionally engineered to steal credentials, exfiltrate secrets, and compromise environments long before traditional security tools see anything wrong. Attacks increasingly begin on developer machines through social engineering and poisoned repositories, then propagate into CI pipelines where access density and sensitive credentials converge. Paul outlines why many existing security approaches fall short. Vulnerability databases were built for mistakes, not hostile code. AppSec teams are overloaded burning down backlogs. Security operations teams rarely receive meaningful telemetry from build systems. The result is a visibility gap where malicious code can run, disappear, and leave organizations unsure what was touched or stolen. The episode also explores why simple advice like “only use vetted packages” fails in practice. Open source ecosystems move too fast for manual approval models, and internal package repositories often collapse under friction. Meanwhile, attackers exploit maintainer accounts, typosquatting domains, and ecosystem trust to reach billions of downstream installations in a single event. This discussion challenges security leaders to rethink how software supply chain risk is defined, detected, and owned. The problem is no longer theoretical, and it no longer lives only in development teams. It sits at the intersection of intellectual property, identity, and delivery velocity, demanding attention from anyone responsible for protecting modern software-driven organizations. ⬥GUEST⬥ Paul McCarty, NPM Hacker and Software Supply Chain Researcher | On LinkedIn: https://www.linkedin.com/in/mccartypaul/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥RESOURCES⬥ LinkedIn Post: https://www.linkedin.com/posts/mccartypaul_i-want-to-introduce-you-to-my-latest-project-activity-7396297753196363776-1N-T Open Source Malware Database: https://opensourcemalware.com OpenSSF Scorecard Project: https://securityscorecards.dev ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ paul mccarty, sean martin, software, supplychain, appsec, npm, javascript, ci, malware, opensource, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Artificial intelligence is reshaping how public health organizations manage data, interpret trends, and support decision-making. In this episode, Sean Martin talks with Jim St. Clair, Vice President of Public Health Systems at a major public health research institute, Altarum, about what AI adoption really looks like across federal, state, and local agencies. Public health continues to face pressure from shifting budgets, aging infrastructure, and growing expectations around timely reporting. Jim highlights how initiatives launched after the pandemic pushed agencies toward modernized systems, new interoperability standards, and a stronger foundation for automated reporting. Interoperability and data accessibility remain central themes, especially as agencies work to retire manual processes and unify fragmented registries, surveillance systems, and reporting pipelines. AI enters the picture as a multiplier rather than a replacement. Jim outlines practical use cases that public health agencies can act on now, from community health communication tools and emergency response coordination to predictive analytics for population health. These approaches support faster interpretation of data, targeted outreach to communities, and improved visibility into ongoing health activity. At the same time, CISOs and security leaders are navigating a new risk environment as agencies explore generative AI, open models, and multi-agent systems. Sean and Jim discuss the importance of applying disciplined data governance, aligning AI with FedRAMP and state-level controls, and ensuring that any model running inside an organization’s environment is treated with the same rigor as traditional systems. The conversation closes with a look at where AI is headed. Jim notes that multi-agent frameworks and smaller, purpose-built models will shape the next wave of public health technology. These systems introduce new opportunities for automation and decision support, but also require thoughtful implementation to ensure trust, reliability, and safety. This episode presents a realistic, forward-looking view of how AI can strengthen the future of public health and the cybersecurity responsibilities that follow. ⬥GUEST⬥ Jim St. Clair, Vice President, Public Health Systems, Altarum | On LinkedIn: https://www.linkedin.com/in/jimstclair/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥RESOURCES⬥ N/A ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ sean martin, jim st. clair, ai, interoperability, public health, data governance, population health, cybersecurity, ciso, automation, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What Security Congress Reveals About the State of Cybersecurity This discussion focuses on what ISC2 Security Congress represents for practitioners, leaders, and organizations navigating constant technological change. Jon France, Chief Information Security Officer at ISC2, shares how the event brings together thousands of cybersecurity practitioners, certification holders, chapter leaders, and future professionals to exchange ideas on the issues shaping the field today.  Themes That Stand Out AI remains a central point of attention. France notes that organizations are grappling not only with adoption but with the shift in speed it introduces. Sessions highlight how analysts are beginning to work alongside automated systems that sift through massive data sets and surface early indicators of compromise. Rather than replacing entry-level roles, AI changes how they operate and accelerates the decision-making path. Quantum computing receives a growing share of focus as well. Attendees hear about timelines, standards emerging from NIST, and what preparedness looks like as cryptographic models shift.  Identity-based attacks and authorization failures also surface throughout the program. With machine-driven compromises becoming easier to scale, the community explores new defenses, stronger controls, and the practical realities of machine-to-machine trust. Operational technology, zero trust, and machine-speed threats create additional urgency around modernizing security operations centers and rethinking human-to-machine workflows.  A Place for Every Stage of the Career France describes Security Congress as a cross-section of the profession: entry-level newcomers, certification candidates, hands-on practitioners, and CISOs who attend for leadership development. Workshops explore communication, business alignment, and critical thinking skills that help professionals grow beyond technical execution and into more strategic responsibilities.  Looking Ahead to the Next Congress The next ISC2 Security Congress will be held in October in the Denver/Aurora area. France expects AI and quantum to remain key themes, along with contributions shaped by the call-for-papers process. What keeps the event relevant each year is the mix of education, networking, community stories, and real-world problem-solving that attendees bring with them. The ISC2 Security Congress 2025 is a hybrid event taking place from October 28 to 30, 2025 Coverage provided by ITSPmagazine GUEST: Jon France, Chief Information Security Officer at ISC2 | On LinkedIn: https://www.linkedin.com/in/jonfrance/ HOST: Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.com Follow our ISC2 Security Congress coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/isc2-security-congress-2025 Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage ISC2 Security Congress: https://www.isc2.org NIST Post-Quantum Cryptography Standards: https://csrc.nist.gov/projects/post-quantum-cryptography ISC2 Chapters: https://www.isc2.org/chapters Want to share an Event Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.studioc60.com/performance#ideas KEYWORDS: cybersecurity, ai security, isc2 congress, quantum computing, identity attacks, zero trust, soc automation, cyber jobs, cyber careers, cyber leadership, security operations, threat intelligence, machine speed, authentication, authorization, sean martin, jon france, identity, soc, certification, leadership, event coverage, on location, conference Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validate the strength of their culture and workflows. Screenly provides a secure digital signage platform used by organizations that care deeply about device integrity, uptime, and lifecycle management. Healthcare facilities, financial services, and even NASA rely on these displays, which makes the security posture supporting them a priority. Viktor outlines why security functions best when embedded into culture rather than treated as a compliance checkbox. His team actively invests in continuous testing, including a structured bug bounty program that generates a steady flow of findings. The conversation centers on a real event: a report claiming that more than a thousand user accounts appeared in a public leak repository. Instead of assuming the worst or dismissing the claim, the team mobilized within hours. They validated the dataset, built correlation tooling, analyzed how many records were legitimate, and immediately reset affected accounts. Once they ruled out a breach of their systems, they traced the issue to compromised end user devices associated with previously known credential harvesting incidents. This scenario demonstrates how a strong internal process helps guide the team through verification, containment, and communication. Viktor emphasizes that optional security features only work when customers use them, which is why Screenly is moving to passwordless authentication using magic links. Removing passwords eliminates the attack vector entirely, improving security for customers without adding friction. For listeners, this episode offers a clear look at what rapid response discipline looks like, how bug bounty reports can add meaningful value, and why passwordless authentication is becoming a practical way forward for SaaS platforms. It is a timely reminder that transparency builds trust, and security culture determines how confidently a team can navigate unexpected events. Learn more about Screenly: https://itspm.ag/screenly1o Note: This story contains promotional content. Learn more. GUEST Viktor Petersson, Co-founder of Screenly | On LinkedIn: https://www.linkedin.com/in/vpetersson/ RESOURCES Learn more and catch more stories from Screenly: https://www.itspmagazine.com/directory/screenly LinkedIn Post: https://www.linkedin.com/posts/vpetersson_screenly-security-incident-response-how-activity-7393741638918971392-otkk Blog: Security Incident Response: How We Investigated a Data Leak and What We're Doing Next: https://www.screenly.io/blog/2025/11/10/security-incident-response-magic-links/ Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight Keywords: sean martin, marco ciappelli, viktor petersson, security, authentication, bugbounty, signage, incidentresponse, breaches, cybersecurity, brand story, brand marketing, marketing podcast, brand story podcast, brand spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Understanding the Startup Engine Behind Cybersecurity This episode brings Sean Martin together with Ross Haleliuk, author, investor, product leader, and creator of Venture Insecurity, for a candid look at the forces shaping cybersecurity startups today. Ross shares how his decade of product leadership and long involvement in the security community give him a unique perspective on what drives founders, what creates market gaps, and why new companies keep entering a space already full of tools. Why Security Produces So Many Products Ross explains that the large number of security tools is not evidence of an industry losing control. Instead, it reflects a technology ecosystem where entrepreneurship has become easier and where attackers, not practitioners, define what defenders need. Because threats shift constantly, security leaders must always look for clues on what could fail next. That constant uncertainty fuels innovation. What Motivates Founders Despite outside assumptions, Ross observes that most founders are motivated by the problems they have lived themselves. Some come from enterprise teams. Others come from military backgrounds. Many find traction with early open source work. Few come into cybersecurity to chase quick wins, and most do not survive long enough to chase profits even if they wanted to. Security as Business Enablement Sean and Ross discuss the role of security as a business driver. In regulated sectors, companies invest because they must. In technology companies, strong security is a sales enabler that gives customers confidence to use their products. Outside of tech, the priority is more about resilience and operational continuity. How Buyers Should Think About Startups Ross outlines the tradeoffs. Startups deliver speed, responsiveness, fresh architecture, and modern user experience. Large vendors provide stability, predictability, and broad coverage. Neither is perfect. Security leaders should decide based on the importance of the capability, the level of influence they want, and the outcomes they need. This conversation highlights the practical realities behind the security products organizations choose and the people who build them. Listeners will hear both the optimism and the honesty that define today’s cybersecurity innovation economy. ⬥GUEST⬥ Ross Haleliuk, Security product leader, author, advisor, board member and investor | On LinkedIn: https://www.linkedin.com/in/rosshaleliuk/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥RESOURCES⬥ Inspiring Blog: https://ventureinsecurity.net/p/not-every-security-leader-works-at ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ sean martin, ross haleliuk, cybersecurity, startups, venture security, founders, innovation, risk, resilience, product strategy, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥ Understanding Beg Bounties and Their Growing Impact This episode examines an issue that many organizations have begun to notice, yet often do not know how to interpret. Sean Martin is joined by Casey Ellis, Founder of Bugcrowd and Co-Founder of disclose.io, to break down what a “beg bounty” is, why it is increasing, and how security leaders should think about it in the context of responsible vulnerability handling. Bug Bounty vs. Beg Bounty Casey explains the core principles of a traditional bug bounty program. At its core, a bug bounty is a structured engagement in which an organization invites security researchers to identify vulnerabilities and pays rewards based on severity and impact. It is scoped, governed, and linked to an established policy. The process is predictable, defensible, and aligned with responsible disclosure norms. A beg bounty is something entirely different. It occurs when an unsolicited researcher claims to have found a vulnerability and immediately asks whether the organization offers incentives or rewards. In many cases, the claim is vague or unsupported and is often based on automated scanner output rather than meaningful research. Casey notes that these interactions can feel like unsolicited street windshield washing, where the person provides an unrequested service and then asks for payment. Why It Matters for CISOs and Security Teams Security leaders face a difficult challenge. These messages appear serious on the surface, yet most offer no actionable details. Responding to each one triggers incident response workflows, consumes time, and raises unnecessary internal concern. Casey warns that these interactions can create confusion about legality, expectations, and even the risk of extortion. At the same time, ignoring every inbound message is not a realistic long-term strategy. Some communications may contain legitimate findings from well-intentioned researchers who lack guidance. Casey emphasizes the importance of process, clarity, and policy. How Organizations Can Prepare According to Casey, the most effective approach is to establish a clear vulnerability disclosure policy. This becomes a lightning rod for inbound security information. By directing researchers to a defined path, organizations reduce noise, set boundaries, and reinforce safe communication practices. The episode highlights the need for community norms, internal readiness, and a shared understanding between researchers and defenders. Casey stresses that good-faith researchers should never introduce payment into the first contact. Organizations should likewise be prepared to distinguish between noise and meaningful security input. This conversation offers valuable context for CISOs, security leaders, and business owners navigating the growing wave of unsolicited bug claims and seeking practical ways to address them. ⬥GUEST⬥ Casey Ellis, Founder and Advisor at Bugcrowd | On LinkedIn: https://www.linkedin.com/in/caseyjohnellis/ ⬥HOST⬥ Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥RESOURCES⬥ Inspiring Post: https://www.linkedin.com/posts/caseyjohnellis_im-thinking-we-should-start-charging-bug-activity-7383974061464453120-caEW Disclose.io: https://disclose.io/ ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ cybersecurity, bug bounty, vulnerability disclosure, beg bounty, hacking, researcher, ciso, security teams, risk...

Most organizations have security champions. Few have a real security culture. In this episode of AppSec Contradictions, Sean Martin explores why AppSec awareness efforts stall, why champion programs struggle to gain traction, and what leaders can do to turn intent into impact. 🔍 In this episode: Sean’s Take: When security culture is treated as a checkbox, nothing changes. When it’s connected to ownership, incentives, and everyday work — everything does. Catch the full companion article in the Future of Cybersecurity newsletter for deeper analysis and more research. For developers: Has your security-champion program helped ship safer code—or just added meetings? For application security professionals: Are your metrics tied to risk reduction or participation counts? For business leaders: Can you connect your “security culture” investment to measurable resilience? 📖 Read the full companion article in the Future of Cybersecurity newsletter for deeper insights: https://www.linkedin.com/pulse/building-real-security-culture-why-most-appsec-fall-martin-cissp-eab7e 🔔 Subscribe to stay updated on the full AppSec Contradictions video series and more perspectives on the future of cybersecurity: https://www.youtube.com/playlist?list=PLnYu0psdcllRWnImF5iRnO_10eLnPFWi_ ________ This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 ________ Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.