Sean Martin

Reverse Engineering BlueKeep: What You Need To Know To Prepare

By Sean Martin

Guests: Scott Scheferman | Rick McElroy | @JaGoTu

I recently came across a post from Scott Scheferman about the BlueKeep vulnerability and patch that intrigued me. After a few attempts to bring together a few folks, I was able to pull in Rick McElroy and @JaGoTu to join Scott and I for a chat about what’s real with respect to this threat. Needless to say, this group did not disappoint.

During our nearly-one-hour chat, we cover tons of stuff and there’s a lot to absorb here. I would encourage you to take the time to learn from this conversation and then apply what you’ve learned to your infosec program. And, if you value the community, take a moment to share this with a few of your peers to help them out.

Chats From InfoSec Europe 2019 | Your Car Is A Smartphone On Wheels | With Ian Tabor and David Baker

By Sean Martin | Co-host Marco Ciappelli

During Infosecurity Europe in London, Marco and Sean connected with Ian Tabor, car enthusiast and car hacker along with David Baker from Bugcrowd, to discuss the roles of ethical hacking and crowdsourced security analysis in ensuring the safety of drivers all around the world.

Ian, a core member of the Car Hacking Village — a group of professional and hobbyist car hackers who work together to provide hands-on, interactive car hacking learning, talks, hardware, and interactive contests — takes us through the trials and tribulations of the research he performs, including the challenges with sourcing the vehicles, finding the flaws, reporting the flaws, and protecting himself from potential legal action in the process.

Chats On The Clouds To InfoSec Europe 2019 | The Largest InfoSec Summit In Europe Brings People Together | With Nicole Mills, Senior Exhibition Director, Infosecurity Group

By Sean Martin | Co-host Marco Ciappelli

In today’s chat, Marco Ciappelli and Sean Martin connect with Nicole Mills, the event director for Infosecurity Europe. Nicole took time out of her final moments of preparation to share with us what we can expect during the 24th edition of the summit taking place in the Olympia in London.

With more than 12 months invested in planning, attendees will be treated to 10 stages with talks taking place all day, every day, over 400 exhibitors with demonstrations and hands-on activities, and networking events within and outside the conference center. Listen in to hear more about the event that has a lot of something for everyone. And, if you have a moment while on-site at the event, thank Nicole, and her extended team, for their hard work bringing us all together to help each live a victorious and healthy InfoSec Life.

Chats On The Clouds To InfoSec Europe 2019 | Marketing Security to the Board & Execs | With Killian Faughnan, Group CISO, William Hill

By Sean Martin | Co-host Marco Ciappelli

In today’s chat, Marco Ciappelli and Sean Martin speak with Killian Faughnan, Group CISO, William Hill. During the conversation, In addition to getting some insight into how Killian looks at cybersecurity as a whole, during our chat today we got to dig into the lightning talk Killian will be giving during InfoSec Europe in London as part of a 4-part keynote session titled Building Brand Infosec: Engaging Employees to Drive Secure Behaviour.

Chats On The Clouds to InfoSec Europe 2019 | Skills and the Future of CyberSecurity | With Kevin Fielder, CISO, Just Eat

By Sean Martin | Co-host Marco Ciappelli

In today’s chat, Marco Ciappelli and Sean Martin speak with Kevin Fielder, CISO for Just Eat. During the conversation, Kevin shares his views on cybersecurity and what it means to secure the business at Just Eat, focusing on the 13 countries, 100,000 restaurant partners, 26 million customers, nearly 4000 colleagues in the company.

You Are Number Six! I Am Not A Number! I Am A Free Device! — The Importance Of Identity In The Connected World

By Sean Martin

Guests: Emily Miller | Ted Harrington | Dean Weber
Host: Sean Martin

In today's episode, I connect with Emily, Dean, and Ted, we look at the current state of security in IT, OT, IoT, and ICS — and the connections between these different environments.

Together, we explore how identity plays a critical role in ensuring a safe environment that can be traced to specific sensors, devices networks, and people. And, with the massive numbers of things hitting the market—and our society—we attempt to answer the question surrounding our ability (or lack thereof) to scale the controls and protections to minimize—or perhaps even eliminate—undue exposure to risk introduced by these things.

The 12th Edition Verizon Data Breach Investigations Report (DBIR): Read It And Spring into Action

By Sean Martin

Guests: Gabriel Bassett | John Grim
Host: Sean Martin

Today's episode comes to you in concert with the release of the 12th edition of the Verizon Data Breach Investigation report comprised of data from 73 contributors, the highest number since its launch. Gabriel Bassett, Senior Information Security Data Scientist and John Grim, Senior Manager, Investigative Response Team — both from Verizon Enterprise Solutions — join ITSPmagazine's Sean Martin. We discuss the role of the DBIR in building and maintaining information security programs, what some of the key findings are, and how to make the data actionable.

We’re Moving Toward Technologies That Enable Humans Rather Than Try To Automate Them

By Sean Martin

During RSA Conference 2019 in San Francisco, Sean Martin sat down with Jill Orhun, Head of Strategy and Operations for Cyber at Devo, Seema Sheth-Voss, VP Product Marketing at Devo, and Chris O’Brien, Head of Technical Marketing at Devo — a group of folks who connect with customers and prospects — to discuss trends and anomalies they’ve seen.

Inspiration is what is needed to inspire change

By Marco Ciappelli & Selena Templeton

Here at ITSPmagazine, we are always looking for inspiration, muses and revelations. It is what drives us and what usually makes for a good story to tell. For me and Selena, on a sunny Southern California morning, inspiration came in the form of four young students that together make the CyberAegis Aether, an all-girls middle school cybersecurity team from San Diego that is competing in the Cyber Patriot National Finals.

Will Blockchain Be Or Not Be The Big Wave To Ride

By Sean Martin

Guests: Simon Harman | Anthony Stevens
Host: Sean Martin

Blockchain — a topic that still gets a lot of attention, even if it seems to be overplayed in the media, the workplace, and in the venture world. So what is it, does it actually provide value, and is there a place for it? Listen in to hear Simon Harman, project lead for the Loki project, and Anthony Stevens, Founder and CEO of Digital Asset Ventures, give their take on why blockchain will—or won’t—be the next big wave of technology deployment in the near future.

What Are We Teaching The Next Generation – What’s Possible Or Just How To Set Up A Firewall?

By Sean Martin & Selena Templeton

In this episode of The Academy, Sean and Selena are joined by Ken Westin from Elastic (and formerly from Splunk) to talk about all things educational in the field of cybersecurity – including training the next generation, bringing the community together, and speaking at security events to raise awareness. Ken has a varied background and brings a lot of expertise to the table in this conversation!

Businesses Are Talking About Technology. But Are They Tech Savvy Yet?

By Sean Martin

During RSA Conference 2019 in San Francisco, Sean Martin sat down with Rod Simmons, Vice President of Product Strategy for Active Directory at STEALTHbits Technologies, to get his thoughts and insights into the current state of the Identity and Access Management space through the lens of both the conference sessions and sprawling expo hall(s).

Ethical Hackers And The Misinterpretation Of The Law: Chapter One

By Sean Martin

Sean Martin chats with Amit Elazari of UC Berkeley School of Information, and Leonard Bailey of the U.S. Department of Justice, Criminal Division. Today’s topic looks at the life of a hacker, the challenges they face from both a liability and legal perspective, and how organizations deal with the research activities they encounter from both cybercriminals and ethical hackers alike.

Are We Honestly Trying To Fill The InfoSec Jobs Gap? Or Is Our Ego Stopping Us?

By Sean Martin

Today I am joined by two long-time cyber professionals doing great things to help fill the cyber talent pool with candidates from all walks of life: Julian Waits from Devo and ICMCP, and Ed Moyle from The Prelude Institute. InfoSec isn’t the first industry faced with a shortage in the workforce, so we don’t need to reinvent the wheel. Listen in as we talk through some of the scenarios to uncover how we might learn from other industries and roles, such as that of nursing.

An ERP Privacy Cost Analysis: Data Value vs Data Liability

By Sean Martin

Sean Martin chats with Larry Harrington of The IIA and Raytheon, and Juan Perez-Etchegoyen of Onapsis about privacy, which is not an IT issue, it’s a business issue. Since GDPR, the customer has the upper hand in many cases, and because of this, privacy extends beyond pure business operations and into the world of ethics and morals. There’s a lot packed into this podcast!

Filling, Not Depleting, The InfoSec Talent Pipeline | Heather Ricciuto — IBM Security

By Sean Martin and Selena Templeton

Sean Martin and Selena Templeton had the great pleasure of sitting down with Heather Ricciuto, Academic Outreach Leader at IBM Security, at this year’s RSA Conference. In this podcast, we talk about all things educational when it comes to attracting and retaining cybersecurity talent. Traditionally, companies like IBM have focused on recruiting from 4-year universities, but how are you going to build a pipeline when you’re recruiting from the same top schools and competing for the same talent?

RSA Conference San Francisco 2019 | Fulfilling Our Mission of Supporting the Community At The Intersection Of IT Security And Society

By Sean Martin

After nearly a few decades in the InfoSec industry, Sean Martin has a deep look back at RSA Conference in San Francisco to see how things have changed, what was top-of-mind this year, and how the community aspect of the conference this year made for one of the best events yet for Sean, the ITSPmagazine team, and the publication overall.

Why Do Phishing And Business Email Compromise Even Exist?

By Sean Martin

In today’s episode, Sean Martin chats with Anand Raghavan, Co-founder & Chief Product Officer at Armorblox, and Chuck Drobny, President & CEO at GlobaLogix, about two hot topics that are a regular thorn in our InfoSec sides: phishing and business email compromise. They explore how the industry is leading us to overcome this challenge, beginning with user awareness training and IT security training, before taking a turn to the technology stack, user workflows, business automation and security management orchestration.

A CISO's Perspective: Hot Topics During RSA Conference San Francisco 2019 | Taylor Lehmann

By Sean Martin

Taylor Lehmann stopped by the ITSPmagazine kiosk during RSA Conference 2019 in San Francisco to have a chat with Sean Martin. Some of the top topics that Taylor saw and heard within and surrounding the conference included Machine Learning and AI (what's real and what's not), third-party risk (what are some of the details for how to make it work) and identity and identity analytics (how does it impact health systems with employees, patients, and devices?).

At The Edge | Unusual Gathering | Episode XXIII | Guests Sian John, Candy Alexander, Allan Alford

By Sean Martin

Guests: Sian John | Candy Alexander | Allan Alford
Host: Sean Martin

During this At The Edge themed Unusual Gatherings Talk Show, Sean Martin asks his guests — Sian John from Microsoft, Candy Alexander from ISSA International, and Allan Alford from Mitel — how risk management and risk ownership change — if the CISO will be responsible for manipulating a risk acceptance slider with a business driver slider — and what the future of the InfoSec team looks like for the CISO (does the CISO role even exist)?