Full Story
Editor
Legal, Technical, and Human: A New Model for ...

Cyber risk touches legal obligations, operational priorities, and even geopolitical decisions. This episode explores a consulting model that puts business understanding first—and builds security around it.

Full Story, BHUSA2025
Editor
Access Roulette: How to Stop Betting Your ...

This episode explores how dynamic, context-aware access controls can eliminate the friction between security and productivity. Learn how a Zero Standing Privilege approach protects both human and AI identities while enabling organizations to operate at full speed without compromising safety.

BHUSA2025
Editor
Event Recap: Kieran Human at Black Hat USA 2025 ...

ThreatLocker introduced DAC configuration monitoring and achieved FedRAMP certification at Black Hat 2025, strengthening zero trust capabilities while expanding government market access through practical security solutions.

Full Story, BHUSA2025
Editor
Data Kidnapping: Because File Encryption Is So ...

Ransomware groups are increasingly abandoning file encryption in favor of high-value data theft, using extortion to extract massive payouts while avoiding the spotlight. This conversation reveals who they target, how they operate, and what organizations can do to shut down their most exploitable weaknesses.

Full Story, BHUSA2025
Editor
Cybersecurity Hiring Is Not Broken—Your Job ...

This episode shifts the conversation from technology to the people powering cybersecurity success, revealing how workforce risk management transforms retention, alignment, and operational efficiency. Discover how real-time visibility into capabilities and roles empowers leaders to make smarter staffing decisions, strengthen budgets, and keep teams fulfilled.

How Bad Bots Fake Human Behavior To Become A Major Source Of Online Fraud | The Bad Bot Report 2022 | An Imperva Story With Ryan Windham

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva

Bad bots mask themselves and attempt to interact with applications in the same way a legitimate user would, making them harder to detect and block. They enable high-speed abuse, misuse, and attacks on your websites, mobile apps, and APIs. They allow bot operators, attackers, unsavory competitors, and fraudsters to perform a wide array of malicious activities.

Such activities include web scraping, competitive data mining, personal and financial data harvesting, brute-force login, digital ad fraud, denial of service, denial of inventory, spam, transaction fraud, and more.

This is a 2-part podcast series with Imperva. In this series, we get to speak with Ryan Windham VP of Application Security at Imperva, to look at the findings in the report from two angles. Be sure to catch both episodes to get both perspectives.

From France To Colorado To Las Vegas | Founders' Journey To Make The World Of Information Security Better Through Information Sharing | A CrowdSec Story With CEO Philippe Humeau

A Their Story conversation with Sean Martin, Marco Ciappelli, and Philippe Humeau, CEO at CrowdSec

The venture market in cybersecurity continues to shift as the economy ebbs and flows throughout the world. However, when you have a good idea, it still gets the attention of the users and the investors, even if that means starting at the bottom and working your way up.

Join us for a live stream conversation with CrowdSec CEO, Philippe Humeau, as we take a quick look back at what we experienced during RSA Conference and spend some time talking through what is coming up for the 10-person contingent from CrowdSec that is making the journey to Las Vegas, arriving from multiple countries, to bring their insights, expertise, and conversations to the Arsenal, vendor halls, speaking stages, and meeting rooms during Black Hat and DEF CON.

This is a quick chat packed with a lot of energy, vision, and enthusiasm — tempered with a dose of reality and humility. It's about embracing "precious" without being "precious" — have a listen.

Making The World A Better Place Through Software | A WSO2 Story About The Founders' Vision And Mission And The Journey To Bring The Asgardeo IDaaS To Market With Michael Bunyard

A Their Story conversation with Sean Martin, Marco Ciappelli, and Michael Bunyard from Asgardeo

The founder's journey can directly impact what a company focuses on and why. In this Asgardeo by WSO2 story, you'll get to hear how their work is making the world a better place through software.

It was the initial desire to do good that continues to thrive in everything that WSO2 does - including the launch of their app authentication as a service division, Asgardeo, a customer identity, and access management (CIAM) offering which helps developers implement secure authentication flows to apps or websites in a few simple steps.

The use cases are many - both directly a part of a single application and as part of other services where identity is built in. Please tune in to hear WSO2's origin story, the creation of Asgardeo and the value it brings to the developer community, and the multiple case studies that our guest from Asgardeo, Michael Bunyard, brings to life during this conversation.

Defining A Recognized Security Practice And CyberSecurity Safe Harbor | HHS’ Office For Civil Rights Seeks Public Comment On HITECH Act | A HITRUST Community Story With John Houston And Michael Parisi

A Their Story conversation with John Houston, VP, Information Security and Privacy; Associate Counsel at UPMC and Michael Parisi, VP of adoption at HITRUST

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking input from the public on two requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021. How does it impact cybersecurity and risk management programs? Why do (should) CISOs care about this? Are we about to throw more money at this problem?

Maybe a smart question: Is there an opportunity to be smarter?

Listen in to learn more about the RFI and the role you can have in shaping its outcome.

Not in the healthcare space? You should still pay attention. There's a lot going on in the healthcare sector that other industries can leverage.

RSA Conference 2022 | A BlackCloak Story About Supply Chain Security, Hacking Back, And MySpace With Dr Chris Pierson

A Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson

Dr Chris Pierson has held many roles and has been a regular speaker at RSA Conference over the years. What's he up to this year as the event goes back to in-person engagements?

As the CEO of BlackCloak, Chris Pierson is looking forward to connecting with peers, partners, customers, and prospects as the world of executive cybersecurity heats up. In addition to seeing friends old and new, Dr Pierson has two sessions in which he will be participating. He shares some insights into both of these sessions.

Chris has some other things up his sleeve as well. Can you say MySpace? 🤔

Investing In The Crowd Means Investing In Society And Humanity | A CrowdSec Story With Philippe Humeau And Phillip Wylie

A Their Story conversation with Sean Martin, Marco Ciappelli, Philippe Humeau, CEO at CrowdSec, and Phillip Wylie, The Hacker Maker

In this second chapter of our conversation with CrowdSec CEO, Philippe Humeau, we invite The Hacker Maker, Phillip Wylie, to bring his penetration testing experience and insights. Together we explore the value of investing in the cybersecurity community information sharing platform as a way to do way more than protect your organization. By doing so, we can help secure other businesses and whole communities in the neighbors around you, such as a local hospital that could experience an attack that you've already seen on your network.

The value of investing in the security knowledge sharing economy directly impacts IT operations, security operations, businesses, society, and, therefore, humanity.

Join us for a philosophical yet fun, thought-provoking conversation that will likely prompt you to not only share this podcast with your friends, colleagues, and peers but also start sharing your cybersecurity insights with your digital neighbors through the power of the CrowdSec platform.

Catch 22 | Consumers Hate Sharing Their Data, But There's No Other Option | An Imperva Story About The Findings In The Imperva Global Consumer Survey With Terry Ray

A Their Story conversation with Imperva fellow, Terry Ray.

Consumers worry about sharing data online, yet most feel they have “no choice” but to share their data if they want to use online services. It's a catch 22 — and it is not a bus.

Trust is waning. A majority of consumers, globally, say that trust in the many digital service providers’ ability to keep their personal data secure has decreased over the past five years.

Still, despite serious concerns, most consumers share their darkest secrets online via cloud messaging services even though they recognize there would be repercussions for them if the information they shared was leaked.

No question, it's a catch 22. But what do we do? That's the catch. Again.

Have a listen to learn more about the connections and responsibilities between consumers and the businesses they rely upon to live their digital lives.

The Making Of A Better Cybersecurity Bootcamp | The Level Effect Origin Story With Co-Founders Greg Ake And Rob Noeth

A Their Story conversation with Greg Ake, CEO, and Rob Noeth, CTO, at Level Effect.

This isn't just a story about a company and what they do. This is a story about using your previous experiences and pursuing your passion to help others, which is exactly what Greg Ake and Rob Noeth have done.

Greg and Rob have a goal of helping to reduce security risk for everyone, not just themselves or their employers, but for other organizations and our country. Level Effect is accomplishing this by teaching truly realistic training and making it applicable to an actual role in cybersecurity.

With a practical vs. knowledge-based approach to removing unnecessary noise in their curriculum, it's obvious Level Effect is different.

Join us and listen to this inspiring conversation about the origins of Level Effect — even the name — and how they've built a better cybersecurity bootcamp.

Trusted Interoperability Is The Key To Better Health Care Delivery | TEFCA And TNAP Are The Keys To Trusted Interoperability | A HITRUST Customer Story With Lee Barrett And Michael Parisi

A Their Story conversation with Lee Barrett, Executive Director at Electronic Healthcare Network Accreditation Commission, and Michael Parisi (VP of adoption at HITRUST)

Patients, and their providers, deserve to have immediate, accurate access to their personal health information so they can get the best healthcare possible. How and where does the concept of interoperability come into play for a number of societal issues and patient care delivery challenges we are trying to solve for? Let's look at TEFCA to find out.

in today's story, we are joined by two organizations—HITRUST and EHNAC—dedicated to making the healthcare ecosystem thrive by reducing friction in risk management and in supply chain interoperability. This spirit couldn't be applied at a better time with the recent release of TEFCA—the Trusted Exchange Framework and Common Agreement.

Real-Time Data Security Is Too Slow: Avoid Creating A Solution Bigger Than The Problem Itself | An Imperva Story with Terry Ray

A Their Story conversation with Imperva fellow, Terry Ray.

Data Security is often seen as the “scary” or “intimidating” domain of security. And, yet, it’s needed more than ever before.

Historically, it’s a domain of security that is typically found in highly regulated industries. However, data is the currency of the modern economy and the fuel behind nearly every organization. Business large and small collect, create, store, manipulate, and share data that is sensitive in nature and valuable to cybercriminals.

2022 must be the year where data security becomes attainable for all. The solution to the problem can't be bigger than the problem itself. And, the problem can't be defined as dealing with it in real-time. It's important we use data to protect the data, getting ahead of the threat.

The Journey To A Right-Sized Risk Management And Compliance Framework | A HITRUST Customer Story With John Overbaugh, Michael Tiemeyer, And Michael Parisi

A Their Story conversation with John Overbaugh (ASG), Michael Tiemeyer (Teladoc Health), and Michael Parisi (VP of adoption at HITRUST)

Taking responsibility for what we build and how we secure it matters. Especially in the ways we talked about during today’s Their Story episode? It matters to the business partners. It matters to the customers. And, as pointed out by Mike Parisi during this conversation, it matters to society.

There are many reasons why organizations large and small choose HITRUST to help them through their security, risk, and compliance journey.

Why do you choose HITRUST?

Protecting Your Cloud-Native Environment — The State Of Single-, Multi-, And Hybrid-Cloud Security | An Imperva Story with Kunal Anand and Mitch Ashley

A Their Story conversation with Imperva executive, Kunal Anand and research analyst, Mitch Ashley

With the cloud computing revolution, everything seems to be — and, in many cases, certainly is — more accessible to business and their innovations. But, as we often say, the fundaments of cybersecurity best practices remain, and we cannot allow the race for more to lower our security postures.

Join us for this conversation as our guests — technologist and innovator Kunal Anand and technology and industry analyst Mitch Ashley — take us on a journey down the river and through the multi- and hybrid clouds as we look at the past and present and future of cloud services and information security.

Words Matter: Understanding The Vocabulary Used Between Business Leaders And CISOs | A Blue Lava Story With Demetrios Lazarikos (Laz)

A Their Story conversation with Sean Martin, Marco Ciappelli, and Demetrios Lazarikos (Laz) from Blue Lava

This is certainly not a new or revolutionary statement: "Words Matter." What is new nowadays is the pace at which our business, relationships, and society change. Technology is fueling many of these changes, and we are all learning new ways as we go. As we're trying to figure out what we are doing and where we're going to go next, the words we use to describe the world around us matter even more than ever. There's a moral to this story, and Laz's words matter immensely for those seeking to run an information security program that not only protects the business but also helps it achieve its objectives.

Business Process Management Lifecycle Podcast Series—Orchestrating The Business Of The Future Today | A Their Story Conversation With Nintex

A Their Story conversation with Sean Martin and Nintex experts, partners, and guests

This is a 5-part podcast series with Nintex thought leaders and solutions partners. The series will walk through the lifecycle of employing business process management (BPM) and business process automation (BPA) within the organization.

The 5 episodes include: DEFINITION | CONSTRUCTION | EXECUTION | AUTOMATION | ORCHESTRATION

Listen and start building for the future now.

The Blue Lava Origin Story | A Blue Lava Story With Co-Founders Demetrios Lazarikos (Laz), Julia Tran, Jonna Melinauskas, And Andy Hoernecke

A Their Story conversation with Sean Martin and the 4 founders from Blue Lava

This is one of those origin stories that we love to share on ITSPmagazine. While each company's story is unique, inspiring, and beautiful in its own way, this one is told by the four friends that happen to be those that had a dream and turned it into reality. It is an extraordinary moment for the four of the co-founders to tell us how Blue Lava came to be and for us to share it with all of you.

Taming The Chaotic World Of API Security — Finding Your Path To Protection | An Imperva Story with Kunal Anand

A Their Story conversation with Sean Martin, Marco Ciappelli, and Imperva executives

As digital consumers, we need APIs to beckon mobile apps and access the digital services we love. But, for companies, it's a new dimension of risk that many aren't prepared for. In part, because it's not always clear: who's responsible for securing the APIs?

Perhaps it's the engineers/developers. Maybe it's the InfoSec team. In some instances, there's a dedicated AppSec team that oversees this activity. Sometimes it's a combo of this group. But, unfortunately, because of the lack of clarity, sometimes it's nobody.

To help bring clarity to the chaos, we had Kunal Anand, CTO at Imperva, join us to help understand what organizations are up against and then help them find ways to operationalize API security.

CyberSecurity Leaders Use Cybersecurity Maturity Model (CMM) To Achieve Cybersecurity Maturity With Their InfoSec Program | A Blue Lava Story With Demetrios Lazarikos (Laz) And Andy Hoernecke

A Their Story conversation with Sean Martin and Demetrios Lazarikos (Laz) + Andy Hoernecke from Blue Lava

Listen in to learn more from Laz and Andy as they share their experiences and expertise. Join us to examine what it means for InfoSec teams to achieve maturity and how a comprehensive program framework can help the group begin their journey by setting a baseline and establishing maturity measurements.

Crowdsourcing Cybersecurity Intelligence To Secure Society | A CrowdSec Story With Philippe Humeau

A Their Story conversation with Sean Martin, Marco Ciappelli, and Philippe Humeau, CEO at CrowdSec

CrowdSec is joining the good guys on this battlefield and understands that by acting together and sharing important, relevant pieces of information, we can successfully counteract organized cybercrime. CrowdSec's CTI-driven IPS objective is to automate cybersecurity threat intelligence sharing and consumption on a large scale.

Learn more about what it means to join the crowd and how all the information can benefit businesses and organizations all over the globe. This is the value of authentic and accurate information sharing.

Language Holds The Key To Communicating Security And Business Strategy | A Blue Lava Story With Jen Sanford and Rock Lambros

A Their Story conversation with Sean Martin, "Rock" Lambros of RockCyber, and Jen Sanford from Blue Lava

CISOs tend to talk to other technical personnel and don’t get involved in business conversations on a regular basis. To succeed in their role, however, CISOs need to get out from behind their keyboards and start discussions with executives so they can begin to translate what they do in security into what the business wants to hear. But finding those connection points between technology and the business is difficult.

With this story, Martin, Lambros and Sanford focus on strategy and planning because that’s what helps CISOs evolve into the role they want now and into the future. But it doesn’t happen magically. Only through understanding, research, and action, can CISOs reach that point.

It’s time to make your own magic happen. Have a listen.

Executives Are Under Siege As Hackers Target The Video Game Industry | A BlackCloak Story With Chris Pierson And Joel Fulton

A Their Story conversation with Sean Martin, Marco Ciappelli, and BlackCloak CEO and founder, Chris Pierson with CyberSecurity and CISO veteran, Joel Fulton

It is not the first, nor the last, time we suggest studying our history to learn about our present and imagine the future. To get a view for how society reacts to scams and cons, we can look to the past for education, perhaps some inspiration, and maybe even some guidance. Yes, even when looking at cybersecurity and the video game industry.

In this new chapter of the BlackCloak story, we get to dive into a new report the team put together, looking at the world of gaming as the source of risk, threats, and compromise. And, to our liking, we got to use the report's findings to take a look back in time (way back, in fact), such that we can connect the dots between humanity, psychology, and security (cyber and not).

Listen in. Go back in time with us. And prepare for the future. Remember, while the report is about gaming — this isn't a game.

Stay Tuned on ITSPmagazine Podcasts

Broadcasting Ideas. Connecting Minds. A Modern Innovative Multi-Media Platform.
A Global Space Where Intellectual Exchange Is Encouraged.

Musing On: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring | Creativity | Writing | Space Exploration and Security | Music | Musicians | Musical Instruments | Arts | Brands & Brand Marketing | …

Subscribe to the main ITSPmagazine Podcast Channel to listen to all our conversations directly on your favorite podcast player.

Note: These are links to the General ITSPmagazine Podcast where MOST episodes from our individual Podcast Channels are published. To subscribe to your favorite shows, please visit Our Podcasts Page

If you do not see your favorite player above, open it and search for ITSPmagazine Podcast.