⬥ GUESTS ⬥ Frida Torkelsen , PhD | AI Solution Architect at Newcode.ai | On LinkedIn: https://www.linkedin.com/in/frida-h-torkelsen/ Maged Helmy , PhD | Assoc. Professor - AI at University of South-Eastern Norway and Founder & CEO of Newcode.ai | On LinkedIn: https://www.linkedin.com/in/magedhelmy/ ⬥ HOST ⬥ Host: Sean Martin , Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥ EPISODE NOTES ⬥ Agentic AI is rapidly moving from theoretical promise to practical implementation, and few sectors are feeling this shift as acutely as the legal industry. In this episode of Redefining CyberSecurity, Sean Martin is joined by Frida Torkelsen, a Solution Architect, and Maged Helmy, a professor of AI, to explore how law firms and in-house counsel are applying AI agents to reduce costs, improve efficiency, and unlock strategic capabilities—while navigating critical privacy and security concerns. Frida explains how large firms are seeking to extract value from their troves of historical legal data through bespoke AI agents designed to automate workflows and improve institutional knowledge sharing. Smaller firms, on the other hand, benefit by building narrow, purpose-driven agents that automate core functions and give them a tactical edge. This democratization of capability—fueled by faster iteration and reduced development cost—could be a strategic win for niche firms that are disciplined in their focus. Maged emphasizes the architectural shift AI agents introduce. Unlike static queries to large language models with fixed knowledge, agents access tools, data, and live systems to execute tasks dynamically. This expands the use case potential—but also the risk. Because agentic systems operate probabilistically, consistent outputs aren’t guaranteed, and testing becomes more about evaluating outcomes across a range of inputs than expecting deterministic results. Security risk looms large. Maged shares how a single oversight in permissions allowed an agent to make system-wide changes that corrupted his environment. Frida cautions against over-permissive access, noting that agents tapping into shared calendars or HR databases must respect internal boundaries and compliance obligations. Both guests agree that human-in-the-loop validation is essential, especially in environments with strict data governance needs. Law firms must reassess both internal information architecture and team readiness before implementing agentic systems. Start with a clear understanding of the business problem, validate access scopes, and track outcomes for accuracy, speed, and cost. Legal tech teams are forming around these efforts, but success will depend on whether these roles stay grounded in solving specific legal problems—not chasing the latest AI trend. ⬥ SPONSORS ⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥ RESOURCES ⬥ Newsletter: The Law's Great Recalibration: Inside the Tech-Driven Puzzle of Legal Firm Transformation: https://www.linkedin.com/pulse/laws-great-recalibration-inside-tech-driven-puzzle-sean-martin-cissp-clnoe/ ⬥ ADDITIONAL INFORMATION ⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Interested in sponsoring this show with a podcast ad placement? Learn more: 👉 https://itspm.ag/podadplc…

During RSAC Conference 2025, Andrew Carney, Program Manager at DARPA, and (remotely via video) Dr. Kathleen Fisher, Professor at Tufts University and Program Manager for the AI Cyber Challenge (AIxCC), guide attendees through an immersive experience called Northbridge—a fictional city designed to showcase the critical role of AI in securing infrastructure through the DARPA-led AI Cyber Challenge. Inside Northbridge: The Stakes Are Real Northbridge simulates the future of cybersecurity, blending AI, infrastructure, and human collaboration. It’s not just a walkthrough — it’s a call to action. Through simulated attacks on water systems, healthcare networks, and cyber operations, visitors witness firsthand the tangible impacts of vulnerabilities in critical systems. Dr. Fisher emphasizes that the AI Cyber Challenge isn’t theoretical: the vulnerabilities competitors find and fix directly apply to real open-source software relied on by society today. The AI Cyber Challenge: Pairing Generative AI with Cyber Reasoning The AI Cyber Challenge (AIxCC) invites teams from universities, small businesses, and consortiums to create cyber reasoning systems capable of autonomously identifying and fixing vulnerabilities. Leveraging leading foundation models from Anthropic, Google, Microsoft, and OpenAI, the teams operate with tight constraints—working with limited time, compute, and LLM credits—to uncover and patch vulnerabilities at scale. Remarkably, during semifinals, teams found and fixed nearly half of the synthetic vulnerabilities, and even discovered a real-world zero-day in SQLite. Building Toward DEFCON Finals and Beyond The journey doesn’t end at RSA. As the teams prepare for the AIxCC finals at DEFCON 2025, DARPA is increasing the complexity of the challenge—and the available resources. Beyond the competition, a core goal is public benefit: all cyber reasoning systems developed through AIxCC will be open-sourced under permissive licenses, encouraging widespread adoption across industries and government sectors. From Competition to Collaboration Carney and Fisher stress that the ultimate victory isn’t in individual wins, but in strengthening cybersecurity collectively. Whether securing hospitals, water plants, or financial institutions, the future demands cooperation across public and private sectors. The Northbridge experience offers a powerful reminder: resilience in cybersecurity is built not through fear, but through innovation, collaboration, and a relentless drive to secure the systems we all depend on. ___________ Guest: Andrew Carney, AI Cyber Challenge Program Manager, Defense Advanced Research Projects Agency (DARPA) | https://www.linkedin.com/in/andrew-carney-945458a6/ Hosts: Sean Martin , Co-Founder at ITSPmagazine | Website: https://www.seanmartin.com Marco Ciappelli , Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com ______________________ Episode Sponsors ThreatLocker: https://itspm.ag/threatlocker-r974 Akamai: https://itspm.ag/akamailbwc BlackCloak: https://itspm.ag/itspbcweb SandboxAQ: https://itspm.ag/sandboxaq-j2en Archer: https://itspm.ag/rsaarchweb Dropzone AI: https://itspm.ag/dropzoneai-641 ISACA: https://itspm.ag/isaca-96808 ObjectFirst: https://itspm.ag/object-first-2gjl Edera: https://itspm.ag/edera-434868 ___________ Resources The DARPA AIxCC Experience at RSAC 2025 Innovation Sandbox: https://www.rsaconference.com/usa/programs/sandbox/darpa Learn more and catch more stories from RSAC Conference 2025 coverage: https://www.itspmagazine.com/rsac25 ___________ KEYWORDS andrew carney, kathleen fisher, marco ciappelli, sean martin, darpa, aixcc, cybersecurity, rsac 2025, defcon, ai cybersecurity, event coverage, on location, conference ______________________ Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us…

⬥GUEST⬥ Izar Tarandach , Sr. Principal Security Architect for a large media company | On LinkedIn: https://www.linkedin.com/in/izartarandach/ ⬥HOST⬥ Host: Sean Martin , Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ In this episode of Redefining CyberSecurity , host Sean Martin sits down with Izar Tarandach, Senior Principal Security Architect at a major entertainment company, to unpack a concept gaining traction across some developer circles: vibe coding. Vibe coding, as discussed by Izar and Sean, isn’t just about AI-assisted development—it’s about coding based on a feeling or a flow, often driven by prompts to large language models (LLMs). It’s being explored in organizations from startups to large tech companies, where the appeal lies in speed and ease: describe what you want, and the machine generates the code. But this emerging approach is raising significant concerns, particularly in security circles. Izar, who co-hosts the Security Table podcast with Matt Coles and Chris Romeo, calls attention to the deeper implications of vibe coding. At the heart of his concern is the risk of ignoring past lessons. Generating code through AI may feel like progress, but without understanding what’s being written or how it fits into the broader architecture, teams risk reintroducing old vulnerabilities—at scale. One major issue: the assumption that code generated by AI is inherently good or secure. Izar challenges that notion, reminding listeners that today’s coding models function like junior developers—they may produce working code, but they’re also prone to mistakes, hallucinations, and a lack of contextual understanding. Worse yet, organizations may begin to skip traditional checks like code reviews and secure development lifecycles, assuming the machine already got it right. Sean highlights a potential opportunity—if used wisely, vibe coding could allow developers to focus more on outcomes and user needs, rather than syntax and structure. But even he acknowledges that, without collaboration and proper feedback loops, it’s more of a one-way zone than a true jam session between human and machine. Together, Sean and Izar explore whether security leaders are aware of vibe-coded systems running in their environments—and how they should respond. Their advice: assume you already have vibe-coded components in play, treat that code with the same scrutiny as anything else, and don’t trust blindly. Review it, test it, threat model it, and hold it to the same standards. Tune in to hear how this new style of development is reshaping conversations about security, responsibility, and collaboration in software engineering. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ Inspiring LinkedIn Post — https://www.linkedin.com/posts/izartarandach_sigh-vibecoding-when-will-we-be-able-activity-7308105048926879744-fNMS Security Table Podcast: Vibe Coding: What Could Possibly Go Wrong? — https://securitytable.buzzsprout.com/2094080/episodes/16861651-vibe-coding-what-could-possibly-go-wrong Webinar: Secure Coding = Developer Power, An ITSPmagazine Webinar with Manicode Security — https://www.crowdcast.io/c/secure-coding-equals-developer-power-how-to-convince-your-boss-to-invest-in-you-an-itspmagazine-webinar-with-manicode-security-ad147fba034a ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Interested in sponsoring this show with a podcast ad placement? Learn more: 👉 https://itspm.ag/podadplc…

⬥GUEST⬥ Ken Huang , Co-Chair, AI Safety Working Groups at Cloud Security Alliance | On LinkedIn: https://www.linkedin.com/in/kenhuang8/ ⬥HOST⬥ Host: Sean Martin , Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com ⬥EPISODE NOTES⬥ In this episode of Redefining CyberSecurity , host Sean Martin speaks with Ken Huang, Co-Chair of the Cloud Security Alliance (CSA) AI Working Group and author of several books including Generative AI Security and the upcoming Agent AI: Theory and Practice . The conversation centers on what agentic AI is, how it is being implemented, and what security, development, and business leaders need to consider as adoption grows. Agentic AI refers to systems that can autonomously plan, execute, and adapt tasks using large language models (LLMs) and integrated tools. Unlike traditional chatbots, agentic systems handle multi-step workflows, delegate tasks to specialized agents, and dynamically respond to inputs using tools like vector databases or APIs. This creates new possibilities for business automation but also introduces complex security and governance challenges. Practical Applications and Emerging Use Cases Ken outlines current use cases where agentic AI is being applied: startups using agentic models to support scientific research, enterprise tools like Salesforce’s AgentForce automating workflows, and internal chatbots acting as co-workers by tapping into proprietary data. As agentic AI matures, these systems may manage travel bookings, orchestrate ticketing operations, or even assist in robotic engineering—all with minimal human intervention. Implications for Development and Security Teams Development teams adopting agentic AI frameworks—such as AutoGen or CrewAI—must recognize that most do not come with out-of-the-box security controls. Ken emphasizes the need for SDKs that add authentication, monitoring, and access controls. For IT and security operations, agentic systems challenge traditional boundaries; agents often span across cloud environments, demanding a zero-trust mindset and dynamic policy enforcement. Security leaders are urged to rethink their programs. Agentic systems must be validated for accuracy, reliability, and risk—especially when multiple agents operate together. Threat modeling and continuous risk assessment are no longer optional. Enterprises are encouraged to start small: deploy a single-agent system, understand the workflow, validate security controls, and scale as needed. The Call for Collaboration and Mindset Shift Agentic AI isn’t just a technological shift—it requires a cultural one. Huang recommends cross-functional engagement and alignment with working groups at CSA, OWASP, and other communities to build resilient frameworks and avoid duplicated effort. Zero Trust becomes more than an architecture—it becomes a guiding principle for how agentic AI is developed, deployed, and defended. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ BOOK | Generative AI Security: https://link.springer.com/book/10.1007/978-3-031-54252-7 BOOK | Agentic AI: Theories and Practices, to be published August by Springer: https://link.springer.com/book/9783031900259 BOOK | The Handbook of CAIO (with a business focus): https://www.amazon.com/Handbook-Chief-AI-Officers-Revolution/dp/B0DFYNXGMR More books at Amazon, including books published by Cambridge University Press and John Wiley, etc.: https://www.amazon.com/stores/Ken-Huang/author/B0D3J7L7GN Video Course Mentioned During this Episode: "Generative AI for Cybersecurity" video course by EC-Council with 255 people rated averaged 5 starts: https://codered.eccouncil.org/course/generative-ai-for-cybersecurity-course?logged=false Podcast: The 2025 OWASP Top 10 for LLMs: What’s Changed and Why It Matters | A Conversation with Sandy Dunn and Rock Lambros ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Interested in sponsoring this show with a podcast ad placement? Learn more: 👉 https://itspm.ag/podadplc…

⬥GUEST⬥ Allie Mellen , Principal Analyst, Forrester | On LinkedIn: https://www.linkedin.com/in/hackerxbella/ ⬥HOST⬥ Host: Sean Martin , Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On ITSPmagazine: https://www.itspmagazine.com/sean-martin ⬥EPISODE NOTES⬥ In this episode, Allie Mellen, Principal Analyst on the Security and Risk Team at Forrester, joins Sean Martin to discuss the latest results from the MITRE ATT&CK Ingenuity Evaluations and what they reveal about detection and response technologies. The Role of MITRE ATT&CK Evaluations MITRE ATT&CK is a widely adopted framework that maps out the tactics, techniques, and procedures (TTPs) used by threat actors. Security vendors use it to improve detection capabilities, and organizations rely on it to assess their security posture. The MITRE Ingenuity Evaluations test how different security tools detect and respond to simulated attacks, helping organizations understand their strengths and gaps. Mellen emphasizes that MITRE’s evaluations do not assign scores or rank vendors, which allows security leaders to focus on analyzing performance rather than chasing a “winner.” Instead, organizations must assess raw data to determine how well a tool aligns with their needs. Alert Volume and the Cost of Security Data One key insight from this year’s evaluation is the significant variation in alert volume among vendors. Some solutions generate thousands of alerts for a single attack scenario, while others consolidate related activity into just a handful of actionable incidents. Mellen notes that excessive alerting contributes to analyst burnout and operational inefficiencies, making alert volume a critical metric to assess. Forrester’s analysis includes a cost calculator that estimates the financial impact of alert ingestion into a SIEM. The results highlight how certain vendors create a massive data burden, leading to increased costs for organizations trying to balance security effectiveness with budget constraints. The Shift Toward Detection and Response Engineering Mellen stresses the importance of detection engineering, where security teams take a structured approach to developing and maintaining high-quality detection rules. Instead of passively consuming vendor-generated alerts, teams must actively refine and tune detections to align with real threats while minimizing noise. Detection and response should also be tightly integrated. Forrester’s research advocates linking every detection to a corresponding response playbook. By automating these processes through security orchestration, automation, and response (SOAR) solutions, teams can accelerate investigations and reduce manual workloads. Vendor Claims and the Reality of Security Tools While many vendors promote their performance in the MITRE ATT&CK Evaluations, Mellen cautions against taking marketing claims at face value. Organizations should review MITRE’s raw evaluation data, including screenshots and alert details, to get an unbiased view of how a tool operates in practice. For security leaders, these evaluations offer an opportunity to reassess their detection strategy, optimize alert management, and ensure their investments in security tools align with operational needs. For a deeper dive into these insights, including discussions on AI-driven correlation, alert fatigue, and security team efficiency, listen to the full episode. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ Inspiring Post: https://www.linkedin.com/posts/hackerxbella_go-beyond-the-mitre-attck-evaluation-to-activity-7295460112935075845-N8GW/ Blog | Go Beyond The MITRE ATT&CK Evaluation To The True Cost Of Alert Volumes: https://www.forrester.com/blogs/go-beyond-the-mitre-attck-evaluation-to-the-true-cost-of-alert-volumes/ ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.itspmagazine.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Interested in sponsoring this show with a podcast ad placement? Learn more: 👉 https://itspm.ag/podadplc…

⬥GUEST⬥ Sarah Fluchs , CTO at admeritia | CRA Expert Group at EU Commission | On LinkedIn: https://www.linkedin.com/in/sarah-fluchs/ ⬥HOST⬥ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin ⬥EPISODE NOTES⬥ The European Commission’s Cyber Resilience Act (CRA) introduces a regulatory framework designed to improve the security of digital products sold within the European Union. In a recent episode of Redefining CyberSecurity , host Sean Martin spoke with Sarah Fluchs, Chief Technology Officer at admeritia and a member of the CRA expert group at the EU Commission. Fluchs, who has spent her career in industrial control system cybersecurity, offers critical insights into what the CRA means for manufacturers, retailers, and consumers. A Broad Scope: More Than Just Industrial Automation Unlike previous security regulations that focused on specific sectors, the CRA applies to virtually all digital products. Fluchs emphasizes that if a device is digital and sold in the EU, it likely falls under the CRA’s requirements. From smartwatches and baby monitors to firewalls and industrial control systems, the regulation covers a wide array of consumer and business-facing products. The CRA also extends beyond just hardware—software and services required for product functionality (such as cloud-based components) are also in scope. This broad application is part of what makes the regulation so impactful. Manufacturers now face mandatory cybersecurity requirements that will shape product design, development, and post-sale support. What the CRA Requires The CRA introduces mandatory cybersecurity standards across the product lifecycle. Manufacturers will need to: Ensure products are free from known, exploitable vulnerabilities at the time of release. Implement security by design, considering cybersecurity from the earliest stages of product development. Provide security patches for the product’s defined lifecycle, with a minimum of five years unless justified otherwise. Maintain a vulnerability disclosure process, ensuring consumers and authorities are informed of security risks. Include cybersecurity documentation, requiring manufacturers to provide detailed security instructions to users. Fluchs notes that these requirements align with established security best practices. For businesses already committed to cybersecurity, the CRA should feel like a structured extension of what they are already doing, rather than a disruptive change. Compliance Challenges: No Detailed Checklist Yet One of the biggest concerns among manufacturers is the lack of detailed compliance guidance. While other EU regulations provide extensive technical specifications, the CRA’s security requirements span just one and a half pages. This ambiguity is intentional—it allows flexibility across different industries—but it also creates uncertainty. To address this, the EU will introduce harmonized standards to help manufacturers interpret the CRA. However, with tight deadlines, many of these standards may not be ready before enforcement begins. As a result, companies will need to conduct their own cybersecurity risk assessments and demonstrate due diligence in securing their products. The Impact on Critical Infrastructure and Industrial Systems While the CRA is not specifically a critical infrastructure regulation, it has major implications for industrial environments. Operators of critical systems, such as utilities and manufacturing plants, will benefit from stronger security in the components they rely on. Fluchs highlights that many security gaps in industrial environments stem from weak product security. The CRA aims to fix this by ensuring that manufacturers, rather than operators, bear the responsibility for secure-by-design components. This shift could significantly reduce cybersecurity risks for organizations that rely on complex supply chains. A Security Milestone: Holding Manufacturers Accountable The CRA represents a fundamental shift in cybersecurity responsibility. For the first time, manufacturers, importers, and retailers must guarantee the security of their products or risk being banned from selling in the EU. Fluchs points out that while the burden of compliance is significant, the benefits for consumers and businesses will be substantial. Security-conscious companies may even gain a competitive advantage, as customers start to prioritize products that meet CRA security standards. For those in the industry wondering how strictly the EU will enforce compliance, Fluchs reassures that the goal is not to punish manufacturers for small mistakes. Instead, the EU Commission aims to improve cybersecurity without unnecessary bureaucracy. The Bottom Line The Cyber Resilience Act is set to reshape cybersecurity expectations for digital products. While manufacturers face new compliance challenges, consumers and businesses will benefit from stronger security measures, better vulnerability management, and increased transparency. Want to learn more? Listen to the full episode of Redefining CyberSecurity with Sean Martin and Sarah Fluchs to hear more insights into the CRA and what it means for the future of cybersecurity. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ Inspiring Post: https://www.linkedin.com/posts/sarah-fluchs_aaand-its-official-the-cyber-resilience-activity-7250162223493300224-zECA/ Adopted CRA text: https://data.consilium.europa.eu/doc/document/PE-100-2023-INIT/en/pdf A list of Sarah's blog posts to get your CRA knowledge up to speed: 1️⃣ Introduction to the CRA, the CE marking, and the regulatory ecosystem around it: https://fluchsfriction.medium.com/eu-cyber-resilience-act-9e092fffbd73 2️⃣ Explanation how the standards ("harmonised European norms, hEN") are defined that will detail the actual cybersecurity requirements in the CRA (2023): https://fluchsfriction.medium.com/what-cybersecurity-standards-will-products-in-the-eu-soon-have-to-meet-590854ba3c8c 3️⃣ Overview of the essential requirements outlined in the CRA (2024): https://fluchsfriction.medium.com/what-the-cyber-resilience-act-requires-from-manufacturers-0ee0b917d209 4️⃣ Overview of the global product security regulation landscape and how the CRA fits into it (2024): https://fluchsfriction.medium.com/product-security-regulation-in-2024-93ddc6dd8900 5️⃣ Good-practice example for the "information and instructions to the user," one of the central documentations that need to be written for CRA compliance and the only one that must be provided to the product's users (2024): https://fluchsfriction.medium.com/how-to-be-cra-compliant-and-make-your-critical-infrastructure-clients-happy-441ecd859f52 ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity: 🎧 https://www.itspmagazine.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Interested in sponsoring this show with an ad placement in the podcast? Learn more: 👉 https://itspm.ag/podadplc…

⬥GUEST⬥ Jake Braun , Acting Principal Deputy National Cyber Director, The White House | On LinkedIn: https://www.linkedin.com/in/jake-braun-77372539/ ⬥HOST⬥ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin ⬥EPISODE NOTES⬥ Cybersecurity is often framed as a battle between attackers and defenders, but what happens when hackers take on a different role—one of informing policy, protecting critical infrastructure, and even saving lives? That’s the focus of the latest Redefining Cybersecurity podcast episode, where host Sean Martin speaks with Jake Braun, former Acting Principal Deputy National Cyber Director at the White House and current Executive Director of the Cyber Policy Initiative at the University of Chicago. Braun discusses The Hackers’ Almanack , a project developed in partnership with DEF CON and the Franklin Project to document key cybersecurity findings that policymakers, industry leaders, and technologists should be aware of. This initiative captures some of the most pressing security challenges emerging from DEF CON’s research community and translates them into actionable insights that could drive meaningful policy change. DEF CON, The Hackers’ Almanack, and the Franklin Project DEF CON, one of the world’s largest hacker conferences, brings together tens of thousands of security researchers each year. While the event is known for its groundbreaking technical discoveries, Braun explains that too often, these findings fail to make their way into the hands of policymakers who need them most. That’s why The Hackers’ Almanack was created—to serve as a bridge between the security research community and decision-makers who shape regulations and national security strategies. This effort is an extension of the Franklin Project, named after Benjamin Franklin, who embodied the intersection of science and civics. The initiative includes not only The Hackers’ Almanack but also a volunteer-driven cybersecurity support network for under-resourced water utilities, a critical infrastructure sector under increasing attack. Ransomware: Hackers Filling the Gaps Where Governments Have Struggled One of the most striking sections of The Hackers’ Almanack examines the state of ransomware. Despite significant government efforts to disrupt ransomware groups, attacks remain as damaging as ever. Braun highlights the work of security researcher Vangelis Stykas, who successfully infiltrated ransomware gangs—not to attack them, but to gather intelligence and warn potential victims before they were hit. While governments have long opposed private-sector hacking in retaliation against cybercriminals, Braun raises an important question: Should independent security researchers be allowed to operate in this space if they can help prevent attacks? This isn’t just about hacktivism—it’s about whether traditional methods of law enforcement and national security are enough to combat the ransomware crisis. AI Security: No Standards, No Rules, Just Chaos Artificial intelligence is dominating conversations in cybersecurity, but according to Braun, the industry still hasn’t figured out how to secure AI effectively. DEF CON’s AI Village, which has been studying AI security for years, made a bold statement: AI red teaming, as it exists today, lacks clear definitions and standards. Companies are selling AI security assessments with no universally accepted benchmarks, leaving buyers to wonder what they’re really getting. Braun argues that industry leaders, academia, and government must quickly come together to define what AI security actually means. Are we testing AI applications? The algorithms? The data sets? Without clarity, AI red teaming risks becoming little more than a marketing term, rather than a meaningful security practice. Biohacking: The Blurry Line Between Innovation and Bioterrorism Perhaps the most controversial section of The Hackers’ Almanack explores biohacking and its potential risks. Researchers at the Four Thieves Vinegar Collective demonstrated how AI and 3D printing could allow individuals to manufacture vaccines and medical devices at home—at a fraction of the cost of commercial options. While this raises exciting possibilities for healthcare accessibility, it also raises serious regulatory and ethical concerns. Current laws classify unauthorized vaccine production as bioterrorism, but Braun questions whether that definition should evolve. If underserved communities have no access to life-saving treatments, should they be allowed to manufacture their own? And if so, how can regulators ensure safety without stifling innovation? A Call to Action The Hackers’ Almanack isn’t just a technical report—it’s a call for governments, industry leaders, and the security community to rethink how we approach cybersecurity, technology policy, and even healthcare. Braun and his team at the Franklin Project are actively recruiting volunteers, particularly those with cybersecurity expertise, to help protect vulnerable infrastructure like water utilities. For policymakers, the message is clear: Pay attention to what the hacker community is discovering. These findings aren’t theoretical—they impact national security, public safety, and technological advancement in ways that require immediate action. Want to learn more? Listen to the full episode and explore The Hackers’ Almanack to see how cybersecurity research is shaping the future. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ The DEF CON 32 Hackers' Almanack: https://thehackersalmanack.com/defcon32-hackers-almanack DEF CON Franklin Project: https://defconfranklin.com/ | On LinkedIn: https://www.linkedin.com/company/def-con-franklin/ DEF CON: https://defcon.org/ Cyber Policy Initiative: https://harris.uchicago.edu/research-impact/initiatives-partnerships/cyber-policy-initiative ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity: 🎧 https://www.itspmagazine.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Interested in sponsoring this show with an ad placement in the podcast? Learn more: 👉 https://itspm.ag/podadplc…

⬥GUESTS⬥ Sandy Dunn , Consultant Artificial Intelligence & Cybersecurity, Adjunct Professor Institute for Pervasive Security Boise State University | On Linkedin: https://www.linkedin.com/in/sandydunnciso/ Rock Lambros, CEO and founder of RockCyber | On LinkedIn | https://www.linkedin.com/in/rocklambros/ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin View This Show's Sponsors ⬥EPISODE NOTES⬥ The rise of large language models (LLMs) has reshaped industries, bringing both opportunities and risks. The latest OWASP Top 10 for LLMs aims to help organizations understand and mitigate these risks. In a recent episode of Redefining Cybersecurity , host Sean Martin sat down with Sandy Dunn and Rock Lambros to discuss the latest updates to this essential security framework. The OWASP Top 10 for LLMs: What It Is and Why It Matters OWASP has long been a trusted source for security best practices, and its LLM-specific Top 10 is designed to guide organizations in identifying and addressing key vulnerabilities in AI-driven applications. This initiative has rapidly gained traction, becoming a reference point for AI security governance, testing, and implementation. Organizations developing or integrating AI solutions are now evaluating their security posture against this list, ensuring safer deployment of LLM technologies. Key Updates for 2025 The 2025 iteration of the OWASP Top 10 for LLMs introduces refinements and new focus areas based on industry feedback. Some categories have been consolidated for clarity, while new risks have been added to reflect emerging threats. • System Prompt Leakage (New) – Attackers may manipulate LLMs to extract system prompts, potentially revealing sensitive operational instructions and security mechanisms. • Vector and Embedding Risks (New) – Security concerns around vector databases and embeddings, which can lead to unauthorized data exposure or manipulation. Other notable changes include reordering certain risks based on real-world impact. Prompt Injection remains the top concern, while Sensitive Information Disclosure and Supply Chain Vulnerabilities have been elevated in priority. The Challenge of AI Security Unlike traditional software vulnerabilities, LLMs introduce non-deterministic behavior, making security testing more complex. Jailbreaking attacks —where adversaries bypass system safeguards through manipulative prompts—remain a persistent issue. Prompt injection attacks, where unauthorized instructions are inserted to manipulate output, are also difficult to fully eliminate. As Dunn explains, “There’s no absolute fix. It’s an architecture issue. Until we fundamentally redesign how we build LLMs, there will always be risk.” Beyond Compliance: A Holistic Approach to AI Security Both Dunn and Lambros emphasize that organizations need to integrate AI security into their overall IT and cybersecurity strategy, rather than treating it as a separate issue. AI governance, supply chain integrity, and operational resilience must all be considered. Lambros highlights the importance of risk management over rigid compliance : “Organizations have to balance innovation with security. You don’t have to lock everything down, but you need to understand where your vulnerabilities are and how they impact your business.” Real-World Impact and Adoption The OWASP Top 10 for LLMs has already been widely adopted, with companies incorporating it into their security frameworks. It has been translated into multiple languages and is serving as a global benchmark for AI security best practices. Additionally, initiatives like HackerPrompt 2.0 are helping security professionals stress-test AI models in real-world scenarios. OWASP is also facilitating industry collaboration through working groups on AI governance, threat intelligence, and agentic AI security. How to Get Involved For those interested in contributing, OWASP provides open-access resources and welcomes participants to its AI security initiatives. Anyone can join the discussion, whether as an observer or an active contributor. As AI becomes more ingrained in business and society, frameworks like the OWASP Top 10 for LLMs are essential for guiding responsible innovation. To learn more, listen to the full episode and explore OWASP’s latest AI security resources. ⬥SPONSORS⬥ LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ⬥RESOURCES⬥ OWASP GenAI: https://genai.owasp.org/ Link to the 2025 version of the Top 10 for LLM Applications: https://genai.owasp.org/llm-top-10/ Getting Involved: https://genai.owasp.org/contribute/ OWASP LLM & Gen AI Security Summit at RSAC 2025: https://genai.owasp.org/event/rsa-conference-2025/ AI Threat Mind Map: https://github.com/subzer0girl2/AI-Threat-Mind-Map Guide for Preparing and Responding to Deepfake Events: https://genai.owasp.org/resource/guide-for-preparing-and-responding-to-deepfake-events/ AI Security Solution Cheat Sheet Q1-2025: https://genai.owasp.org/resource/ai-security-solution-cheat-sheet-q1-2025/ HackAPrompt 2.0: https://www.hackaprompt.com/ ⬥ADDITIONAL INFORMATION⬥ ✨ To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Are you interested in sponsoring this show with an ad placement in the podcast? Learn more: 👉 https://itspm.ag/podadplc…

Zero Trust World 2025 , hosted by ThreatLocker, is fast approaching (February 19-21), bringing together security professionals, IT leaders, and business executives to discuss the principles and implementation of Zero Trust. Hosted by ThreatLocker, this event offers a unique opportunity to explore real-world security challenges and solutions. In a special On Location with Sean and Marco episode recorded ahead of the event, Ryan Bowman, VP of Solutions Engineering at ThreatLocker, shares insights into his upcoming session, The Dangers of Shadow IT . Shadow IT—the use of unauthorized applications and systems within an organization—poses a significant risk to security, operations, and compliance. Bowman’s session aims to shed light on this issue and equip attendees with strategies to address it effectively. Understanding Shadow IT and Its Risks Bowman explains that Shadow IT is more than just an inconvenience—it’s a growing challenge for businesses of all sizes. Employees often turn to unauthorized tools and services because they perceive them as more efficient, cost-effective, or user-friendly than the official solutions provided by IT teams. While this may seem harmless, the reality is that these unsanctioned applications create serious security vulnerabilities, increase operational risk, and complicate compliance efforts. One of the most pressing concerns is data security. Employees using unauthorized platforms for communication, file sharing, or project management may unknowingly expose sensitive company data to external risks. When employees leave the organization or access is revoked, data stored in these unofficial systems can remain accessible, increasing the risk of breaches or data loss. Procurement issues also play a role in the Shadow IT problem. Bowman highlights cases where organizations unknowingly pay for redundant software services, such as using both Teams and Slack for communication, leading to unnecessary expenses. A lack of centralized oversight results in wasted resources and fragmented security controls. Zero Trust as a Mindset A recurring theme throughout the discussion is that Zero Trust is not just a technology or a product—it’s a mindset. Bowman emphasizes that implementing Zero Trust requires organizations to reassess their approach to security at every level. Instead of inherently trusting employees or systems, organizations must critically evaluate every access request, application, and data exchange. This mindset shift extends beyond security teams. IT leaders must work closely with employees to understand why Shadow IT is being used and find secure, approved alternatives that still support productivity. By fostering open communication and making security a shared responsibility, organizations can reduce the temptation for employees to bypass official IT policies. Practical Strategies to Combat Shadow IT Bowman’s session will not only highlight the risks associated with Shadow IT but also provide actionable strategies to mitigate them. Attendees can expect insights into: • Identifying and monitoring unauthorized applications within their organization • Implementing policies and security controls that balance security with user needs • Enhancing employee engagement and education to prevent unauthorized technology use • Leveraging solutions like ThreatLocker to enforce security policies while maintaining operational efficiency Bowman also stresses the importance of rethinking traditional IT stereotypes. While security teams often impose strict policies to minimize risk, they must also ensure that these policies do not create unnecessary obstacles for employees. The key is to strike a balance between control and usability. Why This Session Matters With organizations constantly facing new security threats, understanding the implications of Shadow IT is critical. Bowman’s session at Zero Trust World 2025 will provide a practical, real-world perspective on how organizations can protect themselves without stifling innovation and efficiency. Beyond the technical discussions, the conference itself offers a unique chance to engage with industry leaders, network with peers, and gain firsthand experience with security tools in hands-on labs. With high-energy sessions, interactive learning opportunities, and keynotes from industry leaders like ThreatLocker CEO Danny Jenkins and Dr. Zero Trust, Chase Cunningham, Zero Trust World 2025 is shaping up to be an essential event for anyone serious about cybersecurity. For those interested in staying ahead of security challenges, attending Bowman’s session on The Dangers of Shadow IT is a must. Guest: Ryan Bowman , VP of Solutions Engineering, ThreatLocker [ @ThreatLocker | On LinkedIn: https://www.linkedin.com/in/ryan-bowman-3358a71b/ Hosts: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin Marco Ciappelli , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli ____________________________ This Episode’s Sponsors ThreatLocker: https://itspm.ag/threatlocker-r974 ____________________________ Resources Learn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-florida Register for Zero Trust World 2025: https://itspm.ag/threat5mu1 ____________________________ Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast To see and hear more Redefining Society stories on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-society-podcast Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us…

ITSPmagazine is gearing up for another year of in-depth event coverage, bringing insights from industry leaders, innovators, and companies making an impact in cybersecurity, technology, and society. Sean Martin and Marco Ciappelli outline their plans for 2025, emphasizing a mix of established conferences and new opportunities to highlight emerging discussions. Key Industry Events The year’s schedule includes cornerstone cybersecurity conferences such as RSA Conference in San Francisco, Infosecurity Europe in London, and Black Hat in Las Vegas . These events serve as major platforms for discussing industry trends, launching new products, and showcasing research. Through editorial coverage, interviews, and discussions, ITSP Magazine provides perspectives from keynote speakers, panelists, and organizations shaping the field. Expanding Coverage Beyond Cybersecurity Beyond security-focused events, the team is covering NAMM 2025 , a leading music and technology conference, and Legal Week in New York , where legal, policy, and AI discussions intersect. Other major tech gatherings include CES, VivaTech, and KIMS, broadening the conversation to industries influencing the digital landscape. For companies looking to share their stories at these events, ITSP Magazine is offering sponsorship opportunities and editorial coverage. Stay tuned for updates, and catch ITSP Magazine on location throughout the year. Learn about Event Briefings: https://www.itspmagazine.com/event-coverage-briefings Learn about the Event Coverage Sponsorship Bundle: https://www.itspmagazine.com/event-coverage-sponsorship-and-briefings Hosts: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin Marco Ciappelli , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli This Episode’s Sponsor: HITRUST: https://itspm.ag/itsphitweb Resources The Business Newsletter: https://www.itspmagazine.com/campaigns/view-campaign/4GZV4Nk80T4jGaFCG6wZZXFhO1wa91_1AeZOznFKw-qJhYFt14gJ1lyUvtlfhpABey1BbwWbzLzj-wkwtsauLPtoWbDsmyr- RSA Conference 2025: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Black Hat USA 2025: https://www.itspmagazine.com/black-hat-usa-2025-hacker-summer-camp-2025-cybersecurity-event-coverage-in-las-vegas Infosecurity Europe 2025: https://www.itspmagazine.com/infosecurity-europe-2025-infosec-london-cybersecurity-event-coverage All of our planned On Location event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us…

Zero Trust World 2025 , hosted by ThreatLocker, is set to bring together IT professionals, business leaders, and cybersecurity practitioners for three days of hands-on labs, insightful discussions, and expert-led sessions. Taking place in Orlando, Florida, from February 19-21, this year’s event promises an expanded agenda with cutting-edge topics, interactive workshops, and a unique approach to cybersecurity education. The Growth of Zero Trust World Now in its fifth year, Zero Trust World continues to grow exponentially, increasing in size by roughly 50% each year. Kieran Human, Special Projects Engineer at ThreatLocker, attributes this rapid expansion to the rising demand for cybersecurity solutions and the company’s own growth. More IT leaders are recognizing the necessity of a Zero Trust approach—not just as a security measure, but as a fundamental philosophy for protecting their organizations. What to Expect: Hands-On Learning and Key Discussions One of the biggest draws of Zero Trust World is its focus on hands-on experiences. Attendees can participate in hacking labs designed to teach them how cyber threats operate from an attacker’s perspective. These include interactive exercises using rubber duckies—USB devices that mimic keyboards to inject malicious commands—demonstrating how easily cybercriminals can compromise systems. For those interested in practical applications of security measures, there will be sessions covering topics such as cookie theft, Metasploit, Windows and server security, and malware development. Whether an attendee is an entry-level IT professional or a seasoned security engineer, there’s something to gain from these hands-on labs. High-Profile Speakers and Industry Insights Beyond the labs, Zero Trust World 2025 will feature a lineup of influential speakers, including former Nintendo of America President and CEO Reggie Fils-Aimé, Chase Cunningham (known as Dr. Zero Trust), and ThreatLocker CEO Danny Jenkins. These sessions will provide strategic insights on Zero Trust implementation, industry challenges, and innovative cybersecurity practices. One of the key sessions to look forward to is “The Dangers of Shadow IT,” led by Ryan Bowman, VP of Solution Engineering at ThreatLocker. Shadow IT remains a major challenge for organizations striving to implement Zero Trust, as unauthorized applications and devices create vulnerabilities that security teams may not even be aware of. Stay tuned for a pre-event chat with Ryan coming your way soon. Networking, Certification, and More Zero Trust World isn’t just about education—it’s also a prime networking opportunity. Attendees can connect during daily happy hours, the welcome and closing receptions, and a comic book-themed afterparty. ThreatLocker is even introducing a new cybersecurity comic book, adding a creative twist to the conference experience. A major highlight is the Cyber Hero Program, which offers attendees a chance to earn certification in Zero Trust principles. By completing the Cyber Hero exam, participants can have the cost of their event ticket fully refunded, making this an invaluable opportunity for those looking to deepen their cybersecurity expertise. A Unique Capture the Flag Challenge For those with advanced cybersecurity skills, the Capture the Flag challenge presents an exciting opportunity. The first person to successfully hack a specially designed, custom-painted high-end computer gets to take it home. This competition is expected to draw some of the best security minds in attendance, reinforcing the event’s commitment to real-world application of cybersecurity techniques. Join the Conversation With so much to see and do, Zero Trust World 2025 is shaping up to be an essential event for IT professionals, business leaders, and security practitioners. Sean Martin and Marco Ciappelli will be covering the event live, hosting interviews with speakers, panelists, and attendees to capture insights and takeaways. Whether you’re looking to enhance your security knowledge, expand your professional network, or experience hands-on cybersecurity training, Zero Trust World 2025 offers something for everyone. If you’re attending, be sure to stop by the podcast area and join the conversation on the future of Zero Trust security. Guest: Kieran Human , Special Projects Engineer, ThreatLocker [ @ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/ Hosts: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] | On ITSPmagazine: https://www.itspmagazine.com/sean-martin Marco Ciappelli , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli ____________________________ This Episode’s Sponsors ThreatLocker: https://itspm.ag/threatlocker-r974 ____________________________ Resources Learn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-florida Register for Zero Trust World 2025: https://itspm.ag/threat5mu1 ____________________________ Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast To see and hear more Redefining Society stories on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-society-podcast Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us…

Guest: Fahad Mughal , Senior Cyber Solutions Architect - Security On LinkedIn | https://www.linkedin.com/in/fahadmughal/ ____________________________ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] On ITSPmagazine | https://www.itspmagazine.com/sean-martin View This Show's Sponsors ___________________________ Episode Notes Modern railway systems are increasingly digital, integrating operational technology (OT) to enhance efficiency, reliability, and safety. However, as railways adopt automated and interconnected systems, they also become more vulnerable to cyber threats. In this episode of Redefining Cybersecurity on ITSP Magazine, host Sean Martin speaks with Fahad Ali Mughal, a cybersecurity professional with extensive experience in OT security architecture, about the challenges and priorities of securing railway infrastructure. The Growing Role of Cybersecurity in Railways Railway systems have evolved from steam-powered locomotives to autonomous, driverless trains that rely on sophisticated digital controls. OT now plays a crucial role in managing train operations, signaling, interlocking, and trackside equipment. These advancements improve efficiency but also expose railway networks to cyber threats that can disrupt service, compromise safety, and even impact national security. Unlike traditional IT environments, where the focus is on confidentiality, integrity, and availability (CIA), OT in railways prioritizes reliability, availability, and public safety. Ensuring the safe movement of trains requires a cybersecurity strategy tailored to the unique needs of railway infrastructure. Critical OT Systems in Railways Mughal highlights key OT components in railways that require cybersecurity protection: • Signaling Systems : These function like traffic lights for trains, ensuring safe distances between locomotives. Modern communication-based train control (CBTC) and European Rail Traffic Management Systems (ERTMS) are vulnerable to cyber intrusions. • Interlocking Systems : These systems prevent conflicting train movements, ensuring safe operations. As they become digitized, cyber risks increase. • Onboard OT Systems : Automatic Train Control (ATC) regulates speed and ensures compliance with signaling instructions. A cyberattack could manipulate these controls. • SCADA Systems : Supervisory Control and Data Acquisition (SCADA) systems oversee infrastructure operations. Any compromise here can impact an entire railway network. • Safety-Critical Systems : Fail-safe mechanisms like automatic braking and failover controls are vital in preventing catastrophic accidents. The increasing digitization and interconnection of these systems expand the attack surface, making cybersecurity a top priority for railway operators. Real-World Cyber Threats in Railways Mughal discusses several significant cyber incidents that highlight vulnerabilities in railway cybersecurity: • 2023 Poland Attack : Nation-state actors exploited vulnerabilities in railway radio communication systems to send unauthorized emergency stop commands, halting trains across the country. The attack exposed weaknesses in authentication and encryption within OT communication protocols. • 2021 Iran Railway Incident : Hackers breached Iran’s railway scheduling and digital message board systems, displaying fake messages and causing widespread confusion. While safety-critical OT systems remained unaffected, the attack disrupted operations and damaged public trust. • 2016 San Francisco Muni Ransomware Attack : A ransomware attack crippled the fare and scheduling system, leading to free rides for passengers and operational delays. Though IT systems were the primary target, the impact on OT operations was evident. These incidents underscore the urgent need for stronger authentication, encryption, and IT-OT segmentation to protect railway infrastructure. Cybersecurity Standards and Best Practices for Railways ( links to resources below ) To build resilient railway cybersecurity, Mughal emphasizes the importance of international standards: • IEC 62443 : A globally recognized framework for securing industrial control systems, widely applied to OT environments, including railways. It introduces concepts such as network segmentation, risk assessment, and security levels . • TS 50701 : A European standard specifically designed for railway cybersecurity, expanding on IEC 62443 with guidance for securing signaling, interlocking, and control systems. • EN 50126 (RAMS Standard) : A safety-focused standard that integrates reliability, availability, maintainability, and safety (RAMS) into railway operations. Adopting these standards helps railway operators establish secure-by-design architectures that mitigate cyber risks. Looking Ahead: Strengthening Railway Cybersecurity As railway systems become more automated and interconnected with smart cities, vehicle transportation, and supply chain networks, cyber threats will continue to grow. Mughal stresses the need for industry collaboration between railway engineers and cybersecurity professionals to ensure that security is integrated into every stage of railway system design. He also emphasizes the importance of real-time OT threat monitoring, anomaly detection, and Security Operations Centers (SOCs) that understand railway-specific cyber risks. The industry must stay ahead of adversaries by adopting proactive security measures before a large-scale cyber incident disrupts critical transportation networks. The conversation makes it clear: cybersecurity is now a fundamental part of railway safety and reliability. As Mughal warns, it’s not a question of if railway cyber incidents will happen, but when. To hear the full discussion, including insights into OT vulnerabilities, real-world case studies, and cybersecurity best practices, listen to this episode of Redefining Cybersecurity on ITSP Magazine. ___________________________ Sponsors Imperva: https://itspm.ag/imperva277117988 LevelBlue: https://itspm.ag/attcybersecurity-3jdk3 ThreatLocker: https://itspm.ag/threatlocker-r974 ___________________________ Watch this and other videos on ITSPmagazine's YouTube Channel Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ITSPmagazine YouTube Channel: 📺 https://www.youtube.com/@itspmagazine Be sure to share and subscribe! ___________________________ Resources The LinkedIn Post that inspired this conversation: https://www.linkedin.com/feed/update/urn:li:activity:7264434413965328384/ IEC 62443: https://www.isa.org/standards-and-publications/isa-standards/isa-iec-62443-series-of-standards CENELEC TS 50701: https://www.en-standard.eu/clc/ts-50701-2021-railway-applications-cybersecurity/ EN 50126: https://www.en-standard.eu/bs-en-50126-1-2017-railway-applications-the-specification-and-demonstration-of-reliability-availability-maintainability-and-safety-rams-generic-rams-process/ ___________________________ To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast Are you interested in sponsoring this show with an ad placement in the podcast? Learn More 👉 https://itspm.ag/podadplc…

About the CISO Circuit Series Sean Martin and Michael Piacente join forces roughly once per month (or so, depending on schedules) to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity for business and society. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin . ____________________________ Guests: Heather Hinton , CISO-in-Residence, Professional Association of CISOs On LinkedIn | https://www.linkedin.com/in/heather-hinton-9731911/ ____________________________ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin Michael Piacente , Managing Partner and Cofounder of Hitch Partners On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente ____________________________ This Episode’s Sponsors Imperva | https://itspm.ag/imperva277117988 LevelBlue | https://itspm.ag/levelblue266f6c ThreatLocker | https://itspm.ag/threatlocker-r974 ___________________________ Episode Notes In this episode of the CISO Circuit Series , part of the Redefining Cybersecurity Podcast on ITSPmagazine, hosts Sean Martin and Michael Piacente welcomed Heather Hinton , seasoned cybersecurity leader, to discuss the evolving responsibilities and recognition of Chief Information Security Officers (CISOs). Their conversation explored the transformative work of the Professional Association of CISOs (PAC), an organization dedicated to establishing standards, accreditation, and support for cybersecurity leaders globally. This episode addressed three critical questions shaping the modern CISO role: How can CISOs build trust within their organizations? What is PAC doing to elevate cybersecurity as a recognized profession? How can CISOs prepare for increasing scrutiny and legal risks? Building Trust: A CISO’s Key Responsibility Heather Hinton, whose career includes leadership roles like VP and CISO for IBM Cloud and PagerDuty, underscores that trust is foundational for a CISO’s success. Beyond technical expertise, a CISO must demonstrate leadership, strategic thinking, and effective communication with boards, executives, and teams. Hinton highlights that cybersecurity should not be perceived as merely a technical function but as a critical enabler of business objectives. The PAC accreditation process reinforces this perspective by formalizing the skills needed to build trust. From fostering collaboration to aligning security strategies with organizational goals, PAC equips CISOs with tools to establish credibility and demonstrate value from day one. Elevating Cybersecurity as a Recognized Profession Michael Piacente, Managing Partner at Hitch Partners and co-host of the CISO Circuit Series , emphasizes PAC’s role in professionalizing cybersecurity. By introducing a Code of Professional Conduct, structured accreditation programs, and robust career development resources, PAC is raising the bar for the profession. Hinton and Piacente explain that PAC’s ultimate vision is to make membership and accreditation standard for CISO roles, akin to certifications we've come to expect and rely upon for doctors or lawyers. This vision reflects a growing recognition of cybersecurity as a discipline critical not only to organizations but to society as a whole. PAC’s advocacy extends to shaping global policies, setting professional standards, and fostering an environment where CISOs are equipped to handle emerging challenges like hybrid warfare and AI-driven threats. Preparing for Legal Risks and Industry Challenges The conversation also delves into the increasing legal and regulatory scrutiny CISOs face. Piacente and Hinton stress the importance of having clear job descriptions, liability protections, and professional resources—areas where PAC is driving significant progress. By providing legal and mental health support, along with peer-driven mentorship, PAC empowers CISOs to navigate these challenges with confidence. Hinton notes that PAC is also a critical voice in addressing broader systemic risks, advocating for policies that protect CISOs while ensuring they are well-positioned to protect their organizations and society. Looking Ahead With goals to expand its membership to 1,000 and scale its accreditation programs by 2025, PAC is setting the foundation for a more unified and professionalized cybersecurity community. Hinton envisions PAC becoming a global authority, advising governments and organizations on cybersecurity standards and policies while fostering collaboration among professionals. For those aspiring to advance cybersecurity as a recognized profession, PAC offers a platform to shape the future of the field. Learn more about PAC and how to join at TheCISO.org . ____________________________ Watch this and other videos on ITSPmagazine's YouTube Channel Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ITSPmagazine YouTube Channel: 📺 https://www.youtube.com/@itspmagazine Be sure to share and subscribe! ____________________________ To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast Are you interested in sponsoring an ITSPmagazine Channel or telling your promotional story to the Redefining CyberSecurity audience? 👉 https://www.itspmagazine.com/advertise…

The latest episode of Redefining CyberSecurity on ITSPmagazine featured a thought-provoking discussion about integrating human factors into secure software development. Host Sean Martin was joined by Dr. Kelsey Fulton, Assistant Professor at the Colorado School of Mines, and Julie Haney, a computer scientist at the National Institute of Standards and Technology. The conversation explored how human-centered approaches can strengthen secure software practices and address challenges in the development process. A Human-Centered Approach to Security Dr. Fulton shared how her research focuses on the human factors that impact secure software development. Her journey began during her graduate studies at the University of Maryland, where she was introduced to the intersection of human behavior and security in a course that sparked her interest. Her projects, such as investigating the transition from C to Rust programming languages, underscore the complexity of embedding security into the software development lifecycle. The Current State of Secure Development One key takeaway from the discussion was the tension between functionality and security in software development. Developers often prioritize getting a product to market quickly, leading to decisions that sideline security considerations. Dr. Fulton noted that while developers typically have good intentions, they often lack the resources, tools, and organizational support necessary to incorporate security effectively. She highlighted the need for a “security by design” approach, which integrates security practices from the earliest stages of development. Embedding security specialists within development teams can create a cultural shift where security becomes a shared responsibility rather than an afterthought. Challenges in Adoption and Education Dr. Fulton’s research reveals significant obstacles to adopting secure practices, including the complexity of tools and the lack of comprehensive education for developers. Even advanced tools like static analyzers and fuzzers are underutilized. A major barrier is developers’ perception that security is not their responsibility, compounded by tight deadlines and organizational pressures. Additionally, her research into Rust adoption at companies illuminated technical and organizational challenges. Resistance often stems from the cost and complexity of transitioning existing systems, despite Rust’s promise of enhanced security and memory safety. The Future of Human-Centered Security Looking ahead, Dr. Fulton emphasized the importance of addressing how developers trust and interact with tools like large language models (LLMs) for code generation. Her team is exploring ways to enhance these tools, ensuring they provide secure code suggestions and help developers recognize vulnerabilities. The episode concluded with a call to action for organizations to support research in this area and cultivate a security-first culture. Dr. Fulton underscored the potential of collaborative efforts between researchers, developers, and companies to improve security outcomes. By focusing on human factors and fostering supportive environments, organizations can significantly advance secure software development practices. ____________________________ Guests: Dr. Kelsey Fulton , Assistant Professor of Computer Science at the Colorado School of Mines Website | https://cs.mines.edu/project/fulton-kelsey/ Julie Haney , Computer scientist and Human-Centered Cybersecurity Program Lead, National Institute of Standards and Technology [ @NISTcyber ] On LinkedIn | https://www.linkedin.com/in/julie-haney-037449119/ ____________________________ Host: Sean Martin , Co-Founder at ITSPmagazine [ @ITSPmagazine ] and Host of Redefining CyberSecurity Podcast [ @RedefiningCyber ] On ITSPmagazine | https://www.itspmagazine.com/sean-martin ____________________________ View This Show's Sponsors Imperva | https://itspm.ag/imperva277117988 LevelBlue | https://itspm.ag/levelblue266f6c ThreatLocker | https://itspm.ag/threatlocker-r974 ___________________________ Watch this and other videos on ITSPmagazine's YouTube Channel Redefining CyberSecurity Podcast with Sean Martin, CISSP playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ITSPmagazine YouTube Channel: 📺 https://www.youtube.com/@itspmagazine Be sure to share and subscribe! ___________________________ Resources Kelsey Fulton Biography: https://kfulton121.github.io/ ___________________________ To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast Are you interested in sponsoring this show with an ad placement in the podcast? Learn More 👉 https://itspm.ag/podadplc…

In this latest episode of the Imperva Brand Story on ITSP Magazine, Sean Martin and Marco Ciappelli sit down with Terry Ray, CTO for Data Security at Imperva. Together, they discuss the pressing challenges and transformative innovations shaping the future of safeguarding information. Unpacking Data Security Posture Management Terry Ray introduces Data Security Posture Management (DSPM), comparing it to inspecting a home—where identifying vulnerabilities is just as important as fixing them. He emphasizes that data security requires constant vigilance, urging organizations to develop a deep understanding of their infrastructure while staying agile against emerging threats. Moving Beyond Compliance to Real Security The conversation highlights the often-misunderstood relationship between compliance and genuine security. While meeting regulatory requirements is necessary, Terry argues that true data protection requires a broader, risk-based approach, addressing vulnerabilities in both regulated and non-regulated systems to prepare for audits and unforeseen breaches. The Power of Automation and Machine Learning Terry underscores Imperva's dedication to leveraging advanced automation, AI, and machine learning technologies to process vast data sets and detect threats proactively. By adopting innovative strategies, companies can transition from reactive to proactive measures in protecting their digital ecosystems. Fostering Collaboration and Security Awareness A standout point from the discussion is the importance of collaboration across organizational roles—from compliance officers to database managers and security teams. By fostering a culture of continuous learning and teamwork, businesses can better allocate resources and adapt to evolving security priorities. Embracing Security's Ever-Changing Nature The conversation concludes with a powerful reflection on the unpredictable nature of cybersecurity. As new threats and technologies emerge, organizations must remain adaptable, forward-thinking, and prepared for the unexpected to stay ahead in an ever-changing security landscape. Learn more about Imperva: https://itspm.ag/imperva277117988 Note: This story contains promotional content. Learn more . Guest: Terry Ray, SVP Data Security GTM, Field CTO and Imperva Fellow [ @Imperva ] On Linkedin | https://www.linkedin.com/in/terry-ray/ On Twitter | https://twitter.com/TerryRay_Fellow Resources Learn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/imperva Are you interested in telling your story? https://www.itspmagazine.com/telling-your-story…