Brand Stories Podcasts

Vincent Stoffer, Field Chief Technology Officer at Corelight, shares his predictions for 2026 and what security teams should prepare for in the coming year. With nearly a decade at Corelight and a background in network and security engineering, Stoffer brings a unique perspective on where the industry is heading.The conversation explores the emergence of the agentic SOC, where AI agents work alongside human analysts to accelerate detection, response, and incident resolution. Stoffer explains that while the protocols and tools have been in development, 2026 is the year organizations will finally see these capabilities deliver real results. The key differentiator, he notes, is data quality. Tools that provide rich, detailed, and comprehensive network evidence will thrive in this AI-enabled environment.Stoffer also addresses the persistent threat from nation-state actors, particularly China's Typhoon campaigns targeting critical infrastructure. From energy and telecoms to international partners, these threats continue to expand with AI-powered acceleration. Understanding your environment and detecting anomalous behavior remains essential for organizations facing these sophisticated adversaries.The discussion concludes with a look at post-quantum readiness. While quantum computing threats may be 10 to 20 years away, Stoffer emphasizes the importance of understanding cryptographic assets now. Corelight has published a white paper detailing how NDR provides the network visibility needed to locate cryptographic assets and plan migration to quantum-ready cipher suites.This is a Brand Highlight. A Brand Highlight is an introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTVincent Stoffer, Field Chief Technology Officer at CorelightOn LinkedIn: https://www.linkedin.com/in/vincent-stoffer-07057827/RESOURCESLearn more about Corelight: https://corelight.comAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSVincent Stoffer, Corelight, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, agentic SOC, network detection and response, NDR, critical infrastructure security, nation-state threats, China Typhoon campaigns, Salt Typhoon, Volt Typhoon, post-quantum cryptography, quantum readiness, AI in cybersecurity, security operations, incident response, network visibility, Zeek Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The renewable energy sector faces a critical cybersecurity gap. As wind farms, solar installations, and battery energy storage systems proliferate across the globe, they create a decentralized network of digitally controlled assets that remain largely unprotected. Rafael Narezzi, Co-Founder and CEO of Cyber Energia, brings more than two decades of technology leadership experience to address this growing vulnerability in critical infrastructure.Cyber Energia takes a fundamentally different approach to OT security. While most cybersecurity companies stop at identifying risks through CVE scores and vulnerability assessments, Cyber Energia starts from the risk and translates it into financial terms that executives can act upon. The platform connects technical findings to compliance frameworks including NIS 2.0, IEC 62443, and NERC CIP, providing asset owners with a clear maturity landscape and actionable intelligence.Rafael Narezzi explains that asset owners in the renewable sector operate differently than traditional IT environments. Financial companies often acquire energy assets as investments without maintaining technical staff on-site. When compliance regulations now hold these owners personally liable for cybersecurity failures, they need tools that speak their language: dollars, risk, and return on investment. Cyber Energia prices its services per megawatt, demonstrating its commitment to speaking the language of energy.The decentralization of energy generation presents unique challenges. Rafael Narezzi points to recent cyber attacks on Poland's distributed grid as evidence that threat actors understand how to manipulate multiple remote locations simultaneously to destabilize power networks. Battery energy storage systems present particular risks, as compromised dispatch commands could create grid imbalances similar to the fictional scenario depicted in Ocean's 11. Yet many sites lack even basic cyber hygiene protections.Cyber Energia helps customers understand the financial impact of potential attacks. A 98-megawatt wind turbine site, for example, could lose 1.9 million dollars from just one week of downtime. This quantification enables executives to make informed decisions about relatively modest security investments that significantly reduce their risk exposure. The platform provides a single-view dashboard for organizations managing hundreds of sites across different regions, technologies, and regulatory environments.Rafael Narezzi observes that a CEO before a cyber attack is fundamentally different from a CEO after one. Organizations often underestimate digital risks compared to physical ones, despite living in an increasingly connected world. Regulations like NIS 2.0 now impose personal liability on directors and can revoke operating licenses, removing any excuse for neglecting cybersecurity. The awareness is changing, but Cyber Energia continues working to close the gap between compliance requirements and actual security posture across the renewable energy sector.This is a Brand Story. A Brand Story is a ~35-40 minute in-depth conversation designed to tell the complete story of the guest, their company, and their vision. Learn more: https://www.studioc60.com/creation#fullGUESTRafael Narezzi, Co-Founder and CEO of Cyber Energiahttps://www.linkedin.com/in/narezzi/RESOURCESCyber Energiahttps://cyberenergia.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSRafael Narezzi, Cyber Energia, Sean Martin, brand story, brand marketing, marketing podcast, brand story, OT cybersecurity, renewable energy security, critical infrastructure protection, NIS 2.0 compliance, IEC 62443, wind farm cybersecurity, solar energy security, battery energy storage systems, BESS security, decentralized energy grid, cyber risk quantification, energy sector compliance, NERC CIP, operational technology security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Highlight, Ivan Milenkovic, Vice President, Cyber Risk Technology at Qualys, joins host Sean Martin to discuss how security leaders can break free from the whack-a-mole cycle of vulnerability management.With more than 48,000 vulnerabilities disclosed in 2025 alone and the average enterprise juggling 76 different security consoles, Milenkovic argues that the old methods of counting patches and chasing alerts are no longer sustainable. Instead, Qualys helps organizations prioritize threats based on business context through what the company calls TruRisk.Milenkovic describes a fundamental shift he sees taking place in boardroom conversations: moving from risk appetite to risk tolerance. Boards and executives now want to know what specific losses mean to the business rather than simply asking whether the organization is secure.For CISOs, this means evolving from the department of "No" to the department of "Know," where security leaders understand where problems exist, how to fix them, and what architecture supports business objectives. The key is demonstrating return on investment through resilience metrics rather than vulnerability counts.Qualys addresses this challenge through its Enterprise TruRisk Management platform, which facilitates what Milenkovic calls the Risk Operations Center. Unlike a traditional SOC that focuses on incidents that have already occurred, the ROC takes a proactive stance, helping organizations prevent threats and optimize security spending before damage occurs.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTIvan Milenkovic, Vice President, Cyber Risk Technology, QualysOn LinkedIn | https://www.linkedin.com/in/ivanmilenkovic/RESOURCESLearn more about Qualys | https://www.qualys.comAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSIvan Milenkovic, Qualys, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, Enterprise TruRisk Management, Risk Operations Center, ROC, vulnerability management, CISO, cyber risk, risk tolerance, security leadership, proactive security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

As AI makes it easier for attackers to launch account takeover campaigns at scale, organizations face mounting pressure to protect their customers and their brand. Israel Mazin, Co-Founder and CEO of Memcyco, joins the conversation to discuss how real-time detection and protection capabilities are changing the game.Memcyco is built on four products within a unified platform, each designed to detect and block both traditional and AI-driven attacks in real time. Unlike reactive threat intelligence solutions, Memcyco identifies victims as they interact with fake sites, provides detailed attacker data, and even deploys credential deception to neutralize stolen information before it can be used.With an agentless deployment that takes just minutes to implement, Memcyco delivers more than 10x ROI for customers across financial services, retail, airlines, logistics, and hospitality. The company has achieved nearly 300% year-over-year growth, serving organizations across North America, Latin America, Europe, and beyond.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTIsrael Mazin, Co-Founder and CEO of MemcycoOn LinkedIn: https://www.linkedin.com/in/israel-mazin-62215b/RESOURCESMemcyco: https://www.memcyco.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSIsrael Mazin, Memcyco, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, account takeover, ATO fraud, digital impersonation, phishing protection, real-time fraud detection, credential deception, website spoofing, AI-driven attacks, fraud prevention platform, agentless security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Highlight, we talk with Denny LeCompte, CEO and Co-Founder of Portnox, about how identity and access control are changing as AI-driven agents and synthetic identities become active participants inside enterprise environments.Passwords still sit at the root of many security failures, which is why the conversation starts with the fundamentals: controlling who can access data, from where, and under what device and policy conditions. Certificate-based authentication emerges as a practical way to reduce password dependency while keeping enforcement tied to managed devices and policy compliance.The discussion then shifts to what is changing for security leaders. CISOs may feel more confident managing traditional cyber threats, but uncertainty rises quickly when AI-generated and non-human identities enter the picture. Agentic AI turns automation into an entity that touches networks and applications, making access control a first-order requirement rather than an afterthought.A clear theme emerges throughout the conversation: synthetic identities are not hypothetical. They appear anywhere autonomous agents require permissions to act, from software development to workflow automation. Applying the same discipline used for human identities, including least privilege, scope limitation, and policy enforcement, becomes essential to maintaining control as AI adoption accelerates.Note: This story contains promotional content. Learn more.GuestDenny LeCompte, CEO and Co-Founder of Portnoxhttps://www.linkedin.com/in/dennylecompte/ResourcesLearn more about Portnox: https://www.portnox.com/Are you interested in telling your story?Full Length Brand Story: https://www.studioc60.com/content-creation#fullBrand Spotlight Story: https://www.studioc60.com/content-creation#spotlightBrand Highlight Story: https://www.studioc60.com/content-creation#highlightKeywords: sean martin, denny lecompte, portnox, identity, access, zero trust, passwordless, certificates, agentic ai, synthetic identities, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Title: The Right Model for the Right Security Task | A Brand Highlight Conversation with Michael Roytman, Co-Founder and CTO of Empirical SecurityIn this Brand Highlight conversation, Michael Roytman, Co-Founder and CTO of Empirical Security, joins Sean Martin to discuss why choosing the right AI model for the right task is essential for effective cybersecurity.Michael Roytman explains how Empirical Security takes a data-driven, Moneyball-style approach to preventative security. The company builds and maintains an ensemble of models, including the open EPSS model used by over 100 vendors, global models for vulnerability exploitation forecasting, and local models tailored to each customer's unique environment.The conversation explores a critical finding: LLMs perform poorly at predictive security tasks. Michael Roytman shares research he published in Forbes comparing EPSS to LLMs from Google, OpenAI, and Anthropic. While LLMs excel at summarization and classification, they struggle to predict future exploitation events. Purpose-built models like XGBoost consistently outperform LLMs for probability forecasting.Empirical Security positions itself as a data science company operating on security data rather than a traditional security vendor. With two-thirds of the founding team holding data science backgrounds, the company trains models from scratch and continuously retrains them as environments and threat landscapes evolve.This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlightGUESTMichael Roytman, Co-Founder and CTO of Empirical SecurityOn LinkedIn | https://www.linkedin.com/in/michael-roytman/RESOURCESLearn more about Empirical Security | https://www.empiricalsecurity.comAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSEmpirical Security, Michael Roytman, data-driven security, vulnerability management, EPSS, risk-based vulnerability management, AI in cybersecurity, machine learning security, LLM limitations, predictive security models, XGBoost, local models, global models, preventative security, Moneyball security, cybersecurity AI, threat intelligence, security data science, model retraining, ITSPmagazine, Brand Highlight, Studio C60 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

As organizations race to adopt AI, many discover an uncomfortable truth: ambition often outpaces readiness. In this episode of the ITSPmagazine Brand Story Podcast, host Sean Martin speaks with Julian Hamood, Founder and Chief Visionary Officer at TrustedTech, about what it really takes to operationalize AI without amplifying risk, chaos, or misinformation.Julian shares that most organizations are eager to activate tools like AI agents and copilots, yet few have addressed the underlying condition of their environments. Unstructured data sprawl, fragmented cloud architectures, and legacy systems create blind spots that AI does not fix. Instead, AI accelerates whatever already exists, good or bad.A central theme of the conversation is readiness. Julian explains that AI success depends on disciplined data classification, permission hygiene, and governance before automation begins. Without that groundwork, organizations risk exposing sensitive financial, HR, or executive data to unintended audiences simply because an AI system can surface it.The discussion also explores the operational reality beneath the surface. Most environments are a patchwork of Azure, AWS, on-prem infrastructure, SaaS platforms, and custom applications, often shaped by multiple IT leaders over time. When AI is layered onto this complexity without architectural clarity, inaccurate outputs and flawed business decisions quickly follow.Sean and Julian also examine how AI initiatives often emerge from unexpected places. Legal teams, business units, and individual contributors now build their own AI workflows using low-code and no-code tools, frequently outside formal IT oversight. At the same time, founders and CFOs push for rapid AI adoption while resisting the investment required to clean and secure the foundation.The episode highlights why AI programs are never one-and-done projects. Ongoing maintenance, data validation, and security oversight are essential as inputs change and systems evolve. Julian emphasizes that organizations must treat AI as a permanent capability on the roadmap, not a short-term experiment.Ultimately, the conversation frames AI not as a shortcut, but as a force multiplier. When paired with disciplined architecture and trusted guidance, AI enables scale, speed, and confidence. Without that discipline, it simply magnifies existing problems.Note: This story contains promotional content. Learn more.GUESTJulian Hamood, Founder and Chief Visionary Officer at TrustedTech | On LinkedIn: https://www.linkedin.com/in/julian-hamood/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight▶︎ Highlight Brand Story: https://www.studioc60.com/content-creation#highlightKeywords: sean martin, julian hamood, trusted tech, ai readiness, data governance, ai security, enterprise ai, brand story, brand marketing, marketing podcast, brand story podcast, brand spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Risk has always been part of doing business. What has changed is its scale, speed, and interconnected nature. In this episode, Sean Martin and Marco Ciappelli are joined by Megha Kumar, Chief Product Officer and Head of Geopolitical Risk at CyXcel, to explore how organizations can think more clearly about digital risk without becoming paralyzed by complexity.Kumar shares how digital resilience is no longer a technical problem alone. Regulations, infrastructure dependencies, geopolitical tensions, supply chain exposure, and emerging technologies such as AI now converge into a single operational reality. Organizations that treat these as isolated issues often miss the real picture, where one decision quietly amplifies risk across multiple domains.A central theme of the conversation is proportion. Kumar emphasizes that risk management is not about eliminating uncertainty, but aligning effort with value. Not every threat matters equally to every organization. Understanding who you are, where you operate, and where you are going determines which signals deserve attention and which are simply noise.The discussion also reframes geopolitics as a daily business concern rather than a distant policy issue. Companies operate inside global power dynamics whether they acknowledge it or not. Technology choices, supplier relationships, and market expansion decisions increasingly carry political and regulatory consequences that surface quickly and without warning.Rather than advocating for massive new departments or rigid frameworks, Kumar outlines a practical approach. Organizations can decide whether to avoid, mitigate, transfer, or tolerate risk, then revisit those decisions as conditions change. This mindset supports growth and innovation while avoiding the false comfort of static checklists.The episode closes on culture. Effective risk management depends on listening across roles, disciplines, and seniority. Internal dissent, diverse viewpoints, and external validation are presented as assets, not obstacles. In a world where uncertainty is constant, resilience comes from clarity, not control.Learn more about CyXcel: https://itspm.ag/cyxcel-922331Note: This story contains promotional content. Learn more.GUESTMegha Kumar, Partner, Chief Product Officer & Head of Geopolitical Risk at CyXcel | On LinkedIn: https://www.linkedin.com/in/drmeghakumarcyxcel/RESOURCESLearn more and catch more stories from CyXcel: https://www.itspmagazine.com/directory/cyxcelAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight▶︎ Highlight Brand Story: https://www.studioc60.com/content-creation#highlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This episode focuses on a security incident that prompts an honest discussion about transparency, preparedness, and the importance of strong processes. Sean Martin speaks with Viktor Petersson, Founder and CEO of Screenly, who shares how his team approaches digital signage security and how a recent alert from their bug bounty program helped validate the strength of their culture and workflows.Screenly provides a secure digital signage platform used by organizations that care deeply about device integrity, uptime, and lifecycle management. Healthcare facilities, financial services, and even NASA rely on these displays, which makes the security posture supporting them a priority. Viktor outlines why security functions best when embedded into culture rather than treated as a compliance checkbox. His team actively invests in continuous testing, including a structured bug bounty program that generates a steady flow of findings.The conversation centers on a real event: a report claiming that more than a thousand user accounts appeared in a public leak repository. Instead of assuming the worst or dismissing the claim, the team mobilized within hours. They validated the dataset, built correlation tooling, analyzed how many records were legitimate, and immediately reset affected accounts. Once they ruled out a breach of their systems, they traced the issue to compromised end user devices associated with previously known credential harvesting incidents.This scenario demonstrates how a strong internal process helps guide the team through verification, containment, and communication. Viktor emphasizes that optional security features only work when customers use them, which is why Screenly is moving to passwordless authentication using magic links. Removing passwords eliminates the attack vector entirely, improving security for customers without adding friction.For listeners, this episode offers a clear look at what rapid response discipline looks like, how bug bounty reports can add meaningful value, and why passwordless authentication is becoming a practical way forward for SaaS platforms. It is a timely reminder that transparency builds trust, and security culture determines how confidently a team can navigate unexpected events.Learn more about Screenly: https://itspm.ag/screenly1oNote: This story contains promotional content. Learn more.GUESTViktor Petersson, Co-founder of Screenly | On LinkedIn: https://www.linkedin.com/in/vpetersson/RESOURCESLearn more and catch more stories from Screenly: https://www.itspmagazine.com/directory/screenlyLinkedIn Post: https://www.linkedin.com/posts/vpetersson_screenly-security-incident-response-how-activity-7393741638918971392-otkkBlog: Security Incident Response: How We Investigated a Data Leak and What We're Doing Next: https://www.screenly.io/blog/2025/11/10/security-incident-response-magic-links/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlightKeywords: sean martin, marco ciappelli, viktor petersson, security, authentication, bugbounty, signage, incidentresponse, breaches, cybersecurity, brand story, brand marketing, marketing podcast, brand story podcast, brand spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The Solar Car That Charges Itself While You Live Your LifeGrowing up, I always wondered: why can't cars just recharge themselves as we drive? Turns out, someone finally built exactly that.Robert Hoevers and his team at Squad Mobility created a solar-powered city car that does something brilliantly simple—it charges itself. There's a solar panel on the roof that continuously feeds the battery whether you're parked at the grocery store, sitting in your driveway, or cruising around town.The engineering is impressive, but the user experience is even better. For most people living in sunny climates—anywhere between 45 degrees north and 45 degrees south latitude (roughly Spain to South Africa)—you'll never need to find a charging station. Ever.Here's the reality: the average person drives about 12 kilometers a day for daily errands. School runs, grocery shopping, meeting friends. The Squad solar car has a 150-kilometer maximum range, and the sun replenishes what you use. You just drive it, park it, and forget about charging infrastructure entirely.This is what smart urban mobility looks like. It's street legal with proper crash structures, seat belts, and rollover protection. It tops out at 45 or 70 kilometers per hour depending on which model you choose—fast enough for city streets, not built for highways. In Europe, you only need a moped license for the slower version.The design sits somewhere between a golf cart and a Smart car, which makes perfect sense. Squad isn't trying to replace your family vehicle. They're solving the "second car" problem—those short daily trips where driving a massive SUV feels ridiculous.The market is responding. Squad Mobility has over 5,300 pre-orders and secured 1.5 million euros in European subsidies. They're currently crowdfunding on Republic to bridge the final gap before production starts in about a year.What surprised me most? Ten percent of their pre-orders come from American gated communities and golf cart neighborhoods. These communities already understand the value of compact, efficient vehicles for daily errands. Squad just made them solar-powered and street legal.Yes, you need consistent sunlight. If you live in perpetually cloudy climates, you'll still need to plug in occasionally. But for millions of people in sunny regions tired of hunting for charging stations or paying electricity bills to charge their second car, Squad Mobility built the obvious solution that somehow nobody else did.Sometimes innovation isn't about reinventing the wheel. It's about putting a solar panel on the roof and letting the sun do the work.This is the future of urban mobility, and it's arriving next year. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

When “Normal” Doesn’t Work: Rethinking Data and the Role of the SOC AnalystMonzy Merza, Co-Founder and CEO of Crogl, joins Sean Martin and Marco Ciappelli to discuss how cybersecurity teams can finally move beyond the treadmill of normalization, alert fatigue, and brittle playbooks that keep analysts from doing what they signed up to do—find and stop bad actors.Merza draws from his experience across research, security operations, and leadership roles at Splunk, Databricks, and one of the world’s largest banks. His message is clear: the industry’s long-standing approach of forcing all data into one format before analysis has reached its limit. Organizations are spending millions trying to normalize data that constantly changes, and analysts are paying the price—buried under alerts they can’t meaningfully investigate.The conversation highlights the human side of this issue. Analysts often join the field to protect their organizations, but instead find themselves working on repetitive tickets with little context, limited feedback loops, and an impossible expectation to know everything—from email headers to endpoint logs. They are firefighters answering endless 911 calls, most of which turn out to be false alarms.Crogl’s approach replaces that normalization-first mindset with an analyst-first model. By operating directly on data where it lives—without requiring migration or schema alignment—it allows every analyst to investigate deeper, faster, and more consistently. Each action taken by one team member becomes shared knowledge for the next, creating an adaptive, AI-driven system that evolves with the organization.For CISOs, this means measurable consistency, auditability, and trust in outcomes. For analysts, it means rediscovering purpose—focusing on meaningful investigations instead of administrative noise.The result is a more capable, connected SOC where AI augments human reasoning rather than replacing it. As Merza puts it, the new normal is no normalization—just real work, done better.Watch the full interview and product demo: https://youtu.be/7C4zOvF9sdkLearn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.GUESTMonzy Merza, Founder and CEO of CROGL | On LinkedIn: https://www.linkedin.com/in/monzymerza/RESOURCESLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglBrand Spotlight: The Schema Strikes Back: Killing the Normalization Tax on the SOC: https://brand-stories-podcast.simplecast.com/episodes/the-schema-strikes-back-killing-the-normalization-tax-on-the-soc-a-corgl-spotlight-brand-story-conversation-with-cory-wallace [Video: https://youtu.be/Kx2JEE_tYq0]Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Breaking Free from Data Normalization: A Smarter Path for Security TeamsTraditional security models were built on a simple idea: collect data, normalize it, and analyze it. But as Director of Product Marketing Cory Wallace explains in this conversation with Sean Martin, that model no longer fits the reality of modern security operations. Data now lives across systems, clouds, and lakes—making normalization an inefficient, error-prone step that slows teams down and risks critical blind spots.Rethinking How Analysts Work with DataCory describes how schema drift, inconsistent field naming, and vendor-specific query languages have turned the analyst’s job into a maze of manual mapping and guesswork. Each product update or schema change introduces a chance to miss something important—something an attacker is counting on. Crogl’s new patent eliminates this problem by enabling search and correlation across unnormalized data, creating a unified analytical view without forcing everything into one rigid format.From Data Chaos to Analyst EmpowermentThis shift isn’t just technical—it’s cultural. Instead of treating SOC analysts as passive alert closers, Crogl’s model empowers them with meaningful context from the start. Alerts now come with historical data, cross-referenced fields, and prebuilt queries, giving analysts the information they need to make decisions faster and more confidently.Efficiency with IntelligenceWallace explains how this approach saves time, reduces training burdens, and cuts dependency on multiple query languages. It helps overworked teams move from reactive triage to proactive investigation. By removing unnecessary layers of data transformation, organizations can accelerate incident resolution, minimize risk, and help analysts focus on what matters most—catching what others miss.At its core, the conversation highlights how removing the barriers of data normalization can redefine what’s possible in modern security operations.Watch the full interview: https://youtu.be/Kx2JEE_tYq0Learn more about CROGL: https://itspm.ag/crogl-103909Note: This story contains promotional content. Learn more.GUESTCory Wallace, Director of Product Marketing at CROGL | On LinkedIn: https://www.linkedin.com/in/corywallacecrogl/RESOURCESLearn more and catch more stories from CROGL: https://www.itspmagazine.com/directory/croglPress Release: https://www.globenewswire.com/news-release/2025/11/05/3181815/0/en/Crogl-Granted-Patent-for-Analyzing-Non-Normalized-Data-for-Security.htmlForbes Article: https://www.forbes.com/sites/justinwarren/2025/11/05/tackling-cybersecurity-data-sprawl-without-normalizing-everything/LinkedIn Post: https://www.linkedin.com/posts/activity-7391913358817517569-QaCHAre you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Spotlight Brand Story: https://www.studioc60.com/content-creation#spotlight Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The decision to leave a successful corporate position and start a company requires more than just identifying a market opportunity. For Shankar Somasundaram, it required witnessing firsthand how traditional cybersecurity approaches consistently failed in the environments that matter most to society: hospitals, manufacturing plants, power facilities, and critical infrastructure.Somasundaram's path to founding Asimily began with diverse technical experience spanning telecommunications and early machine learning development. This foundation proved essential when he transitioned to cybersecurity, eventually building and growing the IoT security division at a major enterprise security company.During his corporate tenure, Somasundaram gained direct exposure to security challenges across healthcare systems, industrial facilities, utilities, manufacturing plants, and oil and gas operations. Each vertical revealed the same fundamental problem: existing security solutions were designed for traditional IT environments where confidentiality and integrity took precedence, but operational technology environments operated under entirely different rules.The mismatch became clear through everyday operational realities. Hospital ultrasound machines couldn't be taken offline during procedures for security updates. Manufacturing production lines couldn't be rebooted for patches without scheduling expensive downtime. Power plant control systems required continuous availability to serve communities. These environments prioritized operational continuity above traditional security controls.Beyond technical challenges, Somasundaram observed a persistent communication gap between security and operations teams. IT security professionals spoke in terms of vulnerabilities and patch management. Operations teams focused on uptime, safety protocols, and production schedules. Neither group had effective frameworks for translating their concerns into language the other could understand and act upon.This divide created frustration for Chief Security Officers who understood risks existed but lacked clear paths to mitigation that wouldn't disrupt critical business operations. Organizations could identify thousands of vulnerabilities across their operational technology environments, but struggled to prioritize which issues actually posed meaningful risks given their specific operational contexts.Somasundaram recognized an opportunity to approach this problem differently. Rather than building another vulnerability scanner or forcing operational environments to conform to IT security models, he envisioned a platform that would provide contextual risk analysis and actionable mitigation strategies tailored to operational requirements.The decision to leave corporate security and start Asimily wasn't impulsive. Somasundaram had previous entrepreneurial experience and understood the startup process. He waited for the right convergence of market need, personal readiness, and strategic opportunity. When corporate priorities shifted through acquisitions, the conditions aligned for his departure.Asimily's founding mission centered on bridging the gap between operational technology and information technology teams. The company wouldn't just build another security tool; it would create a translation layer enabling different organizational departments to collaborate effectively on risk reduction.This approach required understanding multiple stakeholder perspectives within client organizations. Sometimes the primary user would be a Chief Information Security Officer. Other times, it might be a manufacturing operations head managing production floors, or a clinical operations director in healthcare. The platform needed to serve all these perspectives while maintaining technical depth.Somasundaram's product engineering background informed this multi-stakeholder approach. His experience with complex system integration—from telecommunications infrastructure to machine learning algorithms—provided insight into how security platforms could integrate with existing IT infrastructure while addressing operational technology requirements.The vision extended beyond traditional vulnerability management to comprehensive risk analysis considering operational context, business impact, and regulatory requirements. Rather than treating all vulnerabilities equally, Asimily would analyze each device within its specific environment and use case, providing organizations with actionable intelligence for informed decision-making.Somasundaram's entrepreneurial journey illustrates how diverse technical experience, industry knowledge, and strategic timing converge to address complex market problems. His transition from corporate executive to startup founder demonstrates how deep industry exposure can reveal opportunities to solve problems that established players might overlook or underestimate.Today, as healthcare systems, manufacturing facilities, and critical infrastructure become increasingly connected, the vision Somasundaram brought to Asimily's founding has proven both timely and necessary. The company's development reflects not just market demand, but the value of approaching familiar problems from fresh perspectives informed by real operational experience.Learn more about Asimily: itspm.ag/asimily-104921Note: This story contains promotional content. Learn more.Guest: Shankar Somasundaram, CEO & Founder, Asimily  | On LinkedIn: https://www.linkedin.com/in/shankar-somasundaram-a7315b/Company Directory: https://www.itspmagazine.com/directory/asimilyResourcesLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when a cybersecurity incident requires legal precision, operational coordination, and business empathy—all at once? That’s the core question addressed in this origin story with Bryan Marlatt, Chief Regional Officer for North America at CyXcel.Bryan brings over 30 years of experience in IT and cybersecurity, with a history as a CISO, consultant, and advisor. He now helps lead an organization that sits at the intersection of law, cyber, and geopolitics—an uncommon combination that reflects the complexity of modern risk. CyXcel was founded to address this reality head-on, integrating legal counsel, cybersecurity expertise, and operational insight into a single, business-first consulting model.Rather than treat cybersecurity as a checklist or a technical hurdle, Bryan frames it as a service that should start with the business itself: its goals, values, partnerships, and operating environment. That’s why their engagements often begin with conversations with sales, finance, or operations—not just the CIO or CISO. It’s about understanding what needs to be protected and why, before prescribing how.CyXcel supports clients before, during, and after incidents—ranging from tailored tabletop exercises to legal coordination during breach response and post-incident recovery planning. Their work spans critical sectors like healthcare, utilities, finance, manufacturing, and agriculture—where technology, law, and regulation often converge under pressure.Importantly, Bryan emphasizes the need for tailored guidance, not generic frameworks. He notes that many companies don’t realize how incomplete their protections are until it’s too late. In one example, he recounts a hospital system that chose to “pay the fine” rather than invest in cybersecurity—a decision that risks reputational and operational harm far beyond the regulatory penalty.From privacy laws and third-party contract reviews to incident forensics and geopolitical risk analysis, this episode reveals how cybersecurity consulting is evolving to meet a broader—and more human—set of business needs.Learn more about CyXcel: https://itspm.ag/cyxcel-922331Note: This story contains promotional content. Learn more.Guest: Bryan Marlatt, Chief Regional Officer (North America) at CyXcel | On LinkedIn: https://www.linkedin.com/in/marlattb/ResourcesLearn more and catch more stories from CyXcel: https://www.itspmagazine.com/directory/cyxcelLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Black Hat 2025, Sean Martin sits down with Ofir Stein, CTO and Co-Founder of Apono, to discuss the pressing challenges of identity and access management in today’s hybrid, AI-driven environments. Stein’s background in technology infrastructure and DevOps, paired with his co-founder’s deep cybersecurity expertise, positions the company to address one of the most common yet critical problems in enterprise security: how to secure permissions without slowing the pace of business.Organizations often face a tug-of-war between security teams seeking to minimize risk and engineering or business units pushing for rapid access to systems. Stein explains that traditional approaches to access control — where permissions are either always on or granted through manual processes — create friction and risk. Over-provisioned accounts become prime targets for attackers, while delayed access slows innovation.Apono addresses this through a Zero Standing Privilege approach, where no user — human or non-human — retains permanent permissions. Instead, access is dynamically granted based on business context and automatically revoked when no longer needed. This ensures engineers and systems get the right access at the right time, without exposing unnecessary attack surfaces.The platform integrates seamlessly with existing identity providers, governance systems, and IT workflows, allowing organizations to centralize visibility and control without replacing existing tools. Dynamic, context-based policies replace static rules, enabling access that adapts to changing conditions, including the unpredictable needs of AI agents and automated workflows.Stein also highlights continuous discovery and anomaly detection capabilities, enabling organizations to see and act on changes in privilege usage in real time. By coupling visibility with automated policy enforcement, organizations can not only identify over-privileged accounts but also remediate them immediately — avoiding the cycle of one-off audits followed by privilege creep.The result is a solution that scales with modern enterprise needs, reduces risk, and empowers both security teams and end users. As Stein notes, giving engineers control over their own access — including the ability to revoke it — fosters a culture of shared responsibility for security, rather than one of gatekeeping.Learn more about Apono: https://itspm.ag/apono-1034Note: This story contains promotional content. Learn more.Guest:Ofir Stein, CTO and Co-Founder of Apono | On LinkedIn: https://www.linkedin.com/in/ofir-stein/ResourcesLearn more and catch more stories from Apono: https://www.itspmagazine.com/directory/aponoLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, ofir stein, apono, zero standing privilege, access management, identity security, privilege creep, just in time access, ai security, governance, cloud security, black hat, black hat usa 2025, cybersecurity, permissions Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Event Recap: Kieran Human at Black Hat USA 2025 — ThreatLocker Unveils Configuration Defense, Achieves FedRAMP Status & MoreThreatLocker introduced DAC configuration monitoring and achieved FedRAMP certification at Black Hat 2025, strengthening zero trust capabilities while expanding government market access through practical security solutions.Zero trust security continues evolving beyond theoretical frameworks into practical business solutions, as demonstrated by ThreatLocker's latest announcements at Black Hat USA 2025. The company introduced Defense Against Configuration (DAC), a monitoring tool addressing a critical gap in zero trust implementations.Kieran Human, Special Projects Engineer at ThreatLocker, explained the challenge driving DAC's development. Organizations implementing zero trust often struggle with configuration management, potentially leaving systems vulnerable despite security investments. DAC monitors configurations continuously, alerting administrators to potential security issues and mapping findings to compliance frameworks including Essential 8.The tool addresses human factors in security implementation. Technical staff sometimes create overly permissive rules to minimize user complaints, compromising security posture. DAC provides weekly reports to executives, ensuring oversight of configuration decisions and maintaining security standards across the organization.ThreatLocker's approach distinguishes itself through "denied by default, allowed by exception" methodology, contrasting with traditional endpoint detection and response solutions that permit by default and block threats reactively. This fundamental difference requires careful implementation to avoid business disruption.The company's learning mode capabilities address deployment concerns. With over 10,000 built-in application profiles, ThreatLocker automates policy creation while learning organizational workflows. This reduces manual configuration requirements that previously made zero trust implementations tedious and time-intensive.FedRAMP certification represents another significant milestone, opening government sector opportunities. Federal compliance requirements previously excluded ThreatLocker from certain contracts, despite strong customer demand for their zero trust capabilities. This certification enables expansion into highly regulated environments requiring stringent security controls.Customer testimonials continue validating the approach. One user reported preventing three breaches after implementing ThreatLocker's zero trust solution, demonstrating measurable security improvements. Such feedback reinforces the practical value of properly implemented zero trust architecture.The balance between security and business functionality remains crucial. Organizations need security solutions that protect assets without hampering productivity. ThreatLocker's principle of least privilege implementation focuses on enabling business requirements with minimal necessary permissions rather than creating restrictive environments that impede operations.Human described working closely with CEO Danny Jenkins, emphasizing the collaborative environment that drives product innovation. His engineering perspective provides valuable insights into customer needs while maintaining focus on practical security solutions that work in real-world environments.As zero trust adoption accelerates across industries, tools like DAC become essential for maintaining security posture while meeting business demands. The combination of automated learning, configuration monitoring, and compliance mapping addresses practical implementation challenges facing security teams today.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Kieran Human, Special Project Engineer at ThreatLocker | On LinkedIn | https://www.linkedin.com/in/kieran-human-5495ab170/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from our Black Hat USA 2025 coverage: https://www.itspmagazine.com/bhusa25Learn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At Black Hat USA 2025, Sean Martin, co-founder of ITSPmagazine, sat down with Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, to discuss the findings from the company’s latest ransomware report. Over the past five years, the research has tracked how attack patterns, targets, and business models have shifted—most notably from file encryption to data theft and extortion.Brett explains that many ransomware groups now find it more profitable—and less risky—to steal sensitive data and threaten to leak it unless paid, rather than encrypt files and disrupt operations. This change also allows attackers to stay out of the headlines and avoid immediate law enforcement pressure, while still extracting massive payouts. One case saw a Fortune 50 company pay $75 million to prevent the leak of 100 terabytes of sensitive medical data—without a single file being encrypted.The report highlights variation in attacker methods. Some groups focus on single large targets; others, like the group “LOP,” exploit vulnerabilities in widely used file transfer applications, making supply chain compromise a preferred tactic. Once inside, attackers validate their claims by providing file trees and sample data—proving the theft is real.Certain industries remain disproportionately affected. Healthcare, manufacturing, and technology are perennial top targets, with oil and gas seeing a sharp increase this year. Many victims operate with legacy systems, slow to adopt modern security measures, making them vulnerable. Geographically, the U.S. continues to be hit hardest, accounting for roughly half of all observed ransomware incidents.The conversation also addresses why organizations fail to detect such massive data theft—sometimes hundreds of gigabytes per day over weeks. Poor monitoring, limited security staffing, and alert fatigue all contribute. Brett emphasizes that reducing exposure starts with eliminating unnecessary internet-facing services and embracing zero trust architectures to prevent lateral movement.The ransomware report serves not just as a data source but as a practical guide. By mapping observed attacker behaviors to defensive strategies, organizations can better identify and close their most dangerous gaps—before becoming another statistic in next year’s findings.Learn more about Zscaler: https://itspm.ag/zscaler-327152Note: This story contains promotional content. Learn more.Guest:Brett Stone-Gross, Senior Director of Threat Intelligence at Zscaler, | On LinkedIn: https://www.linkedin.com/in/brett-stone-gross/ResourcesLearn more and catch more stories from Zscaler: https://www.itspmagazine.com/directory/zscalerLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, brett stone-gross, ransomware, data extortion, cyber attacks, zero trust security, threat intelligence, data breach, cyber defense, network security, file transfer vulnerability, data protection, black hat, black hat usa 2025, zscaler Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Marco Ciappelli of ITSPmagazine explores cybersecurity workforce transformation with CyberSN's Deidre Diamond and Fortune 200 CISO-turned-CEO Carraig StanwyckThe corridors of Black Hat 2025 in Las Vegas buzzed with conversations about AI and emerging threats, but one of the most compelling discussions centered on something decidedly human: how we actually manage our cybersecurity teams. Marco Ciappelli, Co-Founder and CMO of ITSPmagazine, connected with longtime industry colleague Deidre Diamond, who brought along Carraig Stanwyck—a seasoned cybersecurity leader who recently transitioned from Fortune 200 CISO to CEO."It's been great running into people I know here at Black Hat," Ciappelli noted, "but finding Deidre after 11 years—and meeting the people she's been working with—that's what these events are really about. Finding out what's happening in the industry and reconnecting."Diamond, who has spent 11 years in cybersecurity with eight years focused on talent matching and three years developing workforce risk management practices at CyberSN, brought a unique perspective to the conversation. Her journey from building a cyber taxonomy and job matching solution to addressing the industry's critical workforce challenges—retention, burnout, capability gaps, and career planning—set the stage for understanding how one Fortune 200 CISO discovered the limitations of traditional workforce management.The Excel Trap: When Good Intentions Meet RealityWhen Stanwyck thought he had workforce management figured out, he was using Excel spreadsheets and conducting regular happiness surveys with his cybersecurity team. As someone who started his career in human intelligence and carried that people-focused approach through government, startups, and enterprise organizations, he believed he was ahead of the curve."I thought I already had a solution," Stanwyck reflects. "I was already meeting with my people, doing specific surveys to track happiness and belonging because I wanted to catch issues early. You get your team right, and you can do anything."But when he met Deidre Diamond from CyberSN at RSA two years ago, his confidence was quickly shaken. "She was talking about workforce risk management, and I was like, 'Well, yeah, I do that. I'm all set. I'm covered.'" Diamond's response was simple: "Show me how you visualize the data you use."That's when Stanwyck discovered the limitations of his Excel-based approach—old data, time-intensive processes, and a fundamental lack of real-time visibility into how his team actually functioned.Beyond Job Titles: The Hidden Workforce RealityWhat CyberSN's platform revealed transformed Stanwyck's understanding of his own team. "You can re-interview your people like a recorder," he explains. "You can see that someone you hired as an analyst is doing all this engineering work—maybe they're better on the engineering team."The platform provided something Stanwyck had never experienced: quantitative visibility into how his team's time was actually being spent. "It gave me a level of visibility in the team, what they were doing, and how their time was being spent at a quantitative level that there's no way for me to replicate manually."Even more revealing was the discovery that job descriptions become obsolete almost immediately. "The job description of our talent is old within weeks and within months from the day it's created—if it was even created correctly at all," Diamond noted during the conversation.The Fulfillment Factor: Beyond Happiness to PurposeWhile Stanwyck's happiness surveys captured surface-level satisfaction, CyberSN's approach dug into something more fundamental. "HappinessHappy is important, but one that feels fulfilled—that they have a purpose—that's the key," Stanwyck emphasizes.The platform's approach to understanding team members went beyond traditional metrics. "When you know where they want to go, how they feel about the team, you get all this extra data," Stanwyck explains. "Your ability to craft development plans, to help them move through different parts of the team, to help with career planning—it becomes so nailed that they can't help but see their way forward."The impact was immediate and lasting. When Stanwyck transitioned to his CEO role, his team specifically requested that the organization renew their CyberSN contract. "These teammates feel like, wow, they're investing in understanding me more and planning more. It just adds to professional efficacy."From Reactive to Strategic: The Business Case RevolutionPerhaps the most significant transformation was in business communication. Every cybersecurity leader knows the refrain: "We don't have enough people." But quantifying that gap had always been nearly impossible."How do you show the gaps and how you're not able to meet specific capability requirements?" Stanwyck asks. "It's really hard using the lack of tools you have right now—it's very subjective."CyberSN's dual visualization capability became a game-changer. "You can see the whole org chart from people—what they're doing. But you can also flip it and see that same org chart from a capabilities perspective," Stanwyck describes. "Here's all the capabilities we need. How are they staffed? What are we missing? How do we plan for the future as we grow?"This visibility transformed conversations with executive leadership. "It's easier to get budgets, easier to make a business case for where you're going as you grow," Stanwyck notes. "CIOs, CFOs, CEOs can now understand what the security leader is dealing with in a way that's logical, not just a spreadsheet."The Multi-Tool DiscoveryThe platform revealed something crucial about modern cybersecurity teams: people are multi-tools, not single-purpose instruments. "You hire somebody because they do X or Y—that's the assumption," Stanwyck explains. "But when you get to know them better through the taxonomies, when you figure out what they end up doing on the team even if it wasn't what they were hired for, you start realizing these tools are multi-tools."This discovery enabled better strategic planning and resource allocation. "It allows you to have a much better plan for how you're gonna leverage them throughout the organization, help them upscale, identify those opportunities for them to maximize the value they're able to provide."The Human Element in an AI-Driven WorldAs Black Hat 2025 showcased the latest in AI and automation, Stanwyck offered a refreshing perspective on the role of humans in cybersecurity's future. "AI technologies are really statistical models of existing information—they're not creative, they're not thinking outside the box," he observes.Instead of replacement, Stanwyck advocates for empowerment. "I'm excited about companies that take a smarter approach—how do we empower the human? It's kind of like putting that superhero costume on rather than getting rid of them."For cybersecurity leaders still managing teams through spreadsheets and gut feelings, this Black Hat conversation offers a clear message: true workforce visibility isn't just about knowing who works for you—it's about understanding how they work, what fulfills them, and how to strategically position your human capabilities for the challenges ahead.CyberSN's workforce risk management platform transforms how cybersecurity leaders understand, develop, and strategically deploy their most valuable asset: their people.Learn more about CyberSN: https://itspm.ag/cybersn-476941Note: This story contains promotional content. Learn more.Guests:Deidre Diamond, Founder and CEO of CyberSN | On LinkedIn: https://www.linkedin.com/in/deidrediamond/Carraig Stanwyck, CEO at 3 Tree Tech and former Fortune 200 CISO | On LinkedIn: https://www.linkedin.com/in/carraig-stanwyck/ResourcesLearn more and catch more stories from CyberSN: https://www.itspmagazine.com/directory/cybersnLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: marco ciappelli, deidre diamond, carraig stanwyck, cybersecurity, workforce management, talent retention, job descriptions, skills gap, leadership, employee engagement, career development, black hat, black hat usa, black hat 2025, workforce risk management Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Mike Wayne, responsible for global sales at BlinkOps, joins ITSPmagazine host Sean Martin to discuss how organizations can harness agentic AI to transform security operations—and much more.The conversation begins with a clear reality: business processes are complex, and when security is added into the mix, orchestrating workflows efficiently becomes even more challenging. BlinkOps addresses this by providing a platform that not only automates security tasks but also extends across HR, finance, sales, and marketing. By enabling automation in areas like employee onboarding/offboarding or access management, the platform helps organizations improve efficiency, reduce risk, and free human talent for higher-value work.Mike explains that while traditional SOAR tools require heavy scripting and ongoing maintenance, BlinkOps takes a different approach. Its security co-pilot allows users to describe automations in plain language, which are then generated—90% complete—by the system. Whether the user is a SOC analyst or an HR manager, the platform supports low-code and no-code capabilities, making automation accessible to “citizen developers” across the organization.The concept of micro agents is central. Instead of relying on large, complex AI models that can hallucinate or act unpredictably, BlinkOps uses focused, purpose-built agents with smaller context windows. These agents handle specific tasks—such as enriching security alerts—within larger workflows, ensuring accuracy and control.The benefits are tangible. One customer’s triage agent processed 400 alerts in just eight days without direct human intervention, while another saved $1.8 million in manual endpoint deployment costs over a single month. Outcomes like reduced mean time to respond (MTTR) and faster time to automation are key drivers for adoption, especially when facing zero-day vulnerabilities where speed is critical.BlinkOps runs as SaaS, hybrid, or in secure environments like GovCloud, making it adaptable for organizations of all sizes and compliance requirements.The takeaway is clear: AI-driven automation doesn’t just improve security operations—it creates new efficiencies across the enterprise. As Mike puts it, when a process can be automated, “just blink it.”Learn more about BlinkOps: https://itspm.ag/blinkops-942780Note: This story contains promotional content. Learn more.Guest: Mike Wayne, Vice President, Global Sales at BlinkOps | On Linkedin: https://www.linkedin.com/in/mikejwayne/ResourcesLearn more and catch more stories from BlinkOps: https://www.itspmagazine.com/directory/blinkopsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: sean martin, mike wayne, blink ops, ai automation, agentic ai, micro agents, security automation, soc automation, workflow automation, zero day response, alert triage, enrichment agent, low code automation, cyber security ai, enterprise automation, black hat usa, black hat 2025 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In an era where organizations depend heavily on commercial applications to run their operations, the integrity of those applications has become a top security concern. Saša Zdjelar, Chief Trust Officer at ReversingLabs and Operating Partner at Crosspoint Capital, shares how protecting the software supply chain now extends far beyond open source risk.Zdjelar outlines how modern applications are built from a mix of first-party, contracted, open source, and proprietary third-party components. By the time software reaches production, its lineage spans geographies, development teams, and sometimes even AI-generated code. Incidents like SolarWinds, Kaseya, and CircleCI demonstrate that trusted vendors are no longer immune to compromise, and commercial software can introduce critical vulnerabilities or malicious payloads deep into enterprise systems.Regulatory drivers are increasing scrutiny. Executive Order 14028, Europe’s Cyber Resilience Act, DORA, and U.S. Department of Defense software sourcing restrictions all require greater transparency, such as a Software Bill of Materials (SBOM). However, Zdjelar cautions that SBOMs—while valuable—are like ingredient lists without recipes: they don’t reveal if a product is secure, just what’s in it.ReversingLabs addresses this gap with a no-compromise analysis engine capable of deconstructing any file, of any size or complexity, to assess its safety. This capability enables organizations to make risk-based decisions, continuously monitor for unexpected changes between software versions, and operationalize controls at points such as procurement, SCCM deployments, or file transfers into critical environments.For CISOs, this represents a true technical control where previously only contractual clauses, questionnaires, or insurance policies existed. By placing analysis at the front of the software lifecycle, organizations can reduce reliance on costly manual testing and sandboxing, improve detection of tampering or hidden behavior, and even influence cyber insurance rates.The takeaway is clear: software supply chain security is a board-level concern, and the focus must expand beyond open source. With the right controls, organizations can avoid becoming the next headline-making breach and maintain trust with customers, partners, and regulators.Learn more about ReversingLabs: https://itspm.ag/reversinglabs-v57bNote: This story contains promotional content. Learn more.Guest: Saša Zdjelar, Chief Trust Officer at ReversingLabs and Operating Partner at Crosspoint Capital | On Linkedin: https://www.linkedin.com/in/sasazdjelar/ResourcesLearn more and catch more stories from ReversingLabs: https://www.itspmagazine.com/directory/reversinglabsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-storyKeywords: Black Hat 2025, Black Hat USA, sean martin, saša zdjelar, software supply chain security, commercial software risk, binary analysis, software bill of materials, sbom security, malicious code detection, ciso strategies, third party software risk, software tampering detection, malware analysis tools, devsecops security, application security testing, cybersecurity compliance Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.