ITSPmagazine

In this on-location conversation recorded during RSAC 2025, attorney, investor, and strategic advisor Yair Geva shares a global perspective shaped by years of legal counsel, venture investing, and deal-making across Israel, Europe, and the U.S. Geva offers unique insight into how cybersecurity, AI, and M&A are not only intersecting—but actively reshaping—the tech ecosystem.More than just a legal expert, Geva advises early-stage founders and institutional investors across markets, helping them navigate cultural, legal, and strategic gaps. With over 50 personal investments and a strong focus on cybersecurity in recent institutional activity, his perspective reflects where real momentum is building—and how smart capital is being deployed.AI Acceleration and M&A HesitationAccording to Geva, the accelerating capabilities of AI have created a strange paradox: in some sectors, VCs are hesitant to invest because the pace of change undermines long-term confidence. Yet in cybersecurity, AI is acting as a catalyst, not a caution. Cyber-AI combinations are among the few domains where deals are still moving quickly. He points to recent acquisitions—such as Palo Alto Networks’ move on Protect AI—as a sign that strategic consolidation is alive and well, even if overall deal volume remains lighter than expected.Cyber Due Diligence Is Now Table StakesAcross all industries, cybersecurity evaluations have become a non-negotiable part of M&A. Whether acquiring a fashion brand or a software firm, buyers now expect a clear security posture, detailed risk management plans, and full disclosure of any prior breaches. Geva notes that incident response experience, when managed professionally, can actually serve as a confidence builder in the eyes of strategic buyers.From Global Hubs to Human ConnectionsWhile San Francisco remains a major force, Geva sees increasing momentum in New York, London, and Tel Aviv. Yet across all markets, he emphasizes that human relationships—trust, cultural understanding, and cross-border collaboration—ultimately drive deal success more than any legal document or term sheet.With a front-row seat to innovation and a hand in building the bridges that power global tech growth, Yair Geva is helping define the next chapter of cybersecurity, AI, and strategic investment.Listen to the full conversation to hear what’s shaping the deals behind tomorrow’s cybersecurity innovations.Note: This story contains promotional content. Learn more.Guest: Yair Geva, Attorney and Investor | https://www.linkedin.com/in/yairgeva/ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, yair geva, cybersecurity, investment, ai, m&a, venture, resilience, innovation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this on-location episode recorded at the RSAC Conference, Sean Martin and Marco Ciappelli sit down once again with Rob Allen, Chief Product Officer at ThreatLocker, to unpack what Zero Trust really looks like in practice—and how organizations can actually get started without feeling buried by complexity.Rather than focusing on theory or buzzwords, Rob lays out a clear path that begins with visibility. “You can’t control what you can’t see,” he explains. The first step toward Zero Trust is deploying lightweight agents that automatically build a view of the software running across your environment. From there, policies can be crafted to default-deny unknown applications, while still enabling legitimate business needs through controlled exceptions.The Zero Trust Mindset: Assume Breach, Limit AccessRob echoes the federal mandate definition of Zero Trust: assume a breach has already occurred and limit access to only what is needed. This assumption flips the defensive posture from reactive to proactive. It’s not about waiting to detect bad behavior—it’s about blocking the behavior before it starts.The ThreatLocker approach stands out because it focuses on removing the traditional “heavy lift” often associated with Zero Trust implementations. Rob highlights how some organizations have spent years trying (and failing) to activate overly complex systems, only to end up stuck with unused tools and endless false positives. ThreatLocker’s automation is designed to lower that barrier and get organizations to meaningful control faster.Modern Threats, Simplified DefensesAs AI accelerates the creation of polymorphic malware and low-code attack scripts, Zero Trust offers a counterweight. Deny-by-default policies don’t require knowing every new threat—just clear guardrails that prevent unauthorized activity, no matter how it’s created. Whether it’s PowerShell scripts exfiltrating data or AI-generated exploits, proactive controls make it harder for attackers to operate undetected.This episode reframes Zero Trust from an overwhelming project into a series of achievable, common-sense steps. If you’re ready to hear what it takes to stop chasing false positives and start building a safer, more controlled environment, this conversation is for you.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, marco ciappelli, rob allen, zero trust, cybersecurity, visibility, access control, proactive defense, ai threats, policy automation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Quantum computing and AI are no longer theoretical concepts for tomorrow—they’re shaping how organizations must secure their infrastructure today. In this episode of the podcast, Marc Manzano, General Manager of Cybersecurity at SandboxAQ, joins the conversation to share how his team is helping organizations confront some of the most urgent and complex cybersecurity shifts of our time.SandboxAQ, a company spun out of Alphabet, operates at the intersection of quantum technology and artificial intelligence. Manzano highlights two immediate challenges that demand new approaches: the looming need for quantum-resistant cryptography and the unchecked proliferation of AI agents across enterprise systems.Post-Quantum Migration and Cryptographic AgilityManzano describes an industry-wide need for massive cryptographic migration in response to the quantum threat. But rather than treating it as a one-time fix, SandboxAQ promotes cryptographic agility—a framework that enables organizations to dynamically and automatically rotate credentials, replace algorithms, and manage certificates in real-time. Their approach replaces decades of static key management practices with a modern, policy-driven control plane. It’s not just about surviving the post-quantum era—it’s about staying ready for whatever comes next.Taming the Complexity of AI Agents and Non-Human IdentitiesThe second challenge is the surge of non-human identities—AI agents, machine workloads, and ephemeral cloud infrastructure. SandboxAQ’s platform provides continuous visibility and control over what software is running, who or what it communicates with, and whether it adheres to security policies. This approach helps teams move beyond manual, one-off audits to real-time monitoring, dramatically improving how organizations manage software supply chain risks.Real Use Cases with Measurable ImpactManzano shares practical examples of how SandboxAQ’s technology is being used in complex environments like large banks—where decades of M&A activity have created fragmented infrastructure. Their platform unifies cryptographic and identity management through a single pane of glass, helping security teams act faster with less friction. Another use case? Reducing vendor risk assessment from months to minutes, allowing security teams to assess software posture quickly and continuously.Whether it’s quantum cryptography, AI risk, or identity control—this isn’t a vision for 2030. It’s a call to action for today.Learn more about SandboxAQ: https://itspm.ag/sandboxaq-j2enNote: This story contains promotional content. Learn more.Guest: Marc Manzano, General Manager of Cybersecurity at SandboxAQ | https://www.linkedin.com/in/marcmanzano/ResourcesLearn more and catch more stories from SandboxAQ: https://www.itspmagazine.com/directory/sandboxaqLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:marc manzano, marco ciappelli, sean martin, cryptography, quantum, ai, cybersecurity, nonhuman, keymanagement, rsac2025, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In today’s threat environment, it’s not enough to back up your data—you have to be able to trust that those backups will be there when you need them. That’s the message from Sterling Wilson, Field CTO at Object First, during his conversation at RSAC Conference 2025.Object First is purpose-built for Veeam environments, offering out-of-the-box immutability (OOTBI) with a hardened, on-premises appliance. The goal is simple but critical: make backup security both powerful and practical. With backup credentials often doubling as access credentials for storage infrastructure, organizations expose themselves to unnecessary risk. Object First separates those duties by design, reducing the attack surface and protecting data even when attackers have admin credentials in hand.Immutability as a Foundation—Not a FeatureThe conversation highlights data from a recent ESG study showing that 81% of respondents recognize immutable object storage as the most secure way to protect backup data. True immutability means data cannot be modified or deleted until a set retention period expires—an essential safeguard when facing ransomware or insider threats. But Sterling emphasizes that immutability alone isn’t enough. Backup policies, storage access, and data workflows must be segmented and secured.Zero Trust for Backup InfrastructureZero trust principles—verify explicitly, assume breach, enforce least privilege—have gained ground across networks and applications. But few organizations extend those principles into the backup layer. Object First applies zero trust directly to backup infrastructure through what they call zero trust data resilience. That includes verifying credentials at every step and ensuring backup jobs can’t alter storage configurations.A Real-World Test: Marysville School DistrictWhen Marysville School District suffered a ransomware attack, nearly every system was compromised—except the Object First appliance. The attacker had administrative credentials, but couldn’t access or encrypt the immutable backups. Thanks to the secure design and separation of permissions, recovery was possible—demonstrating that trust in your backups can’t be assumed; it must be enforced by design.Meeting Customers Where They AreTo support both partners and end customers, Object First now offers OOTBI through a consumption-based model. Whether organizations are managing remote offices or scaling their environments quickly, the new model provides flexibility without compromising security or simplicity.Learn more about Object First: https://itspm.ag/object-first-2gjlNote: This story contains promotional content. Learn more.Guest: Sterling Wilson, Field CTO, Object First | https://www.linkedin.com/in/sterling-wilson/ResourcesLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, sterling wilson, ransomware, immutability, backups, cybersecurity, zero trust, data protection, veeam, recovery, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this RSAC 2025 episode, Sean Martin sits down with Steve Schlarman, Senior Director of Product Management at Archer, to explore how organizations are rethinking compliance and risk—not just as a box to check, but as a business enabler.At the center of the conversation is Archer Evolv, a new platform intentionally designed to move beyond legacy GRC workflows. Built on years of insight from customers and aligned with the company’s post-RSA independence, Evolv aims to modernize how compliance and risk teams operate. That includes automating burdensome regulatory processes, surfacing business-relevant risk insights, and supporting more strategic decision-making.Leveraging technology developed by Compliance.ai, acquired by Archer last year, Archer applies AI tuned specifically for the language of compliance, helping customers reduce review time per regulatory obligation from 100 hours to just a few. That’s more than a productivity gain—it’s a structural shift in how companies adapt to nonstop regulatory change.Another critical area is quantifying risk. Rather than relying on subjective heat maps, Archer enables organizations to calculate loss exposure in real terms. This creates a foundation for executive conversations rooted in financial and operational impact, not just abstract threat levels. That same quantitative view can be applied to understanding the cost of controls—ensuring that investments align with real business risk, rather than piling on complexity for the sake of coverage.The conversation closes on a powerful shift: risk and compliance teams freeing up time and brainpower to collaborate directly with the business. With the manual grunt work automated and controls mapped more intelligently, these teams can help shape new services and strategic initiatives—safely and confidently.This episode isn’t just about software or frameworks. It’s about what happens when governance becomes a driver of value, not just a reaction to fear.Listen in to hear how Archer is helping turn risk and compliance from operational drag into business advantage.Learn more about Archer: https://itspm.ag/rsaarchwebNote: This story contains promotional content. Learn more.Guest: Steve Schlarman, Senior Director, Product Management, Archert | https://www.linkedin.com/in/steveschlarman/ResourcesLearn more and catch more stories from Archer Integrated Risk Management: https://www.itspmagazine.com/directory/archerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, steve schlarman, risk, compliance, ai, governance, grc, quantification, controls, automation, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2025, Rupesh Chokshi, Senior Vice President and General Manager of the Application Security Group at Akamai, joined ITSPmagazine to share critical insights into the dual role AI is playing in cybersecurity today—and what Akamai is doing about it.Chokshi lays out the landscape with clarity: while AI is unlocking powerful new capabilities for defenders, it’s also accelerating innovation for attackers. From bot mitigation and behavioral DDoS to adaptive security engines, Akamai has used machine learning for over a decade to enhance protection, but the scale and complexity of threats have entered a new era.The API and Web Application Threat SurgeReferencing Akamai’s latest State of the Internet report, Chokshi cites a 33% year-over-year rise in web application and API attacks—topping 311 billion threats. More than 150 billion of these were API-related. The reason is simple: APIs are the backbone of modern applications, yet many organizations lack visibility into how many they have or where they’re exposed. Shadow and zombie APIs are quietly expanding attack surfaces without sufficient monitoring or defense.Chokshi shares that in early customer discovery sessions, organizations often uncover tens of thousands of APIs they weren’t actively tracking—making them easy targets for business logic abuse, credential theft, and data exfiltration.Introducing Akamai’s Firewall for AIAkamai is addressing another critical gap with the launch of its new Firewall for AI. Designed for both internal and customer-facing generative AI applications, this solution focuses on securing runtime environments. It detects and blocks issues like prompt injection, PII leakage, and toxic language using scalable, automated analysis at the edge—reducing friction for deployment while enhancing visibility and governance.In early testing, Akamai found that 6% of traffic to a single LLM-based customer chatbot involved suspicious activity. That volume—within just 100,000 requests—highlights the urgency of runtime protections for AI workloads.Enabling Security LeadershipChokshi emphasizes that modern security teams must engage collaboratively with business and data teams. As AI adoption outpaces security budgets, CISOs are looking for trusted, easy-to-deploy solutions that enable—not hinder—innovation. Akamai’s goal: deliver scalable protections with minimal disruption, while helping security leaders shoulder the growing burden of AI risk.Learn more about Akamai: https://itspm.ag/akamailbwcNote: This story contains promotional content. Learn more.Guest: Rupesh Chokshi, SVP & General Manager, Application Security, Akamai | https://www.linkedin.com/in/rupeshchokshi/ResourcesLearn more and catch more stories from Akamai: https://www.itspmagazine.com/directory/akamaiLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, rupesh chokshi, akamai, rsac, ai, security, cisos, api, firewall, llm, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What a magnificent full moon!Late April.The San Fernando Valley shimmered gently.Tiny lights flickered softly,like electric fireflies in summer dreams.In a small garden,beneath an old wise lemon tree,something special was about to happen.Because lemon trees, you know,hide delicate secrets;magical whispers, patiently guardedamong their fruits, flowers and branches.Up high, safe and sound,Mr and Mrs Hummingbird waited.Little hearts vibrating with hope.They watched carefully,as small eggs cracked, whispered and hatchedunder California’s warm sky.Jack and Sally arrived.At first with their eyes closed,resting peacefully in the warmth of their mother.Days passed gently.Soon their eyes opened andfeathers grew, stretching softly.From their nest they gazed with wonderat the lively world of the garden:birds singing, flowers murmuring,bees buzzing tirelesslyand squirrels chasing each other merrily,leaping from tree to treeas if they’d had a little too much coffee;far too much, in fact!“Calm down a bit,” exclaimed Sally bravely from the nest.“We’re still learning how to be hummingbirds!”The garden fell silent for a moment,smiled quietly,and kindly replied,“Welcome, Jack! Welcome, Sally! Welcome to the Valley!”Days turned into weeks. Sally stretched her wings,tiny feathers growing stronger by the hour,training and preparingto reach the sky of her dreams.At last, the big day came.“Watch me, Jack!” sang Sally joyfully,and with a brave flutter, she left the nest.She flew—slowly at first, then faster;twirling, laughing, gliding above the flowers and below the branches,while the whole garden cheered and clapped.Jack watched from the nest, silent.His left wing, carefully folded, was still unsure.The garden held its breath, happy for Sally,but gently concerned for Jack.“Your moment will come too, dear,” whispered Mrs Hummingbird softly,kissing Jack on the forehead. “Believe in it.”That very night, as stars filled the sky,Jack stared at the little Glass Hot-Air Balloon that,hanging from a branch of the lemon tree,swayed gently in the evening breeze.An ornament, a sunset trapped,gently lit from within by dancing flames that, perhaps, were fake,but only if you didn’t believe in magic.Jack believed.He balanced carefully, hopping softly,bravely, from branch to branch,towards the glowing balloon that kept on dancing in the windas if it were flying through the sky.Without hesitation, he jumped into the tiny basket.Suddenly, sparks shimmered. Whirls danced.Magic awakened beneath his feathers,as the Glass Hot-Air Balloon rose,lifting slowly into the evening air.“Jack!” exclaimed Sally, eyes full of wonder.She flew right up next to him, laughing.Together they soared, joyfully twirling,while the garden clapped louder than ever.Even Mr and Mrs Hummingbird blinked in astonishment,smiling proudly at their brave children.“You know,” said an old owl,smiling wisely from a nearby branch,“if you follow the sunset, through the canyon,you’ll reach the Great Blue Ocean.”Jack’s heart fluttered with courage.“Come with me, Sally!” he said, eyes shining.And Sally didn’t hesitate.She joined Jack on the hot-air balloonand together they flew higher and farther,beyond the valley, over winding canyons,towards golden rays blending with endless blue.The ocean appeared—glittering, infinite;the waves whispering gentle secretslit softly by what was left of the sunset.Below, the Malibu pier glowed warm and welcoming,caressed by the Pacific Ocean and the breeze.The whole bay greeted the brave adventurers.Jack breathed deeply, heart full.He had found his way to fly, to soar in the sky;not by trying to be like the others,but by embracing who he truly was.Because it’s not our limits that define us,but our courage to dream,our will to believe,and the magic we carry within.Because nothing,absolutely nothing,can stop those who dare to dream.- Written by Marco Ciappelli Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

RSAC 2025 is a wrap. The expo floor is closed, the conversations have ended, and the gear is packed — but the reflections are just beginning. Throughout the week, Sean Martin and Marco Ciappelli had powerful discussions around AI, identity, platform security, partnerships, the evolving legal and VC landscapes, and the growing importance of multi-layered defense strategies. But one moment stood out. While we were recording outside the conference, someone walking by asked us, “Is the world secure now?” Our answer was simple: “We’re working on it.” That exchange captured the spirit of the entire event — security is not a destination, it’s an ongoing effort. We learn, we adapt, and we move forward faster than the future is coming at us. Thank you to everyone who made RSAC 2025 such a meaningful experience. Next stops: AppSec Global in Barcelona, Infosec Europe in London, Black Hat and DEF CON in Las Vegas — and more conversations across the hybrid analog digital society we all share. Until next time, keep building, keep connecting, and keep moving forward. ___________Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage___________KEYWORDSsean martin, marco ciappelli, rsac 2025, quantum, ai, grc, devsecops, zero trust, appsec, resilience, event coverage, on location, conference___________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Dr. Jason R.C. Nurse, Associate Professor in Cybersecurity at the University of Kent and Director of Science and Research at CybSafe, joins ITSPmagazine at RSAC 2025 to discuss how people’s attitudes shape their cybersecurity behaviors—at home, at work, and everywhere in between.Drawing from a global survey of over 7,000 individuals, Dr. Nurse presents data that reveals a fundamental challenge: while many individuals recognize the importance of cybersecurity, a significant number also find it intimidating and frustrating. Nearly 43% of participants shared that they feel overwhelmed by security measures, highlighting a persistent disconnect between the intent of security protocols and the lived experience of users.This disconnect manifests in inconsistent behaviors. At home, people may take extra precautions to protect their personal lives and families. At work, however, there’s a tendency to outsource responsibility to the employer. This duality—heightened vigilance in personal spaces and relaxed caution in professional environments—creates vulnerabilities in a world where attackers don’t care where the device or user happens to be.The conversation emphasizes the need to rethink how we approach cybersecurity education, awareness, and design. Dr. Nurse advocates for a “usable security” model—systems that protect users without demanding overly technical knowledge or creating friction. He uses the example of biometrics and seamless phone authentication to show how good design can improve both security and user satisfaction.To illustrate the connection between knowledge, attitude, and behavior, Dr. Nurse brings humor into the mix with a memorable analogy involving Kit Kats. Just as knowing something is delicious can shape our cravings and actions, understanding security in relatable terms can lead to more proactive behaviors.The episode wraps with a candid reflection on trust and novelty in the face of emerging AI systems—like self-driving cars. Dr. Nurse questions whether people truly trust new technologies or if they’re simply seduced by convenience and innovation.This is a conversation about what it really takes to build a security-conscious society—one that understands people as much as it understands threats.Listen to the full episode to hear how mindset, usability, and cultural attitudes are reshaping the human side of cybersecurity.___________Guest: Dr. Jason R.C. Nurse, Associate Professor in Cybersecurity at the University of Kent | https://www.linkedin.com/in/jasonrcnurse/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________Resources Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us___________KEYWORDSsean martin, marco ciappelli, jason r c nurse, rsac 2025, cybersecurity, behavior, mindset, usability, ai, trust, event coverage, on location, conference Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The cybersecurity workforce shortage isn’t a new problem—but according to Jamie Norton, Board Director at ISACA, it’s one that’s getting worse. In this on-location conversation during RSAC Conference 2025, Norton shares how ISACA is not only acknowledging this persistent gap but actively building pathways to close it, especially for early-career professionals.While many know ISACA for its certifications and events, Norton emphasizes that the organization’s mission goes much deeper—supporting digital trust through education, community, and career development. One key area of focus: helping individuals navigate every phase of their professional journey, from new graduates to seasoned leaders. That includes new offerings like the Certified Cyber Operations Analyst (CCOA) credential, designed specifically to meet the growing demand for technical, hands-on skills in security operations roles.What’s driving this shift? Norton points to employer demand for candidates who can walk into SOC and technical analyst roles with practical experience. The CCOA was created based on feedback from ISACA’s 185,000+ global members and a wide network of hiring organizations, all highlighting the same pain point: early-stage roles are difficult to fill, not because people aren’t interested, but because too many can’t prove their skills in ways hiring managers understand.ISACA’s response is both strategic and community-driven. Certification development is rooted in large-scale data analysis and enhanced by input from members around the world, ensuring each program reflects real-world needs. At the same time, ISACA recognizes that certifications alone don’t create confidence. Community and mentorship matter—especially for those struggling with imposter syndrome or breaking into the field from non-traditional backgrounds.Looking ahead, ISACA is investing in career journey tools, AI-focused certifications, and guidance for post-quantum readiness—all while continuing to support members through local chapters and global programs.For those hiring, job-seeking, or guiding others into the field, this episode offers a grounded, forward-looking view into how one organization is equipping the cybersecurity workforce for the work that matters now—and what’s coming next.Learn more about ISACA: https://itspm.ag/isaca-96808Note: This story contains promotional content. Learn more.Guest: Jamie Norton, Director Board of Directors, ISACA | https://www.linkedin.com/in/jamienorton/ResourcesLearn more and catch more stories from ISACA: https://www.itspmagazine.com/directory/isacaLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:jamie norton, sean martin, marco ciappelli, cybersecurity, certifications, workforce, skills, governance, community, careers, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.