ITSPmagazine

When you feel the energy of RSAC week starting to build, you know it’s going to be a memorable one. Conversations, collaborations, learning, connecting—it’s what this community thrives on. And ahead of the big week, we had a chance to catch up with Sterling Wilson, Field CTO at Object First, to talk about their vision for data resilience and why backup security can’t be an afterthought anymore.Sterling’s career path reads like a masterclass in data protection. After working deep in the trenches as a Microsoft and virtualization architect for both government and private sectors, he transitioned into the vendor space—eventually joining Veeam Software, where he became immersed in the world of backups and data resilience. That journey eventually brought him to Object First, and it’s clear that passion for simplifying security while strengthening infrastructure hasn’t faded.One of the major shifts we talked about is how the world of cybersecurity is now fundamentally interconnected. Sterling emphasized what we’ve said many times ourselves: it’s no longer about isolated tools or technologies. It’s about how everything fits together. And at the center of it all? Data.Object First is hitting RSAC with a mission: making backup security radically simple without compromising strength. Their “Ootbi”—short for Out Of The Box Immutability—makes protecting backup data straightforward, automatic, and resilient. No special configuration needed. No extra security knowledge required. Just plug it in and let the design do the work.We loved hearing how Object First applies core Zero Trust principles—like assuming breach and strict segmentation—not to networks or apps, but directly to backup storage. It’s a philosophy Sterling calls “Zero Trust Data Resilience.” Especially in a world where admins are juggling multiple roles, budgets are tighter, and attacks are getting smarter (yes, AI is helping the bad actors too), reducing complexity while increasing protection is a game-changer.Sterling also shared a hard truth that many organizations are realizing too late: a lot of backup storage solutions weren’t built for today’s threat landscape. They weren’t designed with security-first thinking. Object First aims to fix that by focusing on simplicity, immutability, and speed—not just in backup, but in recovery when it matters most.If you’re heading to RSAC 2025, make sure you swing by Booth S260 to check out Object First in person. There’ll be demos, trivia, swag, and a few surprise announcements. Plus, Sterling will be speaking at the Insights Theater (South Expo Booth 2151) on April 30 at 10:30 AM. He’ll dive deeper into what Zero Trust Data Resilience really means—and why it’s time to rethink how we secure our most valuable digital assets.And if you can’t make it to San Francisco? Don’t worry—we’ll be recording another conversation with Sterling on location during the conference, going even deeper into these critical topics. Be sure to follow our On Location coverage to stay connected with everything happening during RSAC 2025.The future of security isn’t just about new firewalls, AI-driven analytics, or policy updates. It’s about protecting what matters most—our data—with approaches that are built for the challenges of today, not yesterday. And with companies like Object First pushing the boundaries, we think the conversation around data resilience is about to get a whole lot louder.Guests:Sterling Wilson | Field CTO | Data Resilience Strategist | ZTDR AdvocateLinkedIn: https://www.linkedin.com/in/sterling-wilson-007______________________________Resources:Learn more about Object First: https://itspm.ag/object-first-2gjlLearn more and catch more stories from Object First: https://www.itspmagazine.com/directory/object-firstImmutable Storage for Everyone.Ransomware-proof and immutable out-of-the-box, Ootbi delivers secure, simple, and powerful backup storage: https://itspm.ag/objectzlju____________________________Keywords:RSAC 2025, backup security, data resilience, immutable storage, zero trust, object first, ootbi, zero trust data resilience, cybersecurity conference, backup protection, Veeam, ransomware, disaster recovery, storage security, simple cybersecurity, RSAC, securing backups, infosec, infosecurity_______________________Learn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

We’ve been in enough conversations to know when something clicks. This one did — and it did from the very first moment.In our debut Brand Story with White Knight Labs, we sat down with co-founders John Stigerwalt and Greg Hatcher, and what unfolded was more than a company intro — it was a behind-the-scenes look at what offensive security should be.John’s journey is the kind that earns your respect quickly: he started at the help desk and worked his way to CISO, before pivoting into red teaming and co-founding WKL. Greg’s path was more unconventional — from orchestral musician to Green Beret to cybersecurity leader. Two very different stories, but a shared philosophy: learn by doing, adapt without a manual, and never take the easy route when something meaningful is on the table.That mindset now defines how White Knight Labs works with clients. They don’t sell cookie-cutter pen tests. Instead, they ask the right question up front: How does your business make money? Because if you can answer that, you can identify what a real-world attacker would go after. Then they simulate it — not in theory, but in practice.Their ransomware simulation service is a perfect example. They don’t just show up with a scanner. They emulate modern adversaries using Cobalt Strike, bypassing endpoint defenses with in-house payloads, encrypting and exfiltrating data like it’s just another Tuesday. Most clients fail the test — not because they’re careless, but because most simulations aren’t this real.And that’s the point.White Knight Labs isn’t here to help companies check a box. They’re here to expose the gaps and raise the bar — because real threats don’t play fair, and security shouldn’t pretend they do.What makes them different is what they don’t do. They’re not an all-in-one shop, and they’re proud of that. They won’t touch IR for major breaches — they’ve got partners for that. They only resell hardware and software they’ve personally vetted. That honesty builds credibility. That kind of focus builds trust.Their training programs are just as intense. Between live DEF CON courses and their online platform, they’re giving both new and experienced professionals a chance to train the way they operate: no shortcuts, no watered-down certs, just hard-earned skills that translate into real-world readiness.Pass their ODPC certification, and you’ll probably get a call — not because they need to check a hiring box, but because it proves you’re serious. And if you can write loaders that bypass real defenses? You’re speaking their language.This first conversation with John and Greg reminded us why we started this series in the first place. It’s not just about product features or service offerings — it’s about people who live and breathe what they do, and who bring that passion into every test, every client call, and every training they offer.We’ve got more stories with them on the way. But if this first one is any sign of what’s to come, we’re in for something special.⸻Learn more about White Knight Labs: Guests:John Stigerwalt | Founder at White Knight Labs | Red Team Operations Leader | https://www.linkedin.com/in/john-stigerwalt-90a9b4110/Greg Hatcher | Founder at White Knight Labs | SOF veteran | Red Team | https://www.linkedin.com/in/gregoryhatcher2/White Knight Labs Website | https://itspm.ag/white-knight-labs-vukr______________________Keywords: penetration testing, red team, ransomware simulation, offensive security, EDR bypass, cybersecurity training, White Knight Labs, advanced persistent threat, cybersecurity startup, DEF CON training, security partnerships, cybersecurity services______________________ResourcesVisit the White Knight Labs Website to learn more: https://itspm.ag/white-knight-labs-vukrLearn more and catch more stories from White Knight Labs on ITSPmagazine: https://www.itspmagazine.com/directory/white-knight-labsLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Chats on the Road to RSAC 2025, , Sean Martin and Marco Ciappelli connect with Tim Brown, Chief Information Security Officer at SolarWinds, to unpack the critical issues facing CISOs today—and why the role remains worth pursuing.Brown is participating in multiple sessions at RSAC Conference 2025, including the CISO Bootcamp and Cyber Leaders Forum. Both are closed-door conversations designed to surface real concerns in a confidential, supportive setting. These aren’t theoretical discussions—they’re rooted in hard-earned experience. Brown, who has faced high-profile scrutiny and legal fallout from a past incident at SolarWinds, brings a uniquely personal perspective to these sessions.He points out that fear and hesitation are keeping many deputy CISOs from stepping up into the top role. His message to them: don’t be afraid of the position. Despite the weight of responsibility, the role offers real influence, the ability to shape enterprise architecture, and the opportunity to drive meaningful business decisions. Brown emphasizes the importance of community support and collective growth, noting that the cybersecurity industry—still relatively young—is maturing and finding its footing when it comes to accountability and resilience.Beyond leadership development, mental health and stress management are key themes in the Cyber Leaders Forum. Brown acknowledges the toll the job can take, even sharing that his own health suffered despite thinking he was managing stress well. This honest reflection opens the door for deeper conversations about personal well-being in high-pressure roles.He’s also appearing at the Cloud Security Alliance Summit with Chris Hoff, Chief Security Officer at LastPass, where they’ll discuss incident response and field questions from the audience. On Wednesday, Brown joins a breakfast session with Tactic and Hyperwise, guiding attendees through a crisis simulation based on lessons from the Sunburst attack. His focus? Helping others avoid being unprepared in a moment of chaos.From insider threat modeling to supply chain transparency and the challenges of monitoring runtime behavior, Brown is clear-eyed about where CISOs need to focus next.This episode isn’t just a preview of conference sessions—it’s a call to future security leaders to lean in, not back.___________Guest: Tim Brown, CISO, Solarwinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesRSAC Session: CLF Ask Me Anything Session with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739404173721001x1MHRSAC Session: CISO Boot Camp Exclusive Fireside Chat with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739403254724001isXhCSA Summit at RSAC 2025: Fireside Chat with Tim Brown and Chris Hoff: https://www.csasummitrsac.com/event/5b3547c2-c652-4f77-97de-5b094e746626/agenda?session=1452408b-c822-4664-87b8-38ce1276247bLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us___________KEYWORDStim brown, sean martin, marco ciappelli, solarwinds, rsac 2025, ciso, cybersecurity, leadership, liability, stress, mental health, insider, resilience, incident, response, supply, chain, simulation, cloud, security, event coverage, on location, conference Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

As anticipation builds for the RSAC Conference 2025, ISACA leaders Mary Carmichael and Dooshima Dabo’Adzuana join Sean Martin and Marco Ciappelli to preview what the global technology and cybersecurity association has in store for attendees this year. With a focus on expanding community, AI governance, and professional development, their conversation reveals how ISACA is showing up with both timely insights and tangible resources.Mary Carmichael, President of ISACA’s Vancouver Chapter and a CPA focused on cybersecurity risk and governance, highlights the session she’s co-presenting with Dooshima Dabo’Adzuana: Third-Party AI: What Are You Really Buying? Their talk will explore the increasing complexity of evaluating AI solutions procured from vendors—especially those embedding large language models. Topics include due diligence during procurement, monitoring post-deployment, and assessing whether vendor practices align with internal risk and privacy requirements.Dooshima Dabo’Adzuana, a researcher at Boise State University and leader from ISACA’s Abuja Chapter, shares how ISACA members across regions are grappling with similar questions: What does AI mean for my organization? What risks do third-party integrations introduce? She emphasizes the importance of frameworks and educational tools—resources that ISACA is making readily available at their booth (South Expo #2268) and through new certification tracks in AI audit and security.Alongside the AI focus, visitors to the booth can explore results from ISACA’s Quantum Pulse Poll and access guidance on encryption readiness for a post-quantum future. The booth will also feature a selfie station and serve as a meeting point for the diverse ISACA community, with members from over 220 chapters worldwide.The conversation rounds out with a critical discussion on cybersecurity career development. Both Mary and Dooshima share personal stories of transitioning into the field—Mary from accounting, Dooshima from insurance—and call for broader recognition of transferable skills. They point to global tools, such as career pathway frameworks supported by ISACA and the UK Cyber Security Council, as essential for addressing the persistent workforce gap.This episode offers a preview of how ISACA is connecting global conversations on AI, quantum, and professional development—making RSAC Conference 2025 not just a tech showcase, but a community gathering rooted in learning and action.Stop by booth 2268 in the South Expo to explore how ISACA are equipping professionals with practical tools for AI governance, quantum readiness, and cybersecurity career growth—and how your organization can benefit from a stronger, more connected community.Learn more about ISACA: https://itspm.ag/isaca-96808Guests:Mary Carmichael, President of ISACA’s Vancouver Chapter | https://www.linkedin.com/in/carmichaelmary/Dooshima Dabo’Adzuana, a researcher at Boise State University and leader from ISACA’s Abuja Chapter | https://www.linkedin.com/in/dooshima-dabo-adzuana/ResourcesMary and Dooshima's session at RSA Conference: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1737642290064001tqyqLearn more about ISACA's AI resources: https://www.isaca.org/resources/artificial-intelligenceLearn more about ISACA's credentials: https://www.isaca.org/credentialingLearn more and catch more stories from ISACA: https://www.itspmagazine.com/directory/isacaLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Keywords: ai, quantum, cybersecurity, risk, governance, audit, certification, encryption, rsa, rsac, third-party, compliance, career, skills, education, community, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Ahead of the RSAC Conference, Sean Martin and Marco Ciappelli sit down with Steve Schlarman, Director of Product Management at Archer, to talk risk, regulation, and where governance fits into the broader cybersecurity conversation.Steve represents a company that’s been at the center of governance, risk, and compliance (GRC) for nearly 25 years. But don’t mistake tenure for inertia—Archer is actively reshaping how organizations think about integrated risk management, especially through its latest platform, Archer Evolv. Steve shares how his team is focused on rethinking compliance not as a checkbox, but as a foundation for smarter, more strategic business decisions.What sets Archer Evolv apart? For one, the platform doesn’t just cater to full-time risk professionals. It’s built for anyone in the organization who touches compliance—even occasionally. Steve explains how the user experience has been redesigned to make it easier for non-experts to contribute, pulling in relevant data without bogging down daily operations.AI also plays a major role. After acquiring Compliance.AI, Archer has embedded large language models and automation into its compliance workflows—cutting down the time it takes to process regulatory updates and map controls. This means compliance professionals can spend less time scanning documents and more time advising the business.But this isn’t about technology for technology’s sake. Steve underscores the bigger question facing companies today: how much risk are they truly willing to accept? Regulation might kickstart the conversation, but it’s risk management that sustains it—and that requires clarity, context, and collaboration across the business.Archer’s team will be on site at RSAC, ready to demo the platform and share stories from the field. With over 1,200 customers worldwide, the company has no shortage of real-world examples to pull from. From frontline vulnerability assessments to strategic compliance mapping, Archer’s approach is centered on enabling better decisions—not just better dashboards.Stop by booth 3117 (https://itspm.ag/archervn5f) to see how they’re turning compliance into an engine for risk-aware growth—and how your team might benefit from a more purposeful approach to GRC.Learn more about Archer: https://itspm.ag/rsaarchwebGuest: Steve Schlarman, Senior Director, Product Management at Archer Integrated Risk Management | https://www.linkedin.com/in/steveschlarman/ResourcesLearn more and catch more stories from Archer: https://www.itspmagazine.com/directory/archerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Keywords: risk, compliance, governance, cybersecurity, ai, automation, regulation, grc, audit, resilience, controls, workflow, data, business continuity, product management, rsa, rsac2025, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At this year’s RSAC Conference, the team from ThreatLocker isn’t just bringing tech—they’re bringing a challenge. Rob Allen, Chief Product Officer at ThreatLocker, joins Sean Martin and Marco Ciappelli for a lively pre-conference episode that previews what attendees can expect at booth #854 in the South Expo Hall.From rubber ducky hacks to reframing how we think about Zero Trust, the conversation highlights the ways ThreatLocker moves beyond the industry’s typical focus on reactive detection. Allen shares how most cybersecurity approaches still default to allowing access unless a threat is known, and why that mindset continues to leave organizations vulnerable. Instead, ThreatLocker’s philosophy is to “deny by default and permit by exception”—a strategy that, when managed effectively, provides maximum protection without slowing down business operations.ThreatLocker’s presence at the conference will feature live demos, short presentations, and hands-on challenges—including their popular Ducky Challenge, where participants test whether their endpoint defenses can prevent a rogue USB (disguised as a keyboard) from stealing their data. If your system passes, you win the rubber ducky. If it doesn’t? They (temporarily) get your data. It’s a simple but powerful reminder that what you think is secure might not be.The booth won’t just be about tech. The team is focused on conversations—reconnecting with customers, engaging new audiences, and exploring how the community is responding to a threat landscape that’s growing more sophisticated by the day. Allen emphasizes the importance of in-person dialogue, not only to share what ThreatLocker is building but to learn how security leaders are adapting and where gaps still exist.And yes, there will be merch—high-quality socks, t-shirts, and even a few surprise giveaways dropped at hotel doors (if you resist the temptation to open the envelope before visiting the booth).For those looking to rethink endpoint protection or better understand how proactive controls can complement detection-based tools, this episode is your preview into a very different kind of cybersecurity conversation—one that starts with a challenge and ends with community.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Guest: Rob Allen, Chief Product Officer, ThreatLocker | https://www.linkedin.com/in/threatlockerrob/ResourcesLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage______________________Keywords: rsac conference, cybersecurity, endpoint, zero trust, rubber ducky, threat detection, data exfiltration, security strategy, deny by default, permit by exception, proactive security, security demos, usb attack, cyber resilience, network control, security mindset, rsac 2025, event coverage, on location, conference____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

We’re on the road to RSAC 2025 — or maybe on a quantum-powered highway — and this time, Sean and I had the pleasure of chatting with someone who’s not just riding the future wave, but actually building it.Marc Manzano, General Manager of the Cybersecurity Group at SandboxAQ, joined us for this Brand Story conversation ahead of the big conference in San Francisco. For those who haven’t heard of SandboxAQ yet, here’s a quick headline: they’re a spin-out from Google, operating at the intersection of AI and quantum technologies. Yes — that intersection.But let’s keep our feet on the ground for a second, because this story isn’t just about tech that sounds cool. It’s about solving the very real, very painful problems that security teams face every day.Marc laid out their mission clearly: Active Guard, their flagship platform, is built to simplify and modernize two massive pain points in enterprise security — cryptographic asset management and non-human identity management. Think: rotating certificates without manual effort. Managing secrets and keys across cloud-native infrastructure. Automating compliance reporting for quantum-readiness. No fluff — just value, right out of the box.And it’s not just about plugging a new tool into your already overloaded stack. What impressed us is how SandboxAQ sees themselves as the unifying layer — enhancing interoperability across existing systems, extracting more intelligence from the tools you already use, and giving teams a unified view through a single pane of glass.And yes, we also touched on AI SecOps — because as AI becomes a standard part of infrastructure, so must security for it. Active Guard is already poised to give security teams visibility and control over this evolving layer.Want to see it in action? Booth 6578, North Expo Hall. Swag will be there. Demos will be live. Conversations will be real.We’ll be there too — recording a deeper Brand Story episode On Location during the event.Until then, enjoy this preview — and get ready to meet the future of cybersecurity.⸻Keywords:sandboxaq, active guard, rsa conference 2025, quantum cybersecurity, ai secops, cryptographic asset management, non-human identity, cybersecurity automation, security compliance, rsa 2025, cybersecurity innovation, certificate lifecycle management, secrets management, security operations, quantum readiness, rsa sandbox, cybersecurity saas, devsecops, interoperability, digital transformation______________________Guest: Marc Manzano,, General Manager of the Cybersecurity Group at SandboxAQMarc Manzano on LinkedIn🌐 SandboxAQ WebsiteHosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsSandboxAQ:https://itspm.ag/sandboxaq-j2en____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverage____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The RSA Conference has long served as a meeting point for innovation and collaboration in cybersecurity—and in this pre-RSAC episode, ITSPmagazine co-founders Marco Ciappelli and Sean Martin welcome Akamai’s Rupesh Chokshi to the conversation. With RSAC 2025 on the horizon, they discuss Akamai’s presence at the event and dig into the challenges and opportunities surrounding AI, threat intelligence, and enterprise security.Chokshi, who leads Akamai’s Application Security business, describes a landscape marked by explosive growth in web and API attacks—and a parallel shift as enterprises embrace generative AI. The double-edged nature of AI is central to the discussion: while it offers breakthrough productivity and automation, it also creates new vulnerabilities. Akamai’s dual focus, says Chokshi, is both using AI to strengthen defenses and securing AI-powered applications themselves.The conversation touches on the scale and sophistication of modern threats, including an eye-opening stat: Akamai is now tracking over 500 million large language model (LLM)-driven scraping requests per day. As these threats extend from e-commerce to healthcare and beyond, Chokshi emphasizes the need for layered defense strategies and real-time adaptability.Ciappelli brings a sociological lens to the AI discussion, noting the hype-to-reality shift the industry is experiencing. “We’re no longer asking if AI will change the game,” he suggests. “We’re asking how to implement it responsibly—and how to protect it.”At RSAC 2025, Akamai will showcase a range of innovations, including updates to its Guardicore platform and new App & API Protection Hybrid solutions. Their booth (6245) will feature interactive demos, theater sessions, and one-on-one briefings. The Akamai team will also release a new edition of their State of the Internet report, packed with actionable threat data and insights.The episode closes with a reminder: in a world that’s both accelerating and fragmenting, cybersecurity must serve not just as a barrier—but as a catalyst. “Security,” says Chokshi, “has to enable innovation, not hinder it.”⸻Keywords: RSAC 2025, Akamai, cybersecurity, generative AI, API protection, web attacks, application security, LLM scraping, Guardicore, State of the Internet report, Zero Trust, hybrid digital world, enterprise resilience, AI security, threat intelligence, prompt injection, data privacy, RSA Conference, Sean Martin, Marco Ciappelli______________________Guest: Rupesh Chokshi, SVP & GM, Akamai https://www.linkedin.com/in/rupeshchokshi/Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsAKAMAI:https://itspm.ag/akamailbwc____________________________ResourcesLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageRupesh Chokshi Session at RSAC 2025The New Attack Frontier: Research Shows Apps & APIs Are the Targets - [PART1-W09]____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

LevelBlue’s latest Threat Trends Report pulls no punches: phishing, malware, and ransomware attacks are not just continuing—they’re accelerating. In this episode of ITSPmagazine’s Brand Story podcast, hosts Sean Martin and Marco Ciappelli are joined by Kenneth Ng, a threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team, to unpack the findings and recommendations from the report.Phishing as a Service and the Surge in Email CompromisesOne of the most alarming trends highlighted by Kenneth is the widespread availability of Phishing-as-a-Service (PhaaS) kits, including names like RaccoonO365, Mamba 2FA, and Greatness. These kits allow attackers with little to no technical skill to launch sophisticated campaigns that bypass multi-factor authentication (MFA) by hijacking session tokens. With phishing attacks now leading to full enterprise compromises, often through seemingly innocuous Microsoft 365 access, the threat is more serious than ever.Malware Is Smarter, Simpler—and It’s Spreading FastMalware, particularly fake browser updates and credential stealers like Lumma Stealer, is also seeing a rise in usage. Kenneth points out the troubling trend of malware campaigns that rely on basic user interactions—like copying and pasting text—leading to full compromise through PowerShell or command prompt access. Basic group policy configurations (like blocking script execution for non-admin users) are still underutilized defenses.Ransomware: Faster and More Automated Than EverThe speed of ransomware attacks has increased dramatically. Kenneth shares real-world examples where attackers go from initial access to full domain control in under an hour—sometimes in as little as ten minutes—thanks to automation, remote access tools, and credential harvesting. This rapid escalation leaves defenders with very little room to respond unless robust detection and prevention measures are in place ahead of time.Why This Report MattersRather than presenting raw data, LevelBlue focuses on actionable insights. Each major finding comes with recommendations that can be implemented regardless of company size or maturity level. The report is a resource not just for LevelBlue customers, but for any organization looking to strengthen its defenses.Be sure to check out the full conversation and grab the first edition of the Threat Trends Report ahead of LevelBlue’s next release this August—and stay tuned for their updated Futures Report launching at RSA Conference on April 28.Learn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Kenneth Ng, threat hunter and lead incident responder on LevelBlue’s Managed Detection and Response (MDR) team | On LinkedIn: https://www.linkedin.com/in/ngkencyber/ResourcesDownload the LevelBlue Threat Trends Report | Edition One: https://itspm.ag/levelbyqdpLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥GUEST⬥Izar Tarandach, Sr. Principal Security Architect for a large media company | On LinkedIn: https://www.linkedin.com/in/izartarandach/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥In this episode of Redefining CyberSecurity, host Sean Martin sits down with Izar Tarandach, Senior Principal Security Architect at a major entertainment company, to unpack a concept gaining traction across some developer circles: vibe coding.Vibe coding, as discussed by Izar and Sean, isn’t just about AI-assisted development—it’s about coding based on a feeling or a flow, often driven by prompts to large language models (LLMs). It’s being explored in organizations from startups to large tech companies, where the appeal lies in speed and ease: describe what you want, and the machine generates the code. But this emerging approach is raising significant concerns, particularly in security circles.Izar, who co-hosts the Security Table podcast with Matt Coles and Chris Romeo, calls attention to the deeper implications of vibe coding. At the heart of his concern is the risk of ignoring past lessons. Generating code through AI may feel like progress, but without understanding what’s being written or how it fits into the broader architecture, teams risk reintroducing old vulnerabilities—at scale.One major issue: the assumption that code generated by AI is inherently good or secure. Izar challenges that notion, reminding listeners that today’s coding models function like junior developers—they may produce working code, but they’re also prone to mistakes, hallucinations, and a lack of contextual understanding. Worse yet, organizations may begin to skip traditional checks like code reviews and secure development lifecycles, assuming the machine already got it right.Sean highlights a potential opportunity—if used wisely, vibe coding could allow developers to focus more on outcomes and user needs, rather than syntax and structure. But even he acknowledges that, without collaboration and proper feedback loops, it’s more of a one-way zone than a true jam session between human and machine.Together, Sean and Izar explore whether security leaders are aware of vibe-coded systems running in their environments—and how they should respond. Their advice: assume you already have vibe-coded components in play, treat that code with the same scrutiny as anything else, and don’t trust blindly. Review it, test it, threat model it, and hold it to the same standards.Tune in to hear how this new style of development is reshaping conversations about security, responsibility, and collaboration in software engineering.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring LinkedIn Post — https://www.linkedin.com/posts/izartarandach_sigh-vibecoding-when-will-we-be-able-activity-7308105048926879744-fNMSSecurity Table Podcast: Vibe Coding: What Could Possibly Go Wrong? — https://securitytable.buzzsprout.com/2094080/episodes/16861651-vibe-coding-what-could-possibly-go-wrongWebinar: Secure Coding = Developer Power, An ITSPmagazine Webinar with Manicode Security — https://www.crowdcast.io/c/secure-coding-equals-developer-power-how-to-convince-your-boss-to-invest-in-you-an-itspmagazine-webinar-with-manicode-security-ad147fba034a⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcastRedefining CyberSecurity Podcast on YouTube:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqInterested in sponsoring this show with a podcast ad placement? Learn more:👉 https://itspm.ag/podadplc Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.