The ITSPmagazine Podcast

Peter Klimek, an expert in application security, discusses the challenges and benefits of identifying vulnerabilities early in the software development lifecycle. He highlights the importance of finding a balance between tools and human expertise. The conversation also touches on measurement of closure velocity and the significance of development team velocity as a core metric in application security. Peter emphasizes the role of APIs, platform engineering, and infrastructure as code in improving collaboration and automation. He draws a parallel between guardrails on a highway and the need for guardrails in application security, providing development teams with time to address critical vulnerabilities.

About the CISO Circuit SeriesSean Martin and Michael Piacente will join forces roughly once per month to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guest: Michael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this special episode of Redefining Cybersecurity—the CISO Circuit Series—Sean Martin and Michael Piacente come together to explore the role of a CISO and the challenges they face. They discuss how organizations are trimming cybersecurity activities, including the reduction or elimination of CISO roles, due to the impact of the economy. They explore the concept of "battlefield promotions," where individuals within organizations take on CISO responsibilities without the official title. They discuss the trend of an increasing number of job seekers in the cybersecurity market, with data revealing a significant rise in both proactive and reactive candidates. They also discuss the importance of executive-level support for CISOs and the impact it has on their job satisfaction and success.The conversation touches on the issue of executive sponsorship, with many companies failing to fully support their security programs, leading to frustration and turnover among CISOs. The conversation highlights the collaborative nature of the CISO community and its influence on the hiring process. They also explore the concept of ESG (Environmental, Social, and Governance) and its influence on individuals seeking new security roles.The desire to make a positive impact on the world and align with organizations that share that goal emerges as a driving force for CISOs. Give the challenges cybersecurity leadership encounters, the need for adequate support and resources continues to mount.Throughout the episode, Sean and Michael provide valuable insights into the evolving nature of the CISO role and the factors that influence job satisfaction and career moves in the cybersecurity industry. Listeners can expect a thoughtful and informative conversation that highlights the complexities and nuances of the CISO role in today's dynamic cyber landscape.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesPodcast: A Tale of 2 CISOs: Navigating the Evolving Landscape of Information Security and Ethics, Today and Tomorrow | A Musing On the Future of Cybersecurity and Humanity with Sean Martin and TAPE3 | Read by TAPE3: https://redefining-cybersecurity.simplecast.com/episodes/a-tale-of-2-cisos-navigating-the-evolving-landscape-of-information-security-and-ethics-today-and-tomorrow-a-musing-on-the-future-of-cybersecurity-and-humanity-with-sean-martin-and-tape3-read-by-tape3Blog Series: Am I Wrong For Saying I Could Never Be A CISO?Part 1 Of 4 | The Risks And Rewards Of Being A Chief Information Security Officer: https://www.itspmagazine.com/redefining-cybersecurity-blog-with-tape3/am-i-wrong-for-saying-i-could-never-be-a-ciso-the-risks-and-rewards-of-being-a-chief-information-security-officer-part-1-of-4Part 2 Of 4 | CISO Playbook: Preparation And Tools For Navigating The Cybersecurity Minefield: https://www.itspmagazine.com/redefining-cybersecurity-blog-with-tape3/am-i-wrong-for-saying-i-could-never-be-a-ciso-ciso-playbook-preparation-and-tools-for-navigating-the-cybersecurity-minefield-part-2-of-4Part 3 Of 4 | The Power Of Community And Communication: Just A Couple More (Critical) Pieces Of The CISO Puzzle: https://www.itspmagazine.com/redefining-cybersecurity-blog-with-tape3/am-i-wrong-for-saying-i-could-never-be-a-ciso-the-power-of-community-and-communication-just-a-couple-more-critical-pieces-of-the-ciso-puzzle-part-3-of-4____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Kayla Williams, CISO of Devo Inc. [@devo_Inc] and co-host of the Locked Down Podcast [@LockedDownKT]On Linkedin | https://www.linkedin.com/in/kaylamwilliams1/On Twitter | https://twitter.com/kayla_obviouslyOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williams____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode, hosts Marco and Sean are joined by Kayla Williams, CISO for Devo Technology, to discuss the upcoming SOC Analyst Appreciation Day. The conversation covers various sessions that will be part of the event, including topics such as mental health, a day in the life of a SOC analyst, and the impact of AI and automation. They emphasize the need for empathy and understanding when it comes to mental health, highlighting the importance of recognizing signs of distress and offering support. They also discuss the challenges faced by SOC analysts, such as burnout and the lack of recognition, and stress the need for better communication and collaboration within the industry.The CISO panel that will be part of the event, titled "CISOs in the Hot Seat," sparks curiosity about the discussion topics, with hopes that people management and understanding the mental health of teams will be addressed. The session on AI and automation raises questions about whether it will make the life of SOC analysts easier or increase the threat landscape. There is tons of excitement from Sean and Marco about hosting the "Day in the Life of a SOC Analyst" panel, where they aim to explore the daily struggles and experiences of analysts. They underscore the importance of appreciation and recognition within the industry, as indicated by statistics showing that many analysts are seeking a way out of their roles.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesSOC Analyst Appreciation Day: https://re4.ms/0b41ee____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Marc Steen, Senior Research Scientist at TNO [@TNO_nieuws]On LinkedIn | https://www.linkedin.com/in/marcsteen/On Twitter | https://twitter.com/marcsteenOn Mastodon | https://mastodon.social/@marcsteenWebsite | https://marcsteen.nl/index.html____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBlackCloak 👉 https://itspm.ag/itspbcwebBugcrowd 👉 https://itspm.ag/itspbgcwebDevo 👉 https://itspm.ag/itspdvweb_____________________________Episode IntroductionWelcome to another episode of "Redefining Society Podcast," where we muse on society and technology at their intersecting point, exploring how one influences and changes the other. Today, we are diving into a topic that is not just crucial but also ethically challenging—how those who work in the tech industry can and should approach ethics in their daily practice.Our guide in this intellectual journey is Marc Steen, a senior research scientist at TNO in The Netherlands. Marc is an expert in Human-Centred Design and Value-Sensitive Design, with a strong focus on the responsible innovation and applied ethics of technology. He asks the questions that many of us perhaps hesitate to ask—especially when it comes to the ethics behind algorithms and AI systems. With an extensive background in both scholarly and popular writing, Marc aims to push the boundaries of ethical discourse in technology.Now, why is this important? As we engage more and more with technology, its repercussions echo louder and louder through the hallways of our societal norms, affecting our collective values, freedoms, and even democracy itself. So, when we talk about tech, we're not just talking about a tool or a service; we're discussing a societal force that shapes our daily lives.Marc's recent book, "Ethics for People Who Work in Tech," serves as a roadmap for professionals in the tech industry. Whether you are a computer scientist, a software developer, or even someone involved in policy-making, this book aims to empower you to think ethically. It provides a practical, three-step iterative approach for integrating ethics into projects and uses four distinct ethical perspectives to evaluate outcomes. The ultimate goal? To design and use technologies that contribute to a just society—a society where people can truly live well together.Today, we are going to explore these ideas deeply. We'll question the uneasy aspects of technology that most shy away from. We'll explore how we can achieve a state where innovation isn't just about creating the new and the powerful, but also about ensuring fairness, freedom, and communal well-being.So sit back, and let's embark on this philosophical inquiry into the ethics of tech. Because, if technology is shaping our society, it's our moral imperative to ensure that it shapes it for the better. Stay with us._____________________________About the BookThis book is for people who work in the tech industry—computer and data scientists, software developers and engineers, designers, and people in business, marketing or management roles. It is also for people who are involved in the procurement and deployment of advanced applications, algorithms, and AI systems, and in policy making. Together, they create the digital products, services, and systems that shape our societies and daily lives. The book’s aim is to empower people to take responsibility, to ‘upgrade’ their skills for ethical reflection, inquiry, and deliberation. It introduces ethics in an accessible manner with practical examples, outlines of different ethical traditions, and practice-oriented methods_____________________________ResourcesEthics for People Who Work in Tech (Book): https://www.routledge.com/Ethics-for-People-Who-Work-in-Tech/Steen/p/book/9780367542436Ethics for People Who Work in Tech (Website that accompanies book): https://ethicsforpeoplewhoworkintech.com/Ethics as a Participatory and Iterative Process: https://cacm.acm.org/magazines/2023/5/272289-ethics-as-a-participatory-and-iterative-process/fulltext____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest | Dr. Rebecca Charbonneau, Karl Jansky Fellow, National Radio Astronomy Observatory [@TheNRAO]On Twitter | https://twitter.com/StellarHistoryOn LinkedIn | https://www.linkedin.com/in/rebecca-charbonneau-31090aa1/On Facebook | https://www.facebook.com/rebeccaannecharbonneauHost | Matthew S WilliamsOn ITSPmagazine  👉 https://itspmagazine.com/itspmagazine-podcast-radio-hosts/matthew-s-williams______________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Dr. Rebecca Charbonneau is a science and SETI historian and a Karl Jansky Fellow at the National Radio Astronomy Observatory. In addition, she knew Dr. Frank Drake ("the father of SETI") personally and has written and presented extensively about his legacy.______________________Resources ______________________For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join us for this fictional story as we take a 10-year journey into the future, exploring the evolving challenges and opportunities facing two CISOs—Emma and Harper—today, and a decade from now.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to the "Musing On Society & Technology" newsletter on LinkedIn.Sincerely, Marco Ciappelli and TAPE3________Marco Ciappelli is the host of the Redefining Society Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Sean Martin—where you may just find some of these topics being discussed. Visit Marco on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Wayne Haber, Director of Engineering at GitLab [@gitlab]On LinkedIn | https://linkedin.com/in/waynehaberWebsite | https://www.waynehaber.com/________________________________Hosts:Ben SchmerlerOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/ben-schmerlerTed HarringtonOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/ted-harrington________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionOur guest Wayne Haber, the Director of Engineering at GitLab. Talks about everything from where attackers get their motivation to why showing your team your vulnerabilities is healthy for everyone.You’ll Learn:- How to make remote work most effective for you and your team- why we need to change our expectation on instant response for ourselves and our team members- How a large company like GitLab works to keep attackers from using their services in malicious ways- Why service leadership is so important inside and outside of business- Learn from the people you lead everyday- When you are vulnerability as a leader it will show your team they can do the same- Why when you want to make change in your company it’s so important to bring the data to support your argument________________________________Resources________________________________For more podcast stories from Tech Done Different With Ted Harrington and Ben Schmerler: https://www.itspmagazine.com/tech-done-different-podcastWatch the webcast version on-demand on YouTube:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTQ79pdnWWvCuhWjyw9WGwiITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Matthew Rosenquist, Chief Information Security Officer at Eclipz.io Inc. [@Eclipzinc]On Twitter | https://twitter.com/Matt_RosenquistOn LinkedIn | https://www.linkedin.com/in/matthewrosenquistOn YouTube | https://www.youtube.com/c/CybersecurityInsights________________________________Host: Dr. Rebecca WynnOn ITSPmagazine  👉  https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/rebecca-wynn________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionEthics matter for CISOs. Waiting for a CISO to be sentenced to jail time before addressing ethical concerns is unacceptable.As guardians of cybersecurity and protectors of critical assets, CISOs must prioritize ethical decision-making. By effectively communicating risk, including AI and emerging technologies, aligning themselves with organizations that value ethics, and proactively addressing ethical concerns, CISOs can significantly impact the security landscape. Ultimately, prioritizing ethics in cybersecurity is not only the right thing to do, but it also leads to better outcomes for organizations and individuals alike.________________________________Resources________________________________Support:Buy Me a Coffee: https://www.buymeacoffee.com/soulfulcxo________________________________For more podcast stories from The Soluful CXO Podcast With Rebecca Wynn: https://www.itspmagazine.com/the-soulful-cxo-podcastITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Host: Deb RadcliffOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/deb-radcliff____________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network____________________________Episode DescriptionIn this podcast series, we examine the differences between information warfare, cyber warfare, and electronic warfare, including where they intersect and overlap.Having just published the third book of my Breaking Backbones Hacker Trilogy, a thriller series, it’s time to cover some of the topics in the trilogy. In the next few episodes, we’ll examine the differences between information war, cyberwar, and electronic warfare, starting with excerpts from my books and then following up with additional podcasts by bringing in experts who also served as models for the heroes in my stories.So, please stay tuned for followup shows in which we will discuss where all of this is going and what’s at stake.____________________________ResourcesDeb's cyber thrillers: https://www.amazon.com/Deb-Radcliff/e/B092KFMG5B/ref=aufs_dp_fta_dsk____________________________To see and hear more of the Cy Beat Podcast with Deb Radcliff content on ITSPmagazine, visit:https://www.itspmagazine.com/cy-beat-podcast-with-deb-radcliffAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.