The ITSPmagazine Podcast

Organizations pour millions into protecting running applications—yet attackers are targeting the delivery path itself.This episode of AppSec Contradictions reveals why CI/CD and cloud pipelines are becoming the new frontline in cybersecurity.🔍 In this episode:A 188% surge in malicious open-source packages (Sonatype 2025)30% of 2024 cyberattacks traced to suppliers (Financial Times 2025)47% of organizations unable to assess pipeline risk (ENISA 2023)CISA labels build systems “high-value targets” (2025)Sean’s Take:The pipeline is production. Integrity beats visibility. Security must flow through delivery.Catch the full companion article in the Future of Cybersecurity newsletter for deeper analysis and more research.👉 Have you made CI/CD security measurable—or does it still feel like an endless patchwork of scripts, secrets, and trust? Are your pipelines part of your threat model—or an afterthought? How confident are you in the integrity of every artifact you release? Share your take—we’d love to hear your story—whether your team has succeeded in securing the software delivery pipeline from build to deploy, or whether attackers and complexity keep finding the cracks between your tools.📖 Read the full companion article in the Future of Cybersecurity newsletter for deeper insights: https://www.linkedin.com/pulse/cicd-pipeline-security-why-attackers-breach-your-own-martin-cissp-eqdxe/🔔 Subscribe to stay updated on the full AppSec Contradictions video series and more perspectives on the future of cybersecurity: https://www.youtube.com/playlist?list=PLnYu0psdcllRWnImF5iRnO_10eLnPFWi_________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecuritySincerely, Sean Martin and TAPE9________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Halloween over Florence: THE MARKET OF GHOSTSSeverino lived in the bell tower on the hill — the one next to the ancient Basilica of San Miniato al Monte.Every evening, at sunset, he would lock the gate at the base of the entrance stairway and before climbing back up, he would pause to watch Florence color itself amber.And so he did today as well. The tourists had left. Time stopped and silence became sacred again.Through the rusted bars the city stood there motionless — perhaps since forever; with its red roofs, marble facades and the Arno flowing between its stones like a glittering silver ribbon.Domes and towers trembling with light, almost suspended in the air, as if everything and everyone were holding their breath waiting for twilight — and for the night that would cover it with shadows, stars and dreams.One more glance, then he turned on his transistor radio that he had found a few years ago and the notes of Duke Ellington's 'Don't Get Around Much Anymore' filled the autumn evening.Silence may be sacred for the monks, but for Severino music was more so. Seven, his raven, didn't need to be called and at the first notes launched himself from the cypresses of the cemetery above, circled in front of the imposing facade of the Basilica and suddenly glided down along the stairway, to land gently on his left shoulder."Hey Seven, had a good day?""Yes. Could have been worse — Let's settle for that."At which, Severino smiled, turned up the radio's volume and began climbing resolutely toward le Porte del Cielo, while Jazz music echoed among the ancient stones.Nine years ago, on this same day in the month of October, the Olivetan monks residing in the Abbey found a child on the steps of the Basilica.He was there, wrapped in fog, silent as the night, eyes curious as the wind, without name and without past. They called him Severino — I don't know why — and he grew up among prayers and silences. He played in ancient rooms and discovered his world, surrounded by books, tombs, art and mysteries never revealed. At night a raven and a black cat accompanied him, illuminated by the moon, in the Cimitero delle Porte Sante, wandering among imposing crypts and motionless statues that whispered memories and mysteries.But on Halloween nights the whispers transform into screams and endless laments. Secrets manifest themselves, legends become reality, and dreams disguised as nightmares knock on doors lit by candles. And that full moon night was precisely this night: October 31st — and remember, whether you believe in spirits or not, nothing changes: the ghosts will come.And Severino was up there, right there waiting for them to arrive. Leaning out the highest window of the bell tower, calm, looking at Florence from above. While Thelonious Monk's 'Round Midnight' played on his radio, he watched — tapping time with one foot and waited.At the second of the twelve strokes of the midnight bells, something began to happen. On the Arno formed a dense fog that pulsed with spectral green. It began to rise and slide slow but inexorable over the bridges like fingers of cold hands of impatient ghosts. It slid over the Ponte Vecchio and rolled through the streets of Oltrarno until reaching San Niccolò, where it climbed up the hill swallowing everything it found in its path.When it reached the gate of San Miniato, it slipped through the bars and climbed up the stairs until it covered, like a high luminous tide, the entire square in front of the church. It climbed up the marble facade and wrapped also the Cimitero delle Porte Sante, covering the entire hill in a cloak of mystery. Then slowly, as if by enchantment, the fog began to dissolve rising toward the sky and when the last cloud melted into the night air, the square was no longer empty.Small jack-o'-lanterns with flickering lights floated in the air smiling with teeth of fire. Black candles sprouted from nowhere, illuminating spectral stalls full of everything and nothing. Bats that seemed made of paper but were alive fluttered among the lights with wings of black velvet, while autumn leaves danced without wind, sparkling with gold and copper. Pumpkins of every shape filled the stands, some carved with funny faces, others covered with silver spiderwebs that shone like threads of moon. Witch hats swirled in the air like flying umbrellas rotating slow on themselves. Roasted chestnuts perfumed the air with cinnamon and mystery, while small dancing skeletons tinkled like ice bells.And finally in the Cimitero delle Porte Sante, the Portal opened. Like every Halloween, for centuries, spirits from all over the world congregated in Florence for their annual meeting. A spectral river of ghosts poured into the square, each heading toward their own stall, and each with their impossible merchandise to sell or trade. The spirits had arrived and Severino observed them from above. A carnival of other worlds, made of sounds, colors and unimaginable stories.The deserted square had transformed into the Market of Ghosts. Stalls kept materializing from nowhere, carved and glowing pumpkins told each other stories of Halloweens past, present and future laughing malicious among the perfumes of lost memories, past centuries, tomorrow's candles and fallen stardust. The sky above the Tuscan hills and above Florence was full of ghosts arriving from everywhere to search for the unfindable. But no human eye could see this spectacle. No one except Severino, who descended from the tower enchanted by that spectacle and immersed himself in the crowd pulsating with otherworldly life. Seven circled above him observing with attentive eyes and cawing a bit nervous. Some ghosts looked at him with curiosity and recognized him. Someone greeted him and many others whispered his name in forgotten languages."There he is," murmured a witch from Prague."The child of time," sighed a Norman knight."He's returned, I told you so." laughed a Caribbean pirate.But Severino paid them no attention because there were ghosts selling: dreams of sleeping dragons, laughter of northern gnomes, tears of mermaids in love, the last breath of dinosaurs, shadows of unicorns. And even fears from past Halloweens — two for the price of one, but only for tonight. The ghost of a pirate who died during a boarding gone not so well shouted: "Storm bottles! Lightning in jars!" A witch from Salem whispered: "Love potions that last three lifetimes…" A medieval knight showed swords that cut fear, A Chinese spirit waved kites that fly into the past.The spectral crowd grew and thickened, laughed and bargained, while Severino walked amazed and fascinated among the impossible stalls of the Halloween Market. Seven cawed restless from above and Eleven, the black cat with orange eyes, jumped from one tent to another not losing sight of a single movement of Severino and the hundreds of souls circling around him.A ghost monk from an era that never existed saw him and smiled at him from behind a stall full of ancient radios adorned with mysterious symbols. Severino approached, fascinated."How wonderful! Do they all work?""Oh yes, certainly" replied the monk. "These transmit on the waves of past, present, and future time. But you don't need to buy one."The other ghosts stopped. They ceased selling, buying and bartering. They looked at Severino with respect and listened to what the collector of frequencies told him."The transistor radio you already have is more special than you think. But to discover its true secrets, you'll have to search in the ancient crypts where everything began."And suddenly the first lights of dawn began to illuminate the sky behind San Miniato with pink. In rush and hurry the ghosts said goodbye flying away in the wind. "Until next Halloween!" They told each other crossing in the sky. The stalls vanished. Lanterns and candles went out. The Market of Ghosts dissolved like a dream.Severino found himself alone in the empty square, Seven on his shoulder and Eleven sitting on the low wallLooking at Florence illuminating itself in the day of All Saints. He observed his old radio with new eyes and from the ancient crypts of San Miniato, something seemed to call him. He turned it on, turned up the volume and descended the stairway in time to Chet Baker's version of 'Autumn Leaves'.It was time to throw open the gate of the Basilica of San Miniato al Monte.___________________We will continue this story.... For now a Happy Halloween to all of you, may you always believe in magic!Story written by Marco Ciappelli for "Stories Under The Stars" Halloween 2025___________________Listen to Severino's Playlist for the songs that accompany this story and subscribe to discover new music with every adventure. 🎺✨Link: https://music.apple.com/us/playlist/severinos-playlist-storie-sotto-le-stelle/pl.u-b3b8KZDu2a3Xz  Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

____________Podcast Redefining Society and Technology Podcast With Marco Ciappellihttps://redefiningsocietyandtechnologypodcast.com  ____________Host Marco CiappelliCo-Founder & CMO @ITSPmagazine | Master Degree in Political Science - Sociology of Communication l Branding & Marketing Advisor | Journalist | Writer | Podcast Host | #Technology #Cybersecurity #Society 🌎 LAX 🛸 FLR 🌍WebSite: https://marcociappelli.comOn LinkedIn: https://www.linkedin.com/in/marco-ciappelli/____________This Episode’s SponsorsBlackCloak provides concierge cybersecurity protection to corporate executives and high-net-worth individuals to protect against hacking, reputational loss, financial loss, and the impacts of a corporate data breach.BlackCloak:  https://itspm.ag/itspbcweb____________TitleNew Book: SPIES, LIES, AND CYBER CRIME | Former FBI Spy Hunter Eric O'Neill Explains How Cybercriminals Use Espionage techniques to Attack Us | Redefining Society And Technology Podcast With Marco Ciappelli____________Guests:Eric O'NeillKeynote Speaker, Cybersecurity Expert, Spy Hunter, Bestselling Author. AttorneyOn LinkedIn: https://www.linkedin.com/in/eric-m-oneill/Find the book on Eric Website: https://ericoneill.netSean Martin, CISSPGTM Advisor | Journalist, Analyst, Technologist | Cybersecurity, Risk, Operations | Brand & Content Marketing | Musician, Photographer, Professor, Moderator | Co-Founder, ITSPmagazine & Studio C60Sean Martin, Co-Founder, ITSPmagazine and Studio C60 Website: https://www.seanmartin.com ____________Short Introduction Former FBI counterintelligence specialist Eric O'Neill, who caught the most damaging spy in US history, reveals how cyber criminals use traditional espionage techniques to attack us. In his new book "Spies Lies and Cyber Crime," he exposes the $14 trillion cybercrime industry and teaches us to recognize attacks in our Hybrid Analog Digital Society. ____________Article Trust has become the rarest commodity on Earth. We can't trust what we see, what we hear, or what we read anymore. And the people exploiting that crisis? They learned their craft from spies.Eric O'Neill knows this better than most. He's the former FBI counterintelligence specialist who went undercover—as himself—to catch Robert Hanssen, Russia's top spy embedded in the FBI for 22 years. That story became his first book "Gray Day" and the movie "Breach." But five years later, Eric's back with a very different kind of warning.His new book "Spies Lies and Cyber Crime" isn't another spy memoir. It's a field manual for surviving in a world where criminal syndicates have weaponized traditional espionage techniques against every single one of us. And business is booming—to the tune of $14 trillion annually, making cybercrime the third largest economy on Earth, bigger than Japan and Germany combined."They're not attacking our computers," Eric told me during our conversation. "They're attacking you and me personally. They're fooling us into just handing everything over."The pandemic accelerated everything. We were thrown into a completely virtual environment before security was ready, and that moment marks the biggest single rise of cybercrime in history. While most of us were stuck at home adjusting to Zoom calls, cyber criminals were innovating faster than anyone else, studying how we communicate, work, and associate in digital spaces.Here's what makes Eric's perspective invaluable: he understands both sides of this war. He spent his FBI career using traditional counterintelligence techniques—deception, impersonation, infiltration, confidence schemes, exploitation, and destruction—to catch spies. Now he watches cyber criminals deploy those exact same tactics against us through our screens.The top cybercrime gangs have actually hired active intelligence officers from countries like Russia, China, and Iran. These spies moonlight as cyber criminals, bringing state-level tradecraft to street-level scams. It's sophisticated, organized, and shockingly effective.Consider the romance scam Eric describes in the book: a widowed grandfather receives a simple text saying "Hey." Being polite, he responds "Sorry, wrong number." That single response marks him as a target. Over weeks, a "friendship" develops. His new best friend chats with him daily, learns his hopes and dreams, then introduces him to an "investment opportunity."Within months, the grandfather has invested his entire pension—hundreds of thousands of dollars—into what looks like a legitimate cryptocurrency platform with secure logins and rising account values. When he tries to withdraw money for a family vacation, his friend vanishes. The company doesn't exist. The website was a dummy. Everything is gone.That's not a quick phishing scam—that's a confidence scheme straight from the spy playbook, adapted for our Hybrid Analog Digital Society where we live in little boxes on screens, increasingly disconnected from physical reality.The sophistication extends to ransomware operations. These aren't kids in hoodies—they're organized businesses with affiliate programs, marketing departments, tech support teams, and customer service. They're polite as they negotiate your ransom. They help you decrypt your data after you pay. Some even donate to charities. And yes, many victims get hit again a month later by the same group.What struck me most about our conversation was Eric's emphasis on preparation over panic. He's developed a methodology called PAID: Prepare (ahead of the attack), Assess (constantly look for threats), Investigate (when you identify something suspicious), and Decide (take action)."You don't want to be in a dark alley before you think about physical security," he explained. "Same with cyber. Don't wait until you're in the middle of a ransomware attack to build your defenses. That's ten times more expensive."The scale of this threat hasn't fully registered with most people. Cybercrime is projected to hit $18 trillion next year, yet individuals and companies alike operate as if attacks are rare events that happen to other people. The reality? It's not if you'll be attacked, it's when.Eric wrote "Spies Lies and Cyber Crime" as if you're taking a training course at the FBI Academy for Cyber Criminals. The first part teaches you to think like a bad guy—to recognize deception, impersonation, and confidence schemes. The second part gives you the tools to defend yourself, whether you're protecting your family's data or running enterprise security.One detail Eric insists on: every parent must read chapters 10 and 11 with their teenagers. The book addresses cyberbullying, exploitation, and social media dangers that have led to teen suicide. Some conversations are that critical.As we closed our conversation, Eric demonstrated how vulnerable we've become. "How do you even know you're talking to me?" he asked. "I could be sitting here in my pajamas, typing what I want my avatar to say." He's right—deepfakes are that sophisticated now. His advice? Ask everyone in a video meeting to pick up a pen or wave their hands. Avatars can't do that yet.The word "yet" hangs heavy in that sentence.We're moving into a world where trust is the most valuable thing on Earth, and cyber criminals are actively destroying it for profit. Eric O'Neill spent his career catching spies who betrayed their country. Now he's teaching us to catch criminals who are betraying all of us, one click at a time.Subscribe to continue these essential conversations about security, technology, and society. In our increasingly digital world, understanding how cyber criminals think isn't optional anymore—it's survival. ____________About the bookSpies, Lies and CybercrimeSpies, Lies and Cybercrime will appeal to every person curious or frightened by the prospect of a cyberattack, from students and retirees to the C-Suite and boardroom. Readers will take up arms in the current cyber war instead of fleeing while the village burns. They will become email archeologists and threat hunters, questioning every movement online and spotting the attackers hiding in every shadow. They will learn how to embed cybersecurity intrinsically into the culture and technology of their businesses and lives. Only then can we begin to move the needle toward a world safe from cyber-attacks. Find it on: https://ericoneill.net____________Enjoy. Reflect. Share with your fellow humans.And if you haven’t already, subscribe to Musing On Society & Technology on LinkedIn — new transmissions are always incoming.https://www.linkedin.com/newsletters/musing-on-society-technology-7079849705156870144You’re listening to this through the Redefining Society & Technology Podcast, so while you’re here, make sure to follow the show — and join me as I continue exploring life in this Hybrid Analog Digital Society. ____________End of transmissionListen to more Redefining Society & Technology stories and subscribe to the podcast:👉 https://redefiningsocietyandtechnologypodcast.comWatch the webcast version on-demand on YouTube:👉 https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9Are you interested Promotional Brand Stories for your Company?👉 https://www.studioc60.com Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest and HostGuest: Marco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comHost: Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/Show NotesIn this candid episode of Music Evolves, Sean Martin and Marco Ciappelli unpack the creative, ethical, and deeply personal tensions surrounding AI-generated music—where it fits, where it falters, and where it crosses the line.Sean opens with a clear position: AI can support the creative process, but its outputs shouldn’t be commercialized unless the ingredients—i.e., training data—are ethically sourced and properly licensed. His concern is grounded in authorship and consent. If a model learns from unlicensed tracks, even indirectly, is it sampling without credit?Marco responds by acknowledging how deeply embedded influence is in all creative acts. As a writer and musician, he often discovers melodies or storylines in his own work that echo familiar structures—not out of theft, but because of lived experience. “We are made of what we absorb,” he says, drawing parallels between human memory and how AI models are trained.But the critical difference? Humans feel. They reinterpret. They falter. They declare their intent. AI does none of that—at least, not yet.The discussion isn’t anti-technology. Instead, it’s about boundaries. Both Sean and Marco agree that tools like neural networks can be fascinating collaborators. But when those tools start to blur authorship or generate perfect replicas of a human’s imperfection—say, the crackle of a vinyl or the slide of a finger across a string—what are we really listening to? And who, if anyone, should profit from it?They wrestle with questions of transparency (“Did you write that… or did AI?”), authorship (“If you like it but don’t know it’s AI, does it matter?”), and commercialization (“Is it still your art if someone else feeds it to a machine?”). And perhaps most importantly, they invite you to answer for yourself.🎧 At the end of the episode, Sean and Marco each create a 1-minute piece of AI-generated music based on their own interpretation of the conversation. Their challenge: same topic, different vibe. The listener’s challenge: can you feel the difference?ResourcesNewsletter (Article, Video, Podcast): From Sampling to Scraping: AI Music, Rights, and the Return of Creative Control: https://www.linkedin.com/pulse/from-sampling-scraping-ai-music-rights-return-control-martin-cissp-flxde/More From Sean Martin on ITSPmagazineMore from Music Evolves: https://www.seanmartin.com/music-evolves-podcastMusic Evolves on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTRJ5du7hFDXjiugu-uNPtWOn Location with Sean and Marco: https://www.itspmagazine.com/on-locationITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Show NotesIn this episode, we unpack the core ideas behind the Sonic Frontiers article “From Sampling to Scraping: AI Music, Rights, and the Return of Creative Control.” As AI-generated music floods streaming platforms, rights holders are deploying new tools like neural fingerprinting to detect derivative works — even when no direct sampling occurs. But what does it mean to “detect influence,” and can algorithms truly distinguish theft from inspiration?We explore the implications for artists who want to experiment with AI without being replaced by it, and the shifting desires of listeners who may soon prefer human-made music the way some still seek out vinyl, film cameras, or wooden roller coasters — not for efficiency, but for the feel.The article also touches on the burden of rights enforcement in this new age. While major labels can embed detection systems, who protects the independent artist? And if AI enables anyone to create, does it also require everyone to monitor?This episode invites you to reflect on what we value in music: speed and volume, or craft and control?📖 Read the full companion article in the Music Evolves: Sonic Frontiers newsletter for deeper insights: TBD________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Music Evolves: Sonic Frontiers" newsletter on LinkedIn: https://www.linkedin.com/newsletters/music-evolves-sonic-frontiers-7290890771828719616/Sincerely, Sean Martin and TAPE9________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website.More From Sean Martin on ITSPmagazineMore from Music Evolves: https://www.seanmartin.com/music-evolves-podcastMusic Evolves on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTRJ5du7hFDXjiugu-uNPtWOn Location with Sean and Marco: https://www.itspmagazine.com/on-locationITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥GUEST⬥Walter Haydock, Founder, StackAware | On Linkedin: https://www.linkedin.com/in/walter-haydock/⬥HOST⬥Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥No-Code Meets AI: Who’s Really in Control?As AI gets embedded deeper into business workflows, a new player has entered the security conversation: no-code automation tools. In this episode of Redefining CyberSecurity, host Sean Martin speaks with Walter Haydock, founder of StackAware, about the emerging risks when AI, automation, and business users collide—often without traditional IT or security oversight.Haydock shares how organizations are increasingly using tools like Zapier and Microsoft Copilot Studio to connect systems, automate tasks, and boost productivity—all without writing a single line of code. While this democratization of development can accelerate innovation, it also introduces serious risks when systems are built and deployed without governance, testing, or visibility.The conversation surfaces critical blind spots. Business users may be automating sensitive workflows involving customer data, proprietary systems, or third-party APIs—without realizing the implications. AI prompts gone wrong can trigger mass emails, delete databases, or unintentionally expose confidential records. Recursion loops, poor authentication, and ambiguous access rights are all too easy to introduce when development moves this fast and loose.Haydock emphasizes that this isn’t just a technology issue—it’s an organizational one. Companies need to decide: who owns risk when anyone can build and deploy a business process? He encourages a layered approach, including lightweight approval processes, human-in-the-loop checkpoints for sensitive actions, and upfront evaluations of tools for legal compliance and data residency.Security teams, he notes, must resist the urge to block no-code outright. Instead, they should enable safer adoption through clear guidelines, tool allowlists, training, and risk scoring systems. Meanwhile, business leaders must engage early with compliance and risk stakeholders to ensure their productivity gains don’t come at the expense of long-term exposure.For organizations embracing AI-powered automation, this episode offers a clear takeaway: treat no-code like production code—because that’s exactly what it is.⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcastRedefining CyberSecurity Podcast on YouTube:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/Interested in sponsoring this show with a podcast ad placement? Learn more:👉 https://itspm.ag/podadplc⬥KEYWORDS⬥sean martin, walter haydock, automation, ai, nocode, compliance, governance, orchestration, data privacy, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What does it really take to be a CISO the business can rely on? In this episode, Sean Martin shares insights from a recent conversation with Tim Brown, CISO at SolarWinds, following his keynote at AISA CyberCon and his role in leading a CISO Bootcamp for current and future security leaders. The article at the heart of this episode focuses not on technical skills or frameworks, but on the leadership qualities that matter most: context, perspective, communication, and trust.Tim’s candid reflections — including the personal toll of leading through a crisis — remind us that clarity doesn’t come from control. It comes from connection. CISOs must communicate risk in ways that resonate across teams and business leaders. They need to build trusted relationships before they’re tested and create space for themselves and their teams to process pressure in healthy, sustainable ways.Whether you’re already in the seat or working toward it, this conversation invites you to rethink what preparation really looks like. It also leaves you with two key questions: Where do you get your clarity, and who are you learning from? Tune in, reflect, and join the conversation.📖 Read the full companion article in the Future of Cybersecurity newsletter for deeper insights: https://www.linkedin.com/pulse/beyond-title-what-really-takes-ciso-today-insights-sean-martin-cissp-n73ie/________This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecuritySincerely, Sean Martin and TAPE9________Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-locationTo learn more about Sean, visit his personal website. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

First CISO Charged by SEC: Tim Brown on Trust, Context, and Leading Through Crisis - Interview with Tim Brown | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco CiappelliAISA CyberCon Melbourne | October 15-17, 2025Tim Brown's job changed overnight. December 11th, he was the CISO at SolarWinds managing security operations. December 12th, he was leading the response to one of the most scrutinized cybersecurity incidents in history.Connecting from New York and Florence to Melbourne, Sean Martin and Marco Ciappelli caught up with their longtime friend ahead of his keynote at AISA CyberCon. The conversation reveals what actually happens when a CISO faces the unthinkable—and why the relationships you build before crisis hits determine whether you survive it.Tim became the first CISO ever charged by the SEC, a distinction nobody wants but one that shaped his mission: if sharing his experience helps even one security leader prepare better, then the entire saga becomes worthwhile. He's candid about the settlement process still underway, the emotional weight of having strangers ask for selfies, and the mental toll that landed him in a Zurich hospital with a heart attack the week his SEC charges were announced."For them to hear something and hear the context—to hear us taking six months off development, 400 engineers focused completely on security for six months in pure focus—when you say it with emotion, it conveys the real cost," Tim explained. Written communication failed during the incident. People needed to talk, to hear, to feel the weight of decisions being made in real time.What saved SolarWinds wasn't just technical capability. It was implicit trust. The war room team operated without second-guessing each other. The CIO handled deployment and investigation. Engineering figured out how the build system was compromised. Marketing and legal managed their domains. Tim didn't waste cycles checking their work because trust was already built."If we didn't have that, we would've been second-guessing what other people did," he said. That trust came from relationships established long before December 2020, from a culture where people knew their roles and respected each other's expertise.Now Tim's focused on mentoring the next generation through the RSA Conference CSO Bootcamp, helping aspiring CISOs and security leaders at smaller companies build the knowledge, community, and relationships they'll need when—not if—their own December 12th arrives. He tailors every talk to his audience, never delivering the same speech twice. Context matters in crisis, but it matters in communication too.Australia played a significant role during SolarWinds' incident response, with the Australian government partnering closely in January 2021. Tim hadn't been back in a decade, making his return to Melbourne for CyberCon particularly meaningful. He's there to share lessons earned the hardest way possible, and to remind security leaders that stress management, safe spaces, and knowing when to compartmentalize aren't luxuries—they're survival skills.His keynote covers the different stages of incident response, how culture drives crisis outcomes, and why the teams that step up matter more than the ones that run away. For anyone leading security teams, Tim's message is clear: build trust now, before you need it.AISA CyberCon Melbourne runs October 15-17, 2025 Coverage provided by ITSPmagazineGUEST:Tim Brown, CISO at SolarWinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/HOSTS:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Everyone Is Protecting My Password, But Who Is Protecting My Toilet Paper? - Interview with Amberley Brady | AISA CyberCon Melbourne 2025 Coverage | On Location with Sean Martin and Marco CiappelliAISA CyberCon Melbourne | October 15-17, 2025Empty shelves trigger something primal in us now. We've lived through the panic, the uncertainty, the realization that our food supply isn't as secure as we thought. Amberley Brady hasn't forgotten that feeling, and she's turned it into action.Speaking with her from Florence to Sydney ahead of AISA CyberCon in Melbourne, I discovered someone who came to cybersecurity through an unexpected path—studying law, working in policy, but driven by a singular passion for food security. When COVID-19 hit Australia in 2019 and grocery store shelves emptied, Amberley couldn't shake the question: what happens if this keeps happening?Her answer was to build realfoodprice.com.au, a platform tracking food pricing transparency across Australia's supply chain. It's based on the Hungarian model, which within three months saved consumers 50 million euros simply by making prices visible from farmer to wholesaler to consumer. The markup disappeared almost overnight when transparency arrived."Once you demonstrate transparency along the supply chain, you see where the markup is," Amberley explained. She gave me an example that hit home: watermelon farmers were getting paid 40 cents per kilo while their production costs ran between $1.00 to $1.50. Meanwhile, consumers paid $2.50 to $2.99 year-round. Someone in the middle was profiting while farmers lost money on every harvest.But this isn't just about fair pricing—it's about critical infrastructure that nobody's protecting. Australia produces food for 70 million people, far more than its own population needs. That food moves through systems, across borders, through supply chains that depend entirely on technology most farmers never think about in cybersecurity terms.The new autonomous tractors collecting soil data? That information goes somewhere. The sensors monitoring crop conditions? Those connect to systems someone else controls. China recognized this vulnerability years ago—with 20% of the world's population but only 7% of arable land, they understood that food security is national security.At CyberCon, Amberley is presenting two sessions that challenge the cybersecurity community to expand their thinking. "Don't Outsource Your Thinking" tackles what she calls "complacency creep"—our growing trust in AI that makes us stop questioning, stop analyzing with our gut instinct. She argues for an Essential Nine in Australia's cybersecurity framework, adding the human firewall to the technical Essential Eight.Her second talk, cheekily titled "Everyone is Protecting My Password, But No One's Protecting My Toilet Paper," addresses food security directly. It's provocative, but that's the point. We saw what happened in Japan recently with the rice crisis—the same panic buying, the same distrust, the same empty shelves that COVID taught us to fear."We will run to the store," Amberley said. "That's going to be human behavior because we've lived through that time." And here's the cybersecurity angle: those panics can be manufactured. A fake image of empty shelves, an AI-generated video, strategic disinformation—all it takes is triggering that collective memory.Amberley describes herself as an early disruptor in the agritech cybersecurity space, and she's right. Most cybersecurity professionals think about hospitals, utilities, financial systems. They don't think about the autonomous vehicles in fields, the sensor networks in soil, the supply chain software moving food across continents.But she's starting the conversation, and CyberCon's audience—increasingly diverse, including people from HR, risk management, and policy—is ready for it. Because at the end of the day, everyone has to eat. And if we don't start thinking about the cyber vulnerabilities in how we grow, move, and price food, we're leaving our most basic need unprotected.AISA CyberCon Melbourne runs October 15-17, 2025 Virtual coverage provided by ITSPmagazineGUEST:Amberley Brady, Food Security & Cybersecurity Advocate, Founder of realfoodprice.com.au | On LinkedIn: https://www.linkedin.com/in/amberley-b-a62022353/HOSTS:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Beyond Blame: Navigating the Digital World with Our KidsAISA CyberCon Melbourne | October 15-17, 2025There's something fundamentally broken in how we approach online safety for young people. We're quick to point fingers—at tech companies, at schools, at kids themselves—but Jacqueline Jayne (JJ) wants to change that conversation entirely.Speaking with her from Florence while she prepared for her session at AISA CyberCon Melbourne this week, it became clear that JJ understands what many in the cybersecurity world miss: this isn't a technical problem that needs a technical solution. It's a human problem that requires us to look in the mirror."The online world reflects what we've built for them," JJ told me, referring to our generation. "Now we need to step up and help fix it."Her session, "Beyond Blame: Keeping Our Kids Safe Online," tackles something most cybersecurity professionals avoid—the uncomfortable truth that being an IT expert doesn't automatically make you equipped to protect the young people in your life. Last year's presentation at Cyber Con drew a full house, with nearly every hand raised when she asked who came because of a kid in their world.That's the fascinating contradiction JJ exposes: rooms full of cybersecurity professionals who secure networks and defend against sophisticated attacks, yet find themselves lost when their own children navigate TikTok, Roblox, or encrypted messaging apps.The timing couldn't be more relevant. With Australia implementing a social media ban for anyone under 16 starting December 10, 2025, and similar restrictions appearing globally, parents and carers face unprecedented challenges. But as JJ points out, banning isn't understanding, and restriction isn't education.One revelation from our conversation particularly struck me—the hidden language of emojis. What seems innocent to adults carries entirely different meanings across demographics, from teenage subcultures to, disturbingly, predatory networks online. An explosion emoji doesn't just mean "boom" anymore. Context matters, and most adults are speaking a different digital dialect than their kids.JJ, who successfully guided her now 19-year-old son through the gaming and social media years, isn't offering simple solutions because there aren't any. What she provides instead are conversation starters, resources tailored to different age groups, and even AI prompts that parents can customize for their specific situations.The session reflects a broader shift happening at events like Cyber Con. It's no longer just IT professionals in the room. HR representatives, risk managers, educators, and parents are showing up because they've realized that digital safety doesn't respect departmental boundaries or professional expertise."We were analog brains in a digital world," JJ said, capturing our generational position perfectly. But today's kids? They're born into this interconnectedness, and COVID accelerated everything to a point where taking it away isn't an option.The real question isn't who to blame. It's what role each of us plays in creating a safer digital environment. And that's a conversation worth having—whether you're at the Convention and Exhibition Center in Melbourne this week or joining virtually from anywhere else.AISA CyberCon Melbourne runs October 15-17, 2025 Virtual coverage provided by ITSPmagazine___________GUEST:Jacqueline (JJ) Jayne, Reducing human error in cyber and teaching 1 million people online safety. On Linkedin: https://www.linkedin.com/in/jacquelinejayne/HOSTS:Sean Martin, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder, ITSPmagazine and Studio C60 | Website: https://www.marcociappelli.comCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to share an Event Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrfWant Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.