Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
All content for Redefining CyberSecurity is the property of Sean Martin, ITSPmagazine and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
Cybercrime has become a full-scale global economy, forcing legitimate businesses to compete with criminals for survival. Former FBI operative and NeXasure National Security Strategist Eric O’Neill joins Sean Martin to explain how preparation, clear strategy, and strong communication can keep companies resilient when—not if—an attack comes.
Attackers don’t need to breach production—they’re owning the CI/CD pipeline long before code goes live. Sean Martin unpacks why cloud and build systems remain the weakest links, the data proving it, and what teams can do to restore delivery integrity.
AI-driven automation with no-code tools is empowering business teams to move fast—but at what risk? In this episode, Walter Haydock, founder of StackAware, joins Sean Martin to outline the hidden dangers, governance gaps, and practical safeguards every organization needs to understand before letting no-code AI fly free.
Being a strong CISO requires more than technical expertise — it takes context, perspective, and trusted relationships built long before a crisis hits. This article explores what current and aspiring security leaders can do to prepare for the role in a way that truly supports the business.
Tim Brown's job changed overnight. December 11th, he was the CISO at SolarWinds managing security operations. December 12th, he was leading the response to one of the most scrutinized cybersecurity incidents in history.
Security pioneer HD Moore joins ITSPmagazine at SecTor 2025 to break down which cybersecurity “rules” still matter—and which are dangerously outdated. From password policies to AI vulnerabilities and the hidden risks in our own firewalls, this keynote conversation challenges us to rethink what we take for granted.
What happens when systems are built by AI coding tools—but no one fully understands how they work, or what to do when something breaks? This article explores the growing reliance on tools like ChatGPT and Claude for software development, raising open questions about resilience, incident response, and security in a world where “vibe coding” is becoming the norm.
Pieter VanIperen, Chief Information Security and Technology Officer at AlphaSense, shares what it really means to simplify security by focusing on context, value, and relevance—not volume or complexity. This conversation challenges the assumptions vendors make and offers real-world principles that security leaders can use to make better decisions.
SBOMs promised to be the ingredient label for software, accelerating response and boosting trust. But adoption lags: less than 1% of GitHub repos use them, only 15% of developer questions get resolved, and fewer than half of EU firms fund supply chain programs. In this episode, Sean Martin breaks down the contradiction—why SBOMs stall, who pays the price, and where they do deliver value.
Cybersecurity isn’t just a technical concern... it’s a community issue that spans generations and disciplines. In this episode, Dr. Aunshul Rege, Associate Professor at Temple University, shares how human-centered outreach, storytelling, and hands-on learning can redefine cyber awareness and inclusion at every level.
Threat modeling is praised as the cornerstone of secure software design, yet only one-third of organizations have a documented process and fewer than four in ten use it systematically at scale. Sean Martin unpacks why adoption is so low—and why evolving processes, not just models, is the key to making it work.
In this first AppSec Contradictions episode, Sean Martin reveals how AI-powered tools—meant to reduce risk—often amplify false positives, overwhelm analysts with alert fatigue, and erode trust across developers, security teams, and business leaders.
What if cybersecurity wasn’t just about protection but about enabling the business to thrive? In this episode, Andy Ellis shares how reframing security as an operational and leadership function—not just a risk control—can unlock real innovation, trust, and long-term value.
At Black Hat USA 2025, AI wasn’t the differentiator — it was the baseline. In this episode, I explore what happens when black-box automation takes over security decisions, the risks it creates for organizations and CISOs, and why defining and measuring “success” has never been more critical.
Black Hat USA 2025 brought countless vendor announcements — but how many will actually change the way security programs run? In this episode, Sean Martin explores several vendor press releases and recalls several conversations with CISOs to break down the real trends, the AI hype, and what both CISOs and vendors need to do to cut through the noise.
Before the buzz hits the Black Hat USA 2025 show floor, this thought leadership roundtable breaks down the real issues—and distractions—set to dominate the conversation. From AI agent hype to old bugs in new systems, these panelists cut through the noise with sharp, unfiltered takes.
What if you could catch attackers simply by watching what they shouldn’t be touching? Sean Metcalf shares how carefully crafted honeypots and identity traps provide high-fidelity detection without drowning in alerts.
Is the cybersecurity talent gap a myth—or just a result of outdated hiring practices? In this episode, we explore why mentorship, business alignment, and bold leadership are essential to building a resilient pipeline.
How do you plan for recovery when the system you’re trying to protect can’t be shut down—and won’t wait for IT’s playbook? In this episode, Tobias Halmans, an incident responder at admeritia in Germany, shares how disaster recovery and business continuity must be rethought when applied to operational technology (OT) environments.
In this episode, we break down how AI agents are quietly transforming cybersecurity — acting as tireless scouts that flag what matters before humans ever step in. Hear sharp perspectives on what these systems really do well, where they fall short, and how leaders are rethinking trust, speed, and human oversight in the age of agentic AI.
Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
