Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
All content for Redefining CyberSecurity is the property of Sean Martin, ITSPmagazine and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
After 152 conversations across security, technology, and creative disciplines, five recurring patterns emerge that challenge how organizations think about visibility, integration, and workflow design. This episode connects those patterns into a single view of what effective security actually requires heading into 2026.
Malicious open source packages are no longer edge cases. They are deliberate, scalable attack paths targeting developers, CI pipelines, and the software supply chain itself.
AI is transforming how public health agencies collect, interpret, and act on data, but the benefits depend on strong interoperability, governance, and security foundations. This conversation breaks down the real-world opportunities and risks that leaders must navigate as AI adoption accelerates.
This episode explores the themes, technologies, and community conversations shaping ISC2 Security Congress, with Jon France offering a forward-looking view of what matters most in cybersecurity today. Listeners gain a clear sense of why the event draws practitioners, leaders, and newcomers who want to strengthen their skills and stay ahead of industry change.
A routine bug bounty submission triggered a deep investigation at a digital signage company and revealed how strong processes guide fast, measured incident response. The discussion highlights what transparency looks like in practice and why passwordless authentication is becoming central to reducing credential driven risks.
This episode explores how cybersecurity startups form, why the market produces so many tools, and how security buyers should evaluate both emerging and established vendors. Sean Martin and Ross Haleliuk break down the forces shaping today’s innovation engine and the business realities behind modern security solutions.
This episode breaks down the rise of “beg bounties” and examines how unsolicited vulnerability claims create confusion, noise, and operational overhead for security teams. Sean Martin and Casey Ellis discuss what organizations can do to prepare, respond, and set clear expectations through structured disclosure policies.
Security champions were meant to bridge dev and AppSec—but most programs measure attendance, not outcomes. In this episode of AppSec Contradictions, Sean Martin explains why awareness isn’t culture, what research shows about champion success, and how to rebuild AppSec programs that actually reduce risk.
Andrew Morgan joins Sean Martin to unpack the widening cybersecurity gap between large enterprises and resource-strapped organizations. He shares how collaboration, cultural alignment, and practical resilience strategies can help close that divide.
Cybercrime has become a full-scale global economy, forcing legitimate businesses to compete with criminals for survival. Former FBI operative and NeXasure National Security Strategist Eric O’Neill joins Sean Martin to explain how preparation, clear strategy, and strong communication can keep companies resilient when—not if—an attack comes.
Attackers don’t need to breach production—they’re owning the CI/CD pipeline long before code goes live. Sean Martin unpacks why cloud and build systems remain the weakest links, the data proving it, and what teams can do to restore delivery integrity.
AI-driven automation with no-code tools is empowering business teams to move fast—but at what risk? In this episode, Walter Haydock, founder of StackAware, joins Sean Martin to outline the hidden dangers, governance gaps, and practical safeguards every organization needs to understand before letting no-code AI fly free.
Being a strong CISO requires more than technical expertise — it takes context, perspective, and trusted relationships built long before a crisis hits. This article explores what current and aspiring security leaders can do to prepare for the role in a way that truly supports the business.
Tim Brown's job changed overnight. December 11th, he was the CISO at SolarWinds managing security operations. December 12th, he was leading the response to one of the most scrutinized cybersecurity incidents in history.
Security pioneer HD Moore joins ITSPmagazine at SecTor 2025 to break down which cybersecurity “rules” still matter—and which are dangerously outdated. From password policies to AI vulnerabilities and the hidden risks in our own firewalls, this keynote conversation challenges us to rethink what we take for granted.
What happens when systems are built by AI coding tools—but no one fully understands how they work, or what to do when something breaks? This article explores the growing reliance on tools like ChatGPT and Claude for software development, raising open questions about resilience, incident response, and security in a world where “vibe coding” is becoming the norm.
Pieter VanIperen, Chief Information Security and Technology Officer at AlphaSense, shares what it really means to simplify security by focusing on context, value, and relevance—not volume or complexity. This conversation challenges the assumptions vendors make and offers real-world principles that security leaders can use to make better decisions.
SBOMs promised to be the ingredient label for software, accelerating response and boosting trust. But adoption lags: less than 1% of GitHub repos use them, only 15% of developer questions get resolved, and fewer than half of EU firms fund supply chain programs. In this episode, Sean Martin breaks down the contradiction—why SBOMs stall, who pays the price, and where they do deliver value.
Cybersecurity isn’t just a technical concern... it’s a community issue that spans generations and disciplines. In this episode, Dr. Aunshul Rege, Associate Professor at Temple University, shares how human-centered outreach, storytelling, and hands-on learning can redefine cyber awareness and inclusion at every level.
Threat modeling is praised as the cornerstone of secure software design, yet only one-third of organizations have a documented process and fewer than four in ten use it systematically at scale. Sean Martin unpacks why adoption is so low—and why evolving processes, not just models, is the key to making it work.
Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.
