Episodes

  • Technology Got Safer, But The Smartest Hackers Don't Hack. They Just Ask | An Interview with Lee Clark | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026

    Technology Got Safer, But The Smartest Hackers Don't Hack. They Just Ask | An Interview with Lee Clark | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026
    Jun 20 2026
    PODCAST EPISODE | An Analog Brain In A Digital Age With Marco Ciappelli — On Location at Infosecurity Europe 2026 The most dangerous attacks at Infosecurity Europe 2026 weren't the high-tech ones. Lee Clark of the Retail & Hospitality ISAC sits down with me to explain why the soft target is still a human being — a help desk, a new hire, a phone ringing at dinner — and what stays in our hands as the shopper quietly becomes an algorithm. 📺 Watch | 🎤 Listen | marcociappelli.com The phone rings while my parents are eating dinner, and before anyone reaches for it, I already know what I'll say. Probably a scammer. Let it ring. I have trained them the way you train a reflex, a small Pavlovian flinch every time the landline interrupts a meal. My grandmother's generation thought letting a phone ring was unforgivably rude. Mine has learned the rudeness is now on the other end of the line. I was thinking about that flinch when I sat down with Lee Clark at Infosecurity Europe 2026. Lee runs threat intelligence production for the Retail & Hospitality ISAC, the place where the companies holding your loyalty points, your hotel bookings, and your checkout data come together to compare notes on who is coming after them. His job, stripped down, is translation: he takes the hash-value, log-source world of the analysts and turns it into something a board can act on. And the thing he kept returning to was not some exotic piece of malware. The two threats his member companies report most often need almost no code at all. One is a phone call. A criminal rings the help desk, says he's an employee who needs his multi-factor authentication reset, gets it, and walks in through the front door. Scattered Spider, ShinyHunters, the loose crew they call the Com: names that sound like a heist movie and behave like one. The other is a fake résumé, North Korean operatives tracked as Famous Chollima, taking remote IT jobs at Western firms under invented identities. No hoodie, no broken encryption. People, lying to people, about who they are. You can stop a lot of fraud by adding multi-factor authentication at the checkout page, and by adding that one step, you measurably reduce sales. So the business sits forever between wanting you safe and wanting you to keep buying, and security tends to arrive last, patching armor onto a machine already built for speed. Lock a light switch inside a box, Lee said, and eventually the person who needs the light just takes a hammer to it. We have been handing each other hammers for years. Then we went where these conversations now always go. What happens when the shopper is no longer a person but an agent, an AI buying the paper towels so I don't have to? Agent negotiating with agent at the checkout, at machine speed, no human flinch anywhere in the loop. Maybe that is more secure. Or maybe it is a new doorway, where instead of fooling a tired employee you simply ask the agent, politely, to send the payment somewhere else. What I carry out of that room is this. For thirty years we have been promised that the next layer of technology will finally take security off our hands. Lee doesn't believe it, and after this week, neither do I. The human stays in the loop, as the target, yes, but also as the one still able to feel that something is wrong. My parents' flinch at the dinner table is not a flaw in some outdated analog brain. It is the brain doing precisely what no checkout page can do for them. We keep trying to automate away the part of us that hesitates. Lee spends his days proving that the hesitation is the defense. So the question I'm left with is not whether the machines will protect us. It's whether we hold on to the part of ourselves that still knows when to hang up. Let's keep thinking. The full conversation is on video, audio, and in the newsletter at marcociappelli.com. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 More from our Infosecurity Europe 2026 coverage:Infosecurity Europe 2026 event coverageTechnology and cybersecurity conference coverage About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Lee Clark is Cyber Threat Intelligence Production Manager at the Retail & Hospitality ISAC (RH-ISAC), the information sharing and analysis center for consumer-facing industries — retail, hospitality, airlines, quick- and full-service restaurants, loyalty ...
    Show More Show Less
    18 mins
  • Call It What It Is: When Ransomware Becomes Terrorism | An Interview with Cynthia Kaiser | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    Call It What It Is: When Ransomware Becomes Terrorism | An Interview with Cynthia Kaiser | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026
    Jun 19 2026
    A ransomware crew can run through your whole company between dinner and dessert. Sean Martin sat down with Cynthia Kaiser — twenty years at the FBI, now leading the Halcyon Ransomware Research Center — on the speed of the threat, the human cost the industry keeps abstracting away, and why a slice of ransomware deserves a harder name than “crime.” 📺 Watch | 🎙️ Listen | seanmartin.com Put your phone face-down at dinner on a Wednesday. Pick it up an hour later. In that time, an entire ransomware attack can have run through your company, start to finish. Wednesday is the favorite, Cynthia Kaiser told Sean Martin at InfoSecurity Europe, because the crews want you to walk in Thursday morning and find it. The fastest groups now go from break-in to full encryption in about four hours, sometimes under one. Humans do not move at that speed. The machines attacking us do. Kaiser knows the tempo. She spent twenty years at the FBI, finishing as Deputy Assistant Director of its Cyber Division, and now runs the Ransomware Research Center at Halcyon. She has watched this threat from the side of the government that hunts it and the industry that sells against it, and the thing she most wants to pass along has nothing to do with technique. We should all be angrier about cybercrime than we are. Her reason is the part the industry keeps abstracting away. We picture cybercrime as something that happens on a keyboard, to a network, to a number. Kaiser saw the other end of it: more than seventy-five thousand sextortion cases reported in the US in a single year, over twenty billion dollars in losses, and in one case thirty-eight victims referred to support services over the risk of suicide. The damage does not stay on the screen. It walks into homes. When a ransomware crew steals a hospital’s files and then phones the patients directly, or calls a CEO to say they will burn his house down, Kaiser stops calling it crime. Those are predators, she says, people who know they are endangering lives and have decided it is someone else’s problem. There is an older word for that, and the word is terrorism. Most ransomware is ordinary crime. A slice of it is not, and she argues we should name that slice honestly instead of filing it under a tidy technical category. Naming matters, because the other side is organized like a business, and lately like a software company. Kaiser’s team watched the market for criminal AI tools jump from thirty-eight forum posts in December to more than fourteen hundred two months later. Free tiers, paid upgrades for power users, the same tool mirrored across platforms for resilience. The technical people refine the product on the forums, then it graduates to the Telegram channels for buyers who could not build it themselves. Software-as-a-service, sold to extortionists. The product that should worry you most is an AI call center. No humans involved, a hundred and twenty simultaneous calls in different languages, complete with simulated keyboard clicks so it sounds like a real office. Voice cloning now needs about three seconds of audio, which is enough to become your CEO on the phone. Kaiser’s advice is blunt: no voice on a call, however convincing, should ever grant access on its own. Sean kept pulling the thread back to a point my own conversation with Geoff White had raised a day earlier, the line between locking data and stealing it to extort. The same crews do both, Kaiser said, and a few have moved somewhere worse, into the place with the phone calls and the threats. There are no borders in cyberspace, which is why her proudest moments were joint operations like the LockBit takedown, the FBI and the UK’s National Crime Agency working as one. So what do we carry forward, and what do we leave behind? We carry the anger Kaiser is asking for, and the discipline of calling harm by its real name. We leave behind the comfortable fiction that any of this happens only on a keyboard. Sean’s full conversation with Cynthia Kaiser is linked below, with the rest of our InfoSecurity Europe coverage. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps pressing one question: if we are selling security insincerely, buying it indiscriminately, and deploying it ineffectively, how do we make it usable, honest, and a real source of business value? He teaches at Pepperdine’s Graziadio Business School and broadcasts ...
    Show More Show Less
    16 mins
  • Cybersecurity Leadership Is a People Problem, Not a Technology Problem | A Redefining CyberSecurity Podcast Conversation with Tera Ladner, Deputy Global Chief Information Security Officer of Aflac

    Cybersecurity Leadership Is a People Problem, Not a Technology Problem | A Redefining CyberSecurity Podcast Conversation with Tera Ladner, Deputy Global Chief Information Security Officer of Aflac
    Jun 19 2026
    ⬥EPISODE NOTES⬥ What does it take to lead a 200-person security organization without coming up through the technical ranks? Tera Ladner, Deputy Global Chief Information Security Officer at Aflac, answers that question by describing a path that runs through information management, e-discovery, and a law degree before it ever reaches the security org chart. The result is a leader who looks at a program through the lens of controls, evidence, and defensibility, and who treats security as a people problem before a technology one. Host Sean Martin and Tera Ladner dig into what that orientation changes in practice. Rather than opening a stakeholder conversation with controls or threats, Tera Ladner starts by listening: what are the business goals, and how does security enable them? Working inside an insurance company helps, because risk is already the shared language of every leader in the building. The job, as she frames it, is translation, turning a technical event into a business and resiliency impact that the people who own the decisions can actually act on. The conversation turns to hiring and team building, where Tera Ladner names curiosity as the first trait she screens for, the instinct to ask the second, third, and fourth question until the real problem surfaces. From there she argues for a broader "tool belt": storytelling, relationship building, influence without authority, and the ability to navigate ambiguity, a skill she sees tested daily as boards and technology leaders press for answers on frontier AI. Technical skills alone, she suggests, were enough years ago and are not enough now. Culture sits at the center of how she leads. "Your team lives in the house that you build," she tells her people leaders, and she describes the team norms, transparency, integrity, and care, that hold a security organization together in the hard moments. That same relationship-first instinct extends outward, to a seat at the executive table that has to be earned by giving stakeholders a seat at yours, and downward into the talent pipeline through Aflac's Cyber Inspire and Empower Girls programs, which grew from 200 girls in their first local year to 815 in the second. For security and risk leaders, the throughline is hard to miss: the future of the field depends less on finding more technologists and more on building leaders who can listen, translate, and bring people who never saw themselves in cyber to the table. ⬥GUEST⬥ Tera Ladner, Deputy Global Chief Information Security Officer at Aflac On LinkedIn: https://www.linkedin.com/in/teraladner/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Aflac: https://www.aflac.com/ Cyber Inspire and Empower Girls (Aflac community programs introducing students and seniors to cybersecurity): https://www.linkedin.com/company/cyberinspire The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes: https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ 🎙️ Redefining CyberSecurity Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast 📺 ITSPmagazine on YouTube: https://www.youtube.com/@itspmagazine 📰 The Future of Cybersecurity Newsletter: https://itspm.ag/future-of-cybersecurity 🌐 Connect with Sean Martin: https://www.seanmartin.com/ ⬥KEYWORDS⬥ tera ladner, aflac, sean martin, cybersecurity leadership, security culture, risk management, ciso leadership, women in cybersecurity, cybersecurity careers, non-traditional cybersecurity paths, building security teams, security as business enabler, cybersecurity talent pipeline, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Show More Show Less
    32 mins
  • The Oldest Con, the Newest Tools | An Interview with Sarah Armstrong-Smith At Infosecurity Europe 2026 | An Analog Brain In A Digital Age With Marco Ciappelli

    The Oldest Con, the Newest Tools | An Interview with Sarah Armstrong-Smith At Infosecurity Europe 2026 | An Analog Brain In A Digital Age With Marco Ciappelli
    Jun 17 2026
    There is a con called the Spanish Prisoner. A letter arrives from a stranger: a wealthy man sits in a foreign jail, and for a small advance to free him, he will reward you many times over. The trick is at least four hundred years old. It is also, give or take a few details, the email sitting in your spam folder this morning. I keep that in mind whenever someone tells me cybercrime is a technology problem. The tools change. The mark does not. We are still robbed through the same prehistoric wiring: a flash of fear, a moment of greed, a decision made in panic before the slow part of the brain wakes up. That is the thread I pulled on with Sarah Armstrong-Smith at InfoSecurity Europe. Sarah spent nearly thirty years in cyber and crisis leadership, was Chief Security Advisor at Microsoft, and now runs Secure Horizons. She has written two books on the human side of all this and sits on the UK Government Cyber Advisory Board. After all of it, she says the thing most people in her position will not say out loud: whatever we are doing is not working. More tools, more money, more people, more AI, and the problem keeps getting worse. Attack, wake-up call, attack, wake-up call. How many wake-up calls, she asks, does anyone need? I asked what keeps her up at night. She described an industrial accident on the scale of 9/11, triggered through a network: the first time a cyber incident kills people in numbers. We have been lucky so far. She doubts luck is a plan. The industry loves a big number, and the number is exactly where the human disappears. X million records stolen, Y terabytes gone. The day before, my friend Geoff White sat in this same chair and described a ransomware attack that shut down a hospital, which meant a woman missed the cancer appointment she had counted on. That is an Armageddon, and it has a name and a face. Sarah, as it happens, knows Geoff’s work well enough to carry a line from him on the back of her book. The human element keeps finding the same small circle of people willing to talk about it. So how do we move this from a line item to a fact of society? Her answer is collective resilience. There is no prize for being the last one standing, because we are all wired into the same supply chain, the same dependencies, the same brittle web. And the smallest businesses, the ones without a war chest to ride out the storm, are the ones we discuss the least. Then a statistic. Close to half of all crime in the UK is now fraud or cyber. Around one percent of policing is pointed at it. Read those two numbers again. We fund what we can see, and we want officers on the street because a visible patrol both deters the thief and reassures the neighbourhood. The crime that actually empties our accounts happens somewhere we have agreed not to look. Follow the money, Sarah says, and you rarely stop at one criminal’s pocket. It pays for the next thing: drugs, weapons, and more often than people imagine, the trafficking of human beings. Will AI save us? She did not flinch. Whatever you build to detect, the other side uses to evade. The asymmetry holds. Technology is part of the answer and never the whole of it, because the problem was never only technical. So what do we carry forward, and what do we leave behind? We carry the person behind the number: the one who misses the appointment, the small shop that never reopens. We leave behind the fantasy that a clever enough machine will spare us the harder work, which is teaching a whole society to recognize the Spanish Prisoner when it arrives, wearing this year’s technology. Sarah’s books are linked below, with a second edition on the way. Geoff’s conversation is part of this same coverage. And if you want more of these, the newsletter lives at marcociappelli.com. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. His on-the-ground event coverage is produced with ITSPmagazine co-founder Sean Martin under the On Location With Sean Martin And Marco Ciappelli banner. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Sarah Armstrong-Smith is one of the most recognized voices in cybersecurity and crisis leadership, with nearly three decades on the front line of major incidents, beginning with the Millennium Bug. She served as Chief Security Advisor for Microsoft EMEA from 2020 until 2025, and earlier led business ...
    Show More Show Less
    16 mins
  • The Art of Standing Out When Everything Sounds the Same | A Music Evolves Conversation with Sam Young, DJ and Producer

    The Art of Standing Out When Everything Sounds the Same | A Music Evolves Conversation with Sam Young, DJ and Producer
    Jun 15 2026
    Show Notes

    What happens to creativity when every song, sound, and style is a thumb-tap away? Sam Young has spent more than two decades behind the decks in London, and his answer is blunt: originality is at an all-time low. As a DJ, producer, remixer, and founder of the record label WyldCard, he sits at the exact point where taste, technology, and commerce collide, and he sees a culture increasingly content to recycle what already works.

    Sean Martin and Sam Young dig into how algorithms quietly shape what listeners believe they like, and how that pressure reaches the dance floor. Sam Young draws a clear line between a club night, where a crowd shows up hungry for records it has never heard, and a private event, where the real skill is reading a host's taste from the handful of songs they send and still making the room move. The throughline is judgment, the human ear that no recommendation engine has learned to replace.

    The conversation turns to sampling, AI, and the difference between craft and shortcut. Sam Young runs A&R for WyldCard himself, listening to demos every week, and he can hear within seconds when a producer is chasing a trend instead of setting one. His distinction is sharp: taking something obscure and making it feel new is an art, while feeding a recognizable hook into a tool and printing one more cover version is not. He is candid about AI as a cheat code, and just as candid about a near future where producers simply talk to their software and ask for ten options.

    This is not a lament, though. Sam Young points to the rare artists who still cut through precisely because they refuse to sound like everyone else, and to a younger generation quietly rediscovering originality. The optimistic version of the story is the one Sean Martin keeps circling back to: technology at its best clears away the busywork so the mind stays in control of what gets made.

    The question this episode leaves open is whether the tools that make music easier to produce will widen the gap between the familiar and the genuinely new, or finally close it.

    Host

    Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/

    Guest

    Sam Young, DJ, Producer, and Remixer | Founder of WyldCard Records (production aliases Vanilla Ace and Sammy Deuce) | Website: https://djsamyoung.com/

    Resources

    DJ Sam Young | https://djsamyoung.com/

    WyldCard Records on SoundCloud | https://soundcloud.com/vanillaace

    Music Evolves: Sonic Frontiers Newsletter | https://www.linkedin.com/newsletters/7290890771828719616/

    Keywords

    sam young, vanilla ace, sammy deuce, wyldcard, sean martin, dj culture, music and ai, sampling, algorithms and music taste, originality in music, house music, record label a&r, nu-disco, music production, creativity, art, artist, musician, music evolves, music podcast, music and technology podcast

    More From Sean Martin on ITSPmagazine

    More from Music Evolves: https://www.seanmartin.com/music-evolves-podcast

    Music Evolves on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTRJ5du7hFDXjiugu-uNPtW

    On Location with Sean and Marco: https://www.itspmagazine.com/on-location

    ITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazine

    Be sure to share and subscribe!


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Show More Show Less
    44 mins
  • A Crime Against Time | An Interview with Rik Ferguson | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    A Crime Against Time | An Interview with Rik Ferguson | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026
    Jun 15 2026
    PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Adversaries are stealing encrypted data today that they cannot read yet, and storing it until a quantum computer can. Sean Martin sat down with Forescout’s Rik Ferguson to talk about “harvest now, decrypt later,” why Q-Day is closer than the comfortable timelines suggest, and what the decisions you make this year have to do with secrets you thought were safe forever. 📺 Watch | 🎙️ Listen | ITSPmagazine.com Somewhere there is a building full of secrets nobody can read yet. That is not a metaphor. The NSA reportedly keeps a facility for storing encrypted data it cannot currently crack, on the assumption that one day it will. It is patient. It is betting on the future. And it is not the only one placing that bet. When Sean Martin sat down with Rik Ferguson at InfoSecurity Europe, the subject was post-quantum cryptography, which sounds like a problem for physicists and a decade away. Ferguson, VP of Security Intelligence at Forescout and a quarter-century veteran of watching threats arrive ahead of schedule, was there to take that comfort away. His keynote title put it politely: post-quantum is a way off, we can wait, can’t we. The honest version is that we can’t. The attack has a name: harvest now, decrypt later. Adversaries steal encrypted data today, knowing it is useless to them, and store it. They are not waiting because they gave up. They are waiting for the key. When a quantum computer can break the encryption we currently trust, every stockpiled file opens at once. NIST pencils that day in around 2035. Google has suggested 2029. IBM’s first fault-tolerant quantum machine is slated for 2029. Pick any date in that window, then look at the equipment your organization is buying this year and ask how long it will still be running. What Ferguson is really describing is a crime against time. Every breach we know how to investigate has a shape. It happened on a date, the intruder moved through the network, and we trace the damage backward from there. Harvest now, decrypt later erases the date. There is no alarm when the data leaves, because nothing visibly breaks. Your first notice that you were robbed a decade ago is the day the contents are used against you. Sean, who likes to pull these conversations back to the business, named the right precedent: Y2K. We remember it as a joke, the planes that never fell out of the sky. It was a non-event precisely because a great many people did an enormous amount of unglamorous work. Ferguson’s warning is that the opposite is happening now. Few people are doing the work, and that is how a non-event turns into an event. There is an unglamorous question underneath all of this: which of your secrets will still matter in ten years? Encrypting everything harder is not the answer, because not everything is worth defending against a decade-late attack. Session tokens decrypted in 2035 are worthless. Clinical trial data, merger plans, sovereign debt strategy, the legal conversations everyone assumed were private forever, those keep their value, and they are worth a stranger’s patience. Ferguson calls the discipline quantum agility: build the systems now so you can swap the locks later. Easy enough in software. Nearly impossible in a medical device still running Windows XP while a regulator finishes signing off the last version. So what do we carry forward, and what do we leave behind? We carry our secrets, whether we want to or not, into a future where the lock on them may not hold. What we have to leave behind is the comfortable belief that encrypted means safe, full stop, forever. Ferguson ends his keynote on an image of a stealth combine harvester, which the AI struggled to draw because nothing like it exists in the training data yet. That is the joke, and also the point. The thing coming for the data is quiet, built to gather, and we have barely pictured it. His next argument, a paper called Assume Autonomy, says it is time to stop assuming breach and start assuming the machines on both sides will run themselves. Sean has already booked the follow-up. Sean’s full conversation with Rik Ferguson is linked below, with the rest of our InfoSecurity Europe coverage. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps ...
    Show More Show Less
    15 mins
  • What Burnout Costs the Cybersecurity People Who Keep Us Safe | An Interview with Bronwyn Boyle | An Analog Brain In A Digital Age With Marco Ciappelli | From Infosecurity Europe 2026

    What Burnout Costs the Cybersecurity People Who Keep Us Safe | An Interview with Bronwyn Boyle | An Analog Brain In A Digital Age With Marco Ciappelli | From Infosecurity Europe 2026
    Jun 15 2026
    PODCAST EPISODE | An Analog Brain In A Digital Age — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli Bronwyn Boyle can talk about software vulnerabilities for hours. Talking about her own — the burnout she didn’t recognize until someone named it — turned out to be harder, and more important. We sat down at InfoSecurity Europe to talk about the human cost of guarding the machine, and whether our analog brains were ever built for this. 📺 Watch | 🎙️ Listen | marcociappelli.com I never planned to spend time in cybersecurity. My partner Sean dragged me in, and I arrived with a sociologist’s suspicion and a communication person’s questions, looking for the humans behind the firewalls. For years the field answered me in acronyms and threat charts. Then, at InfoSecurity Europe, Bronwyn Boyle said something that cut straight through all of it. We can talk about vulnerabilities for hours, she told me. We just can’t talk about vulnerability when it hits us. That sentence is the whole story. Bronwyn is the CISO of PPRO, a payments company, and a board member of Cybermindz, a non-profit that exists to look after the mental health of the people who guard everyone else’s. She came to security the long way around, through a degree in classics and philosophy, which may be why she still hears the human note in a room full of machines. A few years ago she was running CISO roles and quietly coming apart, and she had no word for it. She met Peter Coroneos, who founded Cybermindz, heard him describe the symptoms of burnout, and recognized herself in the list. The expert on resilience could not see her own exhaustion from the inside of it. This profession breaks people, and it is not only the hours. Defenders have to be right every time. The attacker needs to be right once. You live with that asymmetry the way you would live beside a fault line, and Bronwyn, the classicist, reaches for the oldest word for it: the Achilles heel, the single unguarded spot that undoes everything around it. Add constant alerts, a culture that treats stress as the cost of entry, and a quiet hero complex that makes asking for help feel like failure, and you build a workforce that is brilliant at protecting systems and hopeless at protecting itself. For years we filed all of that under the job description. This is what you signed up for. Bronwyn’s point, and mine, is that we were wrong, and the bill is finally arriving. Cybermindz has the numbers: most incident responders have reached for mental health support because of the work, and most security chiefs are watching good people walk away over stress. Burnout stopped being a private misfortune and became a line on the risk register. Their answer is almost stubbornly human. At its core is iRest, a protocol the US military built to bring traumatized soldiers back from the edge, now adapted for people who spend their days braced for the next breach. It teaches the nervous system how to climb down from fight-or-flight. Bronwyn calls it getting off the hamster wheel. I would call it remembering you have a body. We keep plugging our slow, analog brains into an always-on machine, then treating the strain as a personal weakness. Ask a human nervous system to run at server speed and it breaks down on schedule. We call that a failing. It is closer to physics. We scenario-test our systems for recovery, and we almost never scenario-test ourselves. So what do we carry forward, and what do we leave behind? We carry the care, the thing that pulled most of these people into the work to begin with. We leave behind the lie that the care has to cost you yourself. As Bronwyn put it, you can’t pour from an empty jug. There is more to say about the framework, and I’ll get to it when I sit down with Peter Coroneos. For now, Bronwyn’s links and Cybermindz are below. If you want more of these conversations, the newsletter lives at marcociappelli.com. Let’s keep thinking. — Marco Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Personal Branding Coach | Journalist | Writer | Podcast: An Analog Brain In A Digital Age ⚠️ Beware: Pigs May Fly | 🌎 LAX🛸FLR 🌍 About Marco Marco Ciappelli is Co-Founder & CMO of ITSPmagazine, Co-Founder & Creative Director of Studio C60, Branding & Marketing Advisor, Personal Branding Coach, Journalist, Writer, and Host of An Analog Brain In A Digital Age podcast. Born in Florence, Italy, and based in Los Angeles, he explores the intersection of technology, society, storytelling, and creativity — with an analog brain, in a digital age. His on-the-ground event coverage is produced with ITSPmagazine co-founder Sean Martin under the On Location With Sean Martin And Marco Ciappelli banner. 🌎 marcociappelli.com | itspmagazine.com | studioc60.com About the Guest Bronwyn Boyle is the Chief Information Security Officer of PPRO, a London-based payments platform that ...
    Show More Show Less
    16 mins
  • When the Threat Moves Daily and the Law Moves in Years | An Interview with James Morris | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026

    When the Threat Moves Daily and the Law Moves in Years | An Interview with James Morris | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026
    Jun 13 2026
    PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK’s threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word. 📺 Watch | 🎙️ Listen | https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage A threat that updates every morning. A legislative process that measures itself in years. Somewhere between those two clocks sits the whole problem of cyber policy, and most of the time we pretend the gap isn’t there. When Sean Martin sat down with James Morris at InfoSecurity Europe, that gap was the quiet subject under everything they discussed. This is Sean’s territory, the place where cybersecurity stops being a lab problem and becomes a business and a political one. Morris knows it as well as anyone. He spent fourteen years as a Member of the UK Parliament, fought five elections, served under five prime ministers, and chaired the cross-party group on cybersecurity before leaving to run the CSBR, an independent policy centre working at the seam between cyber and resilience. What struck me, listening back, is how little of their conversation was actually about technology. The UK has a Cyber Security and Resilience Bill moving through Parliament. It was introduced more than a year ago. It still won’t be operational for the better part of another year. Meanwhile the world it was written for has already moved: AI went mainstream, alliances shifted, and the head of GCHQ began saying out loud the kind of thing intelligence chiefs usually keep behind closed doors. You cannot legislate at that speed, so the government did the only thing a slow system can do when it fears the future. It gave itself the power to act later. More discretion, more designation, more reach from the top. Sensible, maybe. But Morris names the cost, and it is the part I keep turning over. A law written from the top down only works if the people at the bottom believe in it. Otherwise companies perform compliance instead of building resilience, gaming the enforcement regime rather than getting safer. The letter without the spirit. Then there is the word itself. Resilience used to mean power plants and railways, the critical national infrastructure everyone pictures. But when Marks & Spencer and Jaguar Land Rover were knocked sideways by breaches that wouldn’t even fall under the new bill, the definition cracked open. Resilience, Morris argues, is really about the underpinnings of an economy. And almost as an aside, he extends it to the resilience of the political system itself, a system that burns through leaders and demands answers by the next news cycle. That line belongs in a sociology seminar, not a cyber panel. Because the deepest vulnerability he describes is not a zero-day. It is an attention span. We have built institutions optimized for the short term and handed them a problem that only yields to patience. The threat is fast. The fix is slow. Our politics rewards fast. I grew up in a city that took more than a century to finish a single cathedral. Nobody who laid the first stone lived to stand under the dome. That kind of time has gone out of fashion, and cyber resilience is exactly the sort of thing that suffers for its absence. So what do we carry forward, and what do we leave behind? Morris offers the practical half of the answer to business owners: stop treating this as an IT task to delegate, move it into the boardroom, rehearse the breach before it happens, and plan for the day the press is on your lawn. The harder half is cultural. We have to relearn patience inside systems built to forget it. Sean’s full conversation with James Morris is linked below, along with the rest of our InfoSecurity Europe coverage. It is worth your time. Let’s keep thinking. — Marcohttps://www.marcociappelli.com Co-Founder ITSPmagazine & Studio C60 | Creative Director | Branding & Marketing Advisor | Journalist | Writer | On Location With Sean Martin And Marco Ciappelli | 🌎 LAX🛸FLR 🌍 About the Host Sean Martin, CISSP, is the co-founder and Director of Operations and Programming at ITSPmagazine, and the host of the Redefining CyberSecurity podcast. An information security and technology veteran of more than thirty years and a multiple-time CISSP, he led engineering and delivery for hundreds of cybersecurity products before turning to journalism and broadcasting. Through Redefining CyberSecurity he keeps pressing one question: if we are selling security insincerely, buying it indiscriminately, and deploying it ineffectively, how do we make it usable, honest, and a real source of business value? He teaches at Pepperdine’s Graziadio Business School ...
    Show More Show Less
    17 mins