Redefining CyberSecurity

ITSPmagazine Podcasts

Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security. Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty. Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.

  1. Order of Operations: The Foundation Risk Healthcare AI Is Running Past | Lens Four by Sean Martin | Read by TAPE9

    5 DAYS AGO

    Order of Operations: The Foundation Risk Healthcare AI Is Running Past | Lens Four by Sean Martin | Read by TAPE9

    Healthcare's AI ambition and its data infrastructure are moving at different speeds. In this edition of Lens Four, Sean Martin examines what happens when those speeds collide — and who is accountable when the sequence is wrong. 🔍 In this episode: 82% of health systems have limited or no AI governance in place, while deployments proceed — Digital Medicine Society 58% of frontline clinical staff are using unsanctioned AI tools — not out of recklessness, but because approved alternatives don't exist — Wolters Kluwer The vendor trust gap: trusted vendors are shipping AI capabilities into integrated products after contracts are signed, after integrations are built, after due diligence has closed — and most health systems have no mechanism to detect it Jason Kor of HITRUST on what procurement processes aren't built to catch — recorded for the Redefining CyberSecurity Podcast The Stryker attack: a nation-state operation that disrupted hospitals through their supplier — not their own systems Ryan Patrick of HITRUST on why availability of services now sits in the same risk tier as confidentiality of data Who actually owns the patient's data — the provider, the insurer, the vendor, the device manufacturer, the government program, or the patient? TEFCA — the Trusted Exchange Framework and Common Agreement — moves data nationally across eleven Qualified Health Information Networks. It does not move the ownership rights with it The CMS agenda: $1.7 trillion, 160 million Americans, and a policy clock that does not wait for the identity infrastructure to catch up The vocabulary of transformation — what "pilot to production" and "scale" are selecting for, and what they are leaving out Zero Trust reframed as the infrastructure condition that makes trustworthy AI deployment possible — not just a ransomware defense Fourth Lens: Healthcare's AI ambition and its data infrastructure are moving at different speeds — and the patient is where those speeds collide. The program layer is making sequence choices. The market layer is accelerating pressure. The messaging layer is optimizing for ambition. None of it is an argument against innovation. All of it is an argument for discipline — A-to-Z, every dependency, ambiguity, and fragility along the way. 🎙️ Podcast conversations referenced in this article: Jason Kor, HITRUST — Brand Spotlight Ryan Patrick, HITRUST — HIMSS Recap 🔗 Full article and references: seanmartin.com/lens-four 🌐 HIMSS26 coverage: itspmagazine.com Sean Martin is a cybersecurity market analyst, content strategist, and advisor with 30+ years across engineering, product development, marketing, and media. Co-founder of ITSPmagazine and Studio C60, host of the Redefining CyberSecurity Podcast and the Music Evolves Podcast. Connect at seanmartin.com. Subscribe to Lens Four — Where business, innovation, and messaging come into focus. 🎯 Keywords: healthcare AI governance, order of operations AI, data foundation healthcare, vendor trust gap, patient data ownership, TEFCA, health information exchange, QHINs, Shadow AI healthcare, third-party risk management, supply chain resilience healthcare, Zero Trust healthcare, CMS interoperability framework, CIA triad healthcare, data integrity AI, identity management healthcare, HITRUST, Jason Kor, Ryan Patrick, Wolters Kluwer, Digital Medicine Society, DiMe, Google for Health, Jon McNeill, John Halamka, Mayo Clinic Platform, Sumbul Ahmad Desai, Apple Health, Daymond John, Dr. Mehmet Oz, Amy Gleason, Kim Brandt, DOGE healthcare, Stryker cyberattack, nation-state healthcare attack, HIMSS26, Redefining CyberSecurity Podcast, Lens Four, Sean Martin, ITSPmagazine Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    20 min
  2. When AI Touches Everything: Operationalizing the Five Most Dangerous New Attack Techniques at RSAC 2026 | A Redefining CyberSecurity Podcast Conversation with Ed Skoudis, President of SANS Technology Institute and Founder & CEO of Counter Hack

    20 MAR

    When AI Touches Everything: Operationalizing the Five Most Dangerous New Attack Techniques at RSAC 2026 | A Redefining CyberSecurity Podcast Conversation with Ed Skoudis, President of SANS Technology Institute and Founder & CEO of Counter Hack

    Show Notes For ten years, Ed Skoudis has curated one of the most anticipated sessions at RSA Conference: SANS' "Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders." The session has always been a hit -- standing room only on the main stage -- but this year, Ed says something has changed. Not one or two topics with an AI component. All five. Ed is deliberate about how the session comes together. He starts with people, not topics. He builds the panel around SANS instructors who bring front-line insight, and he starts the process six months out. This year's panel features returning panelist Heather Mahalik, Rob Teeley back for his second year, Joshua Wright in his second year -- this time carrying two topics and eight minutes instead of six -- and, making his first appearance on this stage, Robert M. Lee of Dragos, one of the world's foremost voices on ICS and OT security. The addition of "Crucial Tips for Defenders" to the title this year was intentional. Ed pushed every panelist to move beyond naming threats and toward prescribing action -- practical, implementable steps that a CISO can hand down and a practitioner can execute the next morning. For topics where prevention is impossible, the mandate shifted to detection and response. SANS publishes session notes to their website within minutes of the talk ending. The backdrop this year is a warning Ed calls unlike anything in his 30 years of attending RSA and DEF CON. At a recent AI cybersecurity conference in San Francisco, presenters from Google and Anthropic outlined what Google termed the "vuln apocalypse" -- an imminent surge in AI-discovered zero-day vulnerabilities at a scale and pace that patching pipelines are not designed to handle. Ed's own team at Counter Hack has already experienced this firsthand: a frontier AI model identified a critical zero-day in a widely used open source project in a matter of hours. The Anthropic presenter's claim was blunt: within months, AI will surpass all human vulnerability researchers combined. All of this lands at the center of what the RSAC session is designed to address -- not as a theoretical exercise, but as a set of actions defenders can take right now. The session runs Tuesday, March 24th at 3:55 PM on the main stage, with an interactive follow-on session Wednesday morning where attendees can go deeper with individual panelists. For anyone who wants to understand where the threat landscape is actually heading and what to do about it, Ed says this is the year you cannot afford to miss it. Guest Ed Skoudis, President, SANS Technology Institute; Founder & CEO, Counter Hack | On LinkedIn: https://www.linkedin.com/in/edskoudis Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Resources SANS Institute | https://www.sans.org RSA Conference 2026 is taking place April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords ed skoudis, sean martin, sans institute, sans technology institute, counter hack, rsac 2026, rsa conference, five most dangerous attack techniques, ai in cybersecurity, vulnerability research, zero-day vulnerabilities, patch management, penetration testing, defender tips, ics security, ai-powered attacks, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    25 min
  3. When Cyber Meets Physical: Building Executive and Employee Protection Programs That Actually Work | A Redefining CyberSecurity Podcast Conversation with Roland Cloutier, Principal of The Business Protection Group

    18 MAR

    When Cyber Meets Physical: Building Executive and Employee Protection Programs That Actually Work | A Redefining CyberSecurity Podcast Conversation with Roland Cloutier, Principal of The Business Protection Group

    ⬥EPISODE NOTES⬥ The conversation that led to this episode started with a LinkedIn post -- and it quickly surfaced a challenge that security leaders across industries are wrestling with but rarely talk about openly: who is actually responsible for protecting the people inside an organization, not just the systems they use? Roland Cloutier has sat in some of the most demanding security leadership seats in the world -- Global CSO at TikTok/ByteDance, a decade as Global CSO at ADP, and VP and CSO at EMC -- and he now advises CISOs and CSOs through The Business Protection Group. His lens is converged security: the deliberate integration of cyber, physical, privacy, and people-risk under a unified program and leadership model. Roland identifies three patterns that typically bring organizations to him. First, an emergent crisis -- a threat against an executive, a workplace violence incident, a travel security failure -- that suddenly exposes the absence of a coherent protection program. Second, a cost and structure conversation where the CEO is tired of receiving two different risk pictures from two different security leaders and wants a single accountable voice. Third, a board-driven inquiry where general counsel or the CEO is being asked questions about executive resilience and duty of care that nobody inside the organization can confidently answer. What makes this conversation particularly sharp is Roland's framing of convergence not as an org chart exercise, but as a force multiplier. A unified threat intelligence picture -- one that covers cyber, physical, executive, brand, and customer risk simultaneously -- enables cleaner prioritization, better resource allocation, and a fundamentally stronger conversation with the CEO. The alternative, which he has seen firsthand, is four separate threat management platforms reporting independently with no team working across all of them. The episode also pushes into territory that most security programs have not yet mapped: employee protection at scale. Not bodyguards for everyone, but the organizational consciousness to monitor for geographic threats, proactively check in with distributed employees during major events, and build a duty-of-care posture that extends beyond the office walls into people's home lives and total risk environment. For high-risk employees -- those with keys to the kingdom, not just C-suite titles -- that responsibility extends further still. For CISOs and CSOs wondering where to start, Roland offers a practical crawl-walk-run framework: start with shared services rather than full convergence, open the conversation with leadership, surface the gaps the business already knows exist, and build a financial and risk model that makes sense for your specific organization. The goal is a converged security program that treats people -- not just infrastructure -- as an asset worth protecting. ⬥GUEST⬥ Roland Cloutier, Principal at The Business Protection Group | On LinkedIn: https://www.linkedin.com/in/rolandcloutier/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On ITSPmagazine: https://www.itspmagazine.com/ On YouTube: https://www.youtube.com/@itspmagazine On LinkedIn Newsletter: https://itspm.ag/future-of-cybersecurity Sean Martin's Contact Page: https://www.seanmartin.com/ ⬥KEYWORDS⬥ roland cloutier, the business protection group, sean martin, executive protection, employee protection, converged security, physical security, ciso, cso, duty of care, threat intelligence, workplace violence, security convergence, business resilience, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    25 min
  4. Adapting to the Speed of Risk: Why GRC Programs Must Move with the Business | A Brand Highlight Conversation with Steve Schlarman, Senior Director of Archer

    12 MAR

    Adapting to the Speed of Risk: Why GRC Programs Must Move with the Business | A Brand Highlight Conversation with Steve Schlarman, Senior Director of Archer

    Archer is redefining what it means to manage governance, risk, and compliance in an environment defined by constant change. Steve Schlarman, Senior Director at Archer, has spent nearly two decades helping organizations understand why their traditional GRC approaches are falling short and what it takes to close the gap. The forces challenging organizations today are well known: velocity of change, volume of change, and the uncertainty that compounds both. What makes the problem acute is timing. Annual audit cycles and quarterly risk assessments produce reports that reflect a reality that has already shifted by the time decision makers see them. The result is drift between what GRC functions can see and what leadership actually needs to know, and every gap in that visibility carries potential exposure. Schlarman explains that this reactive posture is exactly what Archer is working to change. Rather than treating risk and compliance as periodic checkboxes, the goal is to build a program that runs continuously, projecting forward as the business expands into new jurisdictions, launches new products, or encounters emerging risks. What are the compliance obligations? How does exposure shift? Archer Evolv is designed to answer those questions in real time, keeping GRC moving alongside the business rather than scrambling to catch up. Central to Archer's strategy is AI applied with intention. Rather than deploying generic agents, Archer is building what Schlarman calls AI operators: focused, guardrailed tools designed specifically to solve GRC problems. That distinction matters because the complexity of risk and compliance work demands precision, not just automation. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Steve Schlarman, Senior Director, Archer | https://www.linkedin.com/in/steveschlarman/ RESOURCES Learn more about Archer and the Archer Evolv platform: https://www.archerirm.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Steve Schlarman, Archer, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, GRC, governance risk and compliance, adaptive GRC, integrated risk management, Archer Evolv, AI in GRC, risk management, compliance automation, enterprise risk, risk and compliance strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    7 min
  5. Task by Task: The Workflows We're Handing to AI — One Decision at a Time | Lens Four by Sean Martin | Read by TAPE9

    10 MAR

    Task by Task: The Workflows We're Handing to AI — One Decision at a Time | Lens Four by Sean Martin | Read by TAPE9

    Nobody decided to build a human-optional workflow — they just kept making reasonable procurement decisions, task by task, until the human became optional across hiring, contracting, finance, and security operations. Sean Martin traces what organizations have actually assembled, where accountability lives when it goes wrong, and why the regulatory window for getting ahead of it is closing faster than most leaders realize. In this edition of Lens Four, Sean Martin looks at the agentic AI landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter. 🔍 In this episode: Why organizations are building human-optional workflows one procurement decision at a time — without ever deciding to The five-task AI hiring pipeline and five-task AI legal contracting pipeline — real tools, real companies, real outcome data 375+ agentic AI vendors claiming the space, but only ~130 delivering genuine capability — and what that gap means for buyers Why "augment, not replace" is a strategy, not a description — and what the accountability gap it creates looks like when something goes wrong The agentic orchestration platform emerging from Nintex and Microsoft — and why it splits outcomes between deliberate orgs and accumulators The regulatory window that is open right now — and why it won't stay that way Fourth Lens: The vendors knew what they were building. The buyers didn't ask the right questions. The auditors haven't arrived yet. The organizations that use the remaining window to map what they've assembled — and make explicit decisions about what requires human judgment — will be positioned when the frameworks arrive. The ones that don't will discover that the workflow they built by default is not the workflow they would have chosen under scrutiny. 📖 Read the full Lens Four analysis on seanmartin.com: https://www.seanmartin.com/lens-four/task-by-task-workflows-handing-to-ai-one-decision-at-a-time 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Edward Wu of Dropzone AI at Black Hat USA 2025: https://www.itspmagazine.com/their-stories/dropzone-ai-brings-agentic-automation-to-black-hat-usa-2025-a-drop-zone-ai-pre-event-coverage-of-black-hat-usa-2025-las-vegas-brand-story-with-edward-wu-founder/ceo-at-dropzone-ai 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Subo Guha of Stellar Cyber at RSAC 2025: https://www.itspmagazine.com/their-stories/simplifying-cybersecurity-operations-at-scale-automation-with-a-human-touch-a-brand-story-with-subo-guha-from-stellar-cyber-an-on-location-rsac-conference-2025-brand-story 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Subo Guha of Stellar Cyber at Black Hat 2025: https://www.itspmagazine.com/their-stories/stellar-cyber-revolutionizes-soc-cybersecurity-operations-with-human-augmented-autonomous-platform-at-black-hat-2025a-stellar-cyber-event-coverage-of-black-hat-usa-2025-las-vegas 🎧 Listen to the Random and Unscripted episode — "We're Becoming Dumb and Numb" — with Sean Martin and Marco Ciappelli: https://randomandunscripted.com/episodes/were-becoming-dumb-and-numb-why-black-hat-2025s-ai-hype-is-killing-cybersecurity-and-our-ability-to-think-random-and-unscripted-weekly-update-with-sean-martin-and-marco-ciappelli | 🎬 Watch on YouTube 🔔 Subscribe to the Future of Cybersecurity newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to Lens Four on seanmartin.com and "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. 🔎 Keywords agentic AI, workflow automation, task-specific AI agents, AI hiring tools, resume screening automation, HireVue, Paradox Olivia, legal AI, Harvey AI, LegalOn, contract review automation, agentic SOC, Dropzone AI, Stellar Cyber, Token Security, AI agent identity, RSAC 2026, Nintex, Microsoft Copilot Studio, agentic orchestration platform, human accountability in AI, agentwashing, AI augmentation vs replacement, AI governance, enterprise AI adoption, Gartner agentic AI, Forrester AI forecast, AI decision accountability, AI regulatory compliance, AI workforce impact Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    29 min
  6. The 72-Minute Gap: What the Breaches, the Vendors, and the Messaging Are Actually Telling Us | Lens Four by Sean Martin | Read by TAPE9

    5 MAR

    The 72-Minute Gap: What the Breaches, the Vendors, and the Messaging Are Actually Telling Us | Lens Four by Sean Martin | Read by TAPE9

    Attackers are moving in 72 minutes. One CISO has already eliminated the entire SOC team. And the industry is spending a quarter of a trillion dollars while struggling to define what "resilience" even means. In this edition of Lens Four, Sean Martin looks at the cybersecurity landscape through three lenses — programs, innovation, and messaging — to connect the signals that matter. 🔍 In this episode: Why identity-driven attacks now account for 65% of initial access and what that means for security programs The CISO who replaced the entire SOC with AI-driven automation — and the math behind the decision 375 AI security vendors, 58 focused on SOC automation, and over $1.3 billion in funding reshaping the market Why "resilience" without a timeframe is just damage control The board-CISO communication gap that's pulling budgets in the wrong direction Sean's Take: When attackers operate in minutes and defenders plan in quarters, the gap isn't technology — it's assumptions. The organizations closing the 72-minute gap aren't hiring faster. They're rethinking what humans are for and what machines should own. Catch the full companion article on Lens Four at seanmartin.com for the complete three-lens analysis with all references and data sources. For CISOs and security leaders: Can your program detect, investigate, and contain a threat in 72 minutes — or are you still measuring in days?For vendors and product teams: Is your platform solving the operational problem CISOs have today, or selling a vision their program can't execute on?For marketing and go-to-market teams: Are you connecting your messaging to measurable outcomes — or hiding behind buzzwords like "resilience" and "platform"? 📖 Read the full Lens Four analysis on seanmartin.com: https://www.seanmartin.com/lens-four/72-minute-gap-breaches-vendors-messaging 🎬 Watch the companion video summary — "Why Hackers Beat Your Security in Just 72 Minutes": https://youtu.be/EjsADm7faJ0 🎧 Listen to the Redefining CyberSecurity Podcast conversation with Richard Stiennon on SOC automation: https://redefiningcybersecuritypodcast.com/episodes/soc-automation-and-the-ai-driven-future-of-cybersecurity-defense-a-redefining-cybersecurity-podcast-conversation-with-richard-stiennon-chief-research-analyst-of-it-harvest 🎬 Watch the video version of the Richard Stiennon conversation: https://youtu.be/si_fS4H-d3w 🔔 Subscribe to the Future of Cybersecurity newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence. Enjoy, think, share with others, and subscribe to Lens Four on seanmartin.com and "The Future of Cybersecurity" newsletter on LinkedIn: https://itspm.ag/future-of-cybersecurity Sincerely, Sean Martin and TAPE9 Sean Martin is a life-long musician and the host of the Music Evolves Podcast; a career technologist, cybersecurity professional, and host of the Redefining CyberSecurity Podcast; and is also the co-host of both the Random and Unscripted Podcast and On Location Event Coverage Podcast. These shows are all part of ITSPmagazine—which he co-founded with his good friend Marco Ciappelli, to explore and discuss topics at The Intersection of Technology, Cybersecurity, and Society.™️ Want to connect with Sean and Marco On Location at an event or conference near you? See where they will be next: https://www.itspmagazine.com/on-location To learn more about Sean, visit his personal website. 🔎 Keywords 72-minute gap, ai-driven cyberattacks, soc automation, unit 42, incident response, identity-driven attacks, credential theft, iam misconfigurations, cisa workforce, agentic ai, palo alto networks, crowdstrike, google wiz acquisition, cybersecurity spending, platform consolidation, ai security vendors, it-harvest, richard stiennon, gartner cybersecurity trends 2026, forrester predictions, clawjacked, enterprise management associates, board-ciso communication, cybersecurity resilience, managed security services, cyber insurance, redefining cybersecurity podcast, lens four, sean martin, tape9 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    14 min
  7. SOC Automation and the AI-Driven Future of Cybersecurity Defense | A Redefining CyberSecurity Podcast Conversation with Richard Stiennon, Chief Research Analyst of IT-Harvest

    4 MAR

    SOC Automation and the AI-Driven Future of Cybersecurity Defense | A Redefining CyberSecurity Podcast Conversation with Richard Stiennon, Chief Research Analyst of IT-Harvest

    ⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    26 min
  8. Speaking Security with a Business Accent: Why Being Right Isn't Enough If Nobody Listens | A Redefining CyberSecurity Podcast Conversation with Josh Mason

    3 MAR

    Speaking Security with a Business Accent: Why Being Right Isn't Enough If Nobody Listens | A Redefining CyberSecurity Podcast Conversation with Josh Mason

    ⬥EPISODE NOTES⬥ What happens when a cybersecurity professional knows exactly what's wrong but can't get anyone to act on it? It's a problem that affects security teams across every industry, and it's the central question driving Josh Mason's new book, Speaks Security with a Business Accent. In this conversation, Josh Mason joins Sean Martin to unpack why technical accuracy alone doesn't move the needle and what it takes to communicate security in terms the business actually understands. Josh Mason brings a perspective shaped by years as an Air Force pilot and cyber warfare officer, where mission-first thinking wasn't optional, it was survival. As a safety officer, he studied aircraft mishaps, analyzed black box recordings, and learned that risk awareness doesn't mean risk paralysis. The same philosophy, he argues, applies to cybersecurity: teams can acknowledge risk without letting fear of failure prevent them from supporting the mission. Drawing from books like Dale Carnegie's How to Win Friends and Influence People, The Phoenix Project, and The Goal, Josh Mason structured his own book as a narrative, telling the story of a CIO who transforms a disconnected security team into one that communicates effectively with colleagues, leadership, the board, and eventually beyond the organization. A recurring theme in this conversation is the danger of perfection as the enemy of progress. Josh Mason uses the Iron Man analogy of building an imperfect prototype, flying it, learning from the failure, and iterating, to argue that security teams need to embrace a similar mindset. DevOps teams have already adopted this approach, and security can learn from it. Inaction for perfection's sake, he warns, isn't going to get anyone anywhere. The conversation also examines whether the cybersecurity industry does enough to learn from its own incidents. Unlike aviation, where the FAA and NTSB mandate rigorous post-incident analysis, cybersecurity lacks a centralized authority enforcing that same discipline. Organizations like MITRE, Verizon, and Mandiant publish valuable trend reports, and the data is there for those willing to use it, but it ultimately comes down to individual responsibility and leadership within each organization. For anyone who has ever felt technically right but strategically sidelined, this conversation offers a practical lens on bridging the gap between what security teams know and what the business needs to hear. ⬥GUEST⬥ Josh Mason, Author of Speaks Security with a Business Accent | Air Force Veteran, Cybersecurity Professional, and Founder of Noob Village | Website: https://www.mason-sc.com | On LinkedIn: https://www.linkedin.com/in/joshuacmason/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ Speaks Security with a Business Accent by Josh Mason | https://www.mason-sc.com The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ ✨ More Redefining CyberSecurity Podcast: 🎧 https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq 📝 The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/ Contact Sean Martin to request to be a guest on an episode of Redefining CyberSecurity: https://www.seanmartin.com/contact ⬥KEYWORDS⬥ josh mason, sean martin, speaks security with a business accent, cybersecurity communication, business alignment, penetration testing, risk management, air force cybersecurity, security leadership, mission-driven security, stakeholder communication, security storytelling, noob village, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

    32 min
See All (600)

About

Redefining CyberSecurity Podcast Hosted by Sean Martin, CISSP Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively? For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security. Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty. Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.

Information

More From ITSPmagazine Podcasts

You Might Also Like