Episodios

  • The Backup Layer Is a Security Layer: Object First at RSAC Conference 2026 | A Brand Highlight at RSAC Conference 2026 with Anthony Cusimano, Director of Solutions Marketing at Object First

    The Backup Layer Is a Security Layer: Object First at RSAC Conference 2026 | A Brand Highlight at RSAC Conference 2026 with Anthony Cusimano, Director of Solutions Marketing at Object First
    Mar 18 2026

    Backup storage rarely gets a spotlight at security conferences. Object First is working to change that. Anthony Cusimano, Director of Solutions Marketing, joined Sean Martin and Marco Ciappelli ahead of RSAC Conference 2026 to make the case that absolute immutability -- baked into hardware, not bolted on as a feature -- is one of the most critical layers of any modern security stack.

    Object First builds physical, on-premises appliances purpose-built for Veeam. Once backup data lands on the device, it cannot be changed by anyone: not an admin, not the vendor, not an attacker. That guarantee is the foundation of the company's entire product philosophy. As Anthony Cusimano puts it, the threat is clear -- ransomware operators now specifically target backups because destroying that data eliminates the victim's options.

    Heading into RSAC Conference 2026, Object First is bringing new capabilities to South Hall Booth S3601. Demos will include Honeypot, a feature that causes the Object First appliance to simulate a Veeam backup and replication server as a decoy. If a bad actor attempts brute-force access or a remote desktop connection, an alert fires immediately -- a signal that your real Veeam environment is likely also being probed.

    This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight

    GUEST

    Anthony Cusimano, Director of Solutions Marketing, Object First
    LinkedIn: https://www.linkedin.com/in/anthonycusimano89/

    RESOURCES

    Object First website: https://objectfirst.com
    ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Anthony Cusimano, Object First, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, ransomware, backup security, immutable storage, Veeam, data protection, RSAC Conference 2026, cyber resilience, backup immutability, ransomware protection


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    6 m
  • The AI Hype Is Real -- But So Is the Risk of Getting It Wrong | A Brand Spotlight at RSAC Conference 2026 with Subo Guha, Senior Vice President of Product Management of Stellar Cyber

    The AI Hype Is Real -- But So Is the Risk of Getting It Wrong | A Brand Spotlight at RSAC Conference 2026 with Subo Guha, Senior Vice President of Product Management of Stellar Cyber
    Mar 18 2026
    Every vendor at RSAC Conference 2026 will have an autonomous SOC story. Subo Guha, Senior Vice President of Product Management at Stellar Cyber, has been building the real thing for over a decade -- and he has one question every buyer should ask at every booth: can your platform explain why it reached its verdict? Stellar Cyber's autonomous SOC provides a full case summary for every true positive, showing the forensic evidence chain, threat intelligence correlations, and specific observables that led to the conclusion. SOC analysts can review, challenge, or override -- and that feedback loop is how the system improves. The threat landscape has shifted in ways that validate Stellar Cyber's original architecture. LLM-generated attacks have collapsed the time to launch a sophisticated phishing campaign from weeks to minutes. Stellar Cyber was built to serve the mid-market and the MSSPs that protect it -- organizations that face identical threats to enterprises but without enterprise resources. A unified, multi-tenant platform means MSSPs onboard new customers in minutes. An open data ingestion engine works with whatever tools are already in place -- no EDR lock-in, no rip-and-replace. At the center of the platform is a correlation engine that transforms thousands of individual alerts into a manageable set of high-confidence cases. An identity compromise driving lateral movement across dozens of alerts becomes one case with a clear recommended action. Subo describes this as the difference between drowning in noise and focusing on decisions that actually require human judgment -- and it is the foundation the autonomous SOC layer is built on. Subo is direct about what the hype gets wrong: the claim that organizations can dramatically cut SOC headcount because AI has it covered is not happening. The realistic version of autonomous SOC is a force multiplier -- digital agents handle the continuous, high-volume triage work that consumes analyst hours, freeing humans for the cases that require context and institutional knowledge. A system that automates without explainability does not reduce risk. It relocates it. Stellar Cyber will be at booth S327 in the South Hall at RSAC Conference 2026, right at the bottom of the escalator. Live autonomous SOC demonstrations will be running throughout the event, with real-world results from customers already in production. The team also has a barista on site -- a detail Subo was particularly keen to mention for Marco Ciappelli. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Subo Guha, Senior Vice President of Product Management, Stellar Cyberhttps://www.linkedin.com/in/suboguha/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai RSAC Conference 2026 Coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Subo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, autonomous SOC, Open XDR, MSSP security platform, AI-driven security operations, agentic AI cybersecurity, threat detection and response, RSAC Conference 2026, SOC analyst tools, multi-tenant security platform, LLM-generated attacks, security operations center, SIEM NDR unified platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    20 m
  • The AI SOC Analyst Is Already Here -- Are You Ready to Rethink the Role of Your Security Team? | A Brand Spotlight at RSAC Conference 2026 with Monzy Merza, Co-Founder and CEO of Crogl

    The AI SOC Analyst Is Already Here -- Are You Ready to Rethink the Role of Your Security Team? | A Brand Spotlight at RSAC Conference 2026 with Monzy Merza, Co-Founder and CEO of Crogl
    Mar 18 2026
    Monzy Merza, Co-Founder and CEO of Crogl, sat down with Sean Martin and Marco Ciappelli ahead of RSAC Conference 2026 with a position that cuts against the prevailing AI narrative: there will be more security engineers next year than there are today, not fewer. His reasoning draws on how automation has always worked. The phone contact list eliminated the need to memorize numbers -- and people communicated with far more people as a result. AI in security will expand the surface area practitioners must handle, not shrink the need for them. Crogl was founded in 2023 to make every security practitioner as effective as their entire team. What sets Crogl apart is a refusal to require data normalization before the product becomes useful. Instead, Crogl builds a semantic knowledge graph across an organization's existing data lakes, SIEMs, and SOAR platforms -- however many there are -- so analysts can investigate alerts and threat hunt across their real environment, not an idealized version of it. Monzy Merza applies the same logic to language models as to data: if different data stores serve different purposes, why accept a single LLM for every security scenario? Crogl lets organizations choose their model, swap as needs evolve, and deploy on any footprint -- including fully air-gapped environments. For government agencies, energy utilities, and manufacturers, that is not a feature. It is a deployment prerequisite. Financial services leaders across 15 conversations in New York told Merza the same thing unprompted: Crogl's investment in an enterprise semantic knowledge graph is what they see as genuinely correct. Their argument: you cannot solve enterprise security operations with AI without knowing where data lives without transforming it. These were practitioners speaking, not vendors. The week before RSAC Conference, Crogl hosted the first AI SOC Summit near Washington, DC -- no NDAs, no directed demos. Attendees brought their own laptops, got access tokens, and used Crogl on their own problems, completely unattended. The booth at RSAC Conference will work the same way: walk up, run real scenarios, no one driving the demo. The head of AI, UX designer, and chief architect will all be on the floor to listen and be challenged. Organizations building AI security strategy around eliminating people are making a bet history does not support. The smarter path -- and the one Crogl is built around -- is enabling practitioners with tools that meet them where they are, on the data they have, with the models they trust, in the environments they control. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl On LinkedIn: https://www.linkedin.com/in/monzymerza/ RESOURCES Crogl: https://www.crogl.com AI SOC Summit: https://www.aisocsummit.com/ RSAC Conference 2026 Coverage on ITSPmagazine: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Monzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC, security operations center, autonomous alert investigation, enterprise semantic knowledge graph, AI security tools, SOC automation, security analyst, threat hunting, data normalization, large language models, agentic AI, RSAC 2026, RSAC Conference Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    24 m
  • When Cyber Meets Physical: Building Executive and Employee Protection Programs That Actually Work | A Redefining CyberSecurity Podcast Conversation with Roland Cloutier, Principal of The Business Protection Group

    When Cyber Meets Physical: Building Executive and Employee Protection Programs That Actually Work | A Redefining CyberSecurity Podcast Conversation with Roland Cloutier, Principal of The Business Protection Group
    Mar 18 2026
    ⬥EPISODE NOTES⬥ The conversation that led to this episode started with a LinkedIn post -- and it quickly surfaced a challenge that security leaders across industries are wrestling with but rarely talk about openly: who is actually responsible for protecting the people inside an organization, not just the systems they use? Roland Cloutier has sat in some of the most demanding security leadership seats in the world -- Global CSO at TikTok/ByteDance, a decade as Global CSO at ADP, and VP and CSO at EMC -- and he now advises CISOs and CSOs through The Business Protection Group. His lens is converged security: the deliberate integration of cyber, physical, privacy, and people-risk under a unified program and leadership model. Roland identifies three patterns that typically bring organizations to him. First, an emergent crisis -- a threat against an executive, a workplace violence incident, a travel security failure -- that suddenly exposes the absence of a coherent protection program. Second, a cost and structure conversation where the CEO is tired of receiving two different risk pictures from two different security leaders and wants a single accountable voice. Third, a board-driven inquiry where general counsel or the CEO is being asked questions about executive resilience and duty of care that nobody inside the organization can confidently answer. What makes this conversation particularly sharp is Roland's framing of convergence not as an org chart exercise, but as a force multiplier. A unified threat intelligence picture -- one that covers cyber, physical, executive, brand, and customer risk simultaneously -- enables cleaner prioritization, better resource allocation, and a fundamentally stronger conversation with the CEO. The alternative, which he has seen firsthand, is four separate threat management platforms reporting independently with no team working across all of them. The episode also pushes into territory that most security programs have not yet mapped: employee protection at scale. Not bodyguards for everyone, but the organizational consciousness to monitor for geographic threats, proactively check in with distributed employees during major events, and build a duty-of-care posture that extends beyond the office walls into people's home lives and total risk environment. For high-risk employees -- those with keys to the kingdom, not just C-suite titles -- that responsibility extends further still. For CISOs and CSOs wondering where to start, Roland offers a practical crawl-walk-run framework: start with shared services rather than full convergence, open the conversation with leadership, surface the gaps the business already knows exist, and build a financial and risk model that makes sense for your specific organization. The goal is a converged security program that treats people -- not just infrastructure -- as an asset worth protecting. ⬥GUEST⬥ Roland Cloutier, Principal at The Business Protection Group | On LinkedIn: https://www.linkedin.com/in/rolandcloutier/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On ITSPmagazine: https://www.itspmagazine.com/ On YouTube: https://www.youtube.com/@itspmagazine On LinkedIn Newsletter: https://itspm.ag/future-of-cybersecurity Sean Martin's Contact Page: https://www.seanmartin.com/ ⬥KEYWORDS⬥ roland cloutier, the business protection group, sean martin, executive protection, employee protection, converged security, physical security, ciso, cso, duty of care, threat intelligence, workplace violence, security convergence, business resilience, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    25 m
  • From the HIMSS 2026 Floor: How Zebra Technologies Is Putting Intelligence in the Hands of Healthcare's Frontline | A Brand Spotlight with Chris Sullivan | HIMSS 2026

    From the HIMSS 2026 Floor: How Zebra Technologies Is Putting Intelligence in the Hands of Healthcare's Frontline | A Brand Spotlight with Chris Sullivan | HIMSS 2026
    Mar 16 2026
    Summary: Recorded live from the floor of HIMSS 2026 in Las Vegas, this Brand Spotlight conversation with Chris Sullivan, Global Healthcare Practice Lead at Zebra Technologies, explores how technology — from RFID drug tracking to AI-powered frontline devices — is reshaping the way hospitals deliver care, reduce waste, and protect patients. From a groundbreaking pharmacy innovation at Texas Children's Hospital to Zebra's vision for ambient intelligence at the point of care, this is a candid look at what it means to build technology for the people who actually do the work. At HIMSS 2026 in Las Vegas, the conversation keeps circling back to the same question: how can technology help healthcare workers spend more time with patients and less time chasing information? For Chris Sullivan, Global Healthcare Practice Lead at Zebra Technologies, that question is not hypothetical — it's the work. In this Brand Spotlight, Marco Ciappelli connects with Chris from the conference floor to talk about what's actually happening in healthcare technology right now. Zebra Technologies, a 55-year-old company with over 10,000 employees and more than 300 healthcare-specific products, has built its reputation by designing tools not for the corner office, but for the frontline worker — the nurse, the pharmacist, the care team member who needs the right information at exactly the right moment. One of the most compelling stories Chris shares is Zebra's partnership with Texas Children's Hospital, a world leader in pediatric oncology. The challenge: high-cost cancer medications — some exceeding a million dollars per treatment — were being lost, duplicated, or expiring before reaching patients. The solution was an RFID-based drug management system, built in partnership with a Texas software company, that now tracks medications throughout the pharmacy supply chain. The result? Millions of dollars in annual inventory savings, improved patient safety, and a model that Texas Children's is now actively sharing with hospitals in Amsterdam and beyond. But the RFID story is just one piece of a larger picture. What Zebra calls healthcare workflow orchestration — the coordination of people, assets, and information across a complex hospital environment — is the bigger ambition. Chris describes a three-part framework: asset visibility (digitizing wheelchairs, pumps, medications, and supplies), real-time information for caregivers (through mobile computers and hands-free wearables), and operational automation (like the pharmacy RFID system). Together, these elements are designed to remove friction from the care delivery process and give clinicians back the one thing they most want: presence with their patients. And then there's AI. Zebra has been building sensor-rich devices for years, and now those sensors — over 15 per device, capturing voice, video, and environmental data — are becoming the foundation for an AI platform built specifically for frontline workers. Chris draws a sharp distinction between AI for knowledge workers and AI for frontline workers, arguing that the needs, rules, and structures are fundamentally different. Zebra's approach is to pre-extract sensor intelligence into an open SDK with over 21 AI enablers, then package those into industry-specific blueprints that can be deployed in months rather than years. The conversation ends where it began: with people. Chris is both a technology provider and a healthcare board member, which gives him a perspective that's rare in this industry. He understands what it means when a caregiver is interrupted. He knows that a nurse who has to stop and look something up is a nurse who isn't holding a patient's hand. That's the problem Zebra is trying to solve — not with a flashy pitch, but with 55 years of frontline experience and a clear-eyed view of what the work actually looks like. Recorded remotely from HIMSS 2026 | Las Vegas, NV | March 9–12, 2026 This Brand Spotlight is part of ITSPmagazine's ongoing coverage of HIMSS 2026. To explore more conversations from the event, visit ITSPmagazine.com. GUEST Chris Sullivan Global Healthcare Practice Lead, Zebra Technologies LinkedIn: https://www.linkedin.com/in/chris-sullivan-6135624/ RESOURCES Zebra Technologies: https://www.zebra.com HIMSS 2026: https://www.himssconference.com Want to tell your brand story? Reach out to us at ITSPmagazine.com. Are you interested in sponsoring an ITSPmagazine Channel? 👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast Want to tell your story and make an impact? ITSPmagazine is your platform. 👉 https://www.itspmagazine.com/telling-your-story KEYWORDS Chris Sullivan, Zebra Technologies, Marco Ciappelli, HIMSS 2026, healthcare technology, frontline workers, RFID, drug management, Texas Children's Hospital, AI in healthcare, workflow orchestration, mobile computing, brand spotlight, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See ...
    Más Menos
    17 m
  • Sound Is a Force: Frequency, Healing, and the Physics of Music | A Music Evolves Conversation with Scott "Shagghie" Scheferman, Cybersecurity Strategist, Musician, and Researcher

    Sound Is a Force: Frequency, Healing, and the Physics of Music | A Music Evolves Conversation with Scott "Shagghie" Scheferman, Cybersecurity Strategist, Musician, and Researcher
    Mar 15 2026
    Show Notes Scott Scheferman -- known throughout the cybersecurity and music communities as Shagghie -- brings a rare combination of backgrounds to this conversation: classically trained on trumpet, a live techno producer since the late nineties, a student of synthesis at its lowest circuit level, and now a full-time researcher working on what he calls the Joy Protocol -- a frequency-based framework designed to produce measurable physiological and neurological benefits through sound and light. The conversation opens with Scott recounting his musical journey -- from blues trumpet in the Caribbean to losing his cherished instruments during a move to the United States, to a 25-year silence before his daughter convinced him to pick up the horn again. Then came the synthesizers. He describes performing live techno with six drum machines and synthesizer sequencers at a San Diego club, his parents in the crowd, sweating and dancing by 2:00 AM. For Scott, that was the moment of arrival -- not just as a performer, but as someone understood. From there, the conversation moves into the physics. Scott and Sean explore how frequency operates across the entire spectrum -- from the 7.83 hertz resonant frequency of the Earth itself to the quantum oscillations that defy measurement. Scott makes the case that sound is not merely an aesthetic experience but a literal force, one that operates on the body, mind, and cellular structure in ways now being confirmed by a new wave of scientific research. The Solfeggio scale, long dismissed by mainstream music as esoteric, turns out to have been built around frequencies that have specific, studied, physiological effects on the human body. The conversation doesn't shy from harder territory. Scott discusses directional sound weapons he witnessed firsthand at Booz Allen Hamilton, the documented Havana syndrome incidents, and how blue light frequencies are engineered into consumer electronics to trigger dopamine responses. These aren't conspiracy theories, he argues -- they are the same science, used from the opposite direction. The Joy Protocol is the inverse: taking those same mechanisms and applying them to produce healing, not harm. Even the 40-hertz frequency -- which Scott now seeks out on his wife's Power Plate machine at the gym -- produces a physical response he describes as immediately and unmistakably real. The episode closes on the question every musician, listener, and creator should be sitting with: if certain frequencies heal and others harm, if the A-440 tuning standard may have been a deliberate departure from something more resonant, and if the spaces between notes matter as much as the notes themselves -- then what does it mean to produce music intentionally? Scott points toward the guitar as a last frontier that AI cannot replicate: the harmonic overtones that physically manifest in wood when an instrument is tuned to a resonant frequency cannot be induced after the fact. That reality, he suggests, is both a challenge and an invitation. Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Guest(s) Scott "Shagghie" Scheferman, Cybersecurity Strategist, Musician, and Researcher | Website: https://www.scottscheferman.com/ | On LinkedIn: https://www.linkedin.com/in/scottscheferman/ Resources Scott Scheferman's Personal Website | https://www.scottscheferman.com/ Music Evolves: Sonic Frontiers Newsletter | https://www.linkedin.com/newsletters/7290890771828719616/ Keywords scott scheferman, shagghie, frequency healing, quantum consciousness, cymatics, solfeggio frequencies, sound as medicine, live techno, music production, joy protocol, sean martin, music, creativity, art, artist, musician, music evolves, music podcast, music and technology podcast More From Sean Martin on ITSPmagazine More from Music Evolves: https://www.seanmartin.com/music-evolves-podcast Music Evolves on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllTRJ5du7hFDXjiugu-uNPtW On Location with Sean and Marco: https://www.itspmagazine.com/on-location ITSPmagazine YouTube Channel: https://www.youtube.com/@itspmagazine Be sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    1 h y 3 m
  • Supply Chain Resilience and AI Risk in Healthcare | A Brand Spotlight Conversation with Ryan Patrick, Executive Vice President, TPRM Customer Solutions of HITRUST

    Supply Chain Resilience and AI Risk in Healthcare | A Brand Spotlight Conversation with Ryan Patrick, Executive Vice President, TPRM Customer Solutions of HITRUST
    Mar 15 2026

    Third-party-related breaches have doubled in the last 12 months. Ryan Patrick, Executive Vice President of TPRM Customer Solutions at HITRUST, is not surprised. As organizations outsource more to stay focused on core competencies, the vendor attack surface grows -- and malicious actors are exploiting it through a pattern Patrick calls "island hopping": land on a smaller vendor, secure a foothold, then move laterally toward the real target.

    The Stryker attack, which unfolded in real time during HIMSS 2026, made the stakes concrete. What began as a nation-state operation quickly became a supply chain crisis. Hospitals relying on Stryker products scrambled -- not because their own environments were breached, but because a critical supplier went down. Patrick argues that availability of services deserves equal weight to confidentiality, especially when a supplier outage directly impacts patient care and revenue.

    AI adds a new layer of urgency to vendor risk. Vendors are quietly adding AI capabilities to existing products -- sometimes without notifying customers. An EHR platform might add a clinical decision support model as a routine feature update. The health system consuming it may lack the leverage to audit what that model does with patient data. In agentic AI scenarios, where decisions happen without a human in the loop, the consequences are clinical, not just operational.

    Patrick's advice for managing AI risk: stop treating it as a fundamentally different category. Layer it into existing security programs, policies, and governance frameworks. The uniqueness lies in how you assess AI risk -- not in abandoning what already works. The industry, he observes, is finally moving past the wait-and-see phase.

    The data on HITRUST certification outcomes is compelling. One organization has gone seven to eight years without a security incident by requiring all vendors to achieve HITRUST certification. External vulnerability platforms like SecurityScorecard and RiskRecon independently confirm the pattern: HITRUST-certified vendors score measurably higher. Certified vendors mature over time. Non-certified vendors plateau.

    This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

    GUEST

    Ryan Patrick, Executive Vice President, TPRM Customer Solutions, HITRUST
    https://www.linkedin.com/in/ryan-patrick-3699117a/

    RESOURCES

    HITRUST: https://hitrustalliance.net
    HIMSS 2026 Coverage: https://www.itspmagazine.com/cybersecurity-technology-society-events/himss-global-health-conference-amp-exhibition-2026

    Are you interested in telling your story?
    ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
    ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
    ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

    KEYWORDS

    Ryan Patrick, HITRUST, Sean Martin, third-party risk management, TPRM, supply chain security, healthcare cybersecurity, HIMSS 2026, AI security, EHR security, vendor risk, HIPAA compliance, CIA triad, supply chain resilience, agentic AI, healthcare data security, brand spotlight, brand marketing, marketing podcast, brand spotlight


    Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.
    Más Menos
    17 m
  • Software Supply Chains, AI Risk, and the Transparency Gap | A Brand Spotlight with Daniel Bardenstein of Manifest | RSAC 2026

    Software Supply Chains, AI Risk, and the Transparency Gap | A Brand Spotlight with Daniel Bardenstein of Manifest | RSAC 2026
    Mar 14 2026
    As RSAC 2026 approaches, Daniel Bardenstein, CEO and Co-Founder of Manifest, joins hosts Sean Martin and Marco Ciappelli to unpack the growing disconnect between how security leaders perceive their AI and software supply chain posture and what practitioners on the ground actually experience. Drawing from Manifest's new research report — Beyond the Black Box — Bardenstein connects the dots between shadow AI, SBOM adoption gaps, and a dangerous pattern: history is repeating itself as organizations rush to adopt AI with the same disregard for security that characterized the early cloud era. In a wide-ranging pre-event conversation ahead of RSAC 2026, Daniel Bardenstein, CEO and Co-Founder of Manifest, explores what it means to truly secure the software and AI supply chain — not just check the compliance box. Manifest's new research report, Beyond the Black Box, surveyed more than 300 security and AI leaders globally to understand the reality of AI adoption and software supply chain risk. One of the most striking findings was not a statistic, but a structural problem: a significant perception gap exists between how confident executive security leadership feels about their AI security posture and how unprepared frontline practitioners actually are. Where there is misalignment, Bardenstein notes, there is risk. The conversation draws a vivid parallel to the cloud adoption wave of a decade ago, when organizations rushed to SaaS and cloud infrastructure without thinking through security implications — and gave birth to entire new industries to clean up the mess. Today, the same dynamic is playing out with AI. Nearly two-thirds of the survey respondents reported encountering shadow AI within their organizations, as employees freely use tools like ChatGPT, DeepSeek, or locally downloaded models without centralized governance. When that AI eventually gets embedded into software that organizations build, deploy, and sell, the blind spots compound. SBOMs — software bills of materials — represent a promising step toward supply chain transparency, and Bardenstein credits the US government's regulatory nudging for driving adoption. Manifest's research shows that roughly 60% of organizations are now generating SBOMs, a meaningful milestone. But generation is not governance. Too many organizations treat an SBOM as a compliance artifact — a JSON file on a hard drive — rather than an operational tool that could dramatically accelerate vulnerability response, regulatory compliance, and incident management. The prescription has been filled; it's just not being taken. To reframe the urgency, Bardenstein introduces the concept of the "transparency tax" — the hidden cost organizations pay in time, money, and risk when they build or buy opaque technology. Just as consumers demand ingredient labels on food, Carfax reports on used cars, and active ingredient disclosures on prescriptions, the technology sector needs to normalize the same transparency for software and AI. For organizations willing to do the math, the case for investing in supply chain visibility becomes not just a security argument, but a business one. Heading into RSAC 2026, Manifest will not have a booth but will be active across the conference floor, meeting with customers, partners, and prospects. Bardenstein will appear on an invite-only panel alongside leadership from Corridor Dev, 1Password, and Google to discuss secure software and secure AI. The team is also planning to announce new platform capabilities designed to close the governance gaps their research surfaced — helping organizations move fast without creating the kind of blind spots that make AI adoption a liability rather than an advantage. Tune in for this sharp, candid pre-event conversation — and look for the full on-location Brand Spotlight recorded live at RSAC 2026 in San Francisco. 🎙️ This story is part of the RSAC 2026 Coverage Series on ITSPmagazine, produced in partnership with Manifest. GUEST Daniel Bardenstein CEO and Co-Founder, Manifest https://www.linkedin.com/in/bardenstein/ https://www.manifestcyber.com RESOURCES Beyond the Black Box Research Report — Manifest: https://www.manifestcyber.com Learn more about Manifest and their software and AI supply chain security platform: https://www.manifestcyber.com Learn more about and follow ITSPmagazine's coverage on RSAC 2026: https://www.itspmagazine.com/rsac-usa-2026-san-francisco-cybersecurity-event-coverage Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-podcast-coverage Want to tell your Brand Story Difference Maker Podcast Story or Advertise with us? 👉 https://www.itspmagazine.com/telling-your-story KEYWORDS Daniel Bardenstein, Manifest, Manifest Cyber, software supply chain security, SBOM, AI supply chain, AI risk, RSAC 2026, RSA Conference, Sean Martin, Marco Ciappelli, brand spotlight, brand story, ITSPmagazine, ...
    Más Menos
    22 m