Join Sean Martin and Marco Ciappelli as they recap their experiences at Black Hat 2024 and discuss what's on the horizon. This episode explores not just the event highlights but also upcoming adventures and insights from their latest newsletters.
Hosts:
Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]
On ITSPmagazine | https://www.itspmagazine.com/sean-martin
Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast
On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli
____________________________
Episode Notes
In this episode of "On Location With Sean Martin and Marco Ciappelli," our hosts dive into their time at Black Hat 2024 in Las Vegas, reflecting on key takeaways and sharing what’s next on their journey. Whether you're deep into cybersecurity or just curious about the industry, this blog post offers a snapshot of what to expect from Sean and Marco.
Recapping Black Hat 2024
Marco Ciappelli
Choo, choo . . .
Sean Martin
Is that the sound of the fast train back from Vegas? Or just the rush of everything we experienced?
Marco Ciappelli
I'm still wondering why there's no train from LA to Vegas. And don't get me started on LA to San Francisco—that's another conversation entirely.
The conversation kicks off with a lighthearted nod to travel woes before shifting to the core of the episode: their reflections on Black Hat 2024. Sean and Marco bring unique perspectives, emphasizing the importance of thinking beyond cybersecurity's technical aspects to consider its broader impact on society and business.
Sean's Operational Insights
Sean Martin
I like to look at things from an operational angle—how can we take what we learn and bring it back to the business to help leaders and practitioners do what they love?
Sean’s Black Hat 2024 Recap Newsletter explores the evolution from reactive data responses to strategic enablement, AI and automation, modular cybersecurity, and the invaluable role of human insights. His focus is clear: helping businesses become more resilient and adaptable through smarter cybersecurity practices.
Marco's Societal Impact
Marco Ciappelli
Cybersecurity isn’t a destination—it’s a journey. We’re never going to be fully secure, and that’s okay. Cultures change, technology evolves, and we have to keep adapting.
Marco’s take highlights the societal implications of cybersecurity. He talk about how different fields and nations are breaking down silos to collaborate more effectively. His newsletter often reflects on the need for digital literacy across business, society, and education, emphasizing the importance of broadening our understanding of technology’s role.
Upcoming Events and Conferences
The duo is excited about their packed schedule for the rest of 2024 and beyond, including:
Additional Ventures
They’ll also be hosting innovation panels and keynotes at a company event in New Orleans, with CES in Las Vegas and VivaTech in Paris on the horizon for 2025, blending B2B startup insights with consumer tech, all with a cybersecurity twist.
Subscribe and Stay Tuned
Marco and Sean invite you to subscribe to their newsletters and follow their podcast, "On Location," as they continue their journey around the globe—both physically and virtually—bringing fresh perspectives on business, technology, and cybersecurity. You’ll also find unique "brand stories" that highlight innovations making our world safer and more sustainable.
Stay connected, enjoy the ride, and don’t forget to subscribe to both their newsletters and the "On Location" podcast on YouTube!
Be sure to follow our Coverage Journey and subscribe to our podcasts!
____________________________
This Episode’s Sponsors
LevelBlue: https://itspm.ag/levelblue266f6c
Coro: https://itspm.ag/coronet-30de
SquareX: https://itspm.ag/sqrx-l91
Britive: https://itspm.ag/britive-3fa6
AppDome: https://itspm.ag/appdome-neuv
____________________________
Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegas
On YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllRo9DcHmre_45ha-ru7cZMQ
Be sure to share and subscribe!
____________________________
Resources
Sean's Newsletter Article: https://www.linkedin.com/pulse/reflecting-black-hat-2024-operationalizing-enhanced-business-martin-ccive/
Marco's Newsletter Article: https://www.linkedin.com/pulse/my-reflections-from-itspmagazines-black-hat-usa-2024-state-ciappelli-ayglc/?trackingId=hLvuq5LqQ%2B2RHNpgDtIJlQ%3D%3D
On Location Podcast: https://on-location-with-sean-martin-and-marco-ciappelli.simplecast.com
Learn more about Black Hat USA 2024: https://www.blackhat.com/us-24/
____________________________
Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverage
To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcast
To see and hear more Redefining Society stories on ITSPmagazine, visit:
https://www.itspmagazine.com/redefining-society-podcast
Are you interested in sponsoring our event coverage with an ad placement in the podcast?
Learn More 👉 https://itspm.ag/podadplc
Want to tell your Brand Story as part of our event coverage?
Learn More 👉 https://itspm.ag/evtcovbrf
Recapping Black Hat 2024 and What’s Next | On Location Coverage with Sean Martin and Marco Ciappelli
Please note that this transcript was created using AI technology and may contain inaccuracies or deviations from the original audio file. The transcript is provided for informational purposes only and should not be relied upon as a substitute for the original recording, as errors may exist. At this time, we provide it “as it is,” and we hope it can be helpful for our audience.
_________________________________________
[00:00:00] Sean Martin: Marco Choo, choo . Is it the Fast Train back from uh, Vegas? Is that what you did?
[00:00:09] Marco Ciappelli: I am, I'm still wondering, still waiting and, and asking myself why there is no train to go to vegas from la. Actually, Sunday, I could say the same why there's not a train to go from LA to San Francisco, but that's not a question for you.
[00:00:25] Sean Martin: Well, that's, unless you know that's a, well, that's not a train, that's a loop. Right? I don't know if it's on Rails or it must be on Rails. Who Hell knows. I don't know.
[00:00:34] Marco Ciappelli: Maybe we go to s somebody knows, and then we, we land back.
[00:00:37] Sean Martin: Oh, they just drop you, drop you safely in the spot you wanna be.
[00:00:40] Marco Ciappelli: I like the train.
[00:00:41] Sean Martin: You're getting close to teleportation. I don't know.
[00:00:44] Marco Ciappelli: I still like the train. You know, I fall asleep sometimes I just put train noise. It reminds me when I was a kid going around Europe for the first time backpacking, but that's not why we're here. We're talking about travel.
[00:01:01] Sean Martin: I did a month's worth of training. That's true. That was fun. You did. You were a kid again. I was a kid. You had a travel guide with you? Multiple places. Without myself.
That was my own travel guide.
What can I see from here? And I'll go there next. If the train takes me there, I'm going. Anyway. That's not what we're talking about. Somebody suggested I write about that. So I might, I might actually do. Either writing or an episode. Maybe you and I chat about it. I think it'd be kind of fun. I think it will be a lot of fun, you know, just, uh, just a distraction.
[00:01:42] Marco Ciappelli: But, you know, we're still talking about traveling because we have been going back and engage quite a bit with, uh, conferences and events. So, so far, we already hit a few this year and, uh, it's the classic. I'm gonna call it the traditional one, RSA Conference, InfoSecurity Europe, and uh, you ended up in Portugal for the OWASP, and uh, and then recently we just came back from Black Hat in Las Vegas, and funny story, on the pre event coverage, I was telling everybody that we were gonna fly, and then Today before flying I decided I'm just gonna drive The point is that we're back and uh, despite the fact that we had a ton of conversations With people before and during the event and everything is either video or video and audio. We Thought that hey We learned a lot from this Conversations. Let's put it together. And let's write our own perspectives. I'm going to use that word one day. It'll make sense. Stay tuned. And you from your perspective of a cyber security expert journalist and me from more the societal perspective. And guess what? We did end up writing something. We did. We posted it last week. Tape three read mine tape three read yours and also mine I know and i'm wondering if we should use a different tape three, but you know so far it's the same dude It has a funny voice a little bit of an irish accent. That's why that's why I like it Very engaging but the point is we wrote this thing and we posted I got Pretty nice amount of people listening to it and reading it.
So we'll figure why not recording something me and you and, uh, and kind of tease it a little bit more. So I'm going to ask you, what did you write?
[00:03:55] Sean Martin: Oh, I thought you were going to go first, but,
[00:03:57] Marco Ciappelli: uh, I already talked quite a bit, so I'm giving you space.
[00:03:59] Sean Martin: Well, of course, uh, I like to look at things from an operational perspective.
How can we take. What we talk about, what we learn from each other and bring it back to the business to help leaders and practitioners do stuff that they love. It isn't just good for the team and good for cybersecurity metrics, but for the business and, uh, with the focus on outcomes and resilience, that was kind of my focus, uh, for this piece.
So, I mean, it was 24 conversations with 27 people, I think is what we had, something like that. That's the final count, but it doesn't count the people we talked to in the middle of the corridors there or the expo floor. Yeah. 20, 20, 24 episodes, 27 people, plus beyond that. So I, the big, I'm not going to read the whole thing, obviously, but the big categories were the role of data.
So gathering, validating, and utilizing intelligence. So a lot, uh, a lot in that topic. We had a lot of good chats there. Evolving focus from reactive response to strategic enablement. So it's not just reactive response to proactive response, but in the context of. Back to the main point, how do we make a more resilient business?
So how do we enable the business to function tomorrow and long term? Looked at AI and automation. Of course, can't escape that. And again, not just, um, how do we use AI to build better security programs, but to scale business, business growth in a safe way. Looked at modular cybersecurity and, uh, the focus on flexibility and efficiency.
So how can we, how can we take components of what we do and, and really wrap them up and fine tune them and then pull them together in a broader cybersecurity program that's, uh, easily managed and, uh, we can update parts as new things come along. Hopefully that's the idea with that. And technology and human insights kind of connected back to the data piece where we, we're going to leverage more and more data.
But over and over again, during the conversations, of course, uh, human insight was, uh, another element that we can't let go of. We need to keep the human involved and. Give, help them have insight. So don't just drop the human in on top of technology and data, but actually use the technology and data to give them insight so they have a better chance.
And the societal impact, which it started to bleed into your stuff. So we're looking at the broader implications of cybersecurity. And this was interesting because it's We've, we've talked a lot in the last year about the impact to the CISO role. If, if the company and the CISO don't put a program together, that that's, uh, so quote unquote sufficient or, uh, or, uh, yeah, meaningful, um, but I think we're starting to see, and unfortunately right before the event, Black Hat event, there was an outage driven by a cybersecurity company and an update.
They pushed an, an impact on devices. from another organization and we weren't very resilient. So I think we, we need to stay focused on that too. So I think the, the availability of security we need to take into account again, so that was kind of another highlight. So those are the main points, uh, really good conversations.
Of course, I would encourage everybody to listen to what we, what we recorded before, during and after, and, uh, certainly invite people to read the newsletter, it's the future of cybersecurity newsletter by me.
[00:07:54] Marco Ciappelli: Yeah, which I know is getting quite popular.
[00:07:58] Sean Martin: It's a lot of fun. I mean, I'm all over the place in terms of style.
Sometimes it's a made up story. Sometimes it's an analogy to something else. Sometimes it's a recap of things that on conversations. I've had that that spark a spark. I thought like I did one on metrics. I've had a number number of conversations on metrics.
[00:08:20] Marco Ciappelli: This is an opportunity maybe to even say. You know, why we started to do this newsletter and to use the idea of writing it, writing it open that we tell clearly that we use also CHAT GPT because we got excited the day that that came out and actually was making sense.
I mean sense enough when you do the right prompt so you know, you can collaborate with it You're not just like hey write something about black cat or about something else But then yeah, you've done some cool episodes You've created entire scenarios like a small town with three little business going Uh risking to go out of business because they anyway they react differently
[00:09:02] Sean Martin: Yeah, they're from majority levels for different types of businesses.
[00:09:04] Marco Ciappelli: Yeah, and you do we do soundtracks. I did like An halloween story about Privacy, the big guy spying on you in the face of, uh, with the face of a pumpkin. And, uh, so, but we're all so serious. So to, to, to wrap up with what you said, I kind of brought, of course, the perspectives again, one day we'll tell you why, on the social impact.
So you went from, you know, the technology to the business, to the impact on government and society. And I took it kind of from there. But the conversation I think is the same is number one. What I learned is that cybersecurity is not a destination. It's a journey. We're never gonna be. Cybersecure. Sorry to break the news, but that's, that's what it is.
Cultures are going to change. Technology is going to change. And we're just going to have to adopt the conversations that we had 10 years ago when we covered Black Hat for the first time as IETSP Magazine and you before. that are not even close to the conversation that we had this year. And so we talk about collaboration, different perspective, different academic field.
We had conversations with researchers that are actually cyber security researchers, but then they decided to go a little bit more into the societal impact of things. Look how countries are collaborating with one another. So breaking down silos is not just for collaboration. The cyber security industry, but it's for nation companies that share information, which is what you said.
And then, of course, a lot of AI, both as a powerful tool for defending and attacking, unfortunately. So that's going to, to, to be there. But also again, what you said about the human element, it make me think about So, you know, we say always secure by design. I think it needs to be human by design so that you don't drop the human on top with a parachute and hoping that you're landing on the, on the right spot.
So, you know, empowering, uh, digital literacy, uh, and, uh, across all aspects and of business, society, education, and all of that. So that's kind of like where my Article focus on so I want to invite people to to read we will put the links to that and of course to the coverage of black hat 2024 and uh to subscribe to the newsletter because uh Halloween is coming.
So I'm definitely gonna write another one. I had I had a holiday one. Uh, that was kind of fun about Cybersecurity and Santa Claus. So we'll see what I, what I do this year. And, uh, before we get there, we actually gonna have some more fun. And, uh, in terms of trip and travel and coverage.
[00:12:03] Sean Martin: There's lots of, uh, lots of stuff coming up, which is, uh, Exciting.
So for this year, I mean, the end of the sad to say the end of the year is going to be here before we know it, but we already have a bunch of events lined up. So we have CyberTech New York, which is going to be in Chelsea, September 4th and 5th, and, uh, we just literally just recorded the, uh, the kickoff episode for that coverage.
That's really cool. Uh, OWASP AppSec in San Francisco. So this is a global AppSec event. I did the one in Lisbon. And San Francisco is coming up September 24th through 27th. And I've already recorded one episode there covering, uh, the OWASP top 10 for LLMs with Steve Wilson and I have other, other ones booked already.
So lots of good stuff there. And actually I want to go back to the, the, uh, CyberTech New York one. Cause it. There's some interesting points, the, I wanted to do one on policy, there's one on innovation. There's an episode on, uh, SecOps and AppSec, kind of crossing over to this. And then another one on the societal impact and more, more along the lines of sustainability.
So kind of in line with the newsletter that I just wrote as well. And then we have, Sector, which is in Toronto. That's a, that's an informative event. I think I'm going to be there. That's going to be a good one. Just, just up for me in New York. There you go. If we have sponsors, uh, we'll go and do a bunch of cool stuff.
And, uh, of course that's a, that's a companion, call it a sister, brother event, whatever, uh, to Black Hat. Um, but really cool in Canada there. And I have a lot of, a lot of fun ideas for that one. Um, you can check out the coverage page there for some of the things I want to talk about. October 22nd to 24th, 2024.
And then, uh, the last industry event is, uh, the Australia Cyber Security Conference in Melbourne.
[00:14:15] Marco Ciappelli: You go to Toronto, I go to Melbourne.
[00:14:16] Sean Martin: All right, I'll go to Toronto, you go to Melbourne. I might swim from Toronto to Melbourne to make it there. That one is going to be good because we, A couple of years ago, we were, we, uh, started to engage pretty, pretty, uh, heavily with the, uh, APAC, APGA region, uh, with what was an RSA conference at the time.
And so we're excited to be back and be part of this. Yeah, I think there's, again, a lot of topics and a lot of cool things to talk about there. And, of course, that, not unlike Toronto, we get a nice global perspective on things there as well. And then we have a company event that, uh, we're going to emcee, uh, for the, uh, MC.
Yes, we'll be leading, yeah, innovation panels, partner panels, customer panels, keynote firesides, all kinds of fun stuff. That's actually going to be in New Orleans. So you're going to be a very creative company when it comes to this kind of event. And I know that being on stage with, uh, with all the speaker organizer, I'm sure there is a lot of, uh, A lot of things you can draw from a city, uh, like new Orleans. That's not what I said. New Orleans. That's the Italian version. New Orleans. New Orleans. And, uh, yeah, it's going to be fun. It's going to be fun. I'm looking forward to that. And, of course, we're ready to line up. A bunch of coverage for 2025 because apparently we're having fun.
We are really back on track with really feeling the pulse. And when you mentioned Australia, there are so many friends that we have there that I am really looking forward to, to reconnect in person. Um, even if it's a long flight, definitely not a train ride. I'm looking forward to that. Are you going to, you're just going to stay there for Black Hat Asia in Singapore?
Stay in the region. That's in April. We'll be there for that. There you go. And it's close. And it's close. And then RSA, RSA right around the corner from that. And I think the other thing I want to mention, of course InfoSec, uh, Europe and the, uh, In the summer in London there. The other two I want to highlight for next year, uh, because we're, we talk about technology all the time, but really with a cybersecurity focus.
And the other two we're going to dig into are CES in Vegas, that's in January, and VivaTech, which is in Paris, and that's in the summer of next year. And there is a lot of innovation. Of course, uh, I'll bring some of the cybersecurity spin to what we do for those events, but. This really gets back to what you look at in terms of society and how do we live with technology in a way that helps humanity.
Yeah. And, uh, a lot of different perspectives, uh, from that too. We're not going to say more than that. We'll have More, no more perspectives? We're going to hold them?
[00:17:18] Marco Ciappelli: We'll have a podcast about that. It's coming up. But yeah, Viva Technology. I, I spoke with, uh, Francois Bissouzé, which is the, the, the Managing director ready for two years and it's been two years that I wanted to go, but then it's coming close to info security So this year I promised him that i'm gonna go and god am I not gonna go to paris?
It's been a while since the last time I was there. So why not take the opportunity and the event is It's a lot of people because what is really cool about this and then we close Is that it's a hybrid It's a, it's a B2B startup, typical cybersecurity tech conference, but then the last day they open, like it used to be the old Expo, International Expo, to anybody that wants to go, and they had so much I Attendance that it was almost unexpected how many people went there because that goes to show that technology and cyber security and all of this ultimately is about the people that are going to use it.
And the people that live their life with gadgets and healthcare and everything that is provided communication through that. So I like the fact that people, everyday people, want to know about it and are interested and are getting involved. So, with that,
[00:18:48] Sean Martin: I'm going to do a summary. Marco's newsletter, my newsletter.
Please do subscribe to both of those and stay tuned to On Location. There's a, there's a dedicated podcast for that, so you can subscribe to that podcast and we, we invite you to do that. Journey with us to all the places we go virtually and physically, uh, all around the world to capture stories from a business perspective and a societal perspective.
And of course, in there, we also have what we call brand stories, where if you're doing something cool with it, with the technology and have some innovation that helps us build a better, safer, more sustainable society, uh, and businesses that, uh, Enable Society. We invite you to tell those stories with us as well, either as part of an event or not.
It's up to you. So lots of fun stuff. I'm excited Marco for the rest of this year and 2025 is already looking great. So and plus big news coming
[00:19:51] Marco Ciappelli: and we're going to add a few more for 2025. I'll show you just today. It may be an opportunity to go to do something in Rome. There might be a Rome one.
[00:20:02] Sean Martin: Of course we have Black Hat and DEF CON next summer.
We can already start talking about that. So there's that as well. So stay tuned. We'll include links for all this stuff.
[00:20:12] Marco Ciappelli: Stay tuned. Subscribe. And, uh, we'll see you somewhere around the world. If not, we're on YouTube. And, uh, you can listen to us anytime. I hope you don't get bored with it. Take care, everybody.
Thank you for listening.