Anthony Cusimano, Director of Solutions Marketing at Object First, joined Sean Martin and Marco Ciappelli for a post-RSAC Conference 2026 recap -- and his observations from the show floor offer a window into how the security industry is evolving. One of the most telling details came from just outside the Moscone Center, where a company had set up an AI-free zone: a place for attendees to catch their breath from the wall-to-wall AI messaging dominating the event.

That detail points to something bigger. The AI hype cycle that peaked over the past two years is giving way to a more demanding audience. At RSAC Conference 2026, Cusimano heard a different kind of question: not whether a company uses AI, but whether it uses it responsibly -- and whether zero trust principles are baked in. The novelty is gone; accountability is what the floor was asking for.

For Object First, the shift in booth conversations has been even more meaningful. The question that used to greet them -- why is a backup storage company at a security conference? -- has been replaced by relief that they are there at all. Organizations now understand that backup and backup storage sit at the core of resilience and recovery. Cusimano described a floor full of teams thinking proactively, evaluating solutions before a crisis forces the decision.

This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight

GUEST

Anthony Cusimano, Director of Solutions Marketing, Object First
LinkedIn: https://www.linkedin.com/in/anthonycusimano89/

RESOURCES

Object First website: https://objectfirst.com
ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

Are you interested in telling your story?
▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

KEYWORDS

Anthony Cusimano, Object First, Sean Martin, brand story, brand marketing, marketing podcast, brand highlight, immutable backup storage, ransomware protection, Ootbi, Veeam backup, zero trust, data resilience, RSAC Conference 2026, cybersecurity, backup security, data recovery, edge security, fleet manager

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

When Anthropic announced Project Glasswing, the headline was the capability: an AI model that found a 27-year-old flaw in OpenBSD and a 17-year-old remote code execution vulnerability in FreeBSD — fully autonomously, no human in the loop after the initial prompt. But the story underneath the capability is a structural one about who gets early intelligence, who sets the disclosure timeline, and what happens to every organization that wasn't in the room.

In this edition of Lens Four, Sean Martin examines Project Glasswing through three lenses: the intelligence asymmetry it creates for security programs, what it reveals about the broken assumptions underneath CVE, CVSS, and NIST, and why the equity framing in Glasswing's messaging doesn't survive contact with the data.

🔍 In this episode:

• Why the 12 Glasswing partners are operating with fundamentally different intelligence than everyone else — not eventually, but today
• The precise claim: patches flow downstream to everyone, but self-scanning access, pre-public intelligence, and disclosure timeline influence stay inside the coalition
• How Mythos chains five CVEs into a novel exploit in under 24 hours — and why CVSS has no score for that
• Why NIST's draft Cyber AI Profile was built before anyone outside Anthropic knew what Mythos could do
• Casey Ellis of Bugcrowd on the terrain Glasswing can't reach: forgotten firmware, end-of-life routers, the places the industry stopped looking
• Ed Skoudis of SANS on what it means that AI will surpass all human vulnerability researchers combined within months
• The Anthropic-DoD standoff and the geopolitical dimension of a Western-only coalition
• The CSA, SANS, and OWASP joint briefing: 250 CISOs saying the frameworks are already inadequate

Fourth Lens: The CVE system was built on human-speed assumptions. CVSS was built on single-flaw assumptions. NIST frameworks were built on governance-speed assumptions. Every one of them was already under pressure. Now they're under pressure from a model that broke them at machine speed. The question worth asking: when the next model crosses this threshold, will the answer to "who gets the defense first" still be determined by who was already at the table?

🔗 Full article and references
🎙 Redefining CyberSecurity Podcast
📧 Subscribe to Lens Four

Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience. He is co-founder of ITSPmagazine and Studio C60, host of the Redefining CyberSecurity Podcast and Music Evolves Podcast, and co-host of On Location and Random and Unscripted.

🎙 Keywords: Project Glasswing, Claude Mythos, Anthropic, AI vulnerability discovery, zero-day vulnerabilities, intelligence asymmetry, CVE, CVSS, NIST IR 8596, responsible disclosure, cyber inequity, CrowdStrike 2026 Global Threat Report, WEF Global Cybersecurity Outlook 2026, open-source security, critical infrastructure, autonomous exploit chaining, breakout time, nation-state cyber threats, AI safety, AI governance, CISO, patch management, Casey Ellis, Bugcrowd, Ed Skoudis, SANS Technology Institute, Cloud Security Alliance, OWASP, Sean Martin, ITSPmagazine, Lens Four

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

A Brand Highlight Conversation with Jacob Flores, Head of Research at Type One Ventures

There is a version of investing that asks what the return will be. And then there is the version that asks what kind of future the investment makes possible. Jacob Flores, Head of Research at Type One Ventures, is working firmly in the second category.

Type One Ventures takes its name from the Kardashev Scale — a framework developed by Soviet astrophysicist Nikolai Kardashev that ranks civilizations by their level of technological advancement. A Type One civilization has mastered its home planet and is beginning to extend its reach beyond it. That is the destination this firm is trying to fund. Flores, a former engineer and product manager with roughly a decade of experience across industries, leads the research function at Type One with a focus on AI, neurotech, and biotechnology.

The firm's investment lens is as much philosophical as it is financial. Type One looks for platform builders — companies whose core technology can be stacked across multiple applications, cultivating new marketplaces and entirely new categories of industry. Manufacturing in space is one clear example: in microgravity, it becomes possible to grow proteins, print circuits, and develop materials that cannot be produced the same way on Earth — yet those products have immediate, tangible value back on the ground.

The thesis extends well beyond orbit. Type One is also backing neurotechnology companies working to restore vision and movement for people who have lost those abilities, and longevity research aimed at extending healthy human life. Flores frames these not as moonshots for their own sake, but as the new foundation layer for an entirely new level of global industry.

This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more

Host Marco Ciappelli, Co-Founder, ITSPmagazine

Guest Jacob Flores, Head of Research, Type One Ventures

Resources Type One Ventures Type One Ventures on LinkedIn

Want to tell your story? Full Length Brand Story Brand Spotlight Story Brand Highlight Story

Keywords: Jacob Flores, Type One Ventures, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, space technology, deep tech, venture capital, multi-planetary civilization, Kardashev Scale, manufacturing in space, neurotech, longevity, AI, biotechnology, frontier technology, space investing, human longevity, platform builders

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

When a production line stops, the financial damage is immediate — and the window to respond safely is narrower than most security teams realize. Rob Demain, CEO and Founder of e2e-assure, joins this Brand Highlight to explain why OT security demands a fundamentally different mindset than IT, and what organizations can do about it.

Operational technology runs the infrastructure that keeps the world moving — manufacturing floors, power grids, air traffic control systems. Rob Demain founded e2e-assure in 2013 and has spent the past seven years narrowing its focus to one discipline: SOC and MDR services. He calls it "specificity" — the principle that doing one thing with precision delivers better outcomes than spreading resources thin.

In IT security, the primary concern is data. In OT, the stakes are entirely different. Downtime is the real threat. For a manufacturing business, minutes of halted production translate directly into significant financial loss. That distinction changes everything about how security teams must respond. The "safety first" rule in OT means responders sometimes have to run alongside a threat rather than immediately neutralize it — because disconnecting systems could halt the production line entirely.

The most common attack path into OT environments runs through IT: adversaries compromise IT first, then move laterally into OT systems. Supply chain risk is the second major vector. Firmware updates, software patches, and third-party management systems all represent potential entry points. Detection takes longer too — OT systems often lack the endpoint tools that trigger fast alerts, leaving threats to surface as subtle pattern deviations over extended periods.

This is a Brand Highlight — a short introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight

GUEST
Rob Demain, CEO & Founder, e2e-assure
LinkedIn: https://uk.linkedin.com/in/rob-demain-01733468

RESOURCES
e2e-assure website: https://e2e-assure.com
OT Downtime and Remediation Gaps Research: https://e2e-assure.com

Are you interested in telling your story?
Full Length Brand Story: https://www.studioc60.com/content-creation#full
Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

Walk the floor at RSAC Conference 2026 and you will find boxing rings, petting zoos, agentic AI everywhere, and very few answers to the question that actually matters: why should anyone trust you with their security? Sean Martin and Marco Ciappelli have been watching this pattern for more than a decade -- and in this short On Location conversation, they turn the camera on themselves and on the problem they built Studio C60 to solve.

The conversation starts with a pin. A small ITSPmagazine swag item from roughly ten years ago, sitting in Sean's hand at RSAC Conference. Marco traces the thread from there -- back to 2012, back to his first time on the conference floor, back to a joke he made that has never stopped being true: they are still selling the box. The packaging has changed -- servers became SaaS, disks became dashboards -- but the instinct to lead with the product rather than the outcome has not.

Sean frames it cleanly: the messaging is the innovation. But the message only lands when it connects the technology to how teams actually use it, to what that enables the business to do, to why it matters beyond the booth. Marco extends it further: if you sound like everyone else, there is no music -- only noise. Every instrument is playing, but there is no song.

That is the gap Studio C60 exists to close. Drawing on decades of combined experience in cybersecurity, go-to-market strategy, journalism, and brand storytelling, Sean and Marco offer clients something the expo floor rarely demonstrates: the ability to articulate not just what a product does, but what it means -- for the team, for the business, for the people it serves.

The work ranges from a single consulting session to full campaign development and retainer partnerships. It starts with an honest assessment: who are you, who needs you, and what do you sound like right now? For startups especially, that starting point is where everything else begins.

What the floor at RSAC Conference 2026 makes clear, year after year, is that attention is cheap and memory is rare. The brands that last are the ones that earn it -- not with a boxing ring, but with a story worth repeating.

⬥HOSTS⬥

Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/

Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/

⬥RESOURCES⬥

RSAC Conference 2026 -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

Studio C60 | https://www.studioc60.com

The Future of Cybersecurity Newsletter (Sean Martin) | https://www.linkedin.com/newsletters/7108625890296614912/

An Analog Brain In A Digital Age Newsletter (Marco Ciappelli) | https://www.linkedin.com/newsletters/7079849705156870144/

On Location | https://www.itspmagazine.com/on-location

⬥KEYWORDS⬥

sean martin, marco ciappelli, rsac conference 2026, rsac 2026, studio c60, itspmagazine, brand storytelling, cybersecurity marketing, go-to-market strategy, messaging and positioning, agentic ai, expo floor, brand differentiation, content production, cybersecurity branding, on location

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

Sean Martin had barely finished his coffee when two separate conversations with CISOs at RSAC 2026 landed the same way: security is not how the business grows, it is how the business stays out of trouble. Compliance drives the tooling. The security team does its job. The business does its job. And the two rarely meet in the middle.

That observation kicked off a quick but pointed exchange with Marco Ciappelli on the floor at RSAC, one that quickly moved from the conference center to the broader question of culture. Not just inside organizations -- but out in the world, where most people installing iPhone updates are skipping the security patch and tapping the music app feature instead.

Sean has been making this argument for years -- his original show was called The Business of Security for a reason -- and Marco brings the branding and societal lens to the same problem. What happens when businesses treat security as a cost center rather than a brand asset? Apple made privacy a selling point. Most of the industry has not. And if the companies building and deploying security do not close that gap, the consumers and executives who should care never will.

The conversation ends with Sean hinting at a second idea brewing -- something sparked by a photograph of a bow and arrow on the streets of San Francisco. That one comes later.

⬥HOSTS⬥

Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/

Marco Ciappelli -- Co-Founder, ITSPmagazine & Studio C60 | Host, An Analog Brain In A Digital Age Podcast | https://www.marcociappelli.com/

⬥RESOURCES⬥

RSAC 2026 | April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/

An Analog Brain In A Digital Age Newsletter | https://www.linkedin.com/newsletters/7079849705156870144/

On Location | https://www.itspmagazine.com/on-location

⬥KEYWORDS⬥

sean martin, marco ciappelli, rsac 2026, rsa conference, cybersecurity business value, security culture, ciso priorities, compliance-driven security, security roi, brand and security, consumer security behavior, ai and security, security as business enabler, itspmagazine, on location

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The security industry has spent years debating which tools to buy. Impetum is asking a different question: are the tools you already have actually working? Founded by incident responders who saw the same failures across hundreds of breaches, Impetum built the Persistent Purple Team platform to simulate advanced threat actors inside customer environments on a continuous monthly basis -- not as a one-time engagement, but as an ongoing relationship built around real data, custom TTPs, and a measurable Threat Resilience Score.

Matt Stewart and Alex Grohmann spoke with Sean Martin and Marco Ciappelli at RSAC Conference 2026 about what they are hearing on the show floor: agentic AI is accelerating the speed of compromise and exposing vulnerabilities in legacy systems that have been dormant for decades. Against that backdrop, the value of knowing -- not assuming -- that your detection and response capabilities hold up becomes critical. The platform builds that knowledge through live-fire exercises using an organization's own data, validating patch management, XDR, SIEM tuning, and post-compromise detection in a way no annual pen test can.

The conversation also touched on the structural talent problem agentic AI is creating inside SOCs. As AI fills the level one analyst role, the pipeline for developing level two analysts and incident responders is narrowing. Impetum sees persistent purple teaming as the training ground that closes that gap -- giving existing teams the repeated, realistic practice they need to respond with confidence when an actual breach begins.

Impetum targets mid-size organizations that have the right security tools but lack the budget, bandwidth, and access to industry events to keep those tools continuously validated against evolving attack paths. For those teams, the platform delivers something an annual report cannot: a documented, ongoing record of what works, what does not, and where the program is heading.

This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

GUEST
Matt Stewart, Co-Founder, Impetum
Alex Grohmann, Co-Founder, Impetum
LinkedIn: https://www.linkedin.com/in/alexandergrohmann/

RESOURCES
Impetum / Persistent Purple Team: https://www.persistentpurpleteam.com
ITSPmagazine RSAC Conference 2026 coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage

Are you interested in telling your story?
▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

KEYWORDS
Matt Stewart, Alex Grohmann, Impetum, Persistent Purple Team, Remedium Security, Sean Martin, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast, purple teaming, continuous security validation, threat resilience, CISO, security operations, SOC, red team, blue team, incident response, agentic AI, MITRE ATT&CK, penetration testing, cybersecurity

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Arkose Labs sits at the intersection of bot management, fraud prevention, and identity protection -- working with the world's largest consumer-facing brands to make fraud unprofitable. Frank Teruel walks through how the threat landscape shifted from nation-state actors and organized crime to fully democratized crime-as-a-service platforms, where MFA bypass kits are sold online and multi-billion dollar fraud operations run with the efficiency of a product company.

The conversation covers three of the biggest attack categories hitting organizations today: SMS toll fraud, bonus abuse, and fake account registrations. Each one exploits legitimate business flows -- onboarding, loyalty programs, referral bonuses -- and often goes entirely undetected by security teams because the attackers never trigger a traditional alert. In one example, a rideshare company's cell bill climbed by millions before anyone connected it to a fraud campaign.

With agentic AI now in the mix, the attribution problem has become exponentially harder. Is that agent booking a hotel room a legitimate user action or the opening move of an account takeover? Arkose Labs places its defenses at the very top of the funnel -- registration and login flows -- combining risk scoring, challenge technology, a 24/7 SOC, and a dark web intelligence program called ACTOR. When a novel attack technique surfaces in gaming, Arkose Labs writes a global mitigation; when that same technique hits banking two days later, the defense is already deployed.

Frank Teruel closes with a direct message to CISOs: 75% of organizations surveyed cannot perform attribution, and 97% expect a major AI-driven incident within the next 12 months. The signal to watch for is not always in the security stack -- it shows up in rising SMS bills, unusual account-linking activity, and transaction abandonment rates that do not match marketing spend. The answer is internal fusion: security, fraud, finance, and operations sharing data before the incident, not after.

This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight

GUEST

Frank Teruel, Chief Operating Officer, Arkose Labs
https://www.linkedin.com/in/frankteruel/

RESOURCES

Arkose Labs: https://www.arkoselabs.com

RSAC Conference 2026: https://www.rsaconference.com

Are you interested in telling your story?
▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full
▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight
▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight

KEYWORDS

Frank Teruel, Arkose Labs, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, fraud prevention, bot management, account security, SMS toll fraud, agentic AI, fraud deterrence, identity protection, crime as a service, RSAC Conference 2026, CISO, account takeover, fake account registration, bonus abuse, loyalty fraud, federated threat intelligence

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.