Redefining CyberSecurity

⬥EPISODE NOTES⬥

At Infosecurity Europe 2026, Sean Martin sits down with Rik Ferguson, Vice President of Security Intelligence at Forescout, a day before Rik Ferguson takes the keynote stage with a deliberately provocative title: "Post-Quantum Cryptography Is a Way Off. We Can Wait, Can't We?" The honest answer, he says, is that waiting is a choice, and it is the wrong one.

The threat is neither theoretical nor distant. Rik Ferguson walks through why the infrastructure for harvest-now, decrypt-later attacks already exists, pointing to Salt Typhoon, to BGP rerouting by unfriendly nations, and to intelligence agencies stockpiling encrypted data they cannot read yet but expect to read later. With NIST placing Q Day around 2035, Google pointing at 2029, and IBM's fault-tolerant Starling system slated for 2029, the distance between "someday" and "the hardware you purchase this year" has effectively closed.

Sean Martin keeps steering the conversation back to the business. The parallel both of them keep returning to is Y2K, which became a non-event precisely because people did the work. The quantum question, Rik Ferguson argues, is not only about security or resilience, it is a budget and procurement question: which data has a long enough shelf life to still matter when it is finally decrypted? Pharmaceutical R&D, merger and acquisition strategy, sovereign debt positions, and legal negotiations all live under an assumed umbrella of privacy that encryption may not hold.

The most unsettling point is what a harvest-now attack does to incident response. There is no time-bounding. Adversaries could have been collecting for a decade, and the first sign of trouble arrives only when the data is weaponized or made public, leaving the investigation disabled by chronology alone.

Rik Ferguson closes with a message that reaches past cryptography itself: as attacks move toward autonomy, defense has to as well, which is why he wants the industry to move past Assume Breach and into Assume Autonomy.

⬥HOST⬥

Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/

⬥GUEST⬥

Rik Ferguson, Vice President of Security Intelligence, Forescout | https://www.linkedin.com/in/rikferguson/

⬥RESOURCES⬥

Infosecurity Europe 2026 is taking place June 2-4, 2026 | ExCeL London -- Follow our coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage

The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/

Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast

On Location | https://www.itspmagazine.com/on-location

⬥KEYWORDS⬥

sean martin, rik ferguson, infosecurity europe, post-quantum cryptography, pqc, harvest now decrypt later, hndl, q day, quantum computing, encryption, salt typhoon, quantum agility, crypto agility, post-quantum migration, procurement, on location, itspmagazine

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

From the show floor at Infosecurity Europe 2026, Sean Martin sits down with James Morris, Director of The CSBR (Centre for Cyber Security and Business Resilience) and a former UK Member of Parliament who spent fourteen years in the House of Commons and chaired the All-Party Parliamentary Group for Cyber Security. His work now lives at the intersection of cybersecurity and resilience, translating evidence and expert roundtables into policy that Parliament can actually use.

The conversation opens on a hard problem: legislation moves slowly, and technology does not. The UK's Cyber Security and Resilience Bill has been working through Parliament for fifteen months and may not be operational for the better part of a year, even as AI moves from the margins to the center of national infrastructure. James Morris describes how the government has responded by giving itself powers to designate organizations and sectors as threats emerge, a top-down approach that he argues only works if business is brought along from the bottom up.

What counts as resilience is changing too. For years the word pointed narrowly at critical national infrastructure such as power and rail. James Morris makes the case that resilience now means economic resilience, pointing to high-profile UK breaches at Marks and Spencer and JLR that paralyzed major businesses yet would not be captured by the very bill moving through Parliament. Sean Martin pushes the thread into the supply chain, where the legislation starts to designate critical suppliers for the first time, with new expectations around transparency, incident reporting, and hardening, though financial services sits outside under its own regime.

The closing turn is the one business owners should sit with. Cyber resilience is no longer a peripheral technical task to hand to IT. It is a board-level issue tied to strategy, reputation, and the survival of the organization itself, and the leaders who treat it that way, rehearsing breaches before they happen and planning for the media scrutiny that follows, are the ones positioned to recover.

Resilience, in the end, is not only technical. It is economic, managerial, and political, and getting it right is becoming inseparable from how a modern society protects itself.

⬥HOST⬥

Sean Martin, CISSP -- Co-Founder, ITSPmagazine & Studio C60 | Host, Redefining CyberSecurity Podcast & Music Evolves Podcast | https://www.seanmartin.com/

⬥GUEST⬥

James Morris -- Director, The CSBR (Centre for Cyber Security and Business Resilience); former UK Member of Parliament; former Chair of the All-Party Parliamentary Group for Cyber Security | https://uk.linkedin.com/in/james-morris-obe-787a2b17

⬥RESOURCES⬥

Infosecurity Europe 2026 is taking place June 2-4, 2026 | ExCeL London -- Follow our coverage: https://www.itspmagazine.com/infosecurity-europe-2026-infosec-london-cybersecurity-event-coverage

The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/

Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast

On Location | https://www.itspmagazine.com/on-location

🥁 🎶 A very big THANK YOU to our Infosecurity Europe 2026 Full Coverage Sponsors: Corelight · Qualys · Sumo Logic 👏 👏 👏

⬥KEYWORDS⬥

sean martin, james morris, infosecurity europe 2026, cyber resilience, cybersecurity policy, cyber security and resilience bill, uk cybersecurity, supply chain security, critical national infrastructure, economic resilience, board level security, csbr, on location, itspmagazine

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

What does it take to lead a 200-person security organization without coming up through the technical ranks? Tera Ladner, Deputy Global Chief Information Security Officer at Aflac, answers that question by describing a path that runs through information management, e-discovery, and a law degree before it ever reaches the security org chart. The result is a leader who looks at a program through the lens of controls, evidence, and defensibility, and who treats security as a people problem before a technology one.

Host Sean Martin and Tera Ladner dig into what that orientation changes in practice. Rather than opening a stakeholder conversation with controls or threats, Tera Ladner starts by listening: what are the business goals, and how does security enable them? Working inside an insurance company helps, because risk is already the shared language of every leader in the building. The job, as she frames it, is translation, turning a technical event into a business and resiliency impact that the people who own the decisions can actually act on.

The conversation turns to hiring and team building, where Tera Ladner names curiosity as the first trait she screens for, the instinct to ask the second, third, and fourth question until the real problem surfaces. From there she argues for a broader "tool belt": storytelling, relationship building, influence without authority, and the ability to navigate ambiguity, a skill she sees tested daily as boards and technology leaders press for answers on frontier AI. Technical skills alone, she suggests, were enough years ago and are not enough now.

Culture sits at the center of how she leads. "Your team lives in the house that you build," she tells her people leaders, and she describes the team norms, transparency, integrity, and care, that hold a security organization together in the hard moments. That same relationship-first instinct extends outward, to a seat at the executive table that has to be earned by giving stakeholders a seat at yours, and downward into the talent pipeline through Aflac's Cyber Inspire and Empower Girls programs, which grew from 200 girls in their first local year to 815 in the second.

For security and risk leaders, the throughline is hard to miss: the future of the field depends less on finding more technologists and more on building leaders who can listen, translate, and bring people who never saw themselves in cyber to the table.

⬥GUEST⬥

Tera Ladner, Deputy Global Chief Information Security Officer at Aflac

On LinkedIn: https://www.linkedin.com/in/teraladner/

⬥HOST⬥

Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/

⬥RESOURCES⬥

Aflac: https://www.aflac.com/

Cyber Inspire and Empower Girls (Aflac community programs introducing students and seniors to cybersecurity): https://www.linkedin.com/company/cyberinspire

The Future of Cybersecurity Newsletter: https://www.linkedin.com/newsletters/7108625890296614912/

More Redefining CyberSecurity Podcast episodes: https://www.seanmartin.com/redefining-cybersecurity-podcast

Redefining CyberSecurity Podcast on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

⬥ADDITIONAL INFORMATION⬥

🎙️ Redefining CyberSecurity Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast

📺 ITSPmagazine on YouTube: https://www.youtube.com/@itspmagazine

📰 The Future of Cybersecurity Newsletter: https://itspm.ag/future-of-cybersecurity

🌐 Connect with Sean Martin: https://www.seanmartin.com/

⬥KEYWORDS⬥

tera ladner, aflac, sean martin, cybersecurity leadership, security culture, risk management, ciso leadership, women in cybersecurity, cybersecurity careers, non-traditional cybersecurity paths, building security teams, security as business enabler, cybersecurity talent pipeline, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

Almost nothing got said on the stages at Global Citizen NOW 2026 without a number behind it. $47 million toward a $100 million education fund. 27 organizations funded. 1,500 jobs from a single restoration effort. 18 million lives reached in one campaign. The headline was the money. The tell was quieter — a pilot to verify, record, and monitor every donated dollar with AI and blockchain, from the moment it is given to the point it makes impact on the ground.

Strip away the wattage — Adam Lambert and Ayra Starr opening, Hugh Jackman working the room, heads of state beside Fortune 500 CEOs — and Global Citizen NOW 2026 was a working argument about what technology is for when the objective is a social outcome rather than a shareholder return. In a sector whose standing pitch has been "trust us, the money helps," building the infrastructure to prove where every dollar goes inverts the pitch. The claim now comes with a receipt. This is the Proof of Impact pattern, and it is worth pulling apart clearly.

🔍 In this edition of Lens Four:

— Why the quiet AI-and-blockchain donation-tracking pilot mattered more than the headline fundraising number — accountability built in as a feature, not bolted on as a disclaimer, with the fund's independent review chair Benedetta Audia calling it "essential to our work"

— How the FIFA Global Citizen Education Fund put $47 million of a $100 million goal to work across 27 organizations, with grants of $50,000 to $150,000 and new commitments from Pharrell and the Varkey Foundation

— What Solar Freeze's farm-gate solar cold storage shows about outcomes-first technology — smallholders grow roughly 30% of the world's food and receive under 1% of climate finance, and 2026 Global Citizen Prize recipient Dysmus Kisilu describes the unit as "like an Airbnb, but for vegetables"

— Why energy access framed the day: around 750 million people live without electricity, 600 million in Africa — a continent holding roughly 60% of the world's renewable resources, where investment has tripled in five years

— How a Bezos Earth Fund restoration effort turned roughly 150 farmers into 1,500 jobs with 80% of businesses profitable over five years — and Tom Taylor's blunt financing logic: a million is philanthropy's job, a billion is government's, a trillion needs private industry

— What "The AI Powered Workforce" panel revealed — 88% AI adoption per Stanford's 2026 index, real productivity gains — and the asterisk it kept burying: 82% of small businesses know AI is critical, while roughly 75%, in PayPal's Amy Bonitatibus's words, "don't feel that we have the tools and training"

— Why "democratizing" is a deliverable someone has to fund and distribute, not a property of the technology — the same wave that lets a fund trade billions on autonomous models is the one that disrupts the business that never got the training

— What the Amazon campaign's 4.4 million actions, more than $1 billion in commitments, 31 million hectares protected, and 18 million lives reached prove about outcomes at scale, on Marcelo Thomé's principle that "the forest has value when it is standing"

Fourth Lens: Technology is finally good enough to keep the receipts. The harder question is whether the sector will like what they show. When every dollar is traceable from gift to ground, the test stops being whether impact can be proven and becomes whether the story survives once it can no longer be rounded up. When the rounding stops, how much of the impact story survives the data?

🔗 Full article and references: https://seanmartin.com/lens-four/global-citizen-now-2026-technology-trust-outcomes

📧 Subscribe to Lens Four: https://seanmartin.com/lens-four

🎙 Redefining CyberSecurity Podcast: https://redefiningcybersecuritypodcast.com

🎧 Music Evolves Podcast: https://musicevolvespodcast.com

🌐 ITSPmagazine: https://itspmagazine.com

🎬 Studio C60: https://studioc60.com

Sean Martin is a cybersecurity market analyst, content strategist, and go-to-market advisor with more than 30 years of experience across engineering, product development, marketing, and media. He is co-founder of ITSPmagazine (itspmagazine.com) and Studio C60 (studioc60.com), host of the Redefining CyberSecurity Podcast (redefiningcybersecuritypodcast.com) and Music Evolves Podcast (musicevolvespodcast.com), and co-host of On Location (itspmagazine.com/on-location) and Random and Unscripted (randomandunscripted.com). Learn more at seanmartin.com.

🔎 Keywords: Global Citizen NOW, technology for good, impact measurement, donation transparency, AI and blockchain, FIFA Global Citizen Education Fund, climate finance, Solar Freeze, energy access, Bezos Earth Fund, AI powered workforce, democratizing AI, small business AI, Amazon conservation, social impact, Sean Martin, Lens Four

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

⬥EPISODE NOTES⬥

The healthcare system is, by some measures, the most targeted sector in cybersecurity. Patient records get lifted, hospitals get held for ransom, and the supposed protections often look more like antiquated friction than modern defense. Gil Bashe, Chair of Global Health and Purpose at FINN Partners, joins Sean Martin to explore why the systems meant to protect people's most sensitive information are, in many cases, the same systems holding back better care. A former combat medic, agency CEO, private equity operator, and now author of Healing the Sick Care System: Why People Matter, Gil Bashe brings a rare composite view of how information, technology, and human judgment collide in healthcare.

The conversation moves quickly from ransomware and HIPAA-covered entities into the harder questions about AI. With an estimated 80 percent of doctors already using OpenAI tools to assist with diagnosis or treatment patterns, the line between "in the zone" and "precision" information has become a clinical safety issue. Gil Bashe reframes hallucinations as what they really are in his world: wrong facts. And wrong facts, fed back into a system that increasingly trusts the output, create a feedback loop that no one is accountable for. The machine doesn't sleep, doesn't worry, doesn't carry responsibility. The humans on either side of it do.

That accountability gap is where the cybersecurity audience comes in. Gil Bashe draws a direct parallel between great coders and great clinicians: both work inside-out and outside-in, interviewing the people who use the system and the people the system serves. He argues that the cybersecurity professional protecting an EMT's routing system, a hospital's power grid, or an MRI data pipeline is saving lives on the same continuum as the paramedic. The skillset is different. The stakes are not.

Sean Martin and Gil Bashe also press on the leadership question raised by AI. If clinicians are freed up by 15 percent of their day, what does the system ask them to do with that time? See two more patients on the conveyor belt of sick care, or actually treat the underlying cause of disease? With 18.7 percent of U.S. GDP going to healthcare and 35 percent of that consumed by administration, the answer is not technical. It is a leadership decision about what the technology is for.

This conversation asks cybersecurity practitioners, CISOs, and technology leaders to widen the frame. Protecting data is the floor. Protecting the human relationships, the clinical judgment, and the dignity of the patient on the other end of the system is the work.

⬥GUEST⬥

Gil Bashe, Chair, Global Health and Purpose at FINN Partners | On LinkedIn: https://www.linkedin.com/in/gilbashe/

⬥HOST⬥

Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/

⬥RESOURCES⬥

Healing the Sick Care System: Why People Matter (book by Gil Bashe) | https://www.finnpartners.com/news-insights/healing-the-sick-care-system-why-people-matter/

FINN Partners | https://www.finnpartners.com/

The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/

More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast

Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

⬥ADDITIONAL INFORMATION⬥

Redefining CyberSecurity Podcast | https://www.seanmartin.com/redefining-cybersecurity-podcast

Redefining CyberSecurity on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq

The Future of Cybersecurity Newsletter | https://itspm.ag/future-of-cybersecurity

Connect with Sean Martin | https://www.seanmartin.com/

⬥KEYWORDS⬥

gil bashe, finn partners, sean martin, healthcare cybersecurity, hospital ransomware, ai in medicine, chatgpt clinical use, patient data protection, hipaa business associates, health information leadership, sick care system, non-communicable diseases, human leadership in ai, medical misinformation, prompt accountability, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast

Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.