Rückblick auf den NIS-2 Congress 2025

Diese Woche war Check Point Technologies als Sponsor auf dem 2. NIS-2-Congress 2025 am 6./7.Mai in Frankfurt vertreten - dem zentralen Branchentreffpunkt rund um die neue NIS-2 Richtlinie und deren praktische Umsetzung.

Ein besonderes Highlight war die fesselnde Keynote von Marco Eggerling, der in seinem Vortrag Ist NIS-2 wirklich nur lex specialis oder völlig missverstandene Anforderung an den Grundschutz? Eine kritische Einordnung der Richtlinie - und ein Appell, Grundschutz nicht länger als reines Compliance-Thema zu betrachten.

Ebenfalls mit Tiefgang: Der praxisorientierte Workshop von Thomas Boele, „Cybersecurity First Principles: Vom Leitbild über Strategien zur taktischen Umsetzung im Kontext von NIS-2“. Seine Ausführungen zeigten anschaulich, wie regulatorische Anforderungen mit konkreten Sicherheitsstrategien sinnvoll verknüpft werden können.

Wir danken allen Teilnehmenden für den intensiven Austausch und den Organisatoren für die top organisierte Veranstaltung.

NIS-2 ist gekommen, um zu bleiben. Umso wichtiger ist es, dass wir als Security Community gemeinsam Wissen teilen und Klarheit schaffen.

https://www.linkedin.com/company/nis-2-congress/

As you know — well, now you do — Marco Ciappelli and Sean Martin, CISSP, are now hosting webinars on ITSPmagazine!

Yes, webinars are everywhere — but these are different:
ITSPmagazine #Webinars are More Than Just a Presentation.
They’re Real Conversations That Matter.

Join us live on May 8 (or catch it On Demand) for an incredible conversation with Fred Wilmot.

You already know it’s going to be an awesome one — don’t miss it!

Rethink, Don’t Just Optimize: A New Philosophy For Intelligent Detection And Response — An ITSPmagazine Webinar With Detecteam

Traditional detection and response is overdue for a rethink. This webinar explores the limits of optimization, the danger of misleading metrics, and a new approach focused on adaptability, behavior-driven signals, and speed. See how Detecteam’s REFLEX Platform helps teams turn weak signals into fast, actionable detections—before attackers have time to move.

REGISTER: https://www.crowdcast.io/c/rethink-dont-just-optimize-a-new-philosophy-for-intelligent-detection-and-response-an-itspmagazine-webinar-with-detecteam-314ca046e634

#cybersecurity, #detectionandresponse, #threatdetection, #incidentresponse, #securityoperations, #infosec, #cyberdefense, #securitystrategy, #threatintel, #detecteam #infosecurity

Ready for a mindset shift?

In this On Location Briefing from #RSAC2025, we catch up with one of the industry’s leading voices on risk-based security, Richard Seiersen, for an insightful discussion you won’t want to miss!

New Briefing from #RSAC 2025: This Is What Happens When Security Stops Chasing Threats and Starts Managing Risk

At RSA Conference 2025, Sean Martin, CISSP caught up with Rich Seiersen, Chief Risk Technology Officer at Qualys, to talk about why simply chasing threats isn’t enough — and why risk-based security is the future.

How can organizations rethink their priorities to focus on what truly matters in cybersecurity?

Find out how Qualys is helping companies shift from reactive defense to proactive, risk-driven security strategies.

Watch, listen, or read the full conversation here:
https://www.itspmagazine.com/their-stories/this-is-what-happens-when-security-stops-chasing-threats-and-starts-managing-risk-a-brand-story-with-rich-seiersen-from-qualys-an-on-location-rsac-conference-2025-brand-story

Learn more about Qualys’ work:
https://www.itspmagazine.com/directory/qualys

See all our RSAC 2025 coverage:
https://www.itspmagazine.com/rsac25

Discover more Brand Stories and Briefings from innovative companies:
https://www.itspmagazine.com/brand-story

This is just one of the many incredible conversations we recorded On Location in San Francisco, as Sean Martin and Marco Ciappelli covered the event as official media partners for the 11th year in a row.

Stay tuned for more Brand Stories, Briefings, and candid conversations from RSAC 2025!

Looking ahead:
If your company would like to share your story with our audiences On Location, we’re gearing up for Infosecurity Europe in June and Black Hat USA in August!

RSAC 2025 sold out fast — we expect the same for these next events.
Reserve your full sponsorship or briefing now: https://www.itspmagazine.com/purchase-programs

The Digital Terrain Is Shifting — Are Your Apps and APIs Ready?

As AI adoption accelerates, so do AI-driven attacks.
In their new research report, Akamai Technologies uncovers the evolving threats facing web applications and APIs — and how organizations can respond before attackers get ahead.

State of Apps and API Security 2025: How #AI Is Shifting the Digital Terrain explores the sharp rise in automated, intelligent threats — and the new defenses emerging to meet them.

Download the full report here: https://itspm.ag/akamaixmwd
Research like this helps #security professionals, #leaders, and #developers stay ahead of the curve — and shape the future of #digital defense.

We’re also proud to feature Akamai in our RSAC 2025 coverage — with a Brand Story recorded pre-event and a follow-up conversation happening on location at the conference in San Francisco with Rupesh Chokshi, Sean Martin, CISSP, and Marco Ciappelli.

Watch the pre-event recording here: https://youtu.be/DMm6INJ_2Z8

A huge thank you to the Akamai team for sponsoring our coverage and sharing their insights with our global audience.

Check out the report and stay tuned for more from RSAC:

Download the Report: https://itspm.ag/akamaixmwd
Explore our RSAC 2025 Coverage: https://www.itspmagazine.com/events/rsac-2025

New Episode!
A Brand Story from the Road to #RSAC 2025 — Featuring Akamai Technologies

Every year, as we get ready for RSA Conference, we fire up the engine and the mics—not just to cover the #tech, but to capture the #business, the strategy, and most importantly, the human side of #cybersecurity.

Our latest Brand Story does just that.

In this pre-conference conversation, we sit down with Rupesh Chokshi, SVP & GM of Application Security at #Akamai, to talk about the shifting cybersecurity landscape as we move deeper into the #AI era. From #APIattacks and #LLM scraping to hybrid infrastructures and #zerotrust environments, it’s clear that security is no longer just a barrier—it’s a business enabler.

And Akamai is right at the center of that transformation.

We explore what it means to build real #cyberresilience, how organizations can rethink their security strategy in an AI-driven world, and why this year’s #RSAC2025 Conference is set to be a defining moment for both innovation and trust.

A special thank you to Akamai for sponsoring our RSAC 2025 coverage and continuing to support conversations that matter.

Watch the teaser: https://youtu.be/NH4APVuZfRc
Full episode: https://youtu.be/DMm6INJ_2Z8
Listen on the podcast: https://brand-stories-podcast.simplecast.com/episodes/ai-security-and-the-hybrid-world-akamais-vision-for-rsac-2025-with-rupesh-chokshi-svp-gm-application-security-akamai-a-rsac-conference-2025-brand-story-pre-event-conversation
Learn more about Akamai: https://www.itspmagazine.com/directory/akamai
Follow all of our RSAC 2025 stories: https://www.itspmagazine.com/rsac

We’ll see you in San Francisco for more conversations to share with your audience!

— Marco Ciappelli & Sean Martin, CISSP
ITSPmagazine Co-Founders

CISO Alert: Security Tool Fatigue Is Real — and Dangerous

More tools ≠ more security. In fact, 68% of orgs use 11+ security tools — and many are facing alert fatigue, talent strain, and visibility gaps.

Key lessons for CISOs:

More dashboards = less clarity. Tool sprawl leads to noise, missed threats, and wasted budget.
Redundant tools ≠ value. Many platforms overlap, offering the same functions in different UIs.
Talent gets stretched thin. New tools require onboarding, management, and integration.
The illusion of coverage. Without full ecosystem visibility, risks go unnoticed and unowned.

Solutions that work:
・Take inventory of tools and evaluate actual usage.
・Prioritize integration over expansion.
・Invest in training and unifying data—not flashy features.
・Embrace platform consolidation for long-term security resilience.

#CyberSecurity #CISO #SecurityStrategy #ToolFatigue #SecurityOps #Visibility #ThreatDetection #security #privacy #cloud #infosec

https://www.helpnetsecurity.com/2025/04/07/ciso-security-platform-fatigue/

The Need for a Strong Germany in Modern Europe

https://munaeem.de/2025/02/08/the-need-for-a-strong-germany-in-modern-europe/

Cost-Effective Security Leadership: By opting for a vCISO, you gain access to top-tier security expertise without the substantial overhead of a full-time executive position.

Read more https://lttr.ai/AaBHM

I have published a new article on security theater and tickbox security, two pitfalls that can harm security strategy. They can cause resource waste, false security, and vulnerability. I have been interested in this topic for a long time, and I have updated the article with the latest insights and examples. You can read it here: https://blog.palo-it.com/en/security-theater-tickbox-security . Please share your feedback and comments. #security #securitystrategy #securitytheater #tickboxsecurity #cybersecurity

HIRING: Chief Information Security Officer / Los Angeles https://infosec-jobs.com/J23298/ #InfoSec #InfoSecJobs #Cybersecurity #jobsearch #hiringnow #CyberCareers #LosAngeles #Agile #CISSP #Cloud #Compliance #Encryption #Firewalls #GIAC #GSLC #NIST #Securitystrategy #Strategy

Greetings Fediverse, I'd like to do a quick #introduction. I've been in love with #computers since #commodore64 's rolled off the shelves at Circuit City. Currently working in #securitystrategy and just started #gradschool (goodbye freetime). ​ Always been a fan of learning new things. Really interested in #dfir, #networksecurity and #cloudsecurity.

In my free time, I lean more to the artistic side of things. Teaching #martialarts, learning #languages, #rollerskating, #photography, #videography and occasionally tinkering in my home lab.

Dann höre ich jetzt mal in die #deepsec rein. Fürchte bei den Hardcore-Tech-Sessions versteh ich nur die Hälfte. Ok. Eher nichts. Aber, wer sich nicht damit beschäftigt, lernt ja nix. #cybersecurity #cyberstrategy #securitystrategy #Law