In this episode, we sit down with Rob Shavell, CEO and Co-Founder of DeleteMe, an organization focused on safeguarding exposed personal data on the public web and addressing user privacy challenges.

We dove into a lot of great topics, such as:

• The rapidly growing problem of personal data ending up on the public web and some of the major risks many may not think about or realize
• Trends contributing to personal data exposure, from the Internet itself to social media, mobile phones/apps, IoT devices, COVID, and now AI
• Where to get started when it comes to taking control of your personal data and privacy
• Potential abuses and malicious uses for personal data and how threat actors are leveraging it
• How DeleteMe can help, as well as free resources and DIY guides that individuals can use to mitigate risk associated with their personal data being exposed

In this episode of Resilient Cyber, we sit down with Steve Martano, Partner in the cyber Security Practice at Artico Search, to discuss the recent IANS & Artico Search Publications on the 2025 State of the CISO, security budgets, and broader security career dynamics.

Steve and I touched on some great topics, including:

• The 2025 State of the CISO report and key findings
• Board reporting cadences for CISO’s and the importance of Boardroom involvement in Cybersecurity
• The three archetypes of CISO’s: Tactical, Functional and Strategic
• How security leaders can advance their career to becoming strategic CISO’s as well as key considerations for organziation’s looking to attract and retain their security talent
• The growing scope of responsibility for CISO roles from not just Infosec but to broader IT, business risk, and digital strategy and implications for CISO’s
• Security budget trends, spending, macroeconomic factors and allocations

Here are a list of some of the great resources from IANS and Artico below on various areas of interest for CISO’s and Security leaders alike!

• https://www.iansresearch.com/resources/ians-security-budget-benchmark-report
• https://www.iansresearch.com/resources/ians-ciso-compensation-benchmark-report
• https://www.iansresearch.com/resources/ians-state-of-the-ciso-report
• https://www.iansresearch.com/resources/ians-leadership-organization-benchmark-report

In this episode of Resilient Cyber, we catch up with Katie Norton, an Industry Analyst at IDC who focuses on DevSecOps and Software Supply Chain Security. We will dive into all things AppSec, including 2024 trends and analysis and 2025 predictions.

Katie and I discussed:

• Her role with IDC and transition from Research and Data Analytics into being a Cyber and AppSec Industry Analyst and how that background has served her during her new endeavor.
• Key themes and reflections in AppSec through 2024, including disruption among Software Composition Analysis (SCA) and broader AppSec testing vendors.
• The age-old Platform vs. Point product debate concerns the iterative and constant cycle of new entrants and innovations that grow, add capabilities, and become platforms or are acquired by larger platform vendors. The cycle continues infinitely.
• Katie's key research areas for 2025 include Application Security Posture Management (ASPM), Platform Engineering, SBOM Management, and Securing AI Applications.
• The concept of a “Developer Tax” and the financial and productivity impact legacy security tools and practices are having on organizations while also building silos between us and our Development peers.
• The role of AI in corrective code fixes and the ability of AI-assisted automated remediation tooling to drive down remediation timelines and vulnerability backlogs.
• The importance of storytelling, both as an Industry Analyst and in the broader career field of Cybersecurity.