After #RSAC Conference 2026, the vendors were louder, the booths were bigger, and the AI claims were everywhere.

So Sean Martin & Marco Ciappelli reconnected with Michael Parisi, Chief Growth Officer at Steel Patriot Partners, to ask what was actually happening beneath all that noise — and where the conversations that actually matter were taking place.

Mike's read from the floor is simple: the "fog of more" is winning. Not because the technology is bad, but because every vendor is saying nearly the same thing and CISOs are running out of ways to tell them apart.

The real conversations? Not in the keynote halls. They're happening in hallways, at dinners, in closed-door rooms where buyers can finally speak honestly.

A huge thank you to the team at Steel Patriot Partners for joining us on this journey — both on the floor at #RSAC2026 and in the recap. We loved sharing your story and we're looking forward to many more conversations ahead. 🙌

📍 Where are we headed next? Glad you asked: Infosecurity Europe and Black Hat USA — see you there.

🎙️ Recap: https://lnkd.in/ggGQtz2t
🎙️ On Location: https://lnkd.in/gYRuPaPe
🌐 RSAC Coverage: https://lnkd.in/gW-6ZtH
🌐 Next Coverages: https://lnkd.in/gaGVUjgg

#SteelPatriotPartners #CISO #CyberSecurity #RSACConference #FogOfMore #SecurityStrategy #VendorNoise #InfoSec #GRC #CyberSecurityLeadership #RSAC2026 #InfosecurityEurope #BlackHatUSA #CyberSecurityPodcast

🎯 Time for Another Confirmed BSides Luxembourg 2026 Session

𝗕𝗨𝗜𝗟𝗗𝗜𝗡𝗚 𝗔 "𝗠𝗬𝗧𝗛𝗢𝗦-𝗥𝗘𝗔𝗗𝗬" 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗣𝗥𝗢𝗚𝗥𝗔𝗠 – Catalin Tiganila

Step into a forward-looking 40-minute talk that redefines how organizations prepare for rapidly evolving AI-driven risks. This session introduces a structured framework built around real-world priorities—covering immediate, near-term, and strategic actions to strengthen security posture in a landscape where threats evolve faster than ever.

Moving beyond reactive security, this talk highlights how modern organizations can leverage the same AI capabilities used by attackers to proactively identify vulnerabilities, accelerate response times, and close critical gaps. With parallels to large-scale industry shifts like Y2K, it offers a practical roadmap to building resilience at scale—starting now.

Catalin Tiganila is a cybersecurity consultant and auditor with over 25 years of experience across information security, cloud security, IT governance, risk management, compliance, and data privacy. He has led advisory and audit engagements globally across industries including finance, telecom, healthcare, and energy.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CyberSecurity #AISecurity #RiskManagement #SecurityStrategy #Infosec

Today it is Mythos. Tomorrow it will be something else.

The pattern stayvendorlockin #securitystrategy #appsec #operationalresiliencempanies need urgency to position themselves.

Everyone wants to attach themselves to the next big wave and present themselves as the answer.

Real organizational readiness is not about pushing AI into every layer because the current panic cycle says so. The practical test for any change is much simpler:

• Does it strengthen existing tools and workflows?

• Does it preserve model and vendor optionality?

• Does it reduce backlog and repetitive operational drag?

• Does it reduce attack surface by removing software, access, and exposure you do not need?

• Does it reinforce the boring fundamentals like inventory, patching, least privilege, segmentation, and recovery?

Without those checks, you are mostly just trading places. One dependency gets swapped for another. One vendor stack gets replaced by another. One kind of complexity becomes another. Very little materially improves.

Most of the time, we just kick the ball a few months further down the road and call it progress.

I wrote about many of these ideas in my pragmatic guide:
https://cyfinoid.com/a-pragmatic-guide-to-being-mythos-ready/

#securitystrategy #appsec #operationalresiliencempanies #cybersecurity #aisecurity #attacksurfacereduction #vendorlockin #operationalresilience

Leadership transition notice.
At CISA, Madhu Gottumukkala steps down as acting director, transitioning to DHS in a strategic implementation role. Nick Andersen assumes interim leadership.

Operational considerations for the cybersecurity community:
• Continuity in federal–private sector coordination
• Critical infrastructure threat intelligence sharing
• Budget alignment with statutory mission
• Workforce retention amid reform cycles
Andersen’s background across the Coast Guard, Navy, and DOE suggests operational depth in federal IT and cybersecurity ecosystems.
Leadership recalibration during reform phases can influence everything from vendor engagement to threat response posture.
What strategic adjustments would you like to see from CISA moving forward?

Source: https://cyberscoop.com/cisa-leadership-change-madhu-gottumukkala-nick-andersen/

Engage below.
Follow TechNadu for federal cybersecurity and infrastructure intelligence updates.
Repost to expand discussion.

#Infosec #CISA #CyberPolicy #DHS #CriticalInfrastructure #ThreatIntel #GovCyber #SecurityStrategy #FederalIT #CyberGovernance #NationalCybersecurity

Regulatory Development:
Jurisdiction: Russia
Entity: Google / Alphabet Inc.
Fine: 22M roubles (~$288K)
Source: TASS
Issue: Alleged distribution of VPN services via Google Play

Security implications:
• VPN services enable bypass of national filtering
• App store governance under sovereign pressure
• Cross-border compliance exposure
• Increasing enforcement targeting distribution channels

This signals continued fragmentation of global internet governance models.

Source: https://www.reuters.com/world/russia-fines-google-distributing-vpn-services-tass-reports-2026-02-25/

Follow @technadu for regulatory and cybersecurity intelligence.
Share your operational risk perspective below.

#Infosec #Google #Alphabet #VPN #CyberPolicy #AppStoreGovernance #DigitalSovereignty #TechCompliance #InternetRegulation #SecurityStrategy #GlobalTech

CISA’s Pre-Ransomware Notification Initiative remains operational, but its long-term structure is under discussion following leadership changes.

The program has demonstrated how early intelligence sharing - before encryption or extortion - can materially reduce ransomware impact across critical sectors.

This development raises broader InfoSec questions around operational resilience, continuity of trust relationships, and how early-warning models can be scaled beyond key individuals.

Thoughts from practitioners and researchers are welcome.

Follow @technadu for neutral, practitioner-focused cybersecurity coverage.

Source : https://www.cybersecuritydive.com/news/cisa-ransomware-warning-program-key-employee-left/808589/

#InfoSec #RansomwareDefense #ThreatIntelligence #CISA #CyberOperations #SecurityStrategy #RiskReduction

The Senate has confirmed Kirsten Davies as the Pentagon’s new CIO, bringing a background spanning enterprise security leadership and large-scale cyber operations.

Her remarks point to familiar challenges for security teams: aging infrastructure, skills refresh cycles, procurement friction, and accelerating adversary activity.

From an InfoSec standpoint, where do you see the biggest gap today - technology, process, or workforce?

Source: https://therecord.media/senate-confirms-new-pentagon-cio

Share your insights and follow TechNadu for practitioner-focused cybersecurity reporting.
#InfoSec #DefenseCyber #CyberLeadership #SecurityStrategy #PublicSectorIT #TechNadu