🎙 Episode 48: AI and Cybersecurity — How Dune Security Is Reinventing User Risk Management

In this episode of Cyber Security America, we explore how artificial intelligence is transforming cybersecurity—and why traditional security awareness training is no longer enough.

I'm joined by David DellaPelle, cybersecurity leader and founder of Dune Security, to break down how AI-driven attacks like phishing, vishing, deepfakes, and social engineering are evolving faster than most security programs can handle. We discuss why 90% of breaches still start with human behavior and how Dune Security is redefining the user layer of cybersecurity with AI-powered risk quantification and remediation.

🔍 Topics covered in this episode:

• Why legacy security awareness training fails in an AI-driven threat landscape

• How attackers use GenAI, voice cloning, and deepfakes to bypass MFA

• The rise of multi-channel social engineering (email, SMS, voice, collaboration tools)

• How AI can identify high-risk users and reduce enterprise attack surface

• What CISOs should be doing now to prepare for AI-enabled threats

• The future of securing both human and AI workforces

This conversation is essential listening for CISOs, security leaders, GRC teams, cloud and identity professionals, and anyone responsible for protecting modern organizations against advanced cyber threats.

🎧 Listen now on Apple Podcasts and Spotify to learn how AI is reshaping cybersecurity—for defenders and attackers alike. www.darkstack7.com/podcast

#CyberSecurityAmerica #CybersecurityPodcast #AIandCybersecurity #ArtificialIntelligence #SocialEngineering #Phishing #Deepfake #CISO #SecurityAwareness #UserRisk #CloudSecurity #PodcastSEO

In episode 47 of Cybersecurity America, host Joshua Nicholson is joined by Richa Kaul, CEO and Founder of Complyance, to explore how agentic AI and intelligent automation are reshaping enterprise Governance, Risk, and Compliance (GRC).

Richa breaks down why traditional, spreadsheet-driven GRC programs are failing at scale—and how organizations are moving toward real-time risk monitoring, automated evidence collection, and continuous audit readiness. Drawing from her experience as a GRC executive and privacy advocate, she shares how modern GRC teams can reduce manual effort, improve visibility, and position compliance as a true business enabler.

In this conversation, we cover:

• Why legacy GRC models can't keep up with today's threat landscape

• How AI agents streamline audits and compliance operations

• Continuous controls monitoring and real-time risk visibility

• Privacy-first approaches to enterprise AI adoption

• Third-party risk, regulatory change, and AI governance

• What CISOs and GRC leaders should expect heading into 2026

Whether you're a CISO, GRC leader, risk professional, or security executive, this episode offers practical insight into the future of enterprise GRC and AI-driven risk management.

About the Show Sponsor: Darkstack7

Darkstack7 is a cybersecurity and IT management firm based in Charlotte, NC, founded by Joshua R. Nicholson, a Marine Corps veteran and seasoned cybersecurity leader with experience at Northrop Grumman, EY, Wells Fargo, and Booz Allen Hamilton.

The company delivers Fortune 500–level expertise to mid-sized and growing organizations—specializing in Security Engineering, Incident Response, vCISO advisory, Insider Threat programs, and IT Management consulting. Darkstack7 also provides proactive services such as tabletop exercises, cyber readiness assessments, and strategic security architecture, helping organizations build resilient defenses and align technology investments with business objectives. www.darkstack7.com, https://www.linkedin.com/in/joshuarnicholson/

#Cybersecurity #GRC #RiskManagement #Compliance #AI #AIinSecurity #EnterpriseSecurity #CISO #CyberRisk #Governance #Privacy #DataProtection #InfoSec#ThirdPartyRisk #DigitalRisk #CyberLeadership #Podcast

Episode 46: Building the Future with Agentic AI — Deep Dive with Ben Wilcox

In this episode of Cybersecurity America, technologist and Proarch leader Ben Wilcox breaks down the biggest insights from Microsoft Ignite, including breakthroughs in agentic AI, emerging security trends, and what organizations must prepare for as AI-driven systems rapidly evolve.

Ben reveals:
• What's really happening with Microsoft's newest AI technology
• How agentic systems are advancing faster than expected
• Why data readiness is the foundation of future productivity
• How companies should approach security, governance, and infrastructure in the AI era
• His early entrepreneurial journey launching a hosting company at age 15
• The unexpected link between technology leadership and high-performance racing

We also explore:
• Data Security Posture Management (DSPM)
• Identity-based attacks and real-world fraud cases
• AI's impact on compliance, audits, and supply-chain risk
• The rise of agentic workflows, MCP, and automation
• Why traditional SaaS may give way to agent-driven platforms

This episode is packed with insights for CISOs, IT leaders, engineers, and anyone preparing for the future of enterprise AI.

Connect with Ben Wilcox & Proarch:
www.proarch.com
LinkedIn: Ben Wilcox

Sponsored by DarkStack7 – Cybersecurity leadership, vCISO services, incident response, and engineering. www.darkstack7.com

Joshua R Nicholson - DarkStack7 Cyber Defense | LinkedIn

https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg

Agentic AI, Microsoft Ignite, Microsoft AI, Enterprise cybersecurity, Data security, AI agents, AI automation, CISO insights, Cloud security, AI in business, AIPosture management, Identity-based attacks, Fraud prevention, MCP (Model Context Protocol), AI workflows

In episode 45, we sit down with Jasson Casey, CEO and Co-Founder of Beyond Identity, to explore how identity has become the new perimeter in cybersecurity. With over two decades of experience across security, networking, and software-defined infrastructure, Jasson unpacks why traditional defenses are failing and how the next generation of identity security is reshaping cyber resilience.

We dive deep into today's identity-based attack landscape — from Russian threat campaigns and TLS fragility to how endpoint trust, hardware-backed credentials, and zero trust authentication are converging. Jasson also shares fascinating insights on securing AI agents, drones, and machine identities, and what it really means to make credential-based attacks "impossible." Whether you're a security leader, technologist, or curious about the intersection of identity, AI, and the future of cyber defense, this episode is packed with forward-thinking insights you won't want to miss.

🔐 Key Topics: - The evolution of identity as the new cybersecurity perimeter - How attackers are exploiting TLS and credential sprawl - Why AI agents and drones demand new identity frameworks - TPMs, device-bound credentials, and the end of password-based trust The future of identity defense and zero trust authentication

🎧 Guest: Jasson Casey, CEO & Co-Founder, Beyond Identity

🔗 Learn more: www.beyondidentity.com

In episode 44 of Cyber Security America, host Joshua Nicholson sits down with Matthew Waddell, a battle-tested cybersecurity leader with over 25 years of experience in digital forensics, incident response, and ransomware defense.

From conducting "just-in-time forensics" under combat conditions in Iraq and Afghanistan to leading global ransomware investigations for Fortune 100 companies, Waddell shares unmatched real-world insight into how cyber threats have evolved—and what it takes to defend against them.

Topics Covered:

• The evolution of ransomware and why it remains a billion-dollar business

• Real-world stories from digital forensics on the battlefield

• Practical strategies for preventing lateral movement and improving network segmentation

• How AI and large language models (LLMs) are changing cybersecurity and cybercrime

• Why advanced tools like EDR and XDR can fail if humans disable alerts or skip training

• The promise and peril of AI in security operations, hiring, and incident response

Matthew also discusses his upcoming book, Survive Ransomware, a practical playbook for small and medium-sized businesses navigating today's threat landscape.

If you're serious about defending your organization—or just curious about how cybersecurity, AI, and human error collide—this episode is packed with lessons, stories, and expert insights. If you are in need of cybersecurity services please visit our sponsor Darkstack7 Cyber Defense at www.darkstack7.com

🎧 Listen, learn, Subscribe, like, and stay secure: http://www.darkstack7.com/media

Video podcast on Youtube: Cyber Security America Video

Host Info:

https://www.linkedin.com/in/joshuarnicholson/

Guest Info:

• Website: www.tacticallysecure.com

• LinkedIn: linkedin.com/in/matthewwaddell

• Book: surviveransomware.com

Hashtags:
#cybersecurity #ransomware #ai #incidentresponse #digitalforensics #securityoperationscenter #cyberthreats #cyberdefense #infosec #networksecurity #MatthewWaddell #cybersecurityamerica #JoshuaNicholson #dataprotection #techpodcast #cyberawareness #aiinsecurity #SurviveRansomware #edraid #xdr #PowerShellSecurity #TacticallySecure #cyberpodcast #podcast

🎙 Inside the World of Cybersecurity with Steve Stasiukonis

Tune in to the latest episode of Cyber Security America as we explore real-world solutions for defending against today's ever-evolving cyber threats. Our guest, Steve Stasiukonis, President of Secure Network Technologies, brings over 29 years of experience in penetration testing, information security, and incident response.

In this episode, Steve dives deep into the rise of social engineering, AI-driven attacks, and the increasing sophistication of cybercriminals. He shares firsthand stories from the field, discusses the importance of continuous learning, and highlights why programmatic penetration testing is crucial for safeguarding your organization.

🔑 Key Topics:

• The Evolution of Cyber Threats

• Social Engineering Tactics

• AI's Role in Cybersecurity

• Penetration Testing Insights & Challenges

• Insider Threats & Corporate Espionage

• Incident Response & Real-World Stories

Don't miss out on Steve's invaluable insights and the lessons every cybersecurity professional (and enthusiast) can learn from the frontlines of the digital battlefield.

🎧 Listen now on Spotify!

#CyberSecurity #PenetrationTesting #SocialEngineering #AIinCyberSecurity #CyberDefense #CyberSecurityAmerica

🔗 darkstack7.com

In our latest Cybersecurity America episode (42), I had the privilege of speaking with Jim Goepel, a true leader in cybersecurity and compliance — and someone who has helped shape the very ecosystem he now advises.

Jim is the CEO of Fathom Cyber, a consulting firm in North Wales, PA specializing in:
🔹 CMMC assessment preparation
🔹 CUI education and compliance strategy
🔹 Expert witness services

His unique background — lawyer, engineer, author, educator, and one of the architects behind the CMMC ecosystem — means he's seen this challenge from every angle: technical, legal, business, and regulatory. Jim has not only helped companies prepare for and achieve some of the first-ever CMMC certifications, he literally helped create the framework, launch The Cyber AB, and build the financial and training models that sustain the program today.

💡 In our conversation, Jim and I covered:

• Why CMMC is less about stopping attacks — and more about building resilience

• The cultural and leadership challenges that make compliance harder than the tech

• How other governments are now looking to adopt CMMC-like frameworks

• What small and mid-size businesses must do now to turn compliance into a competitive advantage

Whether you're in manufacturing, defense, or any sector touching sensitive government data, this episode is a must-listen if you want to understand not just what's coming, but how to strategically position your organization before the surge.

🎧 Listen here: [https://youtu.be/E0M61k5Z3KI]

#CyberSecurity #CMMC #Compliance #RiskManagement #DefenseIndustry #DoD #CyberResilience

Sponsored by, www.darkstack7.com - Cyber Defense

https://www.linkedin.com/company/cyber-security-america-podcast/posts/?feedView=all&viewAsMember=true

In this episode of the Cybersecurity America Podcast, sponsored by DarkStack7, host Joshua Nicholson sits down with Nia Luckey — Army veteran, published author, and cybersecurity leader — to talk about her powerful journey from military service to the frontlines of cyber defense. Nia shares lessons on resilience, leadership, and transitioning from military to civilian life, while also unpacking the evolving challenges in today's cybersecurity landscape. From the importance of attention to detail, to burnout among cyber leaders, to the risks and opportunities of AI in security and governance, this episode is packed with insight for both aspiring professionals and seasoned experts. Key Topics Covered: - Nia's journey from Army communications to cybersecurity leadersh- ip - Building resilience and avoiding burnout in high-pressure environments - Specialization vs adaptability in cyber careers - AI, risk quantification, and governance in today's security programs - The future of work in cybersecurity Whether you're a veteran, a cybersecurity professional, or simply interested in how resilience and adaptability shape careers, this episode has something for you. 👉 Don't forget to like, comment, and subscribe for more conversations with today's cybersecurity leaders. #CyberSecurity #VeteransInTech #cyberresilience #leadership #cybercareers #aiincybersecurity #riskmanagement #ciso #cyberpodcast #NiaLuckey #cybersecurityamerica