Episode 54: AI Agents, Identity Security, and the Future of Authentication with Geoffrey Mattson

In this episode of Cyber Security America, host Joshua Nicholson sits down with Geoffrey Mattson, CEO of SecureAuth, to discuss how artificial intelligence is reshaping identity security, authentication, and access control.

As organizations rapidly adopt AI agents, copilots, and autonomous workflows, traditional security models are being challenged in ways many enterprises are not prepared for. Geoffrey explains why identity has become the new security perimeter and why authentication failures continue to be one of the leading causes of cyber breaches.

The conversation explores the growing risks associated with machine identities, AI agents, account takeovers, phishing-resistant authentication, passkeys, and continuous authorization. Joshua and Geoffrey also discuss practical strategies organizations can use to secure AI-driven environments while balancing innovation, productivity, and risk.

Topics covered include:

• Why traditional authentication is breaking down in modern environments • The rise of AI agents and non-human identities • Passkeys, MFA, and phishing-resistant authentication • Continuous authentication and real-time authorization • Identity-related breaches and account takeover attacks • AI governance, risk management, and security controls • Agentic AI security and monitoring strategies • Practical recommendations for CISOs and security leaders

Whether you're a cybersecurity professional, IT leader, CISO, business executive, or simply interested in the future of AI and cybersecurity, this episode provides valuable insights into one of the industry's most important and rapidly evolving challenges.

Guest: Geoffrey Mattson, CEO of SecureAuth

Learn more about SecureAuth at SecureAuth.com

🎧 Listen to the Cyber Security America Podcast — a cybersecurity podcast focused on real-world incident response, threat intelligence, ransomware, and security leadership.

🎙️ Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285

🎙️Spotify: https://open.spotify.com/show/3wmyUbe1TY5hNl96Q8UFFI

🎙️Instagram: https://www.instagram.com/cybersecurityamericapodcast/

🎙️TikTok: https://www.tiktok.com/@cybersecurityamerica

📱 Follow Cyber Security America for short clips and updates: 👤

Host — Joshua R. Nicholson: https://www.linkedin.com/in/joshuarnicholson/

🎙️ Cyber Security America on LinkedIn: https://www.linkedin.com/in/josh-nicholson-0844aa3a5/

// About the Show Sponsor: //

Darkstack7 Cyber Defense is a cybersecurity and IT management firm based in Charlotte, NC, founded by Joshua R. Nicholson, a Marine Corps veteran and seasoned cybersecurity leader with experience at Northrop Grumman, EY, Wells Fargo, and Booz Allen Hamilton. The company delivers Fortune 500–level expertise to mid-sized and growing organizations—specializing in Security Engineering, Incident Response, vCISO advisory, AI & Cloud Security, Insider Threat programs, and IT Management consulting. Darkstack7 also provides proactive services such as tabletop exercises, cyber readiness assessments, and strategic security architecture, helping organizations build resilient defenses and align technology investments with business objectives. https://www.darkstack7.com

Subscribe to Cyber Security America for more conversations with cybersecurity leaders, innovators, and practitioners tackling today's most pressing security challenges.

🎙️ Episode 53: The Hidden Cost of Ad Fraud (And How It Impacts Your Business)

In this episode of the Cyber Security America Podcast, we expose one of the internet's most overlooked—and costly—threats: ad fraud.

Host Josh Nicholson sits down with Rich Kahn, CEO and co-founder of Anura, to break down how bots, click farms, and fraudulent traffic are quietly manipulating digital advertising—and why as much as 25% of marketing spend may be wasted on fake users.

With decades of experience in fraud detection, Rich shares how his platform identified over 1.2 billion fraudulent ad interactions in a single year, and why this issue is no longer just a marketing problem—it's a growing cybersecurity threat.

Together, they explore the evolving intersection of cybersecurity, AI, and digital marketing, and what businesses must do to protect their data, budgets, and decision-making.

🔍 What You'll Learn:

• What ad fraud is and why it's massively underestimated

• How bots, malware, and click farms generate fake traffic

• The real impact of bad data on ROI and business performance

• How AI is accelerating both cyber threats and fraud detection

• Case studies of companies losing—and recovering—millions

• Why ad fraud overlaps with broader cybersecurity risks

• How to identify and stop fraudulent traffic in real time

🎯 Key Takeaway

Not all traffic is real—and if you're not measuring it, you're paying for it.

🔗 Connect & Learn More

🌐 Anura: https://www.anura.io 🛡️ Darkstack7: https://www.darkstack7.com

🎧 Listen & Follow Cyber Security America

Stay ahead of real-world cyber threats, incident response strategies, and leadership insights.

Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285 Spotify: https://open.spotify.com/show/3wmyUbe1TY5hNl96Q8UFFI

Follow for updates & clips: Instagram: https://www.instagram.com/cybersecurityamericapodcast/ TikTok: https://www.tiktok.com/@cybersecurityamerica

Host Josh Nicholson: https://www.linkedin.com/in/joshuarnicholson/

🛡️ About the Sponsor — Darkstack7

Darkstack7 Cyber Defense delivers enterprise-grade cybersecurity solutions to growing organizations. Founded by Marine Corps veteran and cybersecurity leader Josh Nicholson, the firm specializes in:

• Incident Response & Breach Management

• Cloud & AI Security

• Security Engineering & Architecture

• vCISO Advisory

• Insider Threat Programs

• Cyber Readiness & Tabletop Exercises

Darkstack7 helps organizations build resilient defenses while aligning security with business goals.

👍 Enjoy the Episode?

Follow the show, leave a review, and share with your network to support more expert conversations on cybersecurity and fraud prevention.

🔥 Hashtags

#CyberSecurity #AdFraud #DigitalMarketing #FraudDetection #BotTraffic #ClickFraud #AIinCybersecurity #BusinessSecurity #MarketingFraud #CyberSecurityPodcast #CyberSecurityAmerica

Discover how a Nepali American founder turned a personal frustration with security questionnaires into a rapidly growing AI-driven platform revolutionizing enterprise compliance. Pukar Hamal, CEO of Security Pal, reveals the untold story behind building one of the fastest-growing cybersecurity tools trusted by OpenAI, Figma, and Snapchat — and how Kathmandu's overlooked talent pool is shaping the future of cybersecurity innovation. In this explosive episode, you'll learn how Security Pal slashes the time to respond to complex security questionnaires from months to hours — transforming a tedious regulatory burden into a strategic advantage. Pukar shares his unique journey from a startup co-founder to a Silicon Valley CEO, highlighting the paradox of building trust in enterprise security while fighting misinformation and AI hallucinations.

We break down specific techniques that will empower CISOs and security teams: how to leverage AI for continuous vendor monitoring, how to identify hidden risks through dynamic questionnaires, and how to use data-driven insights to propel security into a growth enabler. You'll discover how Security Pal's AI doesn't just automate answers — it predicts vulnerabilities, surfaces gaps, and helps companies stay ahead of technological and regulatory curves. Why is understanding the evolving security landscape critical right now? Because the traditional questionnaire isn't going away — instead, it's becoming the backbone of risk management that, if mastered, unlocks faster deal cycles, stronger compliance, and market differentiation. Next-generation security leaders can harness these insights to anticipate threats, streamline vendor assessments, and turn compliance from a bottleneck into a business booster. Perfect for security executives, compliance officers, and tech founders ready to harness AI's potential at scale — this episode unveils the future of cybersecurity at the intersection of talent, technology, and global opportunity. Whether you're navigating third-party risks or seeking competitive edge, you'll walk away with actionable strategies to elevate your security game in a fast-changing world. Join Pukar Hamal for a behind-the-scenes look at how AI, overlooked talent pools, and strategic insights are redefining what's possible in enterprise security. Don't miss this chance to learn from an innovator who's transforming the industry, one questionnaire at a time. www.darkstack7.com

In this episode of the Cyber Security America Podcast, host Joshua R Nicholson sits down with Chris Freedman, CEO of Ondefend, and Ron Frechette, CEO of CyberSurv, for a deep dive into cybersecurity entrepreneurship.

Both guests share their journeys building companies in the cybersecurity space—from early startup challenges to scaling services, building strong company cultures, and navigating the rapidly evolving role of artificial intelligence in security.

Chris discusses how Ondefend identified an opportunity on the preventative side of cybersecurity, focusing on red teaming, vulnerability discovery, and proactive security testing rather than crowded monitoring and incident response markets.

Ron shares his path from executive search into cybersecurity during the early days of HIPAA compliance and how that experience eventually led him to focus on helping small and mid-sized businesses improve cyber hygiene and resilience.

Together, they explore what it really takes to move a cybersecurity company from zero to one—and eventually from one to scale.

In This Episode

• Why cybersecurity remains one of the largest and fastest-growing markets
• The realities of launching a bootstrapped cybersecurity startup
• How partnerships and subcontracting helped scale early services
• Why culture, mission, and hiring the right people matter most
• How AI is transforming cybersecurity services and advisory work
• The growing demand for fractional CIO and fractional CISO leadership
• Lessons learned from scaling consulting and cybersecurity service firms

Key Takeaways

• The hardest stage of building a company is going from zero to your first customers.
• Strong partnerships can accelerate growth when building credibility in cybersecurity.
• AI is rapidly changing how cybersecurity assessments and advisory services are delivered.
• Many organizations are shifting toward fractional cybersecurity leadership models to gain specialized expertise without full-time executive hires.

Featured Guests

Chris Freedman CEO of Ondefend Entrepreneur and cybersecurity innovator focused on proactive defense, red teaming, and security testing technologies.

Ron Frechette CEO of CyberSurv Serial entrepreneur helping organizations improve cyber hygiene through AI-driven cybersecurity advisory services.

🎧 Listen now on Spotify, Apple Podcasts, or your favorite podcast platform.

#Cybersecurity #InfoSec #CyberThreats #CyberDefense #RedTeam #PenTesting #IncidentResponse #CyberHygiene #DataSecurity #MDR (Managed Detection & Response). Thanks to our show sponsor Darkstack7 Cyber Defense services www.darkstack7.com.

Episode 50 — Cybersecurity Leadership Secrets with MK Palmore

In this milestone episode of Cyber Security America, Joshua Nicholson sits down with Malcolm "MK" Palmore — former FBI cybersecurity executive, Naval Academy graduate, U.S. Marine, and former Director of Security at Google Cloud — for a powerful conversation on leadership, risk, and the future of cybersecurity.

MK shares lessons from leading one of the FBI's largest cyber investigative teams in Silicon Valley, helping shape security strategy at Google Cloud, and advising enterprises through complex cyber risk and digital transformation challenges. This episode goes beyond technology and tools to explore what truly drives successful cybersecurity programs: leadership, decision-making, and strategic clarity.

Key topics include:

• How top CISOs think about cyber risk and executive leadership

• Lessons from FBI cyber investigations and real-world breach response

• The evolution of Zero Trust and cloud security strategy

• AI, emerging threats, and the future of enterprise defense

• Why fractional and strategic cybersecurity leadership is reshaping the industry

• Communicating cyber risk effectively to boards and executives

This episode is essential listening for CISOs, executives, board members, security leaders, and anyone responsible for protecting modern enterprises in an era of accelerating cyber threats.

🎧 Listen to the Cyber Security America Podcast — a cybersecurity podcast focused on real-world incident response, threat intelligence, ransomware, and security leadership.

https://www.youtube.com/playlist?list=PLBl5Ef4QLoa3szw4NGDVZCY0aa1tixnsa

🎙️ Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285

🎙️Spotify: https://open.spotify.com/show/3wmyUbe1TY5hNl96Q8UFFI

🎙️Instagram: https://www.instagram.com/cybersecurityamericapodcast/

🎙️TikTok: https://www.tiktok.com/@cybersecurityamerica

🎙️X.com: https://x.com/nicholsonj7111

📱 Follow Cyber Security America for short clips and updates:

👤 Host — Joshua R. Nicholson: https://www.linkedin.com/in/joshuarnicholson/

🎙️Cyber Security America on LinkedIn: https://www.linkedin.com/company/cyber-security-america-podcast [email protected] for show inquires, guest requests, and sponsorship discussions or collaboration ideas or contact us through our website www.darkstack7.com/contact

In episode 49 of Cyber Security America, we explore how Artificial Intelligence is reshaping cybersecurity, Managed Detection and Response (MDR), and modern security operations. As cyber threats grow more advanced, organizations must evolve from reactive defense to proactive, intelligence-driven protection.

📱 Follow Cyber Security America on Youtube for short clips and updates

Featuring Woo An (CEO of Zaun.ai) and Tyler Lackey (AI Security Builder), this episode delivers real-world insight into how AI-native security platforms are improving detection, response, and operational scale across enterprise environments.

We discuss:

• The future of MDR and AI-driven security operations
• How AI agents and automation are transforming incident response
• Shadow AI, data leakage, and governance challenges
• AI security risks, role-based controls, and detection engineering
• Scaling cybersecurity outcomes without replacing security teams
• Real-world enterprise lessons from AI-powered security innovation

Whether you're a CISO, security leader, MDR provider, or cybersecurity professional, this episode provides practical insight into how AI is redefining cyber defense and how organizations can stay ahead of evolving threats.

🎧 Listen to the Cyber Security America Podcast — a cybersecurity podcast focused on real-world incident response, threat intelligence, ransomware, and security leadership.

YouTube Playlist: https://www.youtube.com/playlist?list=PLBl5Ef4QLoa3szw4NGDVZCY0aa1tixnsa

🎙️ Apple Podcasts: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285

🎙️ Spotify: https://open.spotify.com/show/3wmyUbe1TY5hNl96Q8UFFI

🎙️ Instagram: https://www.instagram.com/cybersecurityamericapodcast/

🎙️ TikTok: https://www.tiktok.com/@cybersecurityamerica

🎙️ X (Twitter): https://x.com/nicholsonj7111

📱 Follow Cyber Security America for short clips and updates

👤 Host — Joshua R. Nicholson: https://www.linkedin.com/in/joshuarnicholson/

🎙️ Cyber Security America on LinkedIn: https://www.linkedin.com/company/cyber-security-america-podcast

📩 For show inquiries, guest requests, sponsorship discussions, or collaboration ideas: [email protected]

🌐 Contact via website: www.darkstack7.com/contact

#CyberSecurity #ArtificialIntelligence #AIinCybersecurity #MDR #ManagedDetectionAndResponse #CyberDefense #SecurityOperations #SecOps #CyberRisk #CISO #CyberLeadership #ThreatDetection #IncidentResponse #SecurityAutomation #AIsecurity #CyberThreats #EnterpriseSecurity #CyberResilience #CyberSecurityPodcast #CyberSecurityAmerica

*]:pointer-events-auto scroll-mt-[calc(var(--header-height)+min(200px,max(70px,20svh)))]" dir="auto" tabindex="-1" data-turn-id= "request-WEB:0cf8a03d-e57a-43f6-9f7c-26bb6994647d-20" data-testid= "conversation-turn-42" data-scroll-anchor="true" data-turn= "assistant">

🎙 Episode 48: AI and Cybersecurity — How Dune Security Is Reinventing User Risk Management

In this episode of Cyber Security America, we explore how artificial intelligence is transforming cybersecurity—and why traditional security awareness training is no longer enough.

I'm joined by David DellaPelle, cybersecurity leader and founder of Dune Security, to break down how AI-driven attacks like phishing, vishing, deepfakes, and social engineering are evolving faster than most security programs can handle. We discuss why 90% of breaches still start with human behavior and how Dune Security is redefining the user layer of cybersecurity with AI-powered risk quantification and remediation.

🔍 Topics covered in this episode:

• Why legacy security awareness training fails in an AI-driven threat landscape

• How attackers use GenAI, voice cloning, and deepfakes to bypass MFA

• The rise of multi-channel social engineering (email, SMS, voice, collaboration tools)

• How AI can identify high-risk users and reduce enterprise attack surface

• What CISOs should be doing now to prepare for AI-enabled threats

• The future of securing both human and AI workforces

This conversation is essential listening for CISOs, security leaders, GRC teams, cloud and identity professionals, and anyone responsible for protecting modern organizations against advanced cyber threats.

🎧 Listen now on Apple Podcasts and Spotify to learn how AI is reshaping cybersecurity—for defenders and attackers alike. www.darkstack7.com/podcast

#CyberSecurityAmerica #CybersecurityPodcast #AIandCybersecurity #ArtificialIntelligence #SocialEngineering #Phishing #Deepfake #CISO #SecurityAwareness #UserRisk #CloudSecurity #PodcastSEO

In episode 47 of Cybersecurity America, host Joshua Nicholson is joined by Richa Kaul, CEO and Founder of Complyance, to explore how agentic AI and intelligent automation are reshaping enterprise Governance, Risk, and Compliance (GRC).

Richa breaks down why traditional, spreadsheet-driven GRC programs are failing at scale—and how organizations are moving toward real-time risk monitoring, automated evidence collection, and continuous audit readiness. Drawing from her experience as a GRC executive and privacy advocate, she shares how modern GRC teams can reduce manual effort, improve visibility, and position compliance as a true business enabler.

In this conversation, we cover:

• Why legacy GRC models can't keep up with today's threat landscape

• How AI agents streamline audits and compliance operations

• Continuous controls monitoring and real-time risk visibility

• Privacy-first approaches to enterprise AI adoption

• Third-party risk, regulatory change, and AI governance

• What CISOs and GRC leaders should expect heading into 2026

Whether you're a CISO, GRC leader, risk professional, or security executive, this episode offers practical insight into the future of enterprise GRC and AI-driven risk management.

About the Show Sponsor: Darkstack7

Darkstack7 is a cybersecurity and IT management firm based in Charlotte, NC, founded by Joshua R. Nicholson, a Marine Corps veteran and seasoned cybersecurity leader with experience at Northrop Grumman, EY, Wells Fargo, and Booz Allen Hamilton.

The company delivers Fortune 500–level expertise to mid-sized and growing organizations—specializing in Security Engineering, Incident Response, vCISO advisory, Insider Threat programs, and IT Management consulting. Darkstack7 also provides proactive services such as tabletop exercises, cyber readiness assessments, and strategic security architecture, helping organizations build resilient defenses and align technology investments with business objectives. www.darkstack7.com, https://www.linkedin.com/in/joshuarnicholson/

#Cybersecurity #GRC #RiskManagement #Compliance #AI #AIinSecurity #EnterpriseSecurity #CISO #CyberRisk #Governance #Privacy #DataProtection #InfoSec#ThirdPartyRisk #DigitalRisk #CyberLeadership #Podcast

Episode 46: Building the Future with Agentic AI — Deep Dive with Ben Wilcox

In this episode of Cybersecurity America, technologist and Proarch leader Ben Wilcox breaks down the biggest insights from Microsoft Ignite, including breakthroughs in agentic AI, emerging security trends, and what organizations must prepare for as AI-driven systems rapidly evolve.

Ben reveals: • What's really happening with Microsoft's newest AI technology • How agentic systems are advancing faster than expected • Why data readiness is the foundation of future productivity • How companies should approach security, governance, and infrastructure in the AI era • His early entrepreneurial journey launching a hosting company at age 15 • The unexpected link between technology leadership and high-performance racing

We also explore: • Data Security Posture Management (DSPM) • Identity-based attacks and real-world fraud cases • AI's impact on compliance, audits, and supply-chain risk • The rise of agentic workflows, MCP, and automation • Why traditional SaaS may give way to agent-driven platforms

This episode is packed with insights for CISOs, IT leaders, engineers, and anyone preparing for the future of enterprise AI.

Connect with Ben Wilcox & Proarch: www.proarch.com LinkedIn: Ben Wilcox

Sponsored by DarkStack7 – Cybersecurity leadership, vCISO services, incident response, and engineering. www.darkstack7.com

Joshua R Nicholson - DarkStack7 Cyber Defense | LinkedIn

https://www.youtube.com/channel/UCp94j2q_-F4SwvxgQYI_8Cg

Agentic AI, Microsoft Ignite, Microsoft AI, Enterprise cybersecurity, Data security, AI agents, AI automation, CISO insights, Cloud security, AI in business, AIPosture management, Identity-based attacks, Fraud prevention, MCP (Model Context Protocol), AI workflows

In episode 45, we sit down with Jasson Casey, CEO and Co-Founder of Beyond Identity, to explore how identity has become the new perimeter in cybersecurity. With over two decades of experience across security, networking, and software-defined infrastructure, Jasson unpacks why traditional defenses are failing and how the next generation of identity security is reshaping cyber resilience.

We dive deep into today's identity-based attack landscape — from Russian threat campaigns and TLS fragility to how endpoint trust, hardware-backed credentials, and zero trust authentication are converging. Jasson also shares fascinating insights on securing AI agents, drones, and machine identities, and what it really means to make credential-based attacks "impossible." Whether you're a security leader, technologist, or curious about the intersection of identity, AI, and the future of cyber defense, this episode is packed with forward-thinking insights you won't want to miss.

🔐 Key Topics: - The evolution of identity as the new cybersecurity perimeter - How attackers are exploiting TLS and credential sprawl - Why AI agents and drones demand new identity frameworks - TPMs, device-bound credentials, and the end of password-based trust The future of identity defense and zero trust authentication

🎧 Guest: Jasson Casey, CEO & Co-Founder, Beyond Identity

🔗 Learn more: www.beyondidentity.com

🎙 About the Show Sponsor: Darkstack7 Darkstack7 is a cybersecurity and IT management firm based in Charlotte, NC, founded by Joshua R. Nicholson, a Marine Corps veteran and seasoned cybersecurity leader with experience at Northrop Grumman, EY, Wells Fargo, and Booz Allen Hamilton. The company delivers Fortune 500–level expertise to mid-sized and growing organizations—specializing in Security Engineering, Incident Response, vCISO advisory, Insider Threat programs, and IT Management consulting. Darkstack7 also provides proactive services such as tabletop exercises, cyber readiness assessments, and strategic security architecture, helping organizations build resilient defenses and align technology investments with business objectives.