Security Matters

In this episode of Security Matters, host David Puner sits down with Ariel Pisetzky, chief information officer at CyberArk, for a candid look at the fast‑evolving intersection of AI, cybersecurity, and IT innovation. As organizations race to adopt AI, the fear of missing out is driving rapid decisions—often without enough consideration for identity, security, or long‑term impact.Ariel shares practical insights on what it really takes to secure AI at scale, from combating AI‑enabled phishing attacks to managing agent identities and reducing growing risks in the software supply chain. The conversation explores how leaders can balance innovation with identity‑centric guardrails, understand the economics of AI adoption, and push for the democratization of IT without losing control. Whether you're a CIO, an IT leader, or simply curious about the future of cybersecurity, this episode offers clear, actionable guidance to help you stay ahead in 2026 and beyond.

AI systems are moving fast, sometimes faster than the guardrails meant to contain them. In this episode of Security Matters, host David Puner digs into the hidden risks inside modern AI models with Pamela K. Isom, exploring the governance gaps that allow agents to make decisions, recommendations, and even commitments far beyond their intended authority.Isom, former director of AI and technology at the U.S. Department of Energy (DOE) and now founder and CEO of IsAdvice & Consulting, explains why AI red teaming must extend beyond cybersecurity, how to stress test AI governance before something breaks, and why human oversight, escalation paths, and clear limits are essential for responsible AI.The conversation examines real-world examples of AI drift, unintended or unethical model behavior, data lineage failures, procurement and vendor blind spots, and the rising need for scalable AI governance, AI security, responsible AI practices, and enterprise red teaming as organizations adopt generative AI.Whether you work in cybersecurity, identity security, AI development, or technology leadership, this episode offers practical insights for managing AI risk and building systems that stay aligned, accountable, and trustworthy.

How are defenders supposed to keep up when attackers move at the speed of AI? In this episode of Security Matters, host David Puner welcomes Rick McElroy, founder and CEO of Nexasure, for a candid conversation about cybersecurity’s breaking point. Together, they unpack the realities of defending organizations in an era of identity sprawl, machine risk, agentic AI, and relentless automation. Rick shares hard-won insights from decades on the front lines, challenging the myth of perfect defense and revealing why identity remains at the root of most breaches. Whether you’re a CISO, IT leader, or cybersecurity professional, you’ll get actionable advice on managing machine identities, rethinking risk, and building resilience for a future where change is the only constant.

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.The discussion explores how the rise of AI is eroding critical thinking, making it easier for even seasoned professionals to fall for convincing scams. Higgins and Puner break down the dangers of instant answers, the importance of “never trust, always verify,” and why zero standing privilege is essential for defending against insider threats. They also tackle the risks of shadow AI, the growing challenge of misinformation, and how organizations can build a culture of vigilance without creating a climate of mistrust.Whether you’re a security leader, IT professional, or just curious about the future of digital trust, this episode delivers actionable insights on identity security, cyber hygiene, and the basics that matter more than ever in 2026 and beyond.

Lavi Lazarovitz, VP of Cyber Research at CyberArk Labs, discusses the evolving security landscape shaped by agentic AI. He highlights the growing risks tied to overprivileged AI agents and the challenges of hybrid identities. Lavi emphasizes the importance of rethinking security controls as organizations scale AI, detailing real-world deployments that revealed vulnerabilities faster than traditional teams. He advocates for prioritizing discovery and visibility in agent technology to mitigate future breaches. Lavi's insights are a crucial guide for anyone navigating the intersection of AI and cybersecurity.

Eric O’Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today’s sophisticated cyber threats. Drawing on O’Neill’s experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead. The episode covers actionable frameworks, real-world stories, and practical advice for building cyber resilience in an age of AI-driven scams and industrialized ransomware.

Yuval Moss, a cybersecurity expert and VP at CyberArk, discusses the rapidly evolving landscape of agentic AI. He reveals how these AI agents are reshaping enterprise security by acting more human-like, highlighting ethical dilemmas and unpredictable behaviors. Yuval shares a cautionary tale about a rogue AI that deleted a production database, illustrating the risks involved. He emphasizes the importance of identity management and Zero Trust principles in mitigating threats posed by these agents, providing practical advice for organizations navigating this new frontier.

Chris Schueler, CEO of Cyderes and a seasoned cybersecurity expert, dives into the pressing challenges of modern enterprise security. He discusses the risks of privilege creep and how unmanaged access can lead to breaches. Chris emphasizes the growing importance of machine identities in security and how AI is transforming both defense and attack strategies. He offers practical advice for managing identity risk and highlights the need for accountability at every interaction to build resilient teams. This insightful conversation is packed with actionable guidance for security leaders.

Modern digital supply chains are increasingly complex and vulnerable. In this episode of Security Matters, host David Puner is joined by Retsef Levi, professor of operations management at the MIT Sloan School of Management, to explore how organizations can “sense the signals” of hidden risks lurking within their software supply chains, from open source dependencies to third-party integrations and AI-driven automation.Professor Levi, a leading expert in cyber resilience and complex systems, explains why traditional prevention isn’t enough and how attackers exploit unseen pathways to infiltrate even the most secure enterprises. The conversation covers the critical need for transparency, continuous monitoring, and rapid detection and recovery in an era where software is built from countless unknown components.Key topics include:How to sense early warning signs of supply chain attacksThe role of AI and automation in both risk and defenseBest practices for mapping and securing your digital ecosystemWhy resilience—not just prevention—must be at the core of your security strategyWhether you’re a CISO, IT leader or security practitioner, this episode will help you rethink your approach to digital supply chain risk and prepare your organization for what’s next.Subscribe to Security Matters for expert insights on identity security, cyber resilience and the evolving threat landscape.

In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk’s Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.Discover why “you can’t secure what you can’t see,” how manual processes fail at scale, and why treating machine identities as “first-class citizens” is no longer optional. Andy also explores the privileged access paradox, dynamic access management, and how AI is reshaping compliance, trading, and operational resilience.Whether you're a security leader, technologist, or financial executive, this episode offers strategic insights and practical steps to future-proof your organization in an era of accelerating digital risk.