Cyber Security America

In this episode of the Cybersecurity America Podcast, sponsored by DarkStack7, host Joshua Nicholson sits down with Nia Luckey — Army veteran, published author, and cybersecurity leader — to talk about her powerful journey from military service to the frontlines of cyber defense. Nia shares lessons on resilience, leadership, and transitioning from military to civilian life, while also unpacking the evolving challenges in today’s cybersecurity landscape. From the importance of attention to detail, to burnout among cyber leaders, to the risks and opportunities of AI in security and governance, this episode is packed with insight for both aspiring professionals and seasoned experts. Key Topics Covered: - Nia’s journey from Army communications to cybersecurity leadersh- ip - Building resilience and avoiding burnout in high-pressure environments - Specialization vs adaptability in cyber careers - AI, risk quantification, and governance in today’s security programs - The future of work in cybersecurity Whether you’re a veteran, a cybersecurity professional, or simply interested in how resilience and adaptability shape careers, this episode has something for you. 👉 Don’t forget to like, comment, and subscribe for more conversations with today’s cybersecurity leaders. #CyberSecurity #VeteransInTech #cyberresilience #leadership #cybercareers #aiincybersecurity #riskmanagement #ciso #cyberpodcast #NiaLuckey #cybersecurityamerica  

In this episode, sponsored by Darkstack7, Joshua sits down with Chris Cronin, partner at Halock Security Labs and founding partner of Reasonable Risk, to explore the intersection of cybersecurity, risk management, and the legal principles behind “reasonable” safeguards. Chris unpacks the DoCRA Standard and CIS RAM, sharing how historical and legal frameworks can guide today’s cybersecurity strategies. From his journey in academia to his leadership in cyber risk, Chris offers practical insights on balancing risk, ensuring compliance, and applying reasonable security measures that stand up to regulatory and legal scrutiny. The discussion covers real-world risk assessments, notable legal cases, and emerging tools that automate and enhance risk management. Key Topics: - How the DoCRA Standard and CIS RAM shape practical risk analysis  Applying “reasonableness” from legal precedent to cybersecurity Balancing regulatory specificity with operational flexibility The role of community and professional standards in defining reasonable safeguards Historical analogies, insurance considerations, and executive decision-making in risk management Timestamps: 00:00 Introduction to Cybersecurity Challenges 00:26 Meet Chris: A Cybersecurity Expert 01:25 Chris’s Journey into Cybersecurity 02:50 Where Law Meets Cybersecurity 04:37 Defining Reasonable Security Measures 06:37 Regulations and Compliance in Practice 08:24 The Legal Concept of Reasonableness 10:22 Translating Legal Standards into Cyber Practices 14:53 Practical Risk Analysis Steps 21:20 Balancing Flexibility and Specificity in Regulations 24:54 Professional Standards That Shape Reasonableness 25:49 Certifications and Industry Benchmarks 26:17 How Community Shapes Standards 26:34 Lessons from Aviation for Cybersecurity 28:29 The CIS RAM and Risk Assessment Methods 30:51 Legal Implications of Adopting Reasonableness 32:16 Insurance and Risk Management 34:38 Challenges in Incident Response Reporting 39:40 Risk Assessments for Executive Decision-Making 46:02 Closing Thoughts and Call to Action www.darkstack7.com

In episode 39, host Josh Nicholson is joined by memory forensics expert Andrew Case, co-developer of the Volatility framework and co-author of The Art of Memory Forensics. Together, they explore the critical role of memory analysis in modern incident response—uncovering hidden malware, insider threats, and ransomware techniques invisible to traditional disk forensics or EDR tools. Andrew breaks down what’s new in Volatility 3, how memory-only malware operates, and why CISA now recommends memory imaging in its emergency directives. Whether you're a responder, analyst, or just curious about advanced DFIR, this episode is packed with practical insight and real-world experience. 🎧 Stay secure—and subscribe for more expert cyber content. https://youtu.be/2q4z9Z2_cwc www.darkstack7.com    

Cyber threats aren't slowing down—and neither are we. In episode 38 of Cyber Security America, I sit down with two powerhouses from Surefire Cyber—Karla Reffold and Billy Cordio—to pull back the curtain on what’s really happening in today’s incident response and threat intelligence landscape.  💡 What we cover: 📈 Real-world ransomware trends (like longer dwell times and SSH backdoors) 📨 Surging business email compromise tactics—attachments are the new attack vector 🔐 Why incident response retainers are more valuable than ever 🔥 Rapid resiliency: 5 key misconfigurations every business must address 🧠 How threat actors are using AI (and why they still don’t need it to win) 💬 Candid career advice for aspiring DFIR and intel pros Whether you’re a CISO, SOC leader, or cyber-curious professional, this episode gives you front-line insights from the experts handling these threats daily. 🎧 Listen now and secure your edge: [https://www.darkstack7.com/podcast] #CyberSecurity #IncidentResponse #DFIR #ThreatIntelligence #Ransomware #BEC #SurefireCyber #CyberSecurityAmerica #Podcast #EDR #mfa #Resilience #digitalforensics https://www.linkedin.com/in/joshuanicholson/

In this powerful episode, we sit down with Kyle DuPont, CEO and Co-Founder of Ohalo, the trailblazing company reshaping the way organizations understand and manage unstructured data. With deep experience in both finance and technology, including a background at Morgan Stanley, Kyle shares the origin story of Ohalo and how their flagship product, Data X-ray, is revolutionizing data governance through advanced machine learning and natural language processing (NLP). We explore how Ohalo empowers major banks, governments, and enterprises to discover, classify, and protect sensitive data in a world of increasing complexity, compliance pressure, and security risks. From the rise of generative AI to the ethical implications of automation, this episode is packed with practical insights and future-facing perspectives. Whether you're a tech leader, data scientist, or simply curious about the future of AI and data, this conversation is a must-watch. 🕒 Chapter Timestamps 00:00 – Introduction to Kyle DuPont and Ohalo 01:44 – Kyle's Journey to Founding Ohalo 03:35 – Understanding Data X-ray and Its Applications 05:21 – Challenges in Data Security and AI Solutions 07:04 – The Role of AI in Data Management 13:31 – Cultural Insights and Personal Anecdotes 15:27 – Ideal Customers and Use Cases for Ohalo 17:56 – Future of AI and Data Management 20:56 – The Future of AI: Predictions and Implications 21:10 – Automation and Productivity: Embracing AI Tools 21:55 – The Evolution of Coding and Business Processes 24:36 – AI in Business: Real-World Applications 26:46 – Emerging AI Protocols and Security Concerns 29:53 – Ethical and Legal Implications of AI 36:22 – Advice for Aspiring AI Professionals 38:32 – Conclusion and Final Thoughts 📢 Don’t forget to like, comment, and subscribe for more expert-led conversations on data, AI, and the future of technology.  For the show video versions and the Cyber Battlefield training series are available.   https://www.youtube.com/@cybersecurityamerica_show     #AI #ArtificialIntelligence #MachineLearning #DataScience #DataSecurity #CyberSecurity #NaturalLanguageProcessing #FinTech #BigData #DataGovernance #GenerativeAI #TechPodcast #StartupStories #Innovation #Automation #FutureOfWork #DigitalTransformation #UnstructuredData #Ohalo #KyleDuPont #DataPrivacy #AIethics #TechLeadership

In episode 36, Josh welcomes renowned intelligence systems expert Stephen Arnold to shine a light on one of the most underestimated threats in cybersecurity today—Telegram. Known to most as a simple messaging app, Telegram is quietly operating as a “super app” for cyber crime. From crypto laundering and hamster games masking gambling platforms, to automated money laundering, dark web-style marketplaces, and human trafficking operations, Telegram's labyrinthine infrastructure is designed for scale, secrecy, and obfuscation. 🔍 What you'll learn: How Telegram morphed into a platform for organized cyber crime The shocking links to cryptocurrency laundering through games like Hamster Combat The automation of criminal finance using bots and wallets Real-world examples of Telegram-enabled fraud, crime, and digital exploitation What law enforcement is doing—and not doing—to combat it The ethical gray zone of Telegram’s elusive founder and the platform’s murky governance 📕 Featuring insights from Stephen Arnold’s upcoming book The Telegram Labyrinth—exclusive to law enforcement and intelligence professionals. 📢 Don’t miss this revealing backstage pass into one of the most sophisticated cybercrime infrastructures on the planet. 🔹 Listen now: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285 🔹 Follow the podcast: https://www.darkstack7.com/ 🔹 Connect with Joshua Nicholson: https://www.linkedin.com/in/joshuanicholson/ 🔔 Subscribe, comment, and share if you’re ready to stay ahead in the cyber battlefield. #CyberSecurityAmerica #TelegramExposed #CyberCrime #DigitalUnderground #StephenArnold #JoshNicholson #InfoSec #CryptoCrime #TelegramLabyrinth #HamsterCombat #OpenSourceIntel #MDR #IncidentResponse #CyberIntel #clt #charlotte #CyberSecurityPodcast #DarkWeb #AML #DigitalThreats #CyberRisk #CISOInsights

Join host Joshua Nicholson, a seasoned cybersecurity veteran with over 24 years of frontline experience, as he dives deep into the high-stakes world of incident response and takes you on an exclusive dark web tour. In this power-packed episode, Joshua shares real-world lessons learned from handling hundreds of cyber incidents, breaking down the best practices, critical backup strategies, and common pitfalls that organizations face when responding to attacks.   But that’s not all—this episode also unmasks the dark web, revealing its hidden layers, the tools and techniques used to navigate it, and the threats lurking in its shadows. From TOR networks, VPNs, and sock puppets to cybersecurity playbooks and business-aligned security strategies, this episode is a must-listen for IT professionals, CISOs, and business leaders alike.   🔹 Listen now: https://podcasts.apple.com/us/podcast/cyber-security-america/id1668216285 🔹 Follow the podcast: https://www.darkstack7.com/ 🔹 Connect with Joshua Nicholson: https://www.linkedin.com/in/joshuanicholson/ #CyberSecurity #IncidentResponse #DarkWeb #CyberThreats #CyberDefense #InfoSec #SOC #TOR #VPN #CyberRisk #ThreatIntel #DigitalForensics #EthicalHacking #CyberWar #DataBreach #CyberStrategy

🎙 Episode 34 - Job Hunting: Top 10 Tips to Land the Next One Looking for your next big career move? In this episode of Cyber Security America, we break down the Top 10 Tips to help you navigate the job market and secure your next role with confidence. Whether you're a seasoned cybersecurity professional or just starting out, we’ll cover essential strategies—from optimizing your resume and acing interviews to leveraging your network and standing out in a competitive field. 📺 Watch the full video version on YouTube: Cyber Security America 📝 Read the full article on LinkedIn: Job Hunting 2025: Top 10 Tips to Land Your Next Role 👤 Learn more about the host, Joshua Nicholson: 🔗 Website: www.darkstack7.com 🔗 LinkedIn: www.linkedin.com/in/joshuarnicholson 🎧 Listen now on your favorite podcast platform! Don’t miss this essential career guide—subscribe, watch, and read to stay ahead in your job search! 🚀

Top 10 GRC Program Tips – Build vs. Buy with an Amazon Leader! We’re back with another powerful episode featuring one of the top minds at Amazon. In this episode, we dive deep into Governance, Risk, and Compliance (GRC) and explore the Top 10 Tips for GRC Program Success. Should you build your own security governance tools or buy them off the shelf? Our guest shares expert insights on making the right call for your business! 🔴 Don’t miss this! Subscribe and hit the notification bell so you stay ahead in cybersecurity. 🔗 Follow for more cybersecurity insights: 🎧 Listen on your favorite podcast platform 📲 Share with your network #CyberSecurity #GRC #RiskManagement #CyberRisk #BuildVsBuy #Compliance #TechLeadership #Amazon #CyberPodcast #CyberSecurityAmerica #Infosec #DataSecurity #CISO #SecurityOperations #CyberAwareness #CloudSecurity #itsecurity (www.darkstack7.com https://www.linkedin.com/in/joshuanicholson/ https://x.com/nicholsonj7111)

Welcome to Episode 32 of our podcast, where we explore the evolving landscape of cybersecurity in the Middle East. In this installment, we delve into the complexities of implementing Zero Trust in the region, focusing on the challenges and opportunities foreign companies face while adopting this vital framework. Zero Trust is more than a buzzword—it's a multi-faceted journey that requires a deep dive into the five core pillars: identity, network, application, device, and data. These pillars form the foundation of the Zero Trust maturity model, and every organization looking to implement this framework must evaluate its maturity across these domains. Our guest, Kamel Tamimi, a visionary cybersecurity professional with over two decades of experience, joins us to discuss how the Middle East is embracing Zero Trust as a strategic defense against growing threats. Kamel explains that achieving Zero Trust maturity isn’t a single-department project or a one-time task—it’s a continuous improvement process that involves both technology and practices. As technologies like multi-factor authentication (MFA) become more accessible and affordable, organizations can integrate them into their Zero Trust models to better protect their data and assets. Kamel also highlights how AI and machine learning are revolutionizing Zero Trust, enabling dynamic, risk-based decisions based on a wealth of real-time data. AI’s role in Zero Trust is pivotal—processing vast amounts of data quickly to assess the risk of every request. With machine learning, Zero Trust systems can not only verify identities but also detect anomalies such as unusual login times or unfamiliar devices. This dynamic, data-driven approach helps companies better secure their networks, with the flexibility to take actions beyond simply allowing or blocking access. For instance, AI can divert suspicious traffic to deception systems or apply more rigorous security controls based on the risk profile of a user or device. Kamel also touches on the practical side of implementing Zero Trust in the Middle East. It’s not about ripping and replacing your infrastructure; it’s about re-architecting your security framework to align with the Zero Trust principles. The journey begins with evaluating your identity management system and ensuring it can support advanced features like MFA and single sign-on. The other pillars—network, application, device, and data—must also be addressed in a comprehensive strategy that evolves over time. As we explore these themes, we also discuss broader regional trends, such as the expansion of hyperscale data centers by global tech giants like Google, Oracle, Azure, and Alibaba in Saudi Arabia, UAE, and Qatar. The drive for data sovereignty, regulatory compliance, and job creation is reshaping the cybersecurity landscape in the region, making Zero Trust even more relevant. Join us for an insightful conversation with Kamel Tamimi as we unpack the complexities of adopting Zero Trust in the Middle East and explore the intersection of technology, strategy, and cybersecurity. Stay updated with the latest episodes of Cyber Security America by visiting our YouTube Channel Cyber Security America and subscribing on Apple Podcasts. Connect with Joshua Nicholson on LinkedIn here. #Cybersecurity #MiddleEast #ZeroTrust #AI #MachineLearning #ThreatIntelligence #DataSovereignty #TechAdvancements #DigitalTransformation #Podcast #CybersecurityChallenges #ForeignOperations