Secured with Dr. KJ

Episode Overview
Allen Westley, Director of Cyber Intelligence at L3Harris Technologies, explores the challenges government contractors face with AI, compliance, and operational security. We discuss the compliance trap, agentic AI risks, and why judgment-driven leadership outweighs certifications.
Guest
Allen Westley
Director of Cyber Intelligence, L3Harris Technologies
Founder, Cyber Explorer LLC | Adjunct Professor
LinkedIn: Allen Westley, CSM, CISSP, MBA
Key Topics
The Compliance Trap
Passing CMMC audits vs. having operational security
Critical importance of scoping for defense contractors
Convergence of classified and unclassified systems (CUI, 871 controls)
Shadow IT: operators using unapproved tools to meet deliverables
AI as Dual-Use Technology
Adversaries operationalizing AI alongside defenders
Cognitive mapping and anthropomorphizing risks
Pattern matching creating unintended classified information
Training gaps when mandating AI adoption without guardrails
Agentic AI Systems
Models collaborating with limited visibility
ChatGPT agent example: exceeding original instructions
Data segmentation failures enabling unauthorized access
Engineers bypassing inadequate guardrails
Security Culture
Judgment over knowledge through experience
Psychological safety for reporting mistakes
Leading by example in daily decisions
Trust built through consistency, not town halls
Timestamps
00:00 - Introduction
01:51 - Compliance trap challenges
04:03 - CMMC scoping essentials
06:05 - AI reshaping operations
10:21 - Agentic systems and data risks
12:46 - Canva agent example
15:03 - Building security culture
18:00 - Outro
Resources
CMMC Compliance: Levels 1-3, FCI vs CUI
Defense Industrial Base guidance
AI governance frameworks
Key Takeaways
Scoping determines CMMC success
Compliance ≠ operational security
AI needs training and guardrails
Agentic systems require data segmentation
Psychological safety builds real culture
Connect
Subscribe to Secured with Dr. KJ.
Feedback or want to be a guest? Visit: Secured with Dr. KJ - Podcast
Securing tomorrow, one episode at a time.

Episode Overview
In this Season 3 premiere, Ben Masino, President and Chief Growth Officer at Avertium, discusses how security enables business growth rather than hindering it. We explore building security programs through the Microsoft Security platform, the critical role of data hygiene in AI adoption, and meeting customers where they are for long-term success.
Guest
Ben Masino
President & Chief Growth Officer, Avertium
LinkedIn: Ben Masino
Key Topics
Avertium's Approach
"Assess, Design, Protect" methodology for regulated industries
Serving healthcare, manufacturing, retail, and finance sectors
20+ years combined experience in security and compliance
AI Readiness Through Data
Securing your data estate is foundational for AI success
Using Microsoft Purview for data discovery and governance
Bridging executive AI mandates with IT/security realities
Customer Success
Healthcare company journey: pen test to full MXDR partnership
Intune misconfiguration discovery and remediation
Building trust through actionable assessments
Customer Zero Philosophy
Avertium uses Microsoft E5, Sentinel, and Defender internally first
Testing Copilot for Security to enhance analyst work
Leading into the future with proven expertise
Timestamps
00:00 - Introduction
00:20 - Avertium's mission in security
02:05 - Common challenges across regulated industries
03:44 - Assess, Design, Protect methodology
05:54 - Customer success story
08:26 - AI readiness and data estates
10:57 - Bridging executives and IT teams
12:57 - Customer Zero approach
15:09 - Final thoughts
Resources
Avertium: avertium.com
Microsoft Security: Sentinel, Defender XDR, Purview
Compliance: HIPAA, PCI, NERC, High Trust
Key Takeaways
Focus creates depth - specialization builds meaningful partnerships
Data hygiene before AI - organize your data estate first
Meet customers where they are - tactical starts lead to strategic relationships
Be your own customer zero - internal testing builds real expertise
Security enables business - proper programs accelerate outcomes
Connect
Subscribe to Secured with Dr. KJ on your favorite podcast platform.
Feedback, topics, or want to be a guest? Visit: Secured with Dr. KJ - Podcast
Keep securing tomorrow, one episode at a time.

Episode: AI, Mental Health & the Human Side of Cybersecurity
Guest: Jameeka Green Aaron
Guest Title: Chief Information Security Officer, Headspace

Episode Summary
Jameeka Green Aaron, CISO at Headspace, joins Dr. KJ for a candid conversation on protecting mental health data, the limitations of AI in clinical settings, and why humanity must remain a non-negotiable in cybersecurity. As a Navy veteran and black woman in tech leadership, Jameeka also shares powerful insights on representation, courage, and the fight for equity in the industry.

Discussion Topics & Timestamps
(00:00) Introduction and guest welcome
(01:45) AI in mental health: balancing innovation with patient protection
(08:30) Guardrails and governance: the CIA triad applied to AI
(14:20) Why security leadership is critical in healthcare
(21:30) Explaining security concepts to clinicians and product teams
(24:30) Leadership, representation, and courage as a black veteran in cybersecurity

Key Takeaways
Humanity is a non-negotiable – AI lacks empathy, context, and the ability to read nonverbal cues. In mental health, models must never instruct users to harm themselves or others—guardrails must be absolute.
Data professionals are the linchpin of AI – Good data in, good data out. De-identification, anonymization, and clean data practices are essential before training any model on sensitive health information.
Protecting and healing go together – Security in healthcare isn't a barrier; it's an enabler. Clinicians already understand patient privacy deeply—security leadership helps them extend that protection through technology.

Resources & Frameworks Mentioned
HIPAA – Health Insurance Portability and Accountability Act
HITRUST – Healthcare information security certification
CIA Triad – Confidentiality, Integrity, Availability
Headspace Ebb – AI companion that helps users navigate mental health content
Large Language Models (LLMs) – Foundation for AI-powered tools

Notable Quotes
"Technology is about people. Everything we create is for the greater good of humanity. As a CISO, I'm here to enable innovation and protect people from the woes of that innovation.""AI has the discernment of a mouse. It doesn't know if the data you provided is truthful or accurate.""Protecting and healing go together."Connect
Guest: Jameeka Green Aaron – (13) Jameeka Green Aaron, CISSP | LinkedIn
Host: Dr. Kenneth Johnson – (13) Dr. Kenneth Johnson, CISSP | LinkedIn

Securing tomorrow, one episode at a time.
Hosted on Acast. See acast.com/privacy for more information.

Episode: Healthcare Modernization – Cloud Migration & Responsible AI
Guest: Stephen Clark, Enterprise Solution Architect

Episode Summary
Stephen Clark joins Dr. KJ to discuss how healthcare organizations can modernize legacy systems and embrace AI without compromising patient care or data security. The conversation covers phased cloud migration strategies, balancing clinical access with HIPAA compliance, and implementing AI responsibly to improve patient outcomes while protecting against bias.

Discussion Topics & Timestamps
- (00:00): Introduction and guest welcome
- (01:05): Legacy systems and phased cloud migration strategies
- (08:30): Hot sites, lift-and-shift vs. hybrid cloud approaches
- (13:20): Balancing clinical access with privacy and compliance
- (16:30): AI in healthcare: security applications and responsible implementation
- (24:00): Final thoughts: blueprints, executive buy-in, and crawl-walk-run

Key Takeaways
Avoid the "big bang" approach – Healthcare cloud migration requires a phased, methodical strategy. Hybrid cloud lets you maintain existing DR/BC plans while modernizing incrementally.
Data assessment comes first – Before addressing compliance, security, or migration, you must understand your current state: where data lives, what integrations exist, and who's consuming it.
AI needs governance from day one – Responsible AI in healthcare requires clean data, continuous monitoring, transparency in decision-making, and a robust ethical framework policy.

Notable Quotes
"AI, to me today, has the discernment of a mouse. AI doesn't really discern today—it doesn't know if the data provided is truthful or accurate.""Don't try to boil the ocean. Start with thorough assessments, prioritize compliance and security, and ensure you have executive buy-in before diving in."

Connect
Guest: Stephen Clark – (12) Stephen Clark | LinkedIn
Host: Dr. Kenneth Johnson – (12) Dr. Kenneth Johnson, CISSP | LinkedIn

Securing tomorrow, one episode at a time.
Hosted on Acast. See acast.com/privacy for more information.

Security & Leadership

Show: Secured with Dr. KJ
Guest: Carl Mosby III — solutions engineering leader, trusted advisor, people-first technologist
Episode type: Leadership & culture / AI & security

Episode snapshot

Leadership today sits at the intersection of people and rapidly evolving tech. Carl Mosby III unpacks what effective leadership looks like when security and technology are inseparable—covering education-first cultures, leading without ego, activating others, and keeping trust and ethics at the center as AI accelerates change.

Key topics
People-first leadership in a high-velocity tech era
Education as a core security control (making risks & methods visible)
Leading without ego: listening, advocacy, and “multiplicity”
Activating others: sponsorship, visibility, and shared success
AI with guardrails: ethics, trust, and avoiding shiny-object syndrome

Timestamps
00:00 – 01:04 | Show open & what we cover on Secured with Dr. KJ
01:05 – 02:12 | Guest intro: who Carl is & where he leads
02:23 – 05:21 | Q1: Leadership when security & tech are inseparable (education, pace of change)
05:57 – 07:04 | Leading without ego: balancing urgency with protecting people
07:04 – 12:00 | Multiplicity & advocacy: listening, sponsorship, and letting others shine
12:00 – 15:30 | AI & leadership: trust, ethics, quality, and resisting over-reliance
15:30 – 19:15 | Staying people-centric while tech scales; vulnerability as strength
19:18 – 23:12 | The future of leadership: connection, North Stars, and secure growth
23:34 – end | Wrap & takeaway

5 takeaways to remember
Security is a people practice. Training, context, and communication are as critical as controls.
Lead without ego. Listen first, advocate often, and elevate others—especially into the rooms that matter.
Build multiplicity. Scale impact by empowering teammates with visibility, ownership, and support.
Treat AI as an accelerant, not a replacement. Keep trust, ethics, and human judgment at the center.
Connection drives performance. Teams work harder when they feel seen, supported, and aligned to purpose.

Resources mentioned
Conferences, forums, and cross-org engagement as leadership force multipliers
Principles: open-door culture, sponsorship, and people-centric rhythms

Connect with the guest
Carl Mosby III: https://www.linkedin.com/in/carl-mosby-iii/

Listen & subscribe
Acast: https://shows.acast.com/secured-with-dr-kj
Apple Podcasts / Spotify / YouTube: search “Secured with Dr. KJ”

Support the show
If this episode resonated, share it with a teammate, leave a quick rating/review, and follow for new conversations on leadership, AI, and security.

Securing tomorrow, one episode at a time.
Hosted on Acast. See acast.com/privacy for more information.