Secured with Dr. KJ

Episode Title: Data Governance in the Age of AI: Building the Right Foundation Host: Dr. Kenneth "KJ" Johnson Guest: Ilya Pozharsky Guest Title: Senior Vice President of Enterprise Solutions, eShare Duration: ~22 minutes
Keywords: data governance, Microsoft 365, AI security, collaboration security, eShare
Episode Summary
Ilya Pozharsky joins Dr. KJ for a deep dive into one of the most overlooked challenges in enterprise security — data governance. As AI reshapes how organizations work, Ilya makes the case that the industry has long neglected the basics, and that foundation must be in place before AI can be used safely and effectively. Drawing on his experience as a Microsoft Global Black Belt and his work advising CISOs across regulated industries, Ilya walks through how eShare's collaboration fabric helps organizations securely share data within Microsoft 365 — without creating roadblocks for the business. The conversation covers external collaboration challenges, AI's expanding attack surface, and why the most successful security leaders are the ones who partner with the business rather than block it.
What You'll Learn
Why poor data governance is the root cause of most AI security risks — and what to do about it
How eShare's collaboration fabric allows organizations to securely share data externally while keeping it inside Microsoft 365
Why the best security leaders build partnerships with the business instead of creating roadblocks
Top 3 Takeaways
AI is a powerful spotlight on existing data governance failures — organizations that haven't addressed the basics will face significant risk as AI adoption accelerates
Security should be a business accelerator, not an inhibitor — meeting users in their flow of work while applying the right guardrails is the key to scalable governance
Start with your North Star — whether building a security program or an AI application, having a clear vision of the end result will guide every decision along the way
Memorable Quotes
"It's one thing to have a policy that looks good on paper — it's another to have one that actually scales." — Ilya Pozharsky
"AI is really putting a red dot on the fact that not having a good data governance strategy creates a lot of risk." — Ilya Pozharsky
"If you build it, they will come." — Ilya Pozharsky
Connect with the Guest
Ilya Pozharsky LinkedIn: https://www.linkedin.com/in/ilyapozharsky/ Company: www.eshare.com
Listen & Subscribe
Like, follow, and subscribe to Secured with Dr. KJ: https://swdrkj.riverside.com Apple Podcasts: https://podcasts.apple.com/us/podcast/secured-with-dr-kj/id1805058517 Spotify: Search "Secured with Dr. KJ" YouTube: Search "Secured with Dr. KJ"
Support the Show
If this episode helped you, share it with your team, leave a quick rating/review, and follow the show for new episodes on AI, data governance, Microsoft security, and more.
Securing tomorrow, one episode at a time.

Episode Title: App Security in the Age of AI Host: Dr. Kenneth "KJ" Johnson Guest: Zack Tembi Guest Title: CEO, Single Fin | Managing Partner, Single Fin Ventures | CIO/CISO Community Builder Duration: ~20 minutes
Keywords: application security, AI, identity security, agentic AI, private cloud
Episode Summary
Zack Tembi joins Dr. KJ to unpack the growing tension between AI-accelerated development and application security. From the explosion of autonomous agents to the rise of identity-based threats, Zack brings a practitioner and investor lens to some of the most pressing challenges facing security teams today. The conversation explores why legacy monitoring tools are falling short, how organizational structure must evolve to embed security into development, and why taking ownership of your data — rather than relying entirely on external AI providers — is becoming a critical strategic imperative. Zack closes with a call to action for security professionals to continuously sharpen their skills and lean into modern innovation with curiosity rather than fear.
What You'll Learn
Why AI-native monitoring tools are replacing legacy solutions and what that means for your security stack
How the rise of agentic AI is fundamentally expanding the identity threat surface
Why security must be embedded into development teams — not siloed as a separate function
Top 3 Takeaways
The threat landscape is evolving faster than training programs — security professionals must proactively upskill and test modern tools in their own environments
Identity is the new perimeter — as AI agents proliferate, managing machine-to-machine identity is becoming as critical as managing human access
Data ownership matters — organizations should consider private cloud or on-prem solutions for mission-critical workloads before sending sensitive data to external AI providers
Memorable Quotes
"You don't need to be a sophisticated hacker anymore to create these attacks." — Zack Tembi
"Security isn't just a security team thing — it's a company thing." — Zack Tembi
"We still need that human innovation and creativity to really get value out of AI." — Zack Tembi
Connect with the Guest
Zack Tembi LinkedIn: https://www.linkedin.com/in/zacktembi/ Newsletter: www.ciosurge.com Company: www.singlefinventures.io
Listen & Subscribe
Like, follow, and subscribe to Secured with Dr. KJ: https://swdrkj.riverside.com Apple Podcasts: https://podcasts.apple.com/us/podcast/secured-with-dr-kj/id1805058517 Spotify: Search "Secured with Dr. KJ" YouTube: Search "Secured with Dr. KJ"
Support the Show
If this episode helped you, share it with your team, leave a quick rating/review, and follow the show for new episodes on AI, application security, identity, and more.

Securing tomorrow, one episode at a time.

Guest: Erika Voss, CISO at Blue Yonder
Episode Overview
Dr. KJ sits down with Erika Voss, CISO at Blue Yonder, to explore the evolving landscape of cybersecurity at the intersection of AI and supply chain management. Erika shares her insights on why identity has become the new attack surface, the challenges of securing AI-driven systems, and why customers are ultimately buying trust, not technology.
Key Discussion Topics
AI-Driven Supply Chain Security
Managing expanding attack surfaces in 2026
Integrating AI with 40-50 year old legacy systems
Moving to millisecond-level supply chain optimization

Identity as the New Attack Surface
Why all roads in security lead to identity
The identity triad: non-negotiable, high-value, and advanced tiers
Moving beyond patch management as a primary concern

Insider Risk and Access Management
Permission creep and trust-but-verify principles
Just-in-time (JIT) access and modern privilege management
Behavioral red flags in identity management

Building Security Culture
From project managers to technical program managers
Why MFA is now just "cyber hygiene basics"
Ground-up security programs vs. top-down mandates

The Trust Economy
Why customers buy trust, not technology
"The 'us' in trust is broken if you can't answer the trust question"
Key Takeaways
Identity is the new control plane - All modern security challenges ultimately trace back to identity and access management
Nail the basics first - Before investing in AI agents, ensure your foundation is solid
Autonomous security requires governance - AI-driven systems need monitoring, validation, testing, and governance
Trust is the product - In 2026, customers aren't buying technology—they're buying assurance
Notable Quotes
"All roads now are leading back to identity... identity is your new attack surface."
"It's not about patching the server anymore. That is so 1980."
"The 'us' in trust is broken. You're not going to be around if you can't answer that question."
"People are not buying your product anymore. What they're buying is trust."
About the Guest
Erika Voss is the Chief Information Security Officer at Blue Yonder, a leader in AI-driven supply chain management. With a doctorate focused on insider threat and extensive experience in enterprise security, Erika brings a unique perspective on securing the intersection of legacy systems and cutting-edge AI technology.
Connect with Erika
LinkedIn: Erika Voss, PhD | LinkedIn
About Secured with Dr. KJ
Hosted by Dr. Kenneth Johnson, "Secured with Dr. KJ" features authentic conversations with cybersecurity practitioners across industries. Each episode focuses on substance over sales, bringing you real insights from security leaders.
Securing tomorrow, one episode at a time.

Listen on: Apple Podcasts | Spotify | YouTube

Episode Title: DNS Security in the AI Era with Garland Moore
Guest: Garland Moore, Solutions Architect at F5

Episode Description: In this episode of Secured with Dr. KJ, I sit down with Garland Moore, Solutions Architect at F5, to discuss DNS security threats, effective defense strategies, and how AI is transforming both the attack landscape and our defensive capabilities. Garland brings over 17 years of hands-on infrastructure experience and shares practical insights for organizations of all sizes.

What We Discussed:
DNS Security Threats & Defense
Why DNS remains a primary target and the impact of major outages
Effective strategies: DNSSEC adoption, resolver hardening, rate limiting
The importance of monitoring, logging, and analytics
Intelligent DNS and managed DNS solutions for threat intelligence

AI's Dual Role in DNS Security
How AI is being weaponized for DNS attacks
Leveraging AI for predictive threat detection and filtering log noise
The emergence of "layer eight" security challenges

Practical Guidance for Smaller Organizations
Minimum DNS security implementations without enterprise budgets
Hybrid approaches combining managed services with internal controls
Sticking to security fundamentals over flashy tools

Building Security Culture & Getting Executive Buy-In
Why foundational systems (DNS, identity, patching, backups) get overlooked
Tying DNS security to business impact: revenue, risk, speed to market
"If DNS goes down, business stops"—translating technical issues to business outcomes

Breaking Into Cybersecurity
You don't need 10 certifications to get started
Three essential qualities: curiosity, fundamentals, and persistence
"Sponge mode": learning broadly while waiting for opportunities
The critical importance of soft skills

Key Quotes:
DNS is the heartbeat of the internet—it's definitely something that is highly targeted.
Nobody really cares about DNS until it doesn't work.
You can't protect what you don't understand.
Cybersecurity isn't about chasing the latest attack—it's about protecting the foundational systems that everything relies on.

About Garland Moore: Garland Moore is a Solutions Architect at F5 specializing in security and modern applications. With over 17 years of infrastructure experience, he combines deep technical expertise with a growing focus on AI to build scalable, secure solutions. His journey from infrastructure operations to Solutions Architect gives him unique end-to-end understanding of enterprise systems. He holds CKA and AWS Solutions Architect certifications and volunteers with Feed the Children and coaches' youth basketball.

Connect with Garland: Garland Moore | LinkedIn

Securing tomorrow, one episode at a time.

Episode Overview
Allen Westley, Director of Cyber Intelligence at L3Harris Technologies, explores the challenges government contractors face with AI, compliance, and operational security. We discuss the compliance trap, agentic AI risks, and why judgment-driven leadership outweighs certifications.
Guest
Allen Westley
Director of Cyber Intelligence, L3Harris Technologies
Founder, Cyber Explorer LLC | Adjunct Professor
LinkedIn: Allen Westley, CSM, CISSP, MBA
Key Topics
The Compliance Trap
Passing CMMC audits vs. having operational security
Critical importance of scoping for defense contractors
Convergence of classified and unclassified systems (CUI, 871 controls)
Shadow IT: operators using unapproved tools to meet deliverables
AI as Dual-Use Technology
Adversaries operationalizing AI alongside defenders
Cognitive mapping and anthropomorphizing risks
Pattern matching creating unintended classified information
Training gaps when mandating AI adoption without guardrails
Agentic AI Systems
Models collaborating with limited visibility
ChatGPT agent example: exceeding original instructions
Data segmentation failures enabling unauthorized access
Engineers bypassing inadequate guardrails
Security Culture
Judgment over knowledge through experience
Psychological safety for reporting mistakes
Leading by example in daily decisions
Trust built through consistency, not town halls
Timestamps
00:00 - Introduction
01:51 - Compliance trap challenges
04:03 - CMMC scoping essentials
06:05 - AI reshaping operations
10:21 - Agentic systems and data risks
12:46 - Canva agent example
15:03 - Building security culture
18:00 - Outro
Resources
CMMC Compliance: Levels 1-3, FCI vs CUI
Defense Industrial Base guidance
AI governance frameworks
Key Takeaways
Scoping determines CMMC success
Compliance ≠ operational security
AI needs training and guardrails
Agentic systems require data segmentation
Psychological safety builds real culture
Connect
Subscribe to Secured with Dr. KJ.
Feedback or want to be a guest? Visit: Secured with Dr. KJ - Podcast
Securing tomorrow, one episode at a time.