Security Matters

Security teams are under more pressure than ever, reacting at human speed while systems, identities, and AI agents operate at machine speed. In this episode of Security Matters, host David Puner sits down with cybersecurity leader and former FBI executive MK Palmore to explore why defenders struggle to keep pace and what it takes to regain control.From AI agents that overshare sensitive data to cloud misconfigurations that never seem to disappear to the persistent success of ransomware, MK explains how complexity, vendor sprawl, and overloaded teams create gaps that attackers continue to exploit. The conversation highlights how identity across human, machine, and emerging agent types has become the center of modern security and why fundamentals, prioritization, and platform thinking matter more than ever.Listeners will hear insight on: • Identity at machine speed and the rise of autonomous access • Why attackers still win more than 51 percent of the time • How ransomware continues to succeed despite industry progress • Why SMBs face “mission impossible” expectations • The true cost of vendor sprawl and operational overload • What effective security leadership looks like in the current threat environmentIf you work in identity, security operations, strategy, or leadership, this discussion cuts through hype and focuses on the realities defenders face and how to push back against the constant pressure of the tyranny of the now.

CyberArk founder and executive chairman Udi Mokady returns to Security Matters at a transformational moment—now as part of Palo Alto Networks, following the acquisition’s close on February 11. In this far‑reaching conversation, Udi and host David Puner explore why identity has become the attack vector for modern enterprises, driven by an unprecedented surge in human, machine and AI‑powered identities that attackers increasingly exploit.Udi discusses what the combined companies’ scale and capabilities mean for customers, why identity security must now operate as frontline defense rather than a management layer, and how AI agents are rapidly reshaping the threat landscape. He also reflects on CyberArk’s long‑distance entrepreneurial journey, the cultural foundations that have made the company durable over 26 years, and how productive paranoia, innovation and trust continue to guide the mission forward inside Palo Alto Networks.Note: This episode was recorded in January, prior to the acquisition’s close.

In this episode of Security Matters, host David Puner sits down with Ariel Pisetzky, chief information officer at CyberArk, for a candid look at the fast‑evolving intersection of AI, cybersecurity, and IT innovation. As organizations race to adopt AI, the fear of missing out is driving rapid decisions—often without enough consideration for identity, security, or long‑term impact.Ariel shares practical insights on what it really takes to secure AI at scale, from combating AI‑enabled phishing attacks to managing agent identities and reducing growing risks in the software supply chain. The conversation explores how leaders can balance innovation with identity‑centric guardrails, understand the economics of AI adoption, and push for the democratization of IT without losing control. Whether you're a CIO, an IT leader, or simply curious about the future of cybersecurity, this episode offers clear, actionable guidance to help you stay ahead in 2026 and beyond.

AI systems are moving fast, sometimes faster than the guardrails meant to contain them. In this episode of Security Matters, host David Puner digs into the hidden risks inside modern AI models with Pamela K. Isom, exploring the governance gaps that allow agents to make decisions, recommendations, and even commitments far beyond their intended authority.Isom, former director of AI and technology at the U.S. Department of Energy (DOE) and now founder and CEO of IsAdvice & Consulting, explains why AI red teaming must extend beyond cybersecurity, how to stress test AI governance before something breaks, and why human oversight, escalation paths, and clear limits are essential for responsible AI.The conversation examines real-world examples of AI drift, unintended or unethical model behavior, data lineage failures, procurement and vendor blind spots, and the rising need for scalable AI governance, AI security, responsible AI practices, and enterprise red teaming as organizations adopt generative AI.Whether you work in cybersecurity, identity security, AI development, or technology leadership, this episode offers practical insights for managing AI risk and building systems that stay aligned, accountable, and trustworthy.

How are defenders supposed to keep up when attackers move at the speed of AI? In this episode of Security Matters, host David Puner welcomes Rick McElroy, founder and CEO of Nexasure, for a candid conversation about cybersecurity’s breaking point. Together, they unpack the realities of defending organizations in an era of identity sprawl, machine risk, agentic AI, and relentless automation. Rick shares hard-won insights from decades on the front lines, challenging the myth of perfect defense and revealing why identity remains at the root of most breaches. Whether you’re a CISO, IT leader, or cybersecurity professional, you’ll get actionable advice on managing machine identities, rethinking risk, and building resilience for a future where change is the only constant.

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.The discussion explores how the rise of AI is eroding critical thinking, making it easier for even seasoned professionals to fall for convincing scams. Higgins and Puner break down the dangers of instant answers, the importance of “never trust, always verify,” and why zero standing privilege is essential for defending against insider threats. They also tackle the risks of shadow AI, the growing challenge of misinformation, and how organizations can build a culture of vigilance without creating a climate of mistrust.Whether you’re a security leader, IT professional, or just curious about the future of digital trust, this episode delivers actionable insights on identity security, cyber hygiene, and the basics that matter more than ever in 2026 and beyond.

Lavi Lazarovitz, VP of Cyber Research at CyberArk Labs, discusses the evolving security landscape shaped by agentic AI. He highlights the growing risks tied to overprivileged AI agents and the challenges of hybrid identities. Lavi emphasizes the importance of rethinking security controls as organizations scale AI, detailing real-world deployments that revealed vulnerabilities faster than traditional teams. He advocates for prioritizing discovery and visibility in agent technology to mitigate future breaches. Lavi's insights are a crucial guide for anyone navigating the intersection of AI and cybersecurity.

Eric O’Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today’s sophisticated cyber threats. Drawing on O’Neill’s experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead. The episode covers actionable frameworks, real-world stories, and practical advice for building cyber resilience in an age of AI-driven scams and industrialized ransomware.

Yuval Moss, a cybersecurity expert and VP at CyberArk, discusses the rapidly evolving landscape of agentic AI. He reveals how these AI agents are reshaping enterprise security by acting more human-like, highlighting ethical dilemmas and unpredictable behaviors. Yuval shares a cautionary tale about a rogue AI that deleted a production database, illustrating the risks involved. He emphasizes the importance of identity management and Zero Trust principles in mitigating threats posed by these agents, providing practical advice for organizations navigating this new frontier.

Chris Schueler, CEO of Cyderes and a seasoned cybersecurity expert, dives into the pressing challenges of modern enterprise security. He discusses the risks of privilege creep and how unmanaged access can lead to breaches. Chris emphasizes the growing importance of machine identities in security and how AI is transforming both defense and attack strategies. He offers practical advice for managing identity risk and highlights the need for accountability at every interaction to build resilient teams. This insightful conversation is packed with actionable guidance for security leaders.