Security Matters

As enterprises embrace agentic AI, a new security risk equation emerges. In this episode of Security Matters, host David Puner sits down with Lavi Lazarovitz, VP of Cyber Research at CyberArk Labs, to unpack how AI agents and identity security are reshaping the threat landscape. Learn why privileged access is now the fault line of enterprise security, how attackers exploit overprivileged AI agents, and what security teams must rethink before scaling AI. Packed with real-world examples and actionable insights, this is a must-listen for anyone meeting the challenges of AI and cybersecurity.

Eric O’Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today’s sophisticated cyber threats. Drawing on O’Neill’s experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead. The episode covers actionable frameworks, real-world stories, and practical advice for building cyber resilience in an age of AI-driven scams and industrialized ransomware.

In this episode of Security Matters, host David Puner sits down with Yuval Moss, CyberArk’s VP of Solutions for Global Strategic Partners, to explore the fast-evolving world of agentic AI and its impact on enterprise security. From rogue AI agents deleting production databases to the ethical blind spots of autonomous systems, the conversation dives deep into how identity and Zero Trust principles must evolve to keep pace. Yuval shares insights from his 25-year cybersecurity journey, including why AI agents behave more like humans than machines—and why that’s both exciting and dangerous. Whether you're a security leader, technologist or curious listener, this episode offers practical guidance on managing AI agent identities, reducing risk, and preparing for the next wave of autonomous innovation.Explore more of Yuval’s thinking on agentic AI and identity-first security in these recent articles:The life and death of an AI agent: Identity security lessons from the human experienceWhen AI Agents Mirror Humanity’s Best Behaviors…and Worst Behaviors The Agentic AI Revolution: 5 Unexpected Security Challenges

In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation. Whether you’re a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization’s reputation, continuity, and trust.

Modern digital supply chains are increasingly complex and vulnerable. In this episode of Security Matters, host David Puner is joined by Retsef Levi, professor of operations management at the MIT Sloan School of Management, to explore how organizations can “sense the signals” of hidden risks lurking within their software supply chains, from open source dependencies to third-party integrations and AI-driven automation.Professor Levi, a leading expert in cyber resilience and complex systems, explains why traditional prevention isn’t enough and how attackers exploit unseen pathways to infiltrate even the most secure enterprises. The conversation covers the critical need for transparency, continuous monitoring, and rapid detection and recovery in an era where software is built from countless unknown components.Key topics include:How to sense early warning signs of supply chain attacksThe role of AI and automation in both risk and defenseBest practices for mapping and securing your digital ecosystemWhy resilience—not just prevention—must be at the core of your security strategyWhether you’re a CISO, IT leader or security practitioner, this episode will help you rethink your approach to digital supply chain risk and prepare your organization for what’s next.Subscribe to Security Matters for expert insights on identity security, cyber resilience and the evolving threat landscape.

In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk’s Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.Discover why “you can’t secure what you can’t see,” how manual processes fail at scale, and why treating machine identities as “first-class citizens” is no longer optional. Andy also explores the privileged access paradox, dynamic access management, and how AI is reshaping compliance, trading, and operational resilience.Whether you're a security leader, technologist, or financial executive, this episode offers strategic insights and practical steps to future-proof your organization in an era of accelerating digital risk.

In this episode of Security Matters, host David Puner sits down with Matt Barker, CyberArk’s VP and Global Head of Workload Identity Architecture, for a deep dive into the exploding world of machine identities and the urgent need to rethink how to secure them. From his journey co-founding Jetstack and creating Cert Manager to leading CyberArk’s efforts in workload identity, Matt shares insights on why secrets-based security is no longer sustainable—and how open standards like SPIFFE are reshaping the future of cloud-native and AI-driven environments.Discover how machine identities now outnumber humans 80 to 1, why leaked secrets are a "hacker’s buffet," and how workload identity is becoming a cornerstone of Zero Trust architecture. Whether you're a CISO, platform engineer, or just curious about the next frontier in cybersecurity, this episode offers actionable advice and a compelling vision for securing the age of AI agents.

Cybercriminals today operate more like startups than stereotypes—complete with org charts, sprint cycles, and pizza parties to celebrate successful breaches. In this episode of Security Matters, host David Puner talks with former CISO and U.S. Air Force veteran Ian Schneller about the evolving sophistication of threat actors and what it takes to stay ahead.From zero-day vulnerabilities and machine identity risks to AI-powered attacks and insider threats, Ian shares practical strategies drawn from his experience in military intelligence, offensive cyber operations, and corporate security leadership. Learn how to build resilience, translate cyber risk into business outcomes, and lead with mission-driven clarity in a threat landscape that never slows down.

What does "secure by default" really mean—and is it enough? In this episode of CyberArk’s Security Matters, host David Puner sits down with Scott Barronton, Chief Information Security Officer (CISO) at Diebold Nixdorf, to explore the often-overlooked risks of cloud default settings and how assumptions can lead to vulnerabilities.Drawing on over 25 years in cybersecurity, Scott shares how he balances product and corporate security, leads a global team, and chairs his company’s AI steering committee. He discusses the importance of machine identity management, certificate automation, and building security programs that support both innovation and accountability.Plus, Scott reflects on how his passion for travel—including a group trip to Antarctica—informs his leadership style and security mindset.

What does it take to stay calm in the face of constant cyber pressure—and why does that mindset matter more than ever? In this episode of Security Matters, host David Puner speaks with Den Jones, founder and CEO of 909Cyber, about his transition from enterprise chief security officer (CSO) to cybersecurity consultant. They explore what it means to lead with clarity and composure in a high-stakes environment, the realities of launching a firm in a crowded market, and how pragmatic security strategies—especially around identity, AI, and Zero Trust—can help organizations navigate AI-driven threats, talent shortages, and operational complexity. It’s a candid conversation about what works and what doesn’t when it comes to modern security leadership.

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation.Listeners will learn:Why legacy identity governance models are breaking under cloud scaleHow AI agents are reshaping entitlement management and threat detectionWhat organizations must do to secure non-human identities and interlinked dependenciesWhy time-to-value and outcome-driven metrics are essential for modern IGA successWhether you're a CISO, identity architect, or security strategist, this episode delivers actionable guidance for navigating the evolving identity security landscape.

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.They explore what it means to be a mission-driven CISO, how to build trust from the boardroom to the front lines, and why identity has always been the true perimeter. Marene also reflects on her post-CISO chapter and the evolving role of cybersecurity leaders in a rapidly evolving threat landscape.

In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.According to the CyberArk 2025 Identity Security Landscape, machine identities now outnumber human identities by more than 80 to 1. As organizations scale cloud workloads and automation, these identities are becoming a critical part of the cybersecurity frontline. From TLS certificate outages to API key exposures, failures in machine identity management can lead to outages, breaches, and cascading system failures. In this episode of Security Matters, Kevin Bocek explains why this moment is pivotal for getting machine identity right—and how Zero Trust principles, automation, and visibility are essential to building cyber resilience.We also explore the future of identity security—from AI kill switches and agentic AI to quantum threats—and how identity can serve as both a safeguard and a kill switch in the age of autonomous systems.Whether you're a cybersecurity professional or simply interested in the latest security trends, this episode offers valuable insights into the importance of machine identity in safeguarding our digital world. Don’t forget to subscribe, leave a review, and follow Security Matters for more expert discussions on the latest in cybersecurity.

In this episode of Security Matters, host David Puner sits down with Eric Olden, co-founder and CEO of Strata Identity, and a pioneer in modern identity management. Eric shares his career journey, from founding Simplified to leading Oracle's global identity division, and discusses the critical importance of resilience in identity systems.Discover how organizations can eliminate single points of failure, test their backup plans and ensure their digital operations remain robust even in the face of unexpected outages. Eric also delves into the concept of identity orchestration, explaining how it can unify multiple identity systems and enhance security.Tune in to learn about the latest trends in identity management, including the intersection of AI and identity, and gain insights into how businesses can proactively assess and mitigate risks associated with identity outages.Don't miss this engaging conversation filled with practical advice and forward-thinking strategies to help safeguard your organization's identity infrastructure.

In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk's Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company's VP of finance, gaining unauthorized access to your environment. Bryan Murphy shares insights on how these sophisticated attacks are turning identity into the attack surface and why your first line of defense might be as simple as a video call. Learn about the latest trends in social engineering, credential tiering and the importance of visual verification in incident response. Don't miss this eye-opening discussion on how to protect your organization from the ever-evolving threat landscape.

In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel's elite Unit 8200 and explains why identity is now the new security perimeter. They delve into the challenges organizations face in managing SaaS applications, the impact of generative AI on cybersecurity and the importance of proactive identity governance. Tune in for tips on how to protect your organization from within and stay ahead of evolving threats.

Imagine receiving an urgent email from your bank that looks perfectly legitimate. It warns you of a suspicious transaction and prompts you to verify your identity. You hesitate but click, and suddenly, your credentials are compromised. This scenario, crafted by AI-powered fraud-as-a-service, is happening now.In this episode of the Security Matters podcast, host David Puner is joined by Blair Cohen, Founder and President of AuthenticID, to discuss the evolving identity threat landscape. They explore the rise of synthetic fraud, the role of biometric authentication and how AI-driven security is reshaping the fight against cybercrime. Blair shares insights on the challenges of detecting deepfakes, the advancements in biometric authentication and the impact of generative AI on security measures.Tune in to learn how security leaders can stay ahead in this rapidly changing environment and what organizations can do to prepare for the next generation of cyberthreats.

In this episode of the Security Matters podcast, host David Puner is joined by Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, to explore the transformative impact of AI agents on cybersecurity and automation. They discuss real-world scenarios where AI agents monitor security logs, flag anomalies, and automate responses, highlighting both the opportunities and risks associated with these advanced technologies.Lavi shares insights into the evolution of AI agents, from chatbots to agentic AI, and the challenges of building trust and resilience in AI-driven systems. The conversation delves into the latest research areas, including safety, privacy, and security, and examines how different industries are adopting AI agents to handle vast amounts of data.Tune in to learn about the critical security challenges posed by AI agents, the importance of trust in automation, and the strategies organizations can implement to protect their systems and data. Whether you're a cybersecurity professional or simply curious about the future of AI, this episode offers valuable insights into the rapidly evolving world of AI agents.More security resources via the CyberArk Blog

In this episode of Security Matters, we dive into the world of retail technology and cybersecurity. Imagine a bustling retail chain during its busiest shopping season, only to be disrupted by a cyberattack. Our guest, Jason James, Chief Information Officer (CIO) at Aptos Retail, shares his insights with host David Puner on how to stay ahead of these threats. Discover the strategies for building cyber resilience, the role of AI in retail, the importance of protecting consumer trust and the critical role of identity in safeguarding sensitive data. JJ's journey from tech enthusiast to CIO offers actionable insights and expert advice for cyber professionals, business leaders and anyone with a seat at or view of the cybersecurity table.More security resources via the CyberArk Blog

In the inaugural episode of the Security Matters podcast, host David Puner dives into the world of AI security with CyberArk Labs' Principal Cyber Researcher, Eran Shimony. Discover how FuzzyAI is revolutionizing the protection of large language models (LLMs) by identifying vulnerabilities before attackers can exploit them. Learn about the challenges of securing generative AI and the innovative techniques used to stay ahead of threats. Tune in for an insightful discussion on the future of AI security and the importance of safeguarding LLMs.What's Security Matters? Check out the show trailer to learn more. Make us your top cybersecurity podcast.More security resources via the CyberArk Blog Links referenced in this episode:FuzzyAI GitHub pageFuzzyAI Discord Community