Guest: Jameeka Green Aaron

Guest Title: Chief Information Security Officer, Headspace

Jameeka Green Aaron, CISO at Headspace, joins Dr. KJ for a candid conversation on protecting mental health data, the limitations of AI in clinical settings, and why humanity must remain a non-negotiable in cybersecurity. As a Navy veteran and black woman in tech leadership, Jameeka also shares powerful insights on representation, courage, and the fight for equity in the industry.

• (00:00) Introduction and guest welcome
• (01:45) AI in mental health: balancing innovation with patient protection
• (08:30) Guardrails and governance: the CIA triad applied to AI
• (14:20) Why security leadership is critical in healthcare
• (21:30) Explaining security concepts to clinicians and product teams
• (24:30) Leadership, representation, and courage as a black veteran in cybersecurity

1. Humanity is a non-negotiable – AI lacks empathy, context, and the ability to read nonverbal cues. In mental health, models must never instruct users to harm themselves or others—guardrails must be absolute.
2. Data professionals are the linchpin of AI – Good data in, good data out. De-identification, anonymization, and clean data practices are essential before training any model on sensitive health information.
3. Protecting and healing go together – Security in healthcare isn't a barrier; it's an enabler. Clinicians already understand patient privacy deeply—security leadership helps them extend that protection through technology.

• HIPAA – Health Insurance Portability and Accountability Act
• HITRUST – Healthcare information security certification
• CIA Triad – Confidentiality, Integrity, Availability
• Headspace Ebb – AI companion that helps users navigate mental health content
• Large Language Models (LLMs) – Foundation for AI-powered tools

Guest: Jameeka Green Aaron – (13) Jameeka Green Aaron, CISSP | LinkedIn

Host: Dr. Kenneth Johnson – (13) Dr. Kenneth Johnson, CISSP | LinkedIn

Securing tomorrow, one episode at a time.

Hosted on Acast. See acast.com/privacy for more information.

Episode 9: AI and Security: Friend or Foe? with Terence Jackson

Host: Dr. Kenneth Johnson

Guest: Terence Jackson

Duration: ~23 minutes

Keywords:

AI, cybersecurity, threat detection, security posture, upskilling, cross-training, digital security, threat actors, zero trust, automation

Episode Summary:

In this episode of Secured with Dr. KJ, Terence Jackson, Chief Security Advisor at Microsoft, explores how artificial intelligence is revolutionizing both sides of the cybersecurity battlefield.

Terence explains how AI is redefining traditional defenses, making threat detection faster and smarter—but also more accessible to adversaries. He walks through the advantages of agentic AI, the evolving threat landscape, and the urgent need for organizations to strengthen posture management and automate security operations. The conversation highlights the importance of upskilling, cross-training, and revisiting foundational security practices like zero trust to stay ahead in the AI arms race.

Listeners will gain insight into the balance between automation and human oversight, and the very real pressures defenders face in a world where attackers have no red tape.

What You’ll Learn:

• How AI empowers defenders to reason over large datasets
• Why threat actors are gaining speed with natural language-driven exploits
• What agentic AI means for posture management and response
• How cross-training existing personnel accelerates readiness
• Why the basics (patching, RBAC, MFA) still matter most
• How to prepare your SOC for AI-assisted defense

Key Takeaways:

• AI has obliterated traditional defenses—speed is the new battleground
• Threat actors are better resourced and less restricted than defenders
• Natural language is the new attack surface
• Agentic AI brings autonomous detection and remediation capabilities
• Time to compromise is now measured in minutes, not months
• Cross-training network and IT engineers reduces staffing gaps
• AI can democratize learning and accelerate workforce development
• Organizations must focus on zero trust and foundational hygiene
• Automation must be balanced with human oversight
• AI is both a friend and a foe—how we use it determines the outcome

Memorable Quotes:

• “AI is obliterating traditional defenses.”
• “The hottest programming language right now is natural language.”
• “We’re defending at the pace and speed of AI.”
• “The attackers have jobs—just like we do.”
• “We need to do the basics better.”

Hosted on Acast. See acast.com/privacy for more information.

Episode 10: The Future of Cybersecurity with Michael Billy

Host: Dr. Kenneth Johnson

Guest: Michael Billy

Duration: ~20 minutes

Keywords:

cybersecurity, generative AI, security trends, tool sprawl, AI security, automation, human oversight, future-proofing, security technologies, Microsoft

Episode Summary:

In this episode of Secured with Dr. KJ, Michael Billy joins the show to explore the future of cybersecurity and how organizations can evolve with confidence in the face of rapid technological change.

From the impact of generative AI to the risks of tool sprawl, Michael outlines why fundamentals like security hygiene and human oversight are more critical than ever. He also discusses how organizations can build trust in AI-powered tools, prepare their teams for the unknown, and create a sustainable plan to stay ahead of threats while embracing innovation.

What You’ll Learn:

• Why hygiene is still the #1 threat in security
• How generative AI is reshaping security tools and tactics
• The importance of vetting AI suppliers and securing AI agents
• Why tool sprawl can lead to visibility gaps and operational fatigue
• How to balance automation with human judgment
• Why Zero Trust and assume breach remain foundational principles
• Strategies for future-proofing security teams and tech stacks

Key Takeaways:

• Hygiene remains the top threat in cybersecurity
• Generative AI will significantly impact security practices
• Organizations must secure their AI agents effectively
• Tool sprawl is a growing concern in cybersecurity
• Vetting generative AI suppliers is crucial for security
• Embracing technology helps teams understand its implications
• Assuming breach is essential for a Zero Trust environment
• Setting a clear plan is vital for security leaders
• Balancing automation with human oversight is necessary
• Continuous learning and adaptation are key in cybersecurity

Memorable Quotes:

• “Hygiene is still the number one threat.”
• “There is no silver bullet in security.”
• “Empower everyone to achieve more.”

Hosted on Acast. See acast.com/privacy for more information.

Episode 4: Zero Trust – Zero Trust in Practice with Mark Simos

Host: Dr. Kenneth Johnson

Guest: Mark Simos, Lead Cybersecurity Architect, Microsoft

Duration: ~20 minutes

Zero Trust, Cybersecurity, Identity Management, AI, Security Architecture, Collaboration, Trust Verification, Modern Security Strategies

In this episode of Secured with Dr. KJ, Kenneth Johnson and Mark Simos break down the reality of Zero Trust—moving beyond buzzwords into actionable strategies. They explore why traditional perimeter-based security no longer works, and how identity, verification, and AI are reshaping the way we think about trust in cybersecurity.

Mark shares insights on how organizations can align their teams, embrace a culture of shared responsibility, and make security a business enabler—not a blocker. The conversation also touches on how AI is accelerating complex security tasks, helping teams stay ahead of evolving threats.

• Why Zero Trust is more than a framework—it’s a mindset shift
• The critical role identity plays in modern security
• How AI supports and strengthens Zero Trust strategies
• The cost of implicit trust and the value of explicit verification
• Why collaboration and communication are essential to success

• Zero Trust removes the false assumption of a secure perimeter.
• Verification of identity is essential in modern security.
• Trust is costly; explicit verification is necessary.
• Identity management is crucial for Zero Trust success.
• AI plays a symbiotic role in enhancing security.
• Security must be integrated into business processes.
• Every asset and user must have a defined identity.
• Collaboration across teams is vital for security effectiveness.
• Security professionals should act as enablers for other teams.
• Open communication fosters a successful Zero Trust implementation.

• “AI accelerates complex security tasks.”
• “Identity is the new security perimeter.”
• “Security is part of everyone’s job.”

Hosted on Acast. See acast.com/privacy for more information.

Host: Kenneth Johnson

Guest: Matthew Waddell, Incident Response Expert & Author of Survive Ransomware

Duration: ~19 minutes

Keywords: Ransomware, Small Business Cybersecurity, Incident Response, Backups, Generative AI, Phishing, Tabletop Exercises, Managed Service Providers, AI in Cyber Defense

In this episode of Secured with Dr. KJ, I sit down with Matthew Waddell—an incident response veteran with over 25 years of experience defending governments, military operations, and private sector organizations. We focus on the ransomware epidemic hitting small businesses and explore why they’re often seen as low-risk, high-reward targets for cybercriminals.

Matthew shares practical, budget-friendly strategies small businesses can implement today—from running internal tabletop exercises and building relationships with law enforcement to creating effective playbooks and developing a culture of vigilance. We also dive into the critical role of offline, tested backups and how poor backup practices can turn an incident into a full-scale disaster.

The conversation takes a forward-looking turn as we discuss generative AI—how it’s making ransomware attacks more convincing and sophisticated, and how defenders can leverage AI-driven tools, such as virtual SOCs, to match the attackers’ speed and precision. Matthew closes by previewing his upcoming book, Survive Ransomware, designed to give non-technical leaders the tools and knowledge to respond effectively to an attack.

• Why ransomware gangs target small businesses as “practice grounds” for larger attacks
• The importance of employee awareness as the first line of defense
• How tabletop exercises can uncover gaps before an incident strikes
• Why backups must be offline, air-gapped, and regularly tested
• How generative AI is being weaponized by attackers—and how defenders can fight back
• How to build strong relationships with law enforcement and managed service providers before you need them

• Small businesses aren’t immune—they’re often easier and more appealing targets for attackers.
• Incident response planning doesn’t require a huge budget, but it does require time, communication, and documentation.
• Backups are only as good as your last test—and ransomware actors actively seek to destroy them.
• Generative AI is reshaping the threat landscape, producing more believable phishing campaigns and faster attacks.
• Proactive relationships with service providers and law enforcement can be invaluable during an incident.

“It doesn’t take a large budget to be secure—just a team willing to think through ‘what if?’ scenarios.” – Matthew Waddell

“If your backups aren’t offline and tested, they might as well not exist when ransomware hits.” – Matthew Waddell

“Attackers are using AI to get faster and smarter—so defenders must do the same.” – Matthew Waddell

🔗 Connect with Matthew Waddell on LinkedIn

Secured with Dr. KJ – Securing tomorrow, one episode at a time.

🎙️ Episode 2: Cloud Security: The Microsoft Advantage

Host: Dr. Kenneth Johnson

Guest: Unique Glover, Technical Sales Director, Microsoft

Duration: ~19 minutes

Episode Overview

In this episode of Secured with Dr. KJ, we sit down with Unique Glover, a veteran cybersecurity leader and cloud expert with over 20 years in the industry. Unique currently serves as Technical Sales Director at Microsoft and holds advanced credentials like CISSP and CCSP. His passion for security, innovation, and community shines as we explore how Microsoft is shaping the future of cloud security.

What You’ll Learn:

•How Microsoft Azure security compares to AWS and GCP

•Why Defender for Cloud is a game-changing tool for enterprise security

•The evolution of data security and the importance of unified security platforms

•How Microsoft balances innovation with openness and integration

•Why collaboration across the security industry is critical to staying ahead of threats

Key Takeaways:

•Microsoft’s native tooling, threat intelligence, and end-to-end integration create a uniquely powerful security platform.

•Defender for Cloud offers visibility, compliance frameworks, automation, and consistent posture management.

•Flexibility and interoperability are must-haves for modern security architecture.

•Collaboration across vendors, partners, and the community is essential to protect customers and stop adversaries.

Memorable Quote:

“If our customers and communities don’t get the protection they need, the only ones who win are the attackers. That’s why integration, collaboration, and transparency matter more than ever.” — Unique Glover

If you enjoyed this episode, be sure to like, subscribe, and share the podcast with your network.

Join us next time as we continue securing tomorrow, one episode at a time.

Hosted on Acast. See acast.com/privacy for more information.

Host: Kenneth Johnson

Guest: Richard Kaufmann

Duration: 21m 28s

Location: United States

Podcast Link: Secured with Dr. KJ on Acast

Privacy, Children, Cybersecurity, Surveillance, Digital Footprint, Parenting, AI, Data Protection, Cyber Awareness, Online Safety

In this bonus episode, Dr. KJ sits down with cybersecurity and AI expert Richard Kaufmann to explore one of the most critical and emotionally charged issues in today’s digital era: privacy and our children. With kids being exposed to technology from infancy and data trails forming before they can even talk, Richard walks us through the unseen costs of growing up in a world that never forgets.

They explore how everything from smart devices to educational apps can silently collect data and what that means for a child’s future. Richard blends real-world experience, strategic insight, and parental empathy to highlight what leaders, parents, and policymakers need to understand—and act on.

• How digital exposure starts before birth and why that’s a problem.
• The long-term consequences of early data collection and surveillance.
• Why privacy must be treated as a child safety issue.
• How AI complicates the protection of minors.
• Practical tips for parents, educators, and security professionals.

• Digital Childhood is Permanent: Children’s data footprints are not erasable and can shape their opportunities later in life.
• Security Isn’t Optional: Protecting kids in the digital age means rethinking both parenting and policy through a cybersecurity lens.
• AI is a Double-Edged Sword: While powerful for personalization and protection, it can also enable surveillance and data misuse.
• We Need Guardrails: The time to act is now—before children’s futures are compromised by today’s tech conveniences.

• “We put more protection on a credit card than we do on a child’s data.” – Richard Kaufmann
• “The most vulnerable population in the digital age is the one without a voice yet.” – Richard Kaufmann

Want to learn more from Richard Kaufmann or continue the conversation?

• 🔹 Connect with Richard on LinkedIn

Hosted on Acast. See acast.com/privacy for more information.

Host: Dr. Kenneth Johnson

Guest: Rico Mariani, Veteran Software Performance Engineer & Longtime Microsoft Leader

Duration: ~20 minutes

In this episode of Secured with Dr. KJ, Dr. Kenneth Johnson sits down with Rico Mariani, a veteran technologist with decades of experience at Microsoft and a deep background in software performance engineering. Known for his strategic thinking and advocacy for diversity in tech, Rico shares valuable insights on how organizations can better approach security in a hybrid workforce era.

They explore key challenges with BYOD, transitioning to cloud environments, and the critical need to understand your internal inventory before building outward. Rico also dives into why tailored security matters, how to assume compromise as a defense model, and the human side of securing flexible work.

• The security risks introduced by hybrid and remote work
• Why visibility and inventory are the foundation of modern security
• Strategies for managing BYOD in enterprise environments
• How to align infrastructure with user needs and risk
• Why tailored access and device assumptions matter
• The connection between good security and organizational readiness

• Understand your inventory before building your security stack.
• Get your internal systems in order before expanding into hybrid/cloud.
• Assume devices are compromised to strengthen overall defense.
• Tailor security to roles and business needs for smarter access control.
• BYOD success requires flexibility, awareness, and clear boundaries.

“Assume they’re connecting with a compromised device. That mindset changes how you design your defenses.” – Rico Mariani

Hosted on Acast. See acast.com/privacy for more information.