Secured with Dr. KJ

🎙️ Episode 1: The State of Cybersecurity – Jim EckartHost: Dr. Kenneth JohnsonGuest: Jim Eckart, General Manager of Security Solution Sales at Microsoft, Former CISODuration: 18:50Episode Overview:In this premiere episode of Secured with Dr. KJ, we sit down with Jim Eckart—a seasoned security leader with over 25 years in IT and cybersecurity. As a former CISO and current General Manager of Security Solution Sales at Microsoft, Jim shares insights on what it takes to secure organizations at scale in today’s evolving digital landscape.What We Discuss: • The biggest shifts in the cybersecurity landscape over the last decade • Lessons learned from Jim’s time as a CISO • How Microsoft approaches enterprise security and what makes it stand out • The role of Zero Trust, identity, and AI in modern security strategies • Where organizations still fall short—and how they can catch upWhy You Should Listen:Whether you’re a business leader, security professional, or curious about the future of cybersecurity, this episode offers a front-row seat to how one of the world’s biggest tech companies tackles security challenges from the inside out.Key Quote:“Good security is about anticipating problems before they become breaches—and that takes a culture, not just a toolset.” — Jim Eckart

🎙️ Episode 2: Cloud Security: The Microsoft AdvantageHost: Dr. Kenneth JohnsonGuest: Unique Glover, Technical Sales Director, MicrosoftDuration: ~19 minutesEpisode OverviewIn this episode of Secured with Dr. KJ, we sit down with Unique Glover, a veteran cybersecurity leader and cloud expert with over 20 years in the industry. Unique currently serves as Technical Sales Director at Microsoft and holds advanced credentials like CISSP and CCSP. His passion for security, innovation, and community shines as we explore how Microsoft is shaping the future of cloud security.What You’ll Learn: • How Microsoft Azure security compares to AWS and GCP • Why Defender for Cloud is a game-changing tool for enterprise security • The evolution of data security and the importance of unified security platforms • How Microsoft balances innovation with openness and integration • Why collaboration across the security industry is critical to staying ahead of threatsKey Takeaways: • Microsoft’s native tooling, threat intelligence, and end-to-end integration create a uniquely powerful security platform. • Defender for Cloud offers visibility, compliance frameworks, automation, and consistent posture management. • Flexibility and interoperability are must-haves for modern security architecture. • Collaboration across vendors, partners, and the community is essential to protect customers and stop adversaries.Memorable Quote:“If our customers and communities don’t get the protection they need, the only ones who win are the attackers. That’s why integration, collaboration, and transparency matter more than ever.” — Unique GloverIf you enjoyed this episode, be sure to like, subscribe, and share the podcast with your network.Join us next time as we continue securing tomorrow, one episode at a time.

🎙️ Episode 3: Securing the Hybrid Workforce with Rico MarianiHost: Dr. Kenneth JohnsonGuest: Rico Mariani, Veteran Software Performance Engineer & Longtime Microsoft LeaderDuration: ~20 minutesEpisode Overview:In this episode of Secured with Dr. KJ, Dr. Kenneth Johnson sits down with Rico Mariani, a veteran technologist with decades of experience at Microsoft and a deep background in software performance engineering. Known for his strategic thinking and advocacy for diversity in tech, Rico shares valuable insights on how organizations can better approach security in a hybrid workforce era.They explore key challenges with BYOD, transitioning to cloud environments, and the critical need to understand your internal inventory before building outward. Rico also dives into why tailored security matters, how to assume compromise as a defense model, and the human side of securing flexible work.What You’ll Learn:The security risks introduced by hybrid and remote workWhy visibility and inventory are the foundation of modern securityStrategies for managing BYOD in enterprise environmentsHow to align infrastructure with user needs and riskWhy tailored access and device assumptions matterThe connection between good security and organizational readinessKey Takeaways:Understand your inventory before building your security stack.Get your internal systems in order before expanding into hybrid/cloud.Assume devices are compromised to strengthen overall defense.Tailor security to roles and business needs for smarter access control.BYOD success requires flexibility, awareness, and clear boundaries.Memorable Quote:“Assume they’re connecting with a compromised device. That mindset changes how you design your defenses.” – Rico Mariani

Episode 4: Zero Trust – Zero Trust in Practice with Mark SimosHost: Dr. Kenneth JohnsonGuest: Mark Simos, Lead Cybersecurity Architect, MicrosoftDuration: ~20 minutesKeywords:Zero Trust, Cybersecurity, Identity Management, AI, Security Architecture, Collaboration, Trust Verification, Modern Security StrategiesEpisode Summary:In this episode of Secured with Dr. KJ, Kenneth Johnson and Mark Simos break down the reality of Zero Trust—moving beyond buzzwords into actionable strategies. They explore why traditional perimeter-based security no longer works, and how identity, verification, and AI are reshaping the way we think about trust in cybersecurity.Mark shares insights on how organizations can align their teams, embrace a culture of shared responsibility, and make security a business enabler—not a blocker. The conversation also touches on how AI is accelerating complex security tasks, helping teams stay ahead of evolving threats.What You’ll Learn:Why Zero Trust is more than a framework—it’s a mindset shiftThe critical role identity plays in modern securityHow AI supports and strengthens Zero Trust strategiesThe cost of implicit trust and the value of explicit verificationWhy collaboration and communication are essential to successKey Takeaways:Zero Trust removes the false assumption of a secure perimeter.Verification of identity is essential in modern security.Trust is costly; explicit verification is necessary.Identity management is crucial for Zero Trust success.AI plays a symbiotic role in enhancing security.Security must be integrated into business processes.Every asset and user must have a defined identity.Collaboration across teams is vital for security effectiveness.Security professionals should act as enablers for other teams.Open communication fosters a successful Zero Trust implementation.Memorable Quotes:“AI accelerates complex security tasks.”“Identity is the new security perimeter.”“Security is part of everyone’s job.”

Episode 6: Ransomware and Threat Protection with James RingoldHost: Dr. Kenneth JohnsonGuest: James RingoldDuration: ~20 minutesKeywords:ransomware, cybersecurity, threat landscape, AI in security, recovery strategies, ransomware as a service, security education, enterprise security, ransomware attacks, modern security platformsEpisode Summary:In this episode of Secured with Dr. KJ, James Ringold breaks down the constantly evolving ransomware threat landscape and its implications for enterprise security. From the rise of AI-powered attacks to the growth of ransomware as a service, James explains why these threats demand more than just technical fixes—they require a strategic, cross-functional approach.We also explore the growing importance of security education, the burden of legacy systems, and how organizations can better balance proactive prevention with rapid recovery strategies.What You’ll Learn:How ransomware tactics have evolved, including triple extortionWhy legacy systems are still a major weak spotHow AI is both a threat and a tool in cybersecurityThe role of cloud storage and file versioning in recoveryWhy education and awareness are just as critical as toolingHow to think about ransomware as a business risk, not just a tech problemKey Takeaways:Ransomware damages are projected to hit $57 billion by 2025Triple extortion and human-operated attacks are on the riseAI is enabling faster, stealthier attacksRansomware as a service creates a supply chain of cybercrimeLegacy infrastructure remains a major vulnerabilityCloud-based recovery tools like versioning can expedite restorationEmployee education and SOC readiness are vital to responseEffective defense requires cross-team collaborationPrevention and recovery must go hand-in-handRansomware is a business-level risk, not just an IT concernMemorable Quotes:“AI is used to automate phishing and evade detection.”“Ransomware as a service is a growing concern.”“Attackers don’t hack anymore—they log in.”“Balancing prevention with rapid recovery is crucial.”

Episode 7: Regulatory Compliance in the Cloud with Awnya CrequeHost: Dr. Kenneth JohnsonGuest: Awnya CrequeDuration: ~20 minutesKeywords:cloud compliance, data security, regulatory challenges, Microsoft Purview, risk assessment, industry regulations, cloud migration, access control, data privacy, compliance automationEpisode Summary:In this episode of Secured with Dr. KJ, Awnya Creque, Principal Technical Specialist at Microsoft, breaks down the complex world of regulatory compliance in the cloud.Awnya outlines five critical focus areas—data residency, access control, data privacy, regulatory compliance, and auditing/reporting—that organizations must address when migrating to or operating in cloud environments. She explains how compliance challenges vary across sectors like government, healthcare, and financial services, and how tools like Microsoft Purview can support proactive compliance strategies.The conversation also explores the importance of fostering a culture of compliance, leveraging automation, and integrating regulatory checks into day-to-day workflows.What You’ll Learn:The top compliance challenges when moving to the cloudWhy data sovereignty and residency matter more than everHow identity and access control play a central role in securing sensitive dataWhy compliance isn’t a one-time task—it’s a continuous processHow industry-specific requirements shape cloud security strategiesThe role of cloud providers and automation in easing the compliance burdenKey Takeaways:Organizations face multiple compliance challenges in the cloudData residency and sovereignty are essential to meet global regulationsStrong access control and identity management are non-negotiableSecurity programs must adhere to evolving frameworks like GDPR and HIPAACompliance demands constant attention and adaptationEffective auditing and reporting help demonstrate accountabilityIndustry-specific regulations drive unique security needsCloud platforms like Microsoft Purview offer valuable supportProactive strategies and automation reduce riskEmbedding compliance into daily workflows drives long-term successMemorable Quotes:“Data stays where it needs to be.”“Stay informed about regulatory updates.”“Conducting a risk assessment is crucial.”“Integrate compliance into your workflows.”

Episode 10: Securing the Internet of Things with Maurice HamptonHost: Dr. Kenneth JohnsonGuest: Maurice HamptonDuration: ~23 minutesKeywords:IoT security, connected devices, cybersecurity, risk management, best practices, visibility, control, AI, machine learning, organizational strategyEpisode Summary:In this episode of Secured with Dr. KJ, Maurice Hampton, Director of Cybersecurity Solution Sales (East) at Microsoft, unpacks the security challenges posed by the exponential growth of connected devices.Maurice walks through the evolution of the IoT attack surface, explaining how formerly isolated systems are now interconnected and exposed to new threats. He outlines a practical, phased approach—acknowledge, assess, implement controls—for tackling IoT security at scale. The discussion underscores the need for visibility, collaboration, and AI-driven insights to manage risk across environments like manufacturing, transportation, and smart cities.Listeners will gain actionable strategies and real-world examples of how organizations can secure their IoT footprint from the edge to the cloud.What You’ll Learn:Why IoT security is more complex today than ever beforeThe risks associated with interconnectivity and outdated systemsHow to launch an IoT security strategy using a crawl-walk-run approachWhy visibility and inventory are foundational to defenseThe critical role of cross-functional collaboration in securing IoTHow AI and machine learning enhance detection and responseReal-world examples of IoT security transformationKey Takeaways:The IoT attack surface has expanded due to rapid connectivitySecurity must be built into innovation—not added laterAcknowledging risks is step one in any IoT security journeyComprehensive assessments are essential to understand current stateControls must follow knowledge—not precede itCross-team collaboration is vital—security is a team sportVisibility into devices and their behavior drives stronger defenseAI can uncover anomalies that humans may missStart small and build repeatable processesTaking action is the key to reducing long-term riskMemorable Quotes:“The attack surface has grown exponentially.”“Acknowledge, understand, and then controls.”“Get other people in the boat with you.”“Security isn’t a solo act—it’s a team sport.”“AI lets us see what we couldn’t before.”

Episode 9: AI and Security: Friend or Foe? with Terence JacksonHost: Dr. Kenneth JohnsonGuest: Terence JacksonDuration: ~23 minutesKeywords:AI, cybersecurity, threat detection, security posture, upskilling, cross-training, digital security, threat actors, zero trust, automationEpisode Summary:In this episode of Secured with Dr. KJ, Terence Jackson, Chief Security Advisor at Microsoft, explores how artificial intelligence is revolutionizing both sides of the cybersecurity battlefield.Terence explains how AI is redefining traditional defenses, making threat detection faster and smarter—but also more accessible to adversaries. He walks through the advantages of agentic AI, the evolving threat landscape, and the urgent need for organizations to strengthen posture management and automate security operations. The conversation highlights the importance of upskilling, cross-training, and revisiting foundational security practices like zero trust to stay ahead in the AI arms race.Listeners will gain insight into the balance between automation and human oversight, and the very real pressures defenders face in a world where attackers have no red tape.What You’ll Learn:How AI empowers defenders to reason over large datasetsWhy threat actors are gaining speed with natural language-driven exploitsWhat agentic AI means for posture management and responseHow cross-training existing personnel accelerates readinessWhy the basics (patching, RBAC, MFA) still matter mostHow to prepare your SOC for AI-assisted defenseKey Takeaways:AI has obliterated traditional defenses—speed is the new battlegroundThreat actors are better resourced and less restricted than defendersNatural language is the new attack surfaceAgentic AI brings autonomous detection and remediation capabilitiesTime to compromise is now measured in minutes, not monthsCross-training network and IT engineers reduces staffing gapsAI can democratize learning and accelerate workforce developmentOrganizations must focus on zero trust and foundational hygieneAutomation must be balanced with human oversightAI is both a friend and a foe—how we use it determines the outcomeMemorable Quotes:“AI is obliterating traditional defenses.”“The hottest programming language right now is natural language.”“We’re defending at the pace and speed of AI.”“The attackers have jobs—just like we do.”“We need to do the basics better.”