The Cybersecurity Risk Nobody Talks About: Identity Resilience with Muli Motola | Cyber Mettle S1E29

ISACA AAIR Certification Review: What to Expect from the Advanced AI Risk Exam S1E30

Thinking about the AAIR certification from ISACA? Just hours after completing the Advanced AI Risk (AAIR) exam, Omar Sangurima sits down with Alyson Laderman to share his candid experience, preparation approach, key takeaways, and lessons learned from one of ISACA’s newest AI-focused certifications. In this Cert Corner episode, Omar discusses how the AAIR exam compares to certifications like the AIGP, why "ISACA mode" matters when approaching certification exams, the role of AI risk within broader enterprise risk management programs, and what cybersecurity, governance, and risk professionals should understand about AI risk today. The conversation explores practical study strategies, exam structure, governance frameworks, AI risk management concepts, and why understanding business risk may be just as important as understanding the technology itself. Whether you're considering the AAIR certification, working in AI governance, cybersecurity, risk management, compliance, audit, or simply trying to understand how AI risk is evolving inside organizations, this episode offers a real-world perspective from someone who just completed the exam. In this episode: • Omar's immediate reaction after completing the AAIR exam • How the exam compares to AIGP and other ISACA certifications • Understanding "ISACA mode" and certification mindset • AI Risk Management Framework (AI RMF) preparation strategies • Governance, risk, and AI integration challenges • Why context matters when answering certification questions • The relationship between AI risk and enterprise risk management • Whether AI risk deserves its own certification domain • Lessons learned for cybersecurity and risk professionals Chapters 00:00 - Fresh Off the Exam: Initial AAIR Reactions 02:02 - What Is the AAIR Certification? 04:15 - Exam Format, Cost, and Proctoring Experience 06:39 - Comparing AAIR and AIGP Preparation 08:21 - Understanding “ISACA Mode” 11:44 - Certification Study Pitfalls and Exam Dumps 13:11 - Study Strategy and Preparation Approach 20:14 - How the Exam Questions Are Structured 27:04 - Key Domains and AI Risk Concepts 31:25 - Does AI Risk Deserve Its Own Certification? 36:46 - The Real Value of the Certification 40:35 - Final Advice for Future Candidates 42:48 - Why Studying AI Risk Matters #CyberMettlePodcast #AIRisk #AAIR #ISACA #Cybersecurity #Governance #RiskManagement #ArtificialIntelligence #AIGP #CyberLeadership

The Cybersecurity Risk Nobody Talks About: Identity Resilience with Muli Motola | Cyber Mettle S1E29

Your backups may be protected. Your data may be protected. But what happens if you lose access to the systems that let you access everything else? In this episode of  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw], Omar Sangurima [https://linkedin.com/in/dromars] and Alyson Laderman [https://linkedin.com/in/alysonladerman] sit down with Muli Motola, CEO and Co-Founder of Acsense [https://acsense.com], to discuss one of the most overlooked areas of cybersecurity and resilience: Identity and Access Management (IAM). As organizations continue moving to the cloud and embracing Zero Trust architectures, identity systems have become the foundation of modern operations. Yet many businesses still lack a recovery strategy for the very systems that control access to everything else. Muli shares the real-world incident that inspired Acsense, lessons learned from large-scale identity-related breaches, and why identity resilience is becoming a board-level business issue. Topics include: * Why IAM has become a critical business dependency * The hidden risks of cloud-based identity systems * Shared responsibility between vendors and customers * Lessons from MGM and Caesars Palace * Identity resilience and disaster recovery planning * Operational mistakes versus cyberattacks * AI, automation, and identity management risk * Single points of failure in modern IT environments * What boards and executives should be asking today * How organizations can prepare for identity-related disruptions If your organization relies on cloud services, SaaS applications, remote work, customer portals, or Zero Trust security models, this conversation is essential listening. RESOURCES FROM ACSENSE Want to learn more about Identity Resilience, IAM Recovery, and Disaster Recovery Planning? Muli Motola and the Acsense team have published several free resources, including their Disaster Recovery Guidebook for Identity and Access Management. Explore the full resource library: https://acsense.com/resources/white-papers/ [https://acsense.com/resources/white-papers/] Recommended resource: Disaster Recovery Guidebook for Identity & Access Management Whether you're a CISO, IT leader, MSP, security practitioner, or business executive, these guides provide practical frameworks for thinking about identity resilience, recovery planning, and operational continuity. 🎙 About The Cyber Mettle Podcast The Cyber Mettle Podcast explores the intersection of law, business, cybersecurity, technology, resilience, and leadership. Hosted by Omar Sangurima and Alyson Laderman 🔔 Subscribe for future conversations on cybersecurity, resilience, business continuity, leadership, AI, governance, and emerging technology. CHAPTERS 00:00 Introduction 01:07 Meet Muli Motola 02:12 What Is Identity and Access Management? 04:31 Why IAM Is More Critical Than Most Organizations Realize 05:42 The Incident That Inspired Acsense 08:12 The Butterfly Effect of Identity Systems 09:31 Cloud Identity and the New Single Point of Failure 10:56 Lessons from MGM and Caesars Palace 13:56 AI, Automation, and Identity Risk 15:26 Why Identity Recovery Is So Difficult 17:24 Cyber Resilience and Immutable Recovery 19:03 Shared Responsibility in Identity Security 22:11 Who Understands Identity Resilience Today? 24:24 Operational Mistakes vs Cyberattacks 26:52 The Importance of Recovery Autonomy 29:00 AI Agents and Privileged Access Risks 32:34 Why Customers Are Worried About AI Modifying History 34:14 What CEOs and Boards Need to Understand 36:34 Building Effective Recovery Objectives 39:27 Why Identity Is Foundational to Business Continuity 43:33 The Future of Identity Resilience 48:25 Final Thoughts

Joshua Copeland: The Truth About AI, Cybersecurity, and Why Companies Are Getting It Wrong S1E28

Can AI make organizations more effective without replacing people?   Cybersecurity leader Joshua Copeland [https://www.linkedin.com/in/joshuacopeland/] joins Omar Sangurima [https://www.linkedin.com/in/dromars] and Alyson Laderman [https://www.linkedin.com/in/alysonladerman] to discuss AI, workforce development, cybersecurity, governance, and the unintended consequences of automation. In this episode: • Why AI should augment people rather than replace them • The hidden costs of AI adoption • AI-generated code and cybersecurity risks • Workforce development and employee retention • AI bias and accountability • The future of human judgment in an AI-driven world Joshua also shares the story behind his widely followed "Unpopular Opinion" posts and explains why honest conversations are essential for the cybersecurity profession.   Key Topics * Artificial Intelligence * Cybersecurity * AI Governance * Workforce Development * Business Resilience * Leadership * Risk Management * Compliance Connect with The Cyber Mettle Podcast LinkedIn: https://www.linkedin.com/company/the-cyber-mettle-podcast [https://www.linkedin.com/company/the-cyber-mettle-podcast] Website: https://cybermettle.org [https://cybermettle.org] Chapters 00:00 Introduction and Guest Welcome 02:18 Joshua Copeland's Cybersecurity Journey 05:16 The Origin of "Unpopular Opinions" 08:33 Why Cybersecurity Needs More Honest Conversations 11:40 AI Should Augment People, Not Replace Them 15:00 The Real Cost of Replacing Employees 18:26 Startup Growth, Retention, and Innovation 21:00 Ego, Venture Capital, and AI Adoption 22:25 AI Coding, Vibe Coding, and Security Risks 24:23 Why Data Breaches Can End Small Businesses 26:55 The Hidden Costs of AI 30:31 Dependency, Skills Decline, and AI Reliance 32:57 Which Jobs Will Survive AI? 35:43 Human Judgment vs Artificial Intelligence 39:22 AI, Law, Liability, and Accountability 43:28 Hiring Bias and AI Training Data 46:45 Governance, Risk, and Organizational Responsibility 50:59 Final Thoughts on AI

How Networking Actually Builds Cybersecurity Careers | Arielle Cireseanu-Acevedo, Esq. S1E27

Most cybersecurity career advice focuses on technical skills. This episode explores the skill that often determines long-term success: building genuine relationships. What does it take to build a successful cybersecurity career when your background isn't technical? In this episode of The Cyber Mettle Podcast, Omar Sangurima and Alyson Laderman sit down with Arielle Cireseanu-Acevedo, Esq. to discuss career growth, networking, leadership, mentorship, storytelling, and the power of authentic relationships in cybersecurity and beyond. Ari shares her journey from healthcare operations and legal work into cybersecurity leadership, proving that career transitions are possible when organizations invest in people and individuals remain committed to learning. Topics include: Transitioning into cybersecurity without a technical background Why networking is really about relationships, not business cards Career development and internal mobility  Building trust and professional credibility The value of mentorship and sponsorship Storytelling as a cybersecurity and leadership skill Soft skills that accelerate career growth Why kindness is a competitive advantage Creating opportunities through authentic human connection Whether you're early in your career, considering a transition into cybersecurity, or leading teams, this conversation offers practical advice for building a career that lasts. Subscribe for more conversations at the intersection of cybersecurity, leadership, business, law, and resilience. #Cybersecurity #CareerDevelopment #Leadership #Networking #CyberMettle #InfoSec #ProfessionalGrowth #SoftSkills CHAPTERS 00:00 – Introduction & Meet Arielle Cireseanu-Acevedo 02:15 – Ari's Career Journey Into Cybersecurity 08:13 – Why Organizations Should Invest in Their People 12:22 – Career Growth, Retention & Boomerang Employees 16:21 – What Networking Actually Means 20:23 – Networking Beyond Business Cards 23:21 – Food, Community & Building Connections 26:15 – Toastmasters and Public Speaking Growth 31:08 – Storytelling as a Career Superpower 36:33 – How Lawyers and Non-Technical Professionals Enter Cybersecurity 40:36 – Why Relationships Matter More Than You Think 46:23 – Gatekeeping vs Mentorship 50:11 – Building Authentic Professional Relationships 56:32 – Supporting Others Without Expecting Something Back 01:00:25 – Final Thoughts on Cyber Mettle

Data Brokers, Doxxing & Digital Privacy with Yael Grauer | The Cyber Mettle Podcast S1E26

What happens when cybersecurity, investigative journalism, hacker culture, and privacy rights collide? Pulitzer Award-winning journalist Yael Grauer joins  ⁨@TheCyberMettlePodcast⁩  [https://studio.youtube.com/channel/UCyf4TYnc-0AKW79TbxfK3zw] to unpack data brokers, surveillance tech, OSINT culture, online privacy, hacker paranoia, and why your personal information is far more exposed than most people realize. In this episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and Alyson Laderman sit down with journalist, cybersecurity educator, and privacy advocate Yael Grauer for a wide-ranging conversation covering: * The reality of modern data brokers and why removing your information online is so difficult * The overlap between hacker culture and investigative journalism * Doxxing, OSINT, digital privacy, and online safety * The ethics of public records and personal information * Surveillance technology and the expanding privacy landscape in the United States * Why journalists and hackers often misunderstand each other * Social engineering, trust, and online investigation culture * MMA, jiu-jitsu culture, and surprisingly relevant cybersecurity lessons   Yael also shares insights from her investigative reporting career, including collaborative reporting work tied to award-winning journalism projects and her experience helping people better understand how exposed their data really is online.   This episode blends cybersecurity, law, journalism, privacy, and human behavior into a candid and practical discussion about the digital world we all navigate every day. If you work in cybersecurity, privacy, journalism, tech, law, investigations, OSINT, or risk management — this conversation is packed with insight.   Subscribe for more conversations at the intersection of cybersecurity, business, law, technology, and human resilience.   #Cybersecurity #Privacy #DataBrokers #OSINT #DigitalPrivacy #Journalism #CyberMettle #InfoSec #HackerCulture #onlinesafety CHAPTERS 00:00 — Intro & Meet Yael Grauer 01:05 — From MMA Journalism to Cybersecurity 03:24 — Jiu-Jitsu, Injuries & Hacker Culture 07:30 — Why Hackers and Journalists Clash 10:41 — Trust, Sources & Media Relationships 15:14 — Building Credibility in Cyber Journalism 19:08 — Award-Winning Investigative Reporting 23:47 — Surveillance Tech & Data Brokers 24:51 — Getting Doxxed & Why Privacy Matters 27:52 — The Legal & Ethical Gray Areas of Data Collection 30:10 — Public Records, Online Exposure & Digital Footprints 35:50 — OSINT, Investigative Skills & Ethical Boundaries 38:08 — Online Dating, Trust & Digital Verification 39:52 — Why Human Instinct Still Matters 42:02 — Upcoming Speaking Engagements & Future Work 44:26 — Jiu-Jitsu Hygiene, Essential Oils & Closing Laughs