Alyson M. Laderman, Esq.

Alyson M. Laderman, Esq. CEO/Executive Director/Co-Founder of Cyber Mettle. She/Her

At the intersection of law, business, and technology, I translate complex legal and operational needs into technology strategies organizations can actually execute.

05/26/2026

What happens when cybersecurity, investigative journalism, hacker culture, and privacy rights collide? Pulitzer Award-winning journalist Yael Grauer joins ⁨⁩ to unpack data brokers, surveillance tech, OSINT culture, online privacy, hacker paranoia, and why your personal information is far more exposed than most people realize. In this episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and Alyson Laderman sit down with journalist, cybersecurity educator, and privacy advocate Yael Grauer for a wide-ranging conversation covering: * The reality of modern data brokers and why removing your information online is so difficult
* The overlap between hacker culture and investigative journalism
* Doxxing, OSINT, digital privacy, and online safety
* The ethics of public records and personal information
* Surveillance technology and the expanding privacy landscape in the United States
* Why journalists and hackers often misunderstand each other
* Social engineering, trust, and online investigation culture
* MMA, jiu-jitsu culture, and surprisingly relevant cybersecurity lessons

Yael also shares insights from her investigative reporting career, including collaborative reporting work tied to award-winning journalism projects and her experience helping people better understand how exposed their data really is online.

This episode blends cybersecurity, law, journalism, privacy, and human behavior into a candid and practical discussion about the digital world we all navigate every day. If you work in cybersecurity, privacy, journalism, tech, law, investigations, OSINT, or risk management — this conversation is packed with insight.

Subscribe for more conversations at the intersection of cybersecurity, business, law, technology, and human resilience.


CHAPTERS
00:00 — Intro & Meet Yael Grauer
01:05 — From MMA Journalism to Cybersecurity
03:24 — Jiu-Jitsu, Injuries & Hacker Culture
07:30 — Why Hackers and Journalists Clash
10:41 — Trust, Sources & Media Relationships
15:14 — Building Credibility in Cyber Journalism
19:08 — Award-Winning Investigative Reporting
23:47 — Surveillance Tech & Data Brokers
24:51 — Getting Doxxed & Why Privacy Matters
27:52 — The Legal & Ethical Gray Areas of Data Collection
30:10 — Public Records, Online Exposure & Digital Footprints
35:50 — OSINT, Investigative Skills & Ethical Boundaries
38:08 — Online Dating, Trust & Digital Verification
39:52 — Why Human Instinct Still Matters
42:02 — Upcoming Speaking Engagements & Future Work
44:26 — Jiu-Jitsu Hygiene, Essential Oils & Closing Laughs

05/19/2026

“AI won’t take your job” is comforting.

But, James McQuiggan explains why that’s not entirely true and what cybersecurity professionals must do next.

In this episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and Alyson M. Laderman, Esq. sit down with cybersecurity veteran James McQuiggan to discuss the uncomfortable reality of AI disruption, workforce resilience, human risk, deepfakes, and the future of cybersecurity careers.

James brings more than 25 years of experience across cybersecurity, IT, SCADA systems, incident response, security awareness, AI, and cyber threat intelligence. Formerly a CISO Advisor at KnowBe4 and now founder of Apparent Security,

James shares candid insights on:

* Whether AI can actually replace cybersecurity jobs

* Why repetitive work is most at risk

* The rise of “vibe coding” and AI-generated software

* Why human oversight still matters in cybersecurity

* Lessons from Stuxnet, SolarWinds, ransomware, and Change Healthcare

* The cybersecurity challenges facing schools and educators

* Human risk management and security awareness

* The importance of community, mentorship, and paying it forward

* Dad jokes as a cybersecurity branding strategy

The conversation blends serious industry insight with humor, career advice, practical AI guidance, and a reminder that cybersecurity is ultimately still about people.

If you're navigating AI disruption, building a cybersecurity career, or trying to future-proof your skills, this episode delivers practical perspective without the hype.

ABOUT JAMES MCQUIGGAN

James McQuiggan is the founder of Apparent Security, cybersecurity educator, speaker, and longtime security advocate with experience spanning IT networking, SCADA systems, incident response, AI security, and human risk management. He previously served as a CISO Advisor at KnowBe4 and teaches Cyber Threat Intelligence at Full Sail University.

Subscribe to The Cyber Mettle Podcast⁩ to hear human conversations at the intersection of cybersecurity, business, law, AI, and human resilience.

05/12/2026

AI is changing cybersecurity hiring faster than most companies are prepared for. Recruiter Pete Strouse joins ⁨⁩ to explain why entry-level roles are disappearing, how GRC is evolving, and what professionals must do to stay relevant. In this episode of The Cyber Mettle Podcast, Omar Sangurima and Alyson Laderman sit down with Pete Strouse, founder of InfoSec Connect and widely known as “The GRC Recruiter,” for an unfiltered conversation about the future of cybersecurity hiring.Pete shares what he’s seeing firsthand across GRC, compliance automation, MSSPs, consulting firms, and cybersecurity startups, including:

Why companies increasingly want senior talent without building junior pipelines;
How AI and automation are reshaping GRC and SOC analyst roles;
The hiring biases most companies won’t openly discuss;
Why networking matters more than ever in cybersecurity;
The growing importance of GRC engineering and AI governance;
How transferable skills can outperform “perfect” resumes;
Why culture and motivation matter more than compensation alone; and
The hidden long-term risks of eliminating entry-level opportunities.

The discussion also explores private equity’s impact on cybersecurity organizations, recruiting realities behind the scenes, and what cybersecurity professionals should focus on now to remain competitive in an AI-driven market. If you work in cybersecurity, GRC, compliance, governance, audit, risk management, or are trying to break into the industry, this episode delivers practical insight from someone who sees hiring trends every single day.

ABOUT PETE STROUSE: Pete Strouse is the founder of InfoSec Connect and a longtime recruiter specializing in Governance, Risk, Compliance (GRC), information security, audit, DFIR, MSSPs, and cybersecurity startups. Known online as “The GRC Recruiter,” Pete has spent more than a decade helping organizations hire cybersecurity talent while advising professionals on career strategy and market trends. Chapters:
00:00 – Introduction and disclaimer
01:11 – Pete Strouse’s background in GRC recruiting
02:04 – Why GRC platforms now need actual practitioners
03:02 – AI, automation, and the disappearing entry-level role
05:09 – The cybersecurity hiring market reality
06:43 – Why companies only want experienced hires
08:17 – Experience requirements and hiring bias
09:29 – Where entry-level cybersecurity talent can still gain experience
11:34 – Networking strategies that actually work
14:13 – Why human connection matters more in the AI era
15:25 – Hiring biases companies rarely admit publicly
17:20 – Private equity’s growing influence in cybersecurity
18:54 – Market consolidation and compliance automation
20:25 – Personal branding and standing out in cybersecurity
22:31 – Transferable skills hiring managers value
24:41 – Why recruiters fight for candidates with strong intangibles
26:15 – Can resumes communicate intangible skills?
27:36 – Do cover letters still matter?
29:38 – Technical skills worth learning right now
32:01 – Why portfolios and proof matter more than resumes
34:50 – The cybersecurity talent pipeline problem
36:12 – Why MSSPs should hire more junior talent
38:32 – Understanding employee motivators
40:19 – Leadership, culture, and retention strategies
44:24 – Loyalty, layoffs, and short job stints
46:09 – How Pete developed his recruiting philosophy
48:31 – Pete’s advice for fixing cybersecurity hiring
49:12 – Final thoughts and closing



KEYWORDS: cybersecurity hiring, GRC careers, AI in cybersecurity, cybersecurity recruiting, Pete Strouse, InfoSec Connect, cybersecurity jobs, entry level cybersecurity, GRC engineering, cybersecurity workforce, cybersecurity talent shortage, AI automation jobs, compliance automation, cybersecurity leadership, cybersecurity recruiting trends, governance risk compliance, cybersecurity mentorship, private equity cybersecurity, AI governance, cybersecurity networking

05/05/2026

Thinking about the CISM? The exam is changing, and most people misunderstand what it actually tests and validates.

Here’s what ISACA really expects, plus how to think like a manager (not an engineer) to pass.

In this Cert Corner episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and I break down the Certified Information Security Manager (CISM) certification: what it is, what’s changing on November 3rd, and whether it’s actually worth your time.

This isn’t a surface-level overview.

We get into:

* The new exam structure and domain weighting
* Why CISM is considered a “gatekeeper” certification
* The critical mindset shift: thinking like a manager, not a practitioner
* How CISM compares to CISSP and CRISC
* Real-world value: how it helps you connect security functions and lead programs

We also cover test-taking strategy, remote proctoring realities, and why many candidates struggle. It's not because they lack knowledge, but because they answer from the wrong perspective.

If you're aiming for mid-to-senior level cybersecurity roles, managing teams, or moving into leadership, then this episode is for you.

⏱️ CHAPTERS

00:00 – Welcome to Cert Corner: Why CISM Still Matters
01:45 – Big Change: New CISM Version Coming November 3
03:20 – Experience Requirements & “Gatekeeping” Reality
05:10 – New Domain Weighting: Program + Incident Management
07:00 – Who CISM Is REALLY For (Manager-Level Focus)
08:30 – CISM vs CISSP: Which One Should You Get?
|10:15 – The Certification Gap Above Manager Level
11:30 – Exam Format: 150 Questions, 4 Hours, No Adaptive Scoring
12:45 – KEY TIP: Think Like a Manager, Not a Technician
14:30 – Incident Response Example: Why “Follow the Plan” Wins
16:00 – Distractors and Test Strategy Insights
18:00 – Remote Proctoring: What to Expect (and Fear)
22:00 – Real Talk: Proctoring Horror Stories & Test Anxiety
26:00 – Cost Breakdown: What You’ll Actually Spend
27:30 – CISM vs CRISC: Risk vs Program Leadership
29:30 – CISM vs CISSP Deep Comparison
33:45 – Career Impact: How CISM Changes Your Thinking
37:00 – Breaking Down Silos Across Security Teams
39:00 – Why Companies Misuse Certifications in Job Reqs
41:00 – Final Thoughts: Should You Get the CISM?
42:30 – Outro and What Certs to Cover Next

Be sure to subscribe so that you don't future episodes.

04/28/2026

AI isn’t replacing cybersecurity professionals. It’s reshaping what matters. The future belongs to those who can connect the dots, not just execute tasks. In this episode of The Cyber Mettle Podcast, Omar Sangurima and I sit down with Frederic (Fred) Descloux to explore one of the biggest shifts happening in cybersecurity today: the return of the generalist.

Fred Descloux is the founder of Zero Drama Security, a straight-talking advisory firm built on a simple premise: most security programs are overcomplicated, under-effective and full of noise. He works with organizations to cut through AI hype, eliminate compliance theater and focus on what actually matters: data, decisions and real risk.

Alongside his advisory work, he serves as a senior security and data protection leader at a global public company, bringing a pragmatic, no-BS perspective to modern security. As AI accelerates ex*****on and automates routine work, organizations are facing a new challenge—decision-making, accountability, and connecting fragmented systems.

Fred shares insights from nearly two decades in security, privacy, and risk across consulting, global organizations, and startups.

Together, they unpack:

* Why AI is compressing ex*****on and what that means for experts

* The real reason “talent gaps” persist in cybersecurity

* How silos, governance failures, and lack of accountability hold organizations back

* Why generalists who can connect business, risk, and technology are becoming critical

* How to build practical, enforceable policies (and avoid governance theater)

* What the next generation of cybersecurity leaders will look like

This conversation goes beyond tools and tactics—it’s about mindset, leadership, and the future of the profession.
If you're in cybersecurity, risk, legal, or business leadership, this episode will challenge how you think about expertise, career growth, and organizational design.

Links:
https://zerodramasecurity.com https://www.linkedin.com/in/fredericdescloux

04/21/2026

Scams aren’t what they used to be, and your loved ones are the target. From AI voice cloning to data brokers, this is the conversation families need to have now.

This episode of The Cyber Mettle Podcast tackles one of the most urgent — and uncomfortable — topics in cybersecurity today: protecting seniors and vulnerable family members from modern scams.

Hosts Omar Sangurima and Alyson Laderman are joined by Cat Karow, founder of ZoraSafe, who brings over 20 years of experience in cybersecurity and product development.

Together, they break down how scams have evolved from obvious fraud to highly targeted, AI-driven manipulation.

This episode is more than just about technology; it's about human behavior, trust, and the reality that anyone can be targeted.

In this conversation, you’ll learn:
* How AI impersonation scams are changing the threat landscape
* Why data brokers make scams more effective
* The emotional manipulation tactics scammers rely on
* Why seniors are disproportionately targeted
* How to have practical, respectful conversations with loved ones
* The role of shame in underreporting scams and how to change it
* Why “urgency” is the biggest red flag Cat also shares how ZoraSafe is working to stop scams in real time while educating users through micro-learning and community reporting.

This is one of those conversations that may feel uncomfortable but is necessary.
👉 Resources mentioned: ZoraSafe (https://zorasafe.com)

⏱️ CHAPTERS:
00:00 – Intro: A “tough but necessary” conversation
01:00 – Meet Cat Karow and ZoraSafe
02:00 – How real-time scam detection works
03:00 – Why scams go unreported (and why that matters)
05:00 – Real-life scam targeting a senior family member
08:00 – How scammers use purchased personal data
10:00 – Why you should stop answering unknown calls
11:00 – AI voice cloning & impersonation scams
13:00 – Hyper-targeting based on vulnerability
14:30 – Why reporting scams is critical
15:30 – The data broker ecosystem explained
18:00 – “You are the product”: data collection reality
20:30 – Living in a surveillance economy
23:00 – Information manipulation & fractured realities
26:00 – Forced digitization and its risks
27:00 – How to talk to family about scams
29:00 – The power of pausing and recognizing urgency
31:00 – Why scams are harder to detect today
32:30 – Long-con scams and crypto fraud
34:00 – Fake influencers, bots, and manipulation at scale
36:30 – The evolution of the internet (then vs now)
38:00 – Big Tech incentives and scam advertising
39:30 – Convenience vs privacy tradeoffs
40:30 – Data overcollection and “honeypot” risks
42:00 – Real-world security failures
45:00 – What happens to your data when companies fail
46:00 – Why data breach notifications come too late
48:00 – Real example: vehicle data exposure
49:00 – Can this problem actually be solved?
50:00 – Forced consent & loss of privacy
51:30 – Small business cybersecurity gaps
53:00 – Final thoughts: talk about it, remove the shame

🔑 KEYWORDS: cybersecurity podcast, scams targeting seniors, AI impersonation scams, voice cloning fraud, data brokers explained, identity theft prevention, cyber awareness, online safety for families, fraud prevention tips, ZoraSafe, Cat Karow, cyber threats 2026, digital privacy risks, scam prevention strategies

04/14/2026

Breaking into AI governance, privacy, or cybersecurity isn’t about where you start, it’s about how you think.

Dr. Kyle David went from historian to AI governance leader and shows exactly how others can do it too.

In this episode of The Cyber Mettle Podcast, Omar Sangurima and I sit down with Dr. Kyle David, founder of Dr. David Privacy and creator of leading IAPP certification training programs.

Dr. David shares his unconventional path from academia to privacy and AI governance, offering a practical roadmap for career changers and professionals looking to future-proof their careers.

The conversation explores:
* Why AI governance is growing—but hasn’t hit “hockey stick” job growth yet
* How privacy professionals are becoming AI governance leaders
* The real impact of regulation vs innovation
* What organizations are struggling with when adopting AI
* Tactical ways to break into cybersecurity, privacy, or AI governance today

Whether you’re preparing for certifications like AIGP or exploring a transition into tech-adjacent roles, this episode delivers grounded, actionable insights.

⏱️ CHAPTERS
00:00 – Intro & welcome to the episode
00:53 – Meet Dr. Kyle David (origin story)
02:02 – From academia to privacy: career pivot during COVID
05:41 – Discovering gaps in certification training
07:19 – Building Dr. David Privacy & AIGP success
09:47 – Entry-level challenges in privacy & AI governance
12:12 – Why AIGP is growing in demand 15:28 – Career pathways after AIGP (3 tracks)
18:21 – Regulation vs innovation in AI
23:32 – Legal perspective on fragmented regulation
24:41 – Innovating inside government systems
29:27 – Theory vs practice in learning
31:01 – How to break into cyber, privacy, or AI (3 strategies)
33:41 – Volunteering, networking, and real-world experience
36:28 – Risks and realities of “working for free”
41:18 – Learning styles and practical application
44:16 – Leveraging your current organization
46:26 – Where to find Dr. David
47:09 – Closing thoughts

KEYWORDS: AI governance careers, privacy career transition, cybersecurity entry level, AIGP certification, IAPP training, AI regulation vs innovation, privacy jobs, governance risk compliance careers, breaking into cybersecurity, Dr Kyle David, AI governance certification, privacy professional path

04/07/2026

Looking forward to this event -- what an amazing group of leaders!

04/07/2026

AI isn’t just another tool — it’s changing risk, liability, and how businesses operate. If you’re treating AI like SaaS, you’re already behind.

In this episode of The Cyber Mettle Podcast, Dr. Omar Sangurima and I sit down with Graeme Rudd (former Green Beret, recovering lawyer, and founder of Assessed Intelligence) to unpack one of the most urgent issues in modern business: the convergence of AI governance and cybersecurity.

Graeme explains why organizations are misjudging AI risk, how “move fast and break things” fails in regulated environments, and why governance is no longer optional—it’s a business survival strategy.

From token burn risks and autonomous agents behaving unpredictably to legal liability, insurance gaps, and the future of certification standards, this conversation connects the dots across cybersecurity, legal, HR, and executive leadership.

You’ll also learn about the Arise Framework, designed to unify cybersecurity and AI governance into a practical, usable model for organizations of any size.

Key topics include:
* Why AI risk is fundamentally different from traditional software
* Token consumption as a financial and governance issue
* The danger of “set it and forget it” AI workflows
* AI agents as insider threats
* Why cybersecurity and AI governance can no longer be separated * Legal and ethical implications of AI failures
* The future of AI regulation, insurance, and certification
* How organizations can start building governance today
* The Arise Framework and how to use it

Resources mentioned:

Arise Framework (free): https://ariseframework.com

Assessed Intelligence: https://assessedintelligence.com

*Disclaimer: This podcast shares general insights and experiences. It is not to be construed as legal or cybersecurity advice.*



Keywords: AI governance framework, cybersecurity and AI, AI risk management, Arise framework, Graeme Rudd, assessed intelligence, AI compliance, token burn AI cost, AI security risks, enterprise AI governance, AI legal risk, AI insurance risk, insider threat AI, AI maturity model, cybersecurity leadership

Address

1070 Montgomery Road #898
Altamonte Springs, FL
32714

Website

Alerts

Be the first to know and let us send you an email when Alyson M. Laderman, Esq. posts news and promotions. Your email address will not be used for any other purpose, and you can unsubscribe at any time.

Contact The Business

Send a message to Alyson M. Laderman, Esq.:

Shortcuts

Share

Category