Mike Johnson — one of the earliest security podcasters and a veteran leader from Salesforce, Lyft, Fastly, and Rivian — joins host Nate Lee to explore what modern security really requires in an era of AI-accelerated threats and rapidly expanding software supply chains. With decades of hands-on experience across cloud, hyperscale systems, global infrastructure, and software-defined vehicles, Mike brings a grounded, pragmatic view of where security is headed and what leaders need to focus on now.
Show Notes / Recap
In this episode of The TPRM Podcast — Threats, Pitfalls & Risk Myths — Nate and Mike dive into:
Mike Johnson breaks down security at AI speed; from software supply chain risk to why questionnaires fail and what modern security teams should focus on instead.
• Why security questionnaires fail — and what actually reflects real risk
• How AI is accelerating both attacks and detection
• The new realities of software supply chain threats
• Why security teams must treat telemetry as a big-data problem
• Lessons from securing SaaS, hyperscale networks, and software-defined vehicles
• Minimum viable security: what every vendor really needs
• The rise of AI-driven exploitation and automated attack chaining
• How defenders can use context to finally stay ahead
• Why inventory and hygiene remain the core of effective security
• The future of TPRM in an AI-driven world