Matt Lee, now Senior Director of Security & Compliance at Pax8, reveals how a ransomware blast at his former MSP triggered a multi-million-dollar fallout, 26 client disruptions, and a complete redefinition of what security leadership really means in today’s world.

Matt is a battle-tested cybersecurity leader known for translating complex technical crises into practical security transformation. In this raw, revealing episode, he opens up about the breach that changed everything - and how it helped shape the philosophy behind Secure by Demand.

He explains:

1. How a hidden ransomware infection derailed a multi-company merger
2. What most MSPs get dangerously wrong about security risk
3. The real cost of reactive security: layoffs, lawsuits, and insurance gaps
4. What “Secure by Demand” really means (and why it’s missing from most strategies)
5. Why security maturity is the new battleground (not just tooling)
6. How to lead through cyber chaos without losing your sanity

Episode Timeline:

1. (00:00) Intro: Who is Matt Lee and why this episode matters
2. (02:42) Matt’s origin story - from hacker kid to MSP tech
3. (06:19) Falling into security: “I just added ‘and Security’ to my badge”
4. (11:30) The merger that hid a ticking ransomware time bomb
5. (17:04) Voldemort incident discovery: “We bought a company mid-breach”
6. (20:47) The day it hit: Ransomware spreads to 26 client businesses
7. (25:15) What went wrong: due diligence gaps, supply chain blindness
8. (30:22) Incident response chaos and internal suspicion
9. (36:48) Fallout: 18-month recovery, insurance battles, FBI involvement
10. (41:35) Live Compromised: The philosophy Matt built from the wreckage
11. (47:10) The birth of “Secure by Demand” - a challenge to the industry
12. (53:01) Software design flaws: why vendors ship insecure defaults
13. (56:20) Advice for CISOs and MSPs: mindset, tooling, and where to start
14. (59:40) Real-world examples: empathy, leadership, and rebuilding trust
15. (01:03:15) Final reflections: Why the industry needs hard conversations

Connect With Matt on LinkedIn

Powered by Control D

When a breach hits, the first 72 hours decide everything. But the stories, decisions, and philosophies behind those critical hours rarely make it into public conversation. That’s what Full Metal Packet is here to change.

Hosted by Yegor and Alex - the founders of Control D (and before that, Windscribe, now trusted by 90M+ people) - this podcast is where operators, CISOs, and security leaders finally get candid.

Season 1 brings you:

• Breach Incidents → Inside the calls leaders had to make under fire, anonymized and NDA-safe.
• SecOps Therapy → The frictions nobody talks about: burnout, workflows, and the daily grind of running security.
• Security Futures → What’s underrated, what’s overhyped, and how AI will reshape security in the years ahead.

No blame. Just raw, operator-grade conversations from the people who’ve lived it.

Guests already include CISOs from SaaS, healthcare, and hospitality — the voices shaping security today.

If you’re a security leader, this is where your peers will be telling their stories. And if you’re listening, it’s where you’ll find the missing conversations you’ve been waiting for.

Subscribe now and join us for Season 1 of Full Metal Packet.