Cyber Focus Podcast

Overview: In this episode, host Frank Cilluffo sits down with Cheri Caddy, former Deputy Assistant National Cyber Director at the White House and senior technical advisor at the Department of Energy. They discuss the cybersecurity challenges surrounding connected vehicles, examining how modern cars are effectively "computers on wheels" and the broader implications for privacy, data security, and national security. Cheri highlights the convergence of IT and OT systems in vehicles, the need for cyber-informed engineering, and the importance of regulatory harmonization in addressing these challenges.Main Topics Covered:Convergence of IT/OT systems in connected vehiclesCybersecurity and privacy risks of modern carsGlobal supply chain implications for vehicle data securityRegulatory harmonization across sectors impacting connected vehiclesFuture of automation and autonomous vehicles in the cybersecurity landscapeManaging cybersecurity at an enterprise level for government and corporate vehicle fleetsKey Quotes:"Your car has always been something in your environment, but now it's a computer. It's software-defined, and you have to treat it with all of the cyber implications of being a computer." – Cheri Caddy "There's no cyber problem that's a single sector anymore." – Cheri Caddy"Vehicles are giant sensor platforms recording everything. What are the security implications of taking a connected vehicle on to a sensitive facility? ...I think that is very much an open question.– Cheri Caddy"We need to get [vehicle engineers] to think about cybersecurity at the design phase. Because dealing with bolting on cyber after the fact is, is just not practical.– Cheri CaddyThis is just such an interesting area of converging, of all of the exciting cyber things, from supply chain to applied machine learning to data standards and integration. – Cheri CaddyRelevant Links:National Cyber Informed Engineering StrategyInformation on vehicle data privacy and cybersecurity from the National Highway Traffic Safety Administration (NHTSA)https://www.nhtsa.gov/research/vehicle-cybersecurityhttps://www.nhtsa.gov/press-releases/nhtsa-updates-cybersecurity-best-practices-new-vehiclesGuest Bio: Cheri Caddy is a cybersecurity leader with over 30 years of experience in national security, intelligence, and technical advisory roles. She has served as the Deputy Assistant National Cyber Director at the White House, as well as a senior advisor at the Department of Energy. Caddy's expertise lies in bridging policy and technical innovation, particularly in IT/OT convergence and secure-by-design engineering for critical infrastructure.

Wed, 20 Nov 2024

In this episode of Cyber Focus, host Frank Cilluffo interviews Kiersten Todt, president of Wondros, a creative firm focused on social and policy change. Todt, who previously served as Chief of Staff at the Cybersecurity and Infrastructure Security Agency (CISA) and as a senior advisor on the Senate Homeland Security Committee, shares insights on the challenges and advancements in cybersecurity workforce development, public-private collaboration, and the critical role of community involvement in cybersecurity initiatives.Main Topics Covered:Cybersecurity workforce development, with a focus on neurodiversity and inclusivityPublic-private partnerships and CISA's role in regional engagementThe importance of community-level cybersecurity initiativesCybersecurity supply chain issues and the need for inclusive small business supportCybersecurity awareness through campaigns, education, and human-centered designKey Quotes:"I think we as a nation will be so much better if we create inclusive workforces that represent and acknowledge and honor the aptitudes of individuals that we may not define as being... typical." – Kiersten Todt"If we're truly looking at securing [critical infrastructure sectors], we have to look with a cross-sector approach." – Kiersten Todt"[Cyber incident response] starts in the community, it starts at the local level. And so being able to engage those individuals is critical." – Kiersten Todt"The applied side is what attracts most of these kids [to cybersecurity]. It's not sitting behind a computer and just the zeros and ones. It's actually seeing the fruit of their work and actually getting involved." - Frank Cilluffo"Creating more of an activist culture in cybersecurity, as well as some of these other issues, really helps to turn the tide and to create change." – Kiersten TodtRelevant Links and Resources:https://pausetake9.org/https://cyberreadinessinstitute.org/https://wondros.com/about/Guest Bio: Kiersten Todt is the president of Wondros, a firm dedicated to social and policy change. She previously served as Chief of Staff at CISA and has held senior advisory roles on the Senate Homeland Security Committee. Her work focuses on building inclusive cybersecurity solutions, workforce development, and fostering partnerships across public and private sectors.

Wed, 13 Nov 2024

In this episode of Cyber Focus, host Frank Cilluffo interviews Patrick Wright, the Chief Information Security Officer and Chief Privacy Officer for the State of Nebraska. The discussion centers around the challenges and opportunities of implementing artificial intelligence (AI) and cybersecurity strategies at the state and local levels. Patrick shares insights on leveraging AI to bolster cybersecurity, managing privacy implications, and building strategic public-private partnerships. The conversation also highlights initiatives like Cyber Tatanka, a unique cybersecurity exercise involving military, government, and private entities, and addresses the importance of cooperation with federal agencies.Main Topics Covered:State-level implementation of AI and its role in improving government servicesLeveraging AI for cybersecurity: challenges, use cases, and privacy considerationsCyber Tatanka: A collaborative cybersecurity exercise with the National GuardStrategic partnerships with private sector and federal agenciesResource allocation and logistical challenges in disaster management using AIKey Quotes:"We're leveraging cybersecurity and AI to bolster our defenses against the national and global threats that we face." – Patrick Wright"We can talk about cyber security from a strategic perspective all day long... But where the rubber meets the road is in providing the the critical capabilities for cyber down to the SLT level." – Patrick Wright"Being proactive in not only what we're doing from a cybersecurity awareness perspective, but from an emerging technology perspective, from a policy perspective, from a best practices perspective." – Patrick Wright"When you start talking about targeting the power grid, not only are you disrupting power supply generation for constituents across the state or region, but you're also, impacting power for other critical infrastructure like like health care and banking." – Patrick Wright"We tend to look at the world through our boxes and org charts. The bad guys don't. They act. In fact, they very intentionally exploit the seams in our defenses. –  Frank CilluffoRelevant Links and Resources:National Association of State Technology Directors (NASTD)NASTD AI SurveyMulti-State Information Sharing and Analysis Center (MS-ISAC)Guest Bio: Patrick Wright is Nebraska’s Chief Information Security and Privacy Officer, responsible for statewide cybersecurity initiatives, incident response, and compliance. With experience in both public and private sectors, he holds degrees in IT and public policy, and chairs multiple cybersecurity committees. He also serves on CIS’s Multi-State Information Sharing and Analysis Center Executive Committee (MS-ISAC).

Wed, 06 Nov 2024

In this episode of Cyber Focus, host Frank Cilluffo sits down with Sonya Proctor, Assistant Administrator for Surface Operations at TSA (Transportation Security Administration). Proctor discusses TSA's evolving role in securing pipelines and other surface transportation sectors, emphasizing the agency's expanded cybersecurity focus following the Colonial Pipeline ransomware attack. The conversation delves into TSA's partnerships with industry, other federal agencies, and state and local law enforcement to enhance critical infrastructure protection, as well as the challenges and opportunities in integrating physical and cyber security efforts.Main Topics Covered:TSA's role in pipeline and surface transportation securityThe Colonial Pipeline ransomware attack and its impactIntegration of physical and cyber security for critical infrastructureCollaborations with federal and industry partnersChallenges with operational technology (OT)Key Quotes:"[The general public does] not typically think of TSA as having a role for pipeline security. And actually, TSA role in pipeline security goes back to the beginning of TSA." - Sonya Proctor"I have no question that we are in this together. This is one fight. Because this threat is unlike anything they've ever seen before." - Sonya Proctor"Our resources will grow along with the threat... They have to."- Sonya Proctor"I was fortunate to have a relationship with [Colonial Pipeline] and to be able to communicate with them and to be able to get information from them that we were then able to share with other companies." - Sonya Proctor"We have provided classified briefings to more operators than ever in the in the history of TSA... it was important for us to make sure that they understood the threat. - Sonya ProctorRelevant Links and Resources:DHS 2025 Homeland Threat AssessmentRecent cybersecurity advisories from TSA and DHSGuest Bio: Sonya Proctor is the Assistant Administrator for Surface Operations at TSA, overseeing the security of pipelines, mass transit, freight rail, and highways. She previously served as Director of the Surface Division in Policy, Plans, and Engagement, and Deputy Federal Security Director at Ronald Reagan Washington National Airport. Proctor started her law enforcement career with the Washington, D.C. Metropolitan Police Department and also served as Chief of Police for the Amtrak Police Department.

Wed, 30 Oct 2024

In this episode of Cyber Focus, host Frank Cilluffo discusses cybersecurity priorities for the incoming administration with Mark Montgomery, co-author and leader of the Cyber Solarium 2.0 Commission, and George Barnes, former deputy director of the NSA. They delve into the McCrary Institute's new presidential transition report that presents a strategic roadmap to maintain the progress achieved in cybersecurity. The report highlights eight lines of effort, ranging from regulatory harmonization and collaboration to building workforce capacity and securing emerging technologies, with the ultimate goal of safeguarding national security and economic resilience.Main Topics Covered:The purpose and composition of the transition reportMaintaining cybersecurity momentum across administrationsEight lines of effort to ensure cybersecurity continuityUnifying the regulatory landscapeSynergy in cybersecurity protectionCost imposition and deterrence strategiesResiliency through proactive risk reductionEnhancing cyber statecraft and international collaborationBuilding workforce capacity and volunteer supportSafeguarding critical and emerging technologiesEnsuring continuity of the economyKey Quotes:“Irrespective of who wins the presidency in November, cybersecurity is going to be a priority and must be elevated.” – Frank Cilluffo“The most important thing in Washington is momentum, and to have momentum, you have to have ideas.” – Mark Montgomery"Cyber transcends the air, land, sea space and the reality is this has implications and impact much broader from a national security and economic security perspective." – Frank Cilluffo"You can't just sit there and defend. You actually have to put pressure and cost and position in the other direction." – George Barnes"The one thing [autocracies] can't do well is partner. They're very transactional and domineering, as we know. And so partnerships really matter." – George Barnes“[We] need to first achieve regulatory harmonization. You can't continue to pile requirement on requirement on the private sector without first ensuring that you're not asking them to do the same thing in five different manners.” – Mark MontgomeryRelated Links: The full report: https://eng.auburn.edu/mccrary/pttf/Guest Bios:Mark Montgomery is the leader of the Cyber Solarium 2.0 Commission, focusing on strategies to improve national cybersecurity and protect critical infrastructure, and a senior fellow at the McCrary Institute. George Barnes is the former deputy director of the National Security Agency (NSA), a senior fellow at the McCrary Institute, and the Cyber Practice President and Partner at Red Cell Partners

Wed, 23 Oct 2024

In this episode of Cyber Focus, host Frank Cilluffo speaks with Ambassador Toby Feakin, Australia’s first Ambassador for Cyber Affairs and Critical Technologies. Feakin reflects on the evolving cyber threat landscape in the Asia-Pacific region, Australia's cybersecurity strategy, and its growing focus on balancing economic ties with China while addressing critical security risks. The conversation delves into Australia’s international partnerships, public attribution of cyber threats, and critical infrastructure protection. Feakin also shares insights into his role in spearheading Australia's cyber policy and the future of technological leadership in quantum computing, AI, and supply chain security.Main Topics Covered:Australia’s evolving cybersecurity strategy and public attribution of threats like the Cloud Hopper incidentThe balance between economic ties with China and cybersecurity risksInternational partnerships with Five Eyes and regional players like South Korea and JapanCritical infrastructure protection, including undersea cables and cyber-kinetic threatsThe significance of China's pre-positioning cyberattacksEmerging technologies, including AI, quantum computing, and their impact on geopoliticsFeakin’s role in shaping Australia’s cyber diplomacy and international engagementKey Quotes: "Something that Australia continually has to balance is this kind of multifaceted relationship with China... it's balancing the economic ties that you have with such a behemoth in the Asia-Pacific and globally, economically, alongside a growing understanding of security risk." - Toby Feakin"[China's pre-positioning] absolutely should concern not just other governments, but it should concern industry because they are the guys... who own and operate a majority of infrastructure and they need to know clearly that's the level of threat they're dealing with." - Toby Feakin"If you look at that tech convergence, you cannot afford to sit still for one second because it's all moving such a fast rate that even the developers themselves have no idea where this journey is ending up." - Toby Feakin"[To safeguard supply chains] Australia in making much more rigorous assessments of not only where does the equipment come from, but where does the money flow from." - Toby Feakin"Businesses need to feel comfortable in the chaos of trying out new technologies and creating right pockets of environments and business cases so that they can trial new tech and not be frightened of it." - Toby FeakinRelated Links: https://insights.sei.cmu.edu/blog/operation-cloud-hopper-case-study/https://www.microsoft.com/en-us/security/blog/2023/05/24/volt-typhoon-targets-us-critical-infrastructure-with-living-off-the-land-techniques/https://www.iiss.org/publications/strategic-comments/2019/australia-huawei-and-5g/Guest Bio:Ambassador Tobias (Toby) Feakin served as Australia's inaugural Ambassador for Cyber Affairs and Critical Technologies. He was responsible for shaping Australia's international cyber engagement strategy and has been instrumental in fostering partnerships across the Asia-Pacific. Feakin has played a crucial role in Australia's public attribution of cyber threats and has been a key advocate for balancing technological innovation with security risks.

Wed, 16 Oct 2024

In this episode of Cyber Focus, host Frank Cilluffo talks with Bob Kolasky, Senior Vice President at Exeter and former head of the National Risk Management Center at CISA. The conversation covers key topics related to supply chain risk, security, and national defense. Bob provides insights into the evolving threats within supply chains, especially those linked to cybersecurity and critical infrastructure. He also touches on legislative efforts and the role of public-private partnerships in mitigating risks from foreign actors, particularly focusing on concerns regarding Chinese companies like DJI and Huawei.Main Topics Covered:The hybrid nature of supply chain threats and their intersection with cybersecurityNotable supply chain attacks like SolarWinds and the role of software vulnerabilitiesThe rise of Chinese technology companies, especially DJI, in U.S. supply chainsLegislative responses to supply chain risks, including the China Select CommitteeCritical infrastructure sectors and the importance of visibility and resilience in supply chainsThe need for secure alternatives to foreign technologies, particularly in drones and communication systemsPublic-private partnerships to address systemic risks in national securityKey Quotes: "Supply chain has increasingly become an important element of how nations defend themselves, but also an area of attack." – Bob Kolasky"We're seeing order of magnitudes improvements in manufacturing techniques that are being enabled by digital. And whenever you say the word digital, you can say the word cyber because a digital supply chain is a potentially cyber-vulnerable supply chain." – Bob Kolasky"How are we as a country going to see the investments made in alternatives to DJI [drones] so that law enforcement can still get a cost effective solution to meet their mission needs?" – Bob Kolasky"It’s not just about bringing supplies back here. It’s about friend-shoring and trust-shoring and making sure that there are the instruments of power used to stimulate the development of technologies and markets for technologies that are crucial." – Bob Kolasky"Let's empower the institutions that Congress has created, the executive branch has created to continue to do this work. Administrations may have different priorities, but the more we jump around... the more we get drawn away from the end state goal, which is more security and resilience." – Bob KolaskyRelevant Links and Resources:National Risk Management CenterGuest Bio:Bob Kolasky is the Senior Vice President at Exeter and a former leader at the National Risk Management Center at CISA. His career has focused on addressing supply chain risk, cybersecurity, and critical infrastructure. At CISA, he worked on supply chain security efforts, particularly in defense and technology sectors, and was a key figure in developing national policies to protect critical infrastructure from cyber and physical threats.

Wed, 09 Oct 2024

In this week’s Cyber Focus, host Frank Cilluffo speaks with Dave Luber, the Director of Cybersecurity at the NSA. Luber shares insights from his extensive career, spanning 37 years in the intelligence community. The discussion focuses on the NSA's dual mission in signals intelligence and cybersecurity, its collaboration with industry through the Cybersecurity Collaboration Center, the importance of public-private partnerships, and the evolving threat landscape. Luber emphasizes the need for secure-by-design principles, the role of education in developing the next-generation cyber workforce, and the NSA's efforts to address threats from state-sponsored actors like China and Russia.Main Topics Covered:NSA’s dual missions: Signals Intelligence (SIGINT) and CybersecurityEstablishment of the Cybersecurity Directorate under General NakasonePublic-private partnerships and the Cybersecurity Collaboration CenterGlobal partnerships with U.S. allies and Five Eyes nationsThe role of academia and the Centers of Academic Excellence in building the cyber workforceState-sponsored threats, particularly from China and RussiaThe importance of secure-by-design and zero-trust models in cybersecurityIntersection of space and cyber domains, including the protection of space systemsNSA’s role in shaping the cyber defense landscape and publishing cybersecurity advisoriesKey Quotes:“NSA has two primary missions: signals intelligence and cybersecurity. About five years ago, we combined these strengths to form the Cybersecurity Directorate, enhancing our capabilities to protect national security systems.” – Dave Luber“You need to use the hacker mentality to think about how to protect critical systems.” – Dave LuberWe’ve brought together the talents of NSA, along with the talents of industry, to really scale cybersecurity in a way we’ve never been able to do in the past." – Dave Luber “Russia has decided that, you know what, espionage is more valuable than attack, because if I can get the insights I need from Ukrainian networks, I can drive an outcome that benefits Russia on the battlefield. So you can see that actors will choose a different playbook depending on what they need at a particular time.” – Dave Luber“Over the course of the last five years, we've continued to see state sponsored actors increase in both their sophistication and scale and capabilities of an impact of some of their operational activities.”– Dave LuberTurning those signals intelligence insights into actionable cybersecurity guidance is really, I think, where we bring unique opportunities for our nation. But again, just ourselves is not enough.” – Dave LuberRelevant Links and Resources:GenCyber program for K-12 studentshttps://media.defense.gov/2024/Feb/07/2003389935/-1/-1/0/CSA-PRC-Compromise-US-Critical-Infrastructure.PDF

Wed, 02 Oct 2024

In this episode of Cyber Focus, Frank Cilluffo interviews Brandon Wales, the former Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA), who served for over 19 years in the Department of Homeland Security (DHS). They discuss the evolution of the cyber threat landscape, lessons from significant incidents like SolarWinds, and the role of public-private partnerships in building cybersecurity resilience. Wales also shares insights on geopolitical concerns, including Chinese and Russian cyber capabilities, and the importance of preparedness across critical infrastructure.Main Topics Covered:Brandon Wales' Career at DHS and CISAEvolution of Cybersecurity ThreatsSolarWinds Cyber IncidentPublic-Private PartnershipsGeopolitical Cyber ThreatsFuture Cybersecurity ChallengesKey Quotes: “I can't think of anyone who's probably had more impact on CIS than yourself.” – Frank Cilluffo“The first shot fired in the Russia-Ukraine conflict, was cyber, was the disruption of Western critical infrastructure, ViaSat satellite constellation by Russian intelligence services to disrupt command and control in Ukraine.” – Brandon Wales“Our strength really is the vibrancy of our industry, the innovation that comes from it, the expertise that's resident in it. And for us to win, we need to harness all those capabilities and bring them together.” – Brandon Wales“[US Election Systems] are arguably more secure and resilient than ever, and people should have confidence that when they go to vote, their vote will be counted and counted correctly” – Brandon Wales“Industry is not only on the front line, it is the front line in cybersecurity.” – Brandon WalesRelated Links: https://www.microsoft.com/en-us/security/blog/https://CISA.govGuest Bio:Brandon Wales is the former Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA), where he served for over 19 years within the Department of Homeland Security (DHS). He played a pivotal role in shaping the nation's cybersecurity posture and responding to high-profile incidents like the SolarWinds attack. Currently, he is the Vice President for Cybersecurity Strategy at SentinelOne, where he continues to focus on strengthening cybersecurity for critical infrastructure and private industry.

Wed, 25 Sep 2024

In this special Cyber Focus Brief, Frank Cilluffo and Bob Kolasky discuss the impact of the recent pager and communication device attack in Lebanon, reportedly orchestrated by the Israeli government. The discussion explores the unprecedented scale and complexity of this operation, the sophisticated use of supply chain vulnerabilities, and the psychological and strategic implications for both nation-states and critical infrastructure. The conversation also highlights the importance of supply chain security in the modern era, emphasizing the blending of cyber and physical threats and the need for enhanced defensive measures to protect vital systems.Main Topics Covered:The scale of planning needed for this type of supply chain infiltrationPsychological impact on adversariesImplications for supply chain securityBlending of cyber and physical threatsStrategic lessons for governments and businessesThe importance of trusted suppliers and defensive measuresKey Quotes: “When you start seeing something that has potential loss of life and physical consequences, I think maybe people will actually pay some attention to a significant set of issues facing our countries, our societies and obviously our companies.” – Frank Cilluffo “I do think it will likely lead to some new applications and tactics, techniques and procedures we may see in the battlefield or even in a civilian battlefield.” – Frank Cilluffo “I keep coming to the phrase hybrid, because I don't want to call this a physical or cyber. It's an element of both things…  there's a digital aspect of how the physical attack was done. And so, you know, we're going to get lost if we spend our time debating whether something cyber or not cyber enabled, physical enabled, it's all blended together. – Bob KolaskyFrank Cilluffo is a leading expert in national security and cybersecurity, having served on the Cyberspace Solarium Commission and the Department of Homeland Security’s Advisory Council. He has advised senior U.S. officials, testified before Congress, and worked closely with NATO and Europol. Following 9/11, Cilluffo was appointed to the Office of Homeland Security by President George W. Bush, where he served as a key advisor on homeland security and counterterrorism strategy.Bob Kolasky is Senior Vice President for Critical Infrastructure at Exiger, leading efforts to manage third-party and supply chain risks. He previously founded the National Risk Management Center at CISA and held senior roles at DHS, focusing on cybersecurity and infrastructure protection. 

Fri, 20 Sep 2024

In this episode, host Frank Cilluffo is joined by Dave DeWalt, founder and CEO of NightDragon, and Katherine Gronberg, Head of Government Affairs at NightDragon. They discuss the intersection of technology and cybersecurity, emphasizing the growing convergence of physical and cyber threats. The conversation highlights key areas such as AI, machine learning, quantum computing, and the need for greater resilience in critical infrastructure. Both guests offer insights into NightDragon’s investment strategies, the importance of public-private partnerships, and the role of innovation in addressing global cybersecurity challenges.Main Topics Covered:Technological innovations and the “cyber storm”NightDragon’s Investment ApproachPublic-Private Partnerships and Government EngagementCyber-Physical ConvergenceThe Global Cybersecurity LandscapeQuantum Computing and the Future of CybersecurityKey Quotes:"Cybersecurity is a team sport. It's one team, one fight, public, private, and so crucial." – Frank Cilluffo“We look for the biggest threats, the biggest risks that we see on the planet across all five domains. And then we look for technology that can scale to meet that risk.” – Dave DeWalt"If we don't map our physical assets to our cyber assets, we're not doing a playbook for resiliency. And that's really the word now we need is resiliency." – Dave DeWalt"We have cyber ranges. We have the ability to test. We have the ability to test together, but we haven't implemented it right." – Dave DeWaltThinking beyond just cybersecurity, because the world isn't really only anymore just about like cyber threat intelligence, it's also about real world threat intelligence. It's seeing even beyond the the synergies that exist for network security. It's actually seeing how data can be fuzed. – Katherine GronbergRelevant Links and Resources:https://www.nightdragon.com/https://www.iqt.org/Guest Bio:Dave DeWalt is the founder and CEO of NightDragon, a venture capital firm focusing on cybersecurity, safety, and privacy. Previously, he served as the CEO of McAfee and FireEye, leading them through significant industry changes. With over two decades of experience, DeWalt is known for his thought leadership in the cybersecurity space.Katherine Gronberg is the Head of Government Affairs at NightDragon. She brings extensive experience from her time in cybersecurity companies like CrowdStrike and Scout, as well as her earlier work on Capitol Hill. Gronberg plays a pivotal role in guiding NightDragon's portfolio companies in their partnerships with government agencies.

Wed, 18 Sep 2024

Episode Overview:In this episode of Cyber Focus, host Frank Cilluffo sits down with Robert M. Lee, CEO and co-founder of Dragos, a leading industrial control systems (ICS) and operational technology (OT) cybersecurity firm. Rob shares his insights on the evolution of operational technology, the critical importance of ICS cybersecurity, and the increasing threat of cyber-enabled attacks on physical infrastructure. The discussion covers key incidents, including past cyberattacks on power grids and water systems, and the growing threat from adversaries seeking to cause real-world physical damage through digital means. Lee also provides an inside look at Dragos’ recent research and the lessons learned from major global cyber events, such as the attacks in Ukraine.Main Topics: Introduction to Operational Technology (OT) and its distinction from IT.Cyber-enabled attacks on physical infrastructure, with real-world examples.Ukraine cyberattacks on power grids and the lessons learned from these incidents.Dragos' recent findings on ICS malware, including PipeDream and Frosty Goop.The importance of a risk-based approach in ICS security.Emerging threats and global cybersecurity trends, along with the role of collaboration between government and industry.Key Quotes:"[Operational technology] is all the stuff you have in IT, plus physics. - Robert M. Lee"These are cyber enabled attacks that can have physical consequences." - Frank Cilluffo"[PipeDream] is the first time we've seen ICS or OT malware that is repeatable, reusable, and scalable across industries. It works in everything from a servo motor on an unmanned aerial vehicle to a gas turbine" - Robert M. Lee"There was an attack in 2017 where an adversary broke in to a petrochemical facility in Saudi Arabia explicitly to cause an event at a facility that would have killed people if they were successful." - Robert M. Lee"Right now in the operations technology community, we deal with low frequency, high consequence attacks. IT deals with high frequency, low consequence attacks. And if we start to see scale, we're going to start to see medium to then high frequency, high consequence attacks. We're not ready." - Robert M. LeeRelevant Links and Resources:https://hub.dragos.com/hubfs/Reports/Dragos-FrostyGoop-ICS-Malware-Intel-Brief-0724_r2.pdf?hsLang=enhttps://www.dragos.com/blog/industry-news/chernovite-pipedream-malware-targeting-industrial-control-systems/https://www.cnn.com/2024/04/28/opinions/small-town-water-systems-global-hacking-cyber-targets-lee/index.htmlGuest Bio:Rob Lee is the CEO and co-founder of Dragos, a cybersecurity company focused on protecting industrial control systems (ICS) and operational technology (OT). With a background in military and intelligence, Rob has worked at the National Security Agency (NSA) and U.S. Cyber Command. He has been instrumental in raising awareness about the vulnerabilities in critical infrastructure and the need for better OT cybersecurity. Rob is widely recognized as a leader in the field, advising government agencies and industry leaders on protecting essential services from cyberattacks.

Wed, 11 Sep 2024

In this episode of Cyber Focus, host Frank Cilluffo sits down with Sean Connelly, the Executive Director for Zero Trust Strategy and Policy at Zscaler, to delve into the origins, challenges, and best practices of zero trust architecture. Connelly shares insights from his extensive experience, including his time at the Cybersecurity and Infrastructure Security Agency (CISA), where he led significant zero trust initiatives. The conversation covers the evolution of cybersecurity strategies, the impact of technologies like cloud computing, and the ongoing challenges in implementing zero trust across federal agencies. Listeners will gain a deep understanding of why zero trust is critical in today’s cybersecurity landscape and how it is shaping the future of digital security.Main Topics·      Introduction to Zero Trust·      Evolution of Zero Trust in Government·      Impact of Cloud Computing and Modern Technologies·      Implementation Challenges and Cultural Shifts·      Future of Zero Trust and AI Integration·      Closing Thoughts and the Importance of Federal Leadership Key Quotes: “SolarWinds happened, and it really from a very high level all the way from the president downwards, everyone was asking how do we look at cybersecurity differently?”  – Sean Connelly“The old perimeter security alone ain't going to cut it with the castles, the moats and any alligators or anything in between.” – Frank Cilluffo“CISA has doubled down on secure by design, Department of Energy, Cyber informed engineering, where it's not just the cyber ninjas that need to understand security, but everyone else.” – Frank Cilluffo“It takes a long time to build trust. Whether people or technology.” Frank Cilluffo“Zero Trust is all about interoperability. Sharing telemetry, not only internally, but with new organizations.” – Sean ConnellyGuest Bio: Sean Connelly is the Executive Director for Zero Trust Strategy and Policy at Zscaler, where he leads the company’s efforts to advance zero trust architecture in both the public and private sectors. Before joining Zscaler, Sean spent over a decade at the Cybersecurity and Infrastructure Security Agency (CISA), where he played a pivotal role in developing and implementing zero trust strategies across federal agencies. His extensive experience in both technical and policy aspects of cybersecurity makes him a leading voice in the field.

Wed, 04 Sep 2024

In this episode of Cyber Focus, Frank Cilluffo chats with Charles DeBeck, a cyber threat intelligence expert from Google Cloud, about the latest insights from their Threat Horizons report. They explore how cyber threats are evolving, particularly in cloud environments, with a focus on issues like weak passwords and system misconfigurations that leave organizations vulnerable. Charles also shares how criminals are increasingly using cloud services for their attacks and discusses the growing role of artificial intelligence in both defending against and carrying out cyber threats.Main Topics Covered:Weak credentials and misconfigurations as top threats.The role of cloud infrastructure in modern cyber threats.Challenges and risks in serverless environments and hardcoded secrets.The impact of AI on both defense and adversarial activities.Outlook on the convergence of criminal and nation-state cyber activities.Key Quotes:“Year after year, we see threat actors using weak credentials or no credentials or default credential services to get initial access as one” - Charles DeBeck“If you’re a threat actor and you break into a cloud environment you have access to a giant pool of resources that could be used for crypto mining. It’s the easiest way to turn illicit access into money. " - Charles DeBeck“Ransomware is what is on everyone’s mind. It's one of the most significant and prolific transfers of wealth from legitimate organizations to criminal actors. - Charles DeBeckWe’re seeing the threat actors are really engaging in more because it’s a much more profitable endeavor for them and their seeing a lot more success in the overall marketplace. - Charles DeBeck"Secure-by-default policies are critical, and they must be mandatory, not optional." - Charles DeBeckRelevant Linkshttps://services.google.com/fh/files/misc/threat_horizons_report_h2_2024.pdfGuest Bio:Charles DeBeck is a Cyber Threat Intelligence Expert at Google Cloud. Charles brings over a decade of experience leading threat intelligence operations from the NSA, Deloitte and Touche and IBM. He strongly believes threat intelligence can help organizations make faster and more effective decisions.

Wed, 28 Aug 2024

In this episode, Frank Cilluffo interviews Dr. Marion Messmer, Senior Research Fellow at Chatham House, about the policy institute’s recent report on cybersecurity in the civil nuclear sector. They discuss the evolving threats to nuclear infrastructure, the impact of emerging technologies like small modular reactors, and the challenges of international legal frameworks. Dr. Messmer also highlights the importance of integrating cybersecurity into nuclear systems from the beginning.Main Topics Covered:Key threats to nuclear infrastructure in peacetime and conflict.Notable cyberattacks on nuclear facilities and critical infrastructure.Cybersecurity challenges posed by new technologies like small modular reactors.The role of public-private partnerships and international law in improving cybersecurity.Key Quotes: “There has been a rise of cybercriminals that like to target specifically critical national infrastructure, which nuclear power is for a lot of countries.” – Dr. Marion Messmer“I think while we have got a lot better at thinking of the purposeful kinds of risks of something that we're not always thinking through, is where the inadvertent vulnerabilities might be coming from and how you can also protect from those kind of attacks.” – Dr. Marion Messmer“I think that there is a risk here that specifically the cybersecurity side of things might not get enough attention because we've got a lot of regulation when it comes to the actual nuclear materials, but significantly less when it comes to the cybersecurity aspect.” – Dr. Marion Messmer“Nuclear is almost treated in its own silo, which has great advantages, but it also misses out on opportunities and being part of the broader ecosystem in terms of awareness and partnerships” – Frank Cilluffo“So much of the international system only works when you've got a consensus around it. And what we are unfortunately seeing at the moment is that consensus is breaking up or at the very least weakening quite significantly.” – Dr. Marion MessmerRelevant Links and Resources:https://www.chathamhouse.org/2024/07/cybersecurity-civil-nuclear-sectorhttps://www.iaea.org/topics/computer-and-information-securityGuest Bio: Dr. Marion Messmer is a Senior Research Fellow in the International Security Programme at Chatham House. She specializes in arms control, nuclear weapons policy, and Russia-NATO relations. Before joining Chatham House, Dr. Messmer served as Co-Director of BASIC (British American Security Information Council), where she led initiatives focused on nuclear risk reduction and disarmament. 

Wed, 21 Aug 2024

In this episode of Cyber Focus, host Frank Cilluffo sits down with Michael Barnhart, who leads North Korean operations at Mandiant. The discussion delves into the activities of APT 45, a North Korean cyber group responsible for an array of global cyber attacks. The conversation explores how APT 45 operates like a criminal syndicate, focusing on their ability to exploit vulnerabilities at speed, the role of insider threats, and their targeting of critical infrastructure. Barnhart highlights the importance of understanding North Korea’s cyber strategies and the broader implications for global security.Main Topics: APT 45's Role and OperationsNorth Korea’s Cyber StrategiesTargeting Critical InfrastructureInsider Threats and IT WorkersGlobal ImplicationsKey Quotes:"We don't really see them as a government regime as much as we see them as a cyber crime, a single single mafia family."  - Michael Barnhart"Traditionally organized crime types tries to penetrate the state. In North Korea's case, it's the state penetrating organized crime."  - Frank Cilluffo"This is a country that definitely doesn't want you to pay attention to them. They operate [by] being underestimated. They like that."  - Michael Barnhart"Has north korea put an insider threat someplace? Yeah, we're seeing it now. Will they push the button? I think in a moment of conflict we might try to see insider threats doing destructive attacks on the inside." - Michael Barnhart"These missiles were blowing up in the launch pad years ago now. They're doing so well that they're selling them to other countries." - Michael BarnhartGuest Bio: Michael (Barni) Barnhart is the lead for all of DPRK operations within Mandiant. He's spent 19 years as an intelligence professional, starting with Human Intelligence collection doing tactical raids, interrogations, and source operations with regular Army and Special operations.Related Links: https://cloud.google.com/blog/topics/threat-intelligence/apt45-north-korea-digital-military-machinehttps://www.mandiant.com/resources/insights/apt-groupshttps://www.justice.gov/opa/pr/north-korean-government-hacker-charged-involvement-ransomware-attacks-targeting-us-hospitals

Wed, 14 Aug 2024

In this episode of Cyber Focus, Frank Cilluffo speaks with John Katko, the former ranking member of the House Homeland Security Committee. They discuss Katko’s transition from focusing on terrorism to cybersecurity, the establishment and evolution of the Cybersecurity and Infrastructure Security Agency (CISA), and the critical legislation Katko championed to strengthen U.S. cybersecurity defenses. Katko also shares insights on the importance of bipartisan cooperation, challenges in cybersecurity staffing and funding, and the need for effective information sharing between government and private sectors.Main Topics: Establishment and evolution of CISAKey cybersecurity legislation and its impactCurrent cybersecurity regulatory landscape Impact of Chevron decisionFuture of cybersecurity and legislative needsKey Quotes: "Things really started gravitating and gravitated very quickly toward cyber and cyber attacks. And by the end of my second term, it was quite clear that cyber was the focus... by the time I left Congress, cyber was the preeminent threat to the United States, bar none." - John Katko"Manpower is such a critical problem that attracting talent and keeping that talent is very hard, especially on a government salary." - John Katko"So overturning Chevron is going to have a profound effect on [regulating]. And it's going to make legislators have to be legislators. You know, these knuckleheads up on Capitol Hill who don't ever pass a bill, got to roll up their sleeves and do some work." - John Katko"Too many people are getting in the president's ear [on cyber issues]. You need to have [an ONCD Director] that can sift it all out and give it to the president and see the entire landscape, not just an individual's personal turf." - John Katko"We can learn a lot from Cyber Command because they're thinking not like a bad guy, but they're thinking, how can we use this in an offensive manner? So we could probably learn a lot from keeping our finger on the pulse of what they're doing with the offensive capabilities in the military for cyber." - John KatkoBio: John Katko is an accomplished leader who served Central New York in Congress from 2015 until his retirement in 2022.  John was a strong voice on the House Homeland Security Committee and led the Republicans on the committee starting in 2020. As Ranking Member, John prioritized a robust focus on cybersecurity, as well as transportation and airport security. John has strong relationships in New York and Washington across the political spectrum. He is well-respected for his work across the aisle and was consistently ranked among the most bipartisan members of Congress by the nonpartisan Lugar Center.Related Links:https://www.hilleastgroup.com/https://www.cisa.gov/https://www.cisa.gov/topics/cyber-threats-and-advisories/information-sharing/cyber-incident-reporting-critical-infrastructure-act-2022-circia

Wed, 07 Aug 2024

In this episode of Cyber Focus, Frank Cilluffo sits down with Ari Schwartz, Managing Director of Cyber Services at Venable, and Harley Geiger, Counsel on Cyber Issues at Venable, to discuss the recent Supreme Court decision overturning Chevron deference. They delve into the implications of this ruling on cybersecurity policy, regulatory practices, and the broader tech landscape.Main Topics: Understanding Chevron DeferenceImplications for Cybersecurity PolicyRole of the Judiciary in CybersecurityImpact on Public and Private SectorsRegulatory Harmonization and Future LegislationKey Quotes: "[Courts] still take into account what the agency thinks is Congress's intent. But it does not take nearly as much weight as it did previously. As a result, regulations are more vulnerable to court challenge, and now judges have greater power to reverse or modify regulations or enforcement actions because they can act independently without having to defer to those agencies." - Harley Geiger "[The ruling] could have a major impact and likely will have a major impact on cybersecurity because most tech policy is written with that open ended piece to it." - Ari Schwartz"In a lot of other areas of technology law, Congress has not really kept pace with where business practices are, where cybersecurity threats are, and has legislated relatively little in this area." - Harley Geiger"These courts can reach differing conclusions, and one circuit does not necessarily have to be bound by the decisions of another circuit until it is resolved by the Supreme Court. And so we might see, theoretically, more circuit splits, which for companies that service an entire nation that suddenly makes their compliance picture that much more difficult." - Harley Geiger"Congress needs to be more clear about its language and about its intent and more deliberate about cybersecurity legislation." - Ari Schwartz"Staying focused on risk management and real security measures is good for the country and its customers." - Frank CilluffoGuest Bios: Ari Schwartz is the Managing Director of Cybersecurity Services at Venable LLP. He has extensive experience in cybersecurity policy, having served as a Special Assistant to the President and Senior Director for Cybersecurity on the National Security Council Staff. Ari has also held key positions at the Department of Commerce and the Center for Democracy and Technology.Harley Geiger is Counsel at Venable LLP, specializing in cybersecurity and data privacy. He has a robust background in legislative affairs, having worked on Capitol Hill drafting key cybersecurity legislation. Harley's expertise spans both legal and policy dimensions of cybersecurity.Related Links: Venable LLPhttps://www.centerforcybersecuritypolicy.org/insights-and-research/chevron-pattern-disrupted-the-impact-on-cybersecurity-regulations 

Wed, 31 Jul 2024

Tim Starks is a senior reporter at CyberScoop with over two decades of experience in cyber reporting. In this episode he dives into the landscape of spyware, highlighting its impact on national security and individual privacy. The discussion with Frank Cilluffo also touches on the actions taken by the U.S. and Poland to address spyware threats, the significance of BGP (Border Gateway Protocol) in internet security, and the regulatory approaches to cybersecurity. Tim provides insights into the complexities of cyber threats, the role of policy, and the importance of a comprehensive understanding of cybersecurity issues.Main Topics: Spyware's Impact on the Digital WorldBGP and Internet SecurityRegulatory Approaches to CybersecurityKey Quotes:"The arc of the spyware story has been we're hearing more and more and more. We're seeing more and more and more. We're we're uncovering more and more. " - Tim Stark[BGP] is the most important part of the Internet you haven't heard of. It's fundamental to everything." - Tim Starks"The SEC's rules on cybersecurity disclosure have been...the most controversial. If you're talking about people being upset about them. There's bipartisan on the Hill disappointment or frustration or even rage sometimes about that, about those rules." - Tim StarksGuest Bio: Tim Starks is a senior reporter at CyberScoop with over 20 years of experience in cyber reporting. He has previously worked at Washington Post, Politico, and Congressional Quarterly, covering a wide range of cybersecurity topics. Tim's expertise lies in investigating and reporting on complex cyber threats and the policies aimed at mitigating them.Relevant Links and Resources:CyberscoopExecutive Order on SpywareFCC Proposes Internet Routing Security Reporting Requirements

Wed, 24 Jul 2024

In this episode of Cyber Focus, Frank Cilluffo explores the evolving landscape of cyber insurance with Matt McCabe. McCabe shares the history, current state, and future challenges of cyber insurance, emphasizing its critical role in national resilience against cyber threats. The discussion covers the fundamental coverage aspects of cyber insurance, the impact of ransomware, and the need for a federal backstop for catastrophic cyber incidents. McCabe also touches on the importance of collaboration between industry and government to enhance national cyber resilience.Main Topics: Evolution of Cyber InsuranceImpact of Ransomware and Coverage AspectsMarket Growth and Nation-State AttacksChallenges, Solutions, and Federal Backstop FrameworkFuture of Cyber Insurance and National SecurityKey Quotes: "Ransomware democratized cyber risk and cyber threats because the reality is everyone has got a bullseye on their target to one extent or another." - Frank Cilluffo""Cyber insurance routinely covers acts by nation-states, but the magnitude of losses is sometimes too great for the industry to absorb." - Matt McCabe"This is not an insurance industry issue. This is a national economic security issue." - Matt McCabe​"There's no building... resilience after the fact. The time to do it is now. Ultimately, if we were to have the incident, the government would be involved... But if you're doing it after the fact, it's a hurried response. It tends to increase the risk of waste, fraud and abuse." - Matt McCabeRelevant Links: https://www.guycarp.com/https://www.cisa.gov/https://home.treasury.gov/policy-issues/financial-markets-financial-institutions-and-fiscal-service/federal-insurance-office/terrorism-risk-insurance-programMatt McCabe is the Managing Director at Guy Carpenter, specializing in cyber risk and insurance. With extensive experience in the industry, McCabe has served in various roles, including on Capitol Hill for the House Homeland Security Committee and in the Bush White House. His expertise lies in bridging the gap between cyber risk and insurance, contributing significantly to national discussions on cyber resilience.

Wed, 17 Jul 2024

In this episode of Cyber Focus, Frank Cilluffo sits down with Sue Gordon, a distinguished figure in the intelligence community. The discussion delves into her vast experiences, particularly focusing on the intersection of intelligence, national security, and cyber threats. Sue shares insights on the importance of public-private partnerships in cybersecurity, the evolving threat landscape, and the critical role of technology and innovation in maintaining national security. She also touches on the necessity of developing a skilled workforce to address future cyber challenges.Main TopicsPublic-Private Partnerships in CybersecurityEvolving Cyber Threat LandscapeNational Security and Economic SecurityGovernance and Innovation in CybersecuritySpace as a Critical InfrastructureWorkforce Development in CybersecurityKey Quotes"Cyber threats are just a manifestation of the interests of our adversaries and competitors." - Sue Gordon"When you think about cyber, think about it not just technically, but what the intention behind that. And when you do, you'll be much more thoughtful about seeing risk." - Sue Gordon"You can't comply you're way out of it. You must be compliant. And there's some really wonderful standards that help people. But that isn't enough." - Sue Gordon"Space is such a disproportionate advantage that it is a disproportionate target." -Sue Gordon"It's not the capability, it's how integrated it is into your doctrine."  - Frank Cilluffo"We've come a distance, but we can't be complacent because we're not far enough. We're better than we've ever been. We're not good enough to beat the turn of the earth right now." - Sue GordonRelevant Links:In-Q-TelCyber Solarium CommissionSue Gordon Sue Gordon is a renowned leader in the intelligence community, having served as the Principal Deputy Director of National Intelligence. She also held prominent positions at the National Geospatial-Intelligence Agency and the Central Intelligence Agency. Known for her innovative approaches and straight-shooter attitude, Sue has significantly contributed to advancing U.S. intelligence capabilities, particularly through her work with In-Q-Tel. A former captain of the Duke women's basketball team, she brings a unique perspective on leadership and teamwork to her roles.

Wed, 10 Jul 2024

In this episode of Cyber Focus, host Frank Cilluffo sits down with Tanel Sepp, Estonia’s Ambassador at Large for Cyber Diplomacy. They explore how Estonia emerged as a cyber superpower despite its small size, the significance of the Tallinn Mechanism in cyber defense, and the evolving role of cyber in warfare. Tanel shares personal insights from his extensive diplomatic career and discusses the lessons learned from Estonia’s experiences and the ongoing conflict in Ukraine.Main Topics:Estonia’s Rise as a Cyber Superpower The Tallinn Mechanism: Origins and ImplementationRole of Cyber in Modern WarfareThe Future of Cyber Defense and International CooperationKey Quotes:“We are [a] leading nation in terms of the e-services, e-governance and the penetration of the services amongst the population.” - Tanel Sepp "The Tallinn Mechanism has truly become one and unique channel for cyber assistance for Ukraine." - Tanel Sepp“The time to be thinking about this is not when the bomb goes off, not in the midst of a crisis. It's well before.” - Frank Cilluffo"One of the main conclusions or kind of initial lessons identified from [the war in Ukraine] is that physical war still matters. Cyber has had a major role. And I believe that's that, for the first time, cyber has been fully integrated into military activity.” – Tanel Sepp" Cyber security now has also gained physical dimension because at the beginning of this war, you also had Russians targeting Ukrainian data centers kinetically. So you also need to really think about physical security” - Tanel Sepp“This war is showing a kind of tectonic change in terms of engaging with the private sector and the role of private sector.” - Tanel SeppTanel Sepp is Estonia’s Ambassador at Large for Cyber Diplomacy. With a career spanning multiple diplomatic posts including the United States, Afghanistan, and Ethiopia, he has led cyber policy efforts at Estonia’s Ministry of Defense and played a key role in the development of the Tallinn Mechanism. Tanel is a leading voice in international cyber defense and digital diplomacy.Relevant Links and Resources:Talinn Mechanism FormalizationEstonia’s E-Governance AcademyCouncil on Foreign Relations

Wed, 26 Jun 2024

In this episode Frank Cilluffo engages with two distinguished former intelligence officials, Teresa Shea and Glenn Gaffney, to dissect the multifaceted world of artificial intelligence (AI) in the realm of cybersecurity and intelligence gathering. They delve into the definitions, applications, and implications of AI, focusing on its role in enhancing security measures against increasingly sophisticated cyber threats.Main TopicsDefinitions and distinctions between General AI, Generative AI, and specific AI applicationsThe evolution and current state of AI in cybersecurity and intelligence gatheringThe human element in AI development and applicationEthical considerations and the need for a human-centric approach in AI deploymentPublic-private partnerships and their role in advancing AI technology in critical sectorsKey Quotes"General AI, we're really talking about a cyber brain, a bit of silicon, or a machine that creatively thinks and acts the way a brain acts and thinks." - Glenn Gaffney"The human in the loop will always be relevant." - Frank Cilluffo"Not everything you get back from these AI generating machines is accurate. So be sure and check the facts." - Teresa Shea"Cybersecurity in particular is one of the areas that I feel like we need to apply AI first and foremost because of the sheer level of complexity and speed that is at hand in all of the networks that we have.” - Glenn Gaffney"I think there's a real role for the intelligence community to play in the open world and in these public-private partnerships, because so many of these things used to be the purview of nation-states and nation-states. They're not anymore." - Glenn Gaffney“Let's not underestimate our adversaries either in the amounts of money, in resources, for example, that China is pouring into AI. The way they're working together with China, Russia, Iran, North Korea. Let's not underestimate their partnerships and what they get when they combine.” - Teresa Shea“We need to be able to fail and you fail fast and you recover faster.” - Teresa SheaGuest BiosTeresa Shea: Former Director of Signals Intelligence at the National Security Agency, with extensive experience at In-Q-Tel. Shea is celebrated for her contributions to national security and intelligence, boasting numerous presidential and intelligence awards.Glenn Gaffney: Former Director of Science and Technology at the Central Intelligence Agency, also a recipient of multiple intelligence and presidential awards. Gaffney's career has been marked by his innovative approach to technology and security, particularly in the development and application of AI in intelligence operations.ResourcesIEEE Introduces New Program for Free Access to AI Ethics and Governance StandardsEU’s Ethics guidelines for trustworthy AINSF Artificial IntelligenceNSF Advancing education for the future AI workforce (EducateAI)U.S. Senate: Driving U.S. Innovation in Artificial IntelligenceThe UN norms of responsible state behavior in cyberspace

Wed, 19 Jun 2024

Episode OverviewIn this episode of Cyber Focus, host Frank Cilluffo engages with Todd Conklin, the Chief Artificial Intelligence Officer and Deputy Assistant Secretary for Cyber at the Department of Treasury. They delve into recent advancements and initiatives the Treasury has been involved in, focusing on the integration of AI and cybersecurity within financial services. The conversation highlights the strategic efforts being made to bolster security measures, manage risks, and harness the potential of AI to protect and innovate within the sector.Main Topics CoveredRole and responsibilities of a Chief Artificial Intelligence Officer in the government sector.Insights into Project Fortress and its objectives for proactive cybersecurity defense.The impact and implications of AI on cybersecurity practices.Challenges and strategies for small financial institutions in adopting cloud and AI technologies.The Treasury's collaborative efforts with other federal agencies and the private sector to enhance cybersecurity resilience.Initiatives to leverage international partnerships to combat cyber threats globally.Key Quotes"We're trying to get the body of work that we published on cloud and AI... out to a broader cybersecurity audience." - Todd Conklin"You cannot do cyber today without an appreciation for artificial intelligence." - Frank Cilluffo"The financial services sector being a place of innovation... and Treasury being a place of innovation is a surprise to a lot of people." - Todd Conklin"We've been leading a thorough incident response analysis and that small entity had an outsized impact..." - Todd Conklin"We need to automate the flow of intelligence from the US government to the sector defense operators." - Todd Conklin"The Treasury model is to ensure that the sector has the ability to help us curate what those priorities should be." - Todd ConklinRelevant Links/Resources:Department of Treasury WebsiteManaging Artificial Intelligence-Specific Cybersecurity Risks in the Financial Services Sector ReportThe Financial Services Sector’s Adoption of Cloud Services U.S. Department of the Treasury ReportProject FortressCybersecurity and Infrastructure Security Agency Cyber Hygiene tool2023 Financial Stability Oversight Council Annual ReportG7 Cyber Expert GroupFinancial Sector Information Sharing and Analysis CenterBuilding a Cyber Insurance Backstop Is Harder Than It Sounds

Wed, 12 Jun 2024

Today Frank Cilluffo sits down with Christopher Porter, former National Intelligence Officer for cyber matters and current executive at Google. They delve into the complexities of cybersecurity during government transitions, the critical role of intelligence briefings, and the impact of emerging technologies on national security. Drawing from his extensive background in both public and private sectors, Christopher provides insightful commentary on the evolving threats and the necessity of translating technical details into actionable intelligence for policymakers. This episode underscores the importance of strategic thinking and proactive measures in managing cyber risks.Topics The significance of effective intelligence briefings during government transitions. Understanding and anticipating policymakers' needs in cybersecurity. Challenges in translating technical issues for decision-makers. The evolving role of AI in cyber threat intelligence and its implications. Innovative approaches in law enforcement to tackle cyber threats.Addressing vulnerabilities in supply chains and implementing zero trust models.The growing threat from commercial cyber actors and spyware.Strategic declassification of intelligence to enhance public and private sector security.Key Quotes "Your core job is to improve decision making. To do that, you have to understand at some level how the person you're talking to makes decisions." - Christopher Porter"I'm an optimist that artificial intelligence related cyberthreat intelligence tools, they're going to make hopefully people like me more effective at doing our jobs. But you're still going to need someone, a human being, to apply that to your organization."  - Christopher Porter"Dwell time is going down and down and down, so it's being detected quicker than in the past. You know, the flipside of that is adversaries are moving quicker once they get into a network." - Christopher Porter"When you think about artificial intelligence and how that works in a cyber threat intelligence context, let me refer back to a comment I made earlier. Your job is to improve decision making." - Christopher PorterGuest BioChristopher Porter is a distinguished cybersecurity expert who has served as the National Intelligence Officer for cyber matters and currently works at Google. His extensive career spans significant roles in both the public and private sectors, focusing on intelligence analysis and strategic cybersecurity initiatives. His work bridges the gap between technical details and high-level decision-making, providing critical insights into the evolving threats and solutions in the cybersecurity landscape.ResourcesInfraGardNational Intelligence CouncilBook: Decision Advantage by Jennifer SimsPorter's McCrary Institute Senior Fellows Bio

Wed, 05 Jun 2024

In this episode of Cyber Focus, Frank Cilluffo hosts Steve Kelly, Chief Trust Officer at the Institute for Security and Technology. With a rich background that includes roles at the National Security Council and the FBI, Steve shares his deep insights into the cybersecurity landscape. The discussion covers the expanding attack surface due to emerging technologies, the convergence of physical and cyber domains, and the critical importance of trust and security in today's digital world.Main Topics:The increasing attack surface from consumer devices, industrial IoT, clean energy tech connecting to the gridRethinking network architecture and security models in the era of dissolving perimetersThe potential for AI and machine learning to aid defenders by automating detection/response at scaleCreative law enforcement operations to disrupt cybercriminal infrastructure and business modelsThe need to scale public-private operational collaboration against cyber threatsIST's work on AI governance, trust & safety practices, and securing critical infrastructureKey Quotes:“One of the challenges in the network defense realm is this kind of data deluge that the average network defender is experiencing, that there's just more telemetry, more signaling, more alerts, and more events that can possibly be looked at and interpreted and actioned.” - Steve Kelly"There’s a need to fundamentally rethink network architecture from a security standpoint so that we do not have vulnerable assets connected to the public Internet." - Steve Kelly"The idea is we want to have American products be marketable and trusted on the global marketplace as well as foreign products that are trustworthy to be acceptable here." - Steve Kelly on the U.S. Cyber Trust Mark"If we're relying on the end user to unbox the device and go in and change a password… that's not a winning solution." - Steve Kelly“I think that there's a need to fundamentally rethink network architecture from a security standpoint so that we do not have vulnerable assets connected to the public Internet that can be found by bad actors.” - Steve Kelly"If it's discoverable, it will be exploited." - Steve KellyRelevant Links/ResourcesU.S. Cyber Trust Mark programNational Cyber StrategyInstitute for Security and TechnologyCarnegie Mellon's CI LabShodan.io Guest BioSteve Kelly is the Chief Trust Officer at the Institute for Security and Technology (IST). Prior to IST, he served as a Special Assistant to the President on the National Security Council staff, focusing on emerging technology risks like AI, quantum computing, and 5G/6G. Steve retired from the FBI in 2022 after over 20 years as a cyber investigator and supervisor on the agency's cyber national security squad.

Wed, 29 May 2024

In this episode of Cyber Focus, host Frank Cilluffo engages in an insightful discussion with Michael Daniel, President of the Cyber Threat Alliance, former Cybersecurity Coordinator for President Obama, and McCrary Institute Senior Fellow. They delve into the intricacies of cybersecurity policy, the evolution of cybercrime as an industry, and the importance of operational collaboration between the public and private sectors. Michael shares his journey into the cybersecurity realm, offers his expert analysis on current strategies, and emphasizes the need for innovative approaches to cybersecurity challenges.Main Topics CoveredMichael Daniel's journey and insights into cybersecurity leadershipShifting the cybersecurity burden from end-users to larger entitiesThe importance of operational collaboration in cybersecurityThe industrialization of cybercrime and its implicationsStrategies for imposing costs on bad cyber actorsFunding and resourcing critical Internet functionsLessons from the cyber dimensions of the Russia-Ukraine conflictQuotesMichael Daniel: "The bad guys are getting in through a hole that we know about that we have a fix for, but we just haven't done it."Frank Cilluffo: "If you can figure out how to marshal and mobilize the economic instruments, we can start moving the ball."Michael Daniel: "We need to help shape those incentives so that we get the market forces working for us rather than against us."Frank Cilluffo: "We've got to shift the calculus from a government-leads-private-sector-follows mentality."Michael Daniel: "In cyberspace, we have an unusual set of capabilities that are resident in the private sector in a way that are not in most other policy areas."Resources MentionedCyber Threat AllianceNational Cyber StrategyCenter for a New American Security (CNAS)EuropolCyber Solarium CommissionCybercrime AtlasNational Vulnerability Database (NVD)Cyber Peace InstituteGlobal Cyber AllianceICANNShadow ServerGuest BioMichael Daniel is the President of the Cyber Threat Alliance, an organization that facilitates intelligence sharing and collaboration among cybersecurity companies. He previously served as the Cybersecurity Coordinator and Special Assistant to President Obama, where he was responsible for coordinating the federal government’s cybersecurity policies and activities. Michael also has extensive experience in the Office of Management and Budget, overseeing intelligence programs and budgets. He is widely recognized for his contributions to the field of cybersecurity and his efforts to improve national and global cyberdefense strategies.

Wed, 22 May 2024

In this episode of Cyber Focus, host Frank Cilluffo sits down with Phil Venables, Chief Information Security Officer for Google Cloud. They discuss Venables' work co-leading the President's Council of Advisors on Science and Technology's report on cyber-physical resilience, and its key recommendations including creating a national critical infrastructure observatory. The conversation also covers Google's focus on secure-by-design and secure-by-default, the implications of AI/generative AI for cybersecurity, and the evolving role of the CISO as more of a chief risk officer.Main Topics CoveredPresident’s Council of Advisors on Science and Technology Report to the President on Strategy for Cyber-Physical ResilienceCreating a national critical infrastructure observatorySecure by design and secure by default at GoogleImplications of AI/generative AI for cybersecurity defendersEvolution of the CISO role to be more like a chief risk officerCurrent cyber threat landscape and basic defenses still neededPublic-private partnership between tech companies and governmentQuotes"It's not just about security, privacy, or compliance. It's about trust and safety… The bold but responsible use of AI." - Venables on ethical AI concerns"We have much more heavily engaged with our government partners, not just here in the US, but around the world, because we recognize our position in supporting critical infrastructures." - Venables on Google's public-private partnerships."[Executives] also need to make sure that there's the resources in the ranks in their organizations to get security done." - Venables on executive support for security"...implementing strong phishing resistant multi-factor authentication, keeping systems up to date, segmenting and all the basic hygiene...when you do it, you mitigate a whole bunch of risks." - Venables on basic cyber hygiene defensesResources President’s Council of Advisors on Science and Technology report on cyber-physical systems - Press Release, Executive Summary, Full ReportGoogle's Secure AI Framework (SAIF)Secure By DesignSecure By DefaultBioPhil Venables is the Chief Information Security Officer for Google Cloud. Prior to Google, he spent 20 years at Goldman Sachs as CISO and Chief Operational Risk Officer, establishing the firm as a cybersecurity leader. Venables co-led the President's Council report on enhancing cyber-physical resilience of critical infrastructure, recommending a national infrastructure observatory. He has co-founded multiple financial sector cybersecurity initiatives and served on boards for NIST, NYU, NSA, and others. Widely recognized for his leadership, Venables has received the RSA Conference Award, FS-ISAC Critical Infrastructure Award, and other top honors. With over 25 years of cross-disciplinary experience across finance, technology and risk management, he brings a unique perspective to Google Cloud's security efforts.

Wed, 15 May 2024

In this episode of Cyber Focus Frank Cilluffo and Matt Hayden discuss the intricate challenges posed by cyber threats and the role of organizations like CISA in coordinating defense efforts. They discuss the influence of emerging technologies such as AI and quantum computing, the impact of emerging technologies on defenses, and the zero trust security model to enhance resilience.Main Topics CoveredCritical infrastructure threats and vulnerabilitiesLiving off the land techniques used by attackersDeterrence strategies and creating playbooks for different threat actorsRole of innovation and emerging technologies like AI, quantum, 5G/6GConvergence of physical and cyber securityZero trust security modelImportance of resilience in critical infrastructureQuotes"You come after a critical infrastructure within our domestic space, it points back to you. We're going to have a conversation you're not going to like." - Matt Hayden on deterring attacks on critical infrastructure."Resilience means you have the ability to re-stand up infrastructure service to really work with your network and your users to where you still have the ability to operate." - Matt Hayden defining resilience."We would have the traditional sanctions methods...but it wasn't something that really imposed cost. And so looking at that model now, there is the need for playbooks that are strategic for each bad actor." - Matt Hayden on needing tailored deterrence strategies.“You're saying I'll let you get away with X? Yeah, but not Y…  And as [the bad actors] get worse, the deterrent gets stronger. You have to gradient [deterrence].” - Matt Hayden on deterrence gradient.“The strength of America is that people want to be here for all the challenges you have. People would rather live here than anywhere else.” - Matt Hayden on American innovation being a strength.Resources MentionedNational Security Memorandum 22BioMatt Hayden is a cybersecurity executive with over 20 years of experience spanning both the public and private sectors. He currently serves as VP for Cyber and emerging technology at CyIQ, fostering industry partnerships and driving growth strategies. Previously, Hayden held senior leadership roles at DHS, including serving as the Assistant Secretary for Cyber, Infrastructure, Risk, and Resilience Policy. In this position, he led policy development efforts focused on reducing national risks to critical infrastructure cybersecurity, federal networks, and comparing cybercrime. Hayden also served as a senior advisor with DHS’s Cybersecurity and Infrastructure Security Agency and its Office of Partnership and Engagement. He is a Senior Fellow at the McCrary Institute. 

Mon, 13 May 2024

Flashpoint CEO Josh Lefkowitz joins us for a fascinating talk about how 9/11 changed the trajectory of his career, the impact of Telegram worldwide and how A.I. is making human analysts better.

Fri, 10 May 2024

On location at the RSA Conference 2024, we talk to Alison King and Elisa Costante about the National Security Memorandum on Critical Infrastructure Security and Resilience, the 2024 Report on Cybersecurity Posture of the United States, and creating opportunities for women in cyber.

Thu, 09 May 2024

In this episode Frank Cilluffo sits down with Anjana Rajan, the assistant national cyber director for technology security at the Office of the National Cyber Director in the White House. Their discussion sheds light on the challenges and complexities of reshaping the cybersecurity landscape with better buildings blocks.  Together, they the White House's call for broader use of memory safe programming languages, and how her office is working with the private sector to find ways to eliminate entire categories of cyber vulnerabilities. ONCD Report - Back to the Building Blocks: A Path Toward Secure and Measurable Software

Wed, 08 May 2024

Gavin Wilde helped create  the formal U.S. assessment of Russia's foreign influence campaigns in 2016 and 2020. Now a Senior Fellow at the Carnegie Endowment for International Peace, he's asking whether the drive to thwart those efforts in damaging our democracy. In today's episode, Gavin shares with Frank Cilluffo why he is pushing back on assumptions about those campaigns, and the real dangers of believing they are effective. https://tnsr.org/2024/03/from-panic-to-policy-the-limits-of-foreign-propaganda-and-the-foundations-of-an-effective-response/https://carnegieendowment.org/experts/2183

Wed, 01 May 2024

The National Institute of Standards and Technology (NIST) recently updated its widely used Cybersecurity Framework. Cheri Pascoe, Director of the National Cybersecurity Center of Excellence (NCCoE), joins us for this episode to talk about the new 2.0 edition of the framework, and why it's better equipped to respond to the current challenges cybersecurity professionals face. Find the CSF 2.0 here.

Wed, 24 Apr 2024

As an investigative cyber reporter for Reuters, Chris Bing spends his days uncovering the facts behind the world's biggest cyber stories. In this episode he shares with Frank what it's like to break news on cyber criminal activities, including the ransomware attack on Change Healthcare wrecking havoc on the industry's payment processes. Chris also shares insights into how governments are cracking down. https://www.reuters.com/authors/christopher-bing/

Wed, 17 Apr 2024

On this week's Cyber focus, Frank Cilluffo interviews Mark Montgomery, the Executive Director of the Cyberspace Solarium Commission. They address the commission's history and role in shaping U.S. cybersecurity policies. They also outline unfinished business in the field, and explore the challenges posed by China and TikTok.

Wed, 10 Apr 2024

As Director General of the Israeli National Cyber Directorate, Yigal Unna oversaw every aspect of Israel's cyber defenses. In this episode he shares with Frank what he thinks of the international threat landscape, the growth of private cyber defense start-ups, and his advice for a restructured approach to U.S. cyber organizations.  

Wed, 03 Apr 2024

As the former Director of the National Counterintelligence and Security Center (NCSC) Bill Evanina led the U.S. efforts to block and disrupt foreign espionage from advisories like China. On this week’s episode, he shares insights into the shape of those operations, and what should be happening now to stay ahead of the actions China is taking now.   

Wed, 27 Mar 2024

On this week's episode, Chris Krebs shares insights into the current highs and lows of the cybersecurity world. He looks back on his years of public service, the performance of those that followed him after his departure from CISA in 2020, and gives advice to those managing risks inside the private sector. 

Wed, 20 Mar 2024

George Barnes worked inside the National Security Agency for 35 years. Before retiring last year, he served as the agency's Deputy Director and most senior civilian leader. In this week's episode, George shares what led the NSA to leave behind the complete secrecy of the past, and embrace a more open posture with the American people. He also lays out his vision for improving the country's cyber security.

Wed, 13 Mar 2024

Dmitri Alperovitch, co-founder of CrowdStrike and Silverado Policy Accelerator, and the Washington Post's Ellen Nakashima join Frank Cilluffo for an engaging discussion of how to keep cyber threats in the proper global perspective. They both share insights into the current conflicts in Ukraine and Gaza, and the potential for future conflict over Taiwan.

Wed, 06 Mar 2024

In this episode, host Frank Cilluffo talks with Mike D'Ambrosio of the unexpected ways the Secret Service shapes how the U.S. fights against cybercrime.

Wed, 28 Feb 2024

Cyber Focus is where we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo speaks with Tom Fanning, the now retired CEO of The Southern Company. The two discuss the best ways private businesses need to approve their digital security, and why company leaders are too often missing the mark.

Wed, 21 Feb 2024

In this episode Frank Cilluffo speaks with Politico's Maggie Miller, about her recent reporting on China, and Iran. Maggie's recent reporting: On Chinese threats to Guam: https://subscriber.politicopro.com/article/2024/02/guam-facing-continuous-cyber-threats-from-china-delegate-says-00140433On threats to US critical water utilities: https://www.politico.com/news/2023/11/28/federal-government-investigating-multiple-hacks-of-us-water-utilities-00128977  On telecom connectivity in Gaza: https://www.politico.com/news/2024/01/17/biden-israel-gaza-internet-blackout-00136194On breaches at the State Department: https://www.politico.com/news/2023/09/15/digital-tripwire-helped-state-uncover-chinese-hack-00115973

Tue, 20 Feb 2024

Cyber Focus is where we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo talks with Melissa Hathaway, a former presidential advisor, and leading voice on US cyber policy. She shares the ways she believes the country has lost ground in its pursuit of cybersecurity, and what steps need to be taken to get back on track. 

Wed, 14 Feb 2024

On Cyber Focus we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo talks with CNN reporter Sean Lyngaas about how he started covering cybersecurity, what those experiences have taught him, and what group has become one of the most underestimated threats in the world.Sean's recent work:https://www.cnn.com/2024/02/02/politics/illicit-iranian-programs-targeted-us-measures/index.htmlhttps://www.cnn.com/2024/01/31/politics/china-hacking-infrascture-fbi-director-christopher-wray/index.htmlhttps://www.cnn.com/2024/01/30/politics/xi-biden-china-us-2024-election/index.html

Wed, 07 Feb 2024

Host Frank Cilluffo speaks with Chris Inglis, who just finished serving as the country's first National Cyber Director. They discuss the current challenges confronting the US in today's cybersecurity landscape and explore new obstacles emerging with the rise of AI.Show Notes: https://www.washingtonpost.com/politi... https://www.barrons.com/articles/ai-r... https://thehill.com/opinion/cybersecu...https://mccrary.auburn.edu/events/sol...

Wed, 31 Jan 2024

Cyber Focus is the new podcast from The McCrary Institute for Cyber and Infrastructure Security. The institute seeks practical solutions to real-world problems, underpinned by research and scholarship. Led by host Frank Cillufo, each week Cyber Focus will be the place to hear from the leading voices in cybersecurity, and discover what challenges they believe the country must address to ensure a safe and secure future. Subcribe now, and join us again for our first episode on January 31st. 

Thu, 25 Jan 2024