Podcasts about cyberspace solarium commission

On today's program, sponsored by Elbit America, Dr. Jim Lewis of the Center for European Policy Analysis and Mark Montgomery of the Defense of Democracies and a Cyberspace Solarium Commission senior adviser join Defense & Aerospace Report Editor Vago Muradian to discuss last trade truce between the United States and China and how it will impact technology exports including advanced chips Beijing seeks and Washington has sought to deny; how America and its allies should work together to create a secure tech ecosystem, including chips and rare earths; and the challenges associated with building nuclear submarines for Korea in the United States.

On today's Land Warfare program, sponsored by American Rheinmetall, Bryan Clark of the Hudson Institute and Mark Montgomery of the Foundation for Defense of Democracies and a Cyberspace Solarium Commission senior adviser, join Defense & Aerospace Report Editor Vago Muradian to discuss Vladimir Putin's new “super” weapons including use of new intermediate-range missiles that have been used in Ukraine as well as the announcement that two new nuclear-powered and nuclear-capable weapons have been tested — a new cruise missile and large torpedo; how they work and how they could change deterrence as well as the fight in Ukraine and elsewhere; how these systems can be countered; how the introduction of the Extended Range Attack Munition developed by the US Air Force for Ukraine will change the war; how Russia is changing its tactics to target Ukrainian energy and power grids; and analysis of President Trump's order that the Pentagon resume nuclear testing.

On this week's Security Sprint, Dave and Andy covered the following topics:Warm Open• H2OSecCon 2026 Call for Presentations• Critical infrastructure sectors on the most concerning threats – and needed solutions. “With critical infrastructure constantly under myriad threats, sector-focused information sharing and analysis centers and organizations collect, analyze and disseminate actionable cyber and physical threat information to stakeholders and provide them with tools to mitigate risks and enhance resiliency. To mark Cybersecurity Awareness Month, Threat Beat asked: 1) What is the most pressing short-term security concern in your sector? 2) What is one thing the public and/or industry/government can do now to address this?” Responses include DNG-ISAC, E-ISAC, FB-ISAO, Food and Ag-ISAC, Health-ISAC, MS-ISAC, ONE-ISAC, Space ISAC, and WaterISAC.• CISA's international, industry and academic partnerships slashed. The cuts “create a dangerous void,” said Errol Weiss, chief security officer for the Health Information Sharing and Analysis Center. “The health sector is one of the most targeted and vulnerable, and this is exactly the wrong time to be pulling back federal support.• Kristi Noem pledged to boost the nation's cybersecurity. She gutted it instead• Trump Administration Cuts Cyberdefense Even as Threats Grow• U.S. Cyberspace Solarium Commission Annual Assessment: America's Cyber Resiliency in 2025: Lessons from the Fifth CSC 2.0 Annual Assessment & US ‘slipping' on cybersecurity, annual Cyberspace Solarium Commission report concludes Main Topics:Ransomware recovery perils: 40% of paying victims still lose their data. Paying the ransom is no guarantee of a smooth or even successful recovery of data. But that isn't even the only issue security leaders will face under fire. Preparation is key.• UK Government: Supply chain resilience against ransomware • JLR hack is costliest cyber attack in UK history, say analystsMelissa becomes third Category 5 hurricane of the extraordinary 2025 season• NHC issuing advisories for the Atlantic on Hurricane Melissa• Key messages regarding Hurricane Melissa (en Español: Mensajes Claves)• Melissa leaps from tropical storm to Category 4 hurricane in 18 hours• Category 5 Hurricane Melissa's eye is nearing Jamaica and conditions are worseningQuick Hits:• Palo Alto Networks: Why Threat Actors Succeed• LA Metro digital signs taken over by hackers• Chatbots Are Pushing Sanctioned Russian Propaganda

The UN launches the world's first global treaty to combat cybercrime. A House Democrats' job portal left security clearance data exposed online. A new data leak exposes 183 million email addresses and passwords. Threat actors target Discord users with an open-source red-team toolkit. A new campaign targets unpatched WordPress plugins. The City of Gloversville, New York, suffers a ransomware attack. Jen Easterly hopes AI could eliminate the buggy software that fuels cybercrime. A Connecticut health system agrees to an $18 million settlement following a ransomware attack. Monday business brief. Tim Starks from CyberScoop is discussing concerns over budget cuts and visibility. Meta's privacy safeguard goes dark. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Tim Starks from CyberScoop who is discussing concerns over budget cuts and visibility. You can read the articles Tim references here:  US ‘slipping' on cybersecurity, annual Cyberspace Solarium Commission report concludes (CyberScoop) F5 vulnerability highlights weak points in DHS's CDM program (CyberScoop) Selected Reading⁠ UN Cybercrime Treaty wins dozens of signatories (The Register) Hundreds of People With ‘Top Secret' Clearance Exposed by House Democrats' Website (WIRED) Gmail passwords confirmed in 183 million account data breach (Tribune Online) Hackers steal Discord accounts with RedTiger-based infostealer (Bleeping Computer) Year-Old WordPress Plugin Flaws Exploited to Hack Websites (SecurityWeek) Gloversville hit by ransomware attack (WNYT.com NewsChannel 13) Ex-CISA chief says AI could mean the end of cybersecurity (The Register) Yale New Haven Health Will Pay $18M to Settle Hack Lawsuit (GovInfo Security) Veeam to acquire Securiti AI for $1.7 billion. (N2K Pro) A $60 Mod to Meta's Ray-Bans Disables Its Privacy-Protecting Recording Light (404 Media) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

For years, the Cyberspace Solarium Commission has seen its recommendations adopted by Congress and federal agencies, but for the first time, the Commission's policy proposals are moving backwards under the weight of workforce cuts and other changes across government. For more, Federal News Network's Justin Doubleday joins me.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

This week saw a blessed lack of major vulnerabilities, but there was plenty of other news to dig into. We discuss the fallout from the AWS outage (0:36), the conclusions from the latest Cyberspace Solarium Commission report (4:37), and the effects of CISA's shakeup on the private sector (14:07), and the continued effects of the F5 incident (21:21). Finally, we have some extremely important updates on whether Dennis has a dog yet and a WILD story about woodland creatures in Lindsey's house that can not be missed! (32:50)

U.S. federal cybersecurity policy has regressed by approximately 13%, according to a report from the Cyberspace Solarium Commission 2.0. This decline is attributed to budget cuts and workforce reductions at key agencies, including the Cybersecurity and Infrastructure Security Agency (CISA) and the State Department's Cyber Diplomacy Staff. The report indicates that nearly a quarter of previously implemented recommendations have lost their status, which raises concerns about the nation's ability to effectively address rising cyber threats. Mark Montgomery, a former Navy Rear Admiral, emphasized that these cuts hinder the agency's effectiveness, calling for the restoration of funding and personnel to strengthen national cyber defenses.In addition to the decline in federal cybersecurity readiness, AI-generated code is now responsible for one in five security breaches, as reported by Aikido. The study found that AI coding tools account for 24% of production code, with 43% of U.S. organizations reporting serious incidents linked to AI-related flaws. Interestingly, the report also noted that increasing the number of security tools does not necessarily enhance safety; organizations using six to nine tools experienced a 90% incident rate, compared to 64% for those with one or two tools. Despite these challenges, 96% of industry professionals remain optimistic that AI will eventually produce secure and reliable code.The episode also highlights the impact of generative AI on IT service management, revealing that organizations utilizing this technology have reduced incident resolution times by nearly 18%. A report from SolarWinds indicated that the average resolution time decreased from 27.42 hours to 22.55 hours after implementing generative AI. Furthermore, a survey by Accenture found that 19% of office workers admitted to entering sensitive business information into free, unsecured AI tools, underscoring significant gaps in cybersecurity awareness and training.For Managed Service Providers (MSPs) and IT service leaders, these developments signal a pressing need for improved governance and training regarding AI usage. The findings suggest that organizations should focus on reducing tool sprawl and enhancing employee education on cybersecurity responsibilities. As small business optimism declines amid rising inflation and supply chain issues, MSPs should position themselves as stability partners, helping clients navigate these challenges rather than pushing the latest technology trends. The evolving landscape of cybersecurity threats, particularly those involving AI and automation, necessitates a proactive approach to risk management and incident response. Three things to know today 00:00 U.S. Cyber Defenses Slide as AI Code Risks Rise and Governance Gaps Widen05:41 Inflation, Uncertainty, and Automation Push Small Firms Toward Caution and Cost Control09:23 From Prompt Injections to Hidden Malware, Cyber Attacks Are Shifting Toward Stealth and Precision This is the Business of Tech.     Supported by:  https://saasalerts.com/platform-overview-for-msps/?utm_source=mspradio 

The Trump administration should reverse cyber personnel and budget cuts, strengthen the Office of the National Cyber Director and expand federal workforce initiatives, the successor organization to the Cyberspace Solarium Commission recommended in a report published Wednesday. The annual implementation report from CSC 2.0 is the first of five iterations to actually determine that the nation has gone backward on enacting the agenda of the landmark bipartisan commission, whose suggestions led to the creation of major new federal organizations and policies, including the national cyber director's office. In grading the degree to which its 2020 report had been enacted — whether they're “implemented,” “nearing implementation,” “on track,” “progress limited” or facing “significant barriers” — the percentages dropped in every category, after years of rising or staying steady. President Donald Trump nominated Lt. Gen. Christopher LaNeve on Monday to serve as the next vice chief of staff of the Army and recommended his appointment to the grade of general. An official hearing date has not been made public, but if confirmed by the Senate, LaNeve will replace Gen. James Mingus, the long-time innovator who was sworn in as the Army's No. 2 general officer and principal deputy to Chief of Staff Gen. Randy George in January 2024 under the Biden administration. The announcement follows an unusual gathering of hundreds of top U.S. military officials at Marine Corps Base Quantico last month, where Defense Secretary Pete Hegseth stated that he had already removed several high-ranking service members and suggested that more people would be pushed out if they did not conform to his vision for a “less woke” military that's “fit not fat.” There's not a fixed term or limit to the position of vice chief of staff, and former officials' tenures in the capacity vary. A Pentagon spokesperson did not immediately answer questions from DefenseScoop about the timing for or reasoning behind this nomination, but confirmed LaNeve was selected by the president to serve in the post. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

A DEAL HAS BEEN MADE. NOW WHAT? HEADLINE 1: The Treasury Department rolled out a fresh round of Iran sanctions. HEADLINE 2: The U.S. Department of Commerce added over a dozen Chinese companies to a restricted trade list. HEADLINE 3: Israel disrupted a major arms smuggling operation into the West Bank. --FDD Executive Director Jon Schanzer provides timely situational updates and analysis, followed by a conversation with former Israeli National Security Advisor Eyal Hulata.Learn more at: https://www.fdd.org/fddmorningbrief--Featured FDD Pieces:"Israel Moves To Counter Drone Threat on Egyptian Border" - Mariam Wahba, FDD"Hamasniks in fox holes" - Cliff May, The Washington Times"Recipe for Success: Guidance Based on the Experience of the Cyberspace Solarium Commission" - Sophie McDowall, FDD

Dr. Jim Lewis, a distinguished fellow with the Tech Policy Program at the Center for European Policy Analysis, and Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies as well as a Cyberspace Solarium Commission senior adviser, joins Defense & Aerospace Report Editor Vago Muradian to discuss Russia's recent cyber attacks on European airports as well as drone attacks and fighter incursions on NATO members; how allies must respond; outlook for TikTok in the United States; and reauthorization of the Cybersecurity and Infrastructure Security Agency.

This episode features Chris Inglis, former U.S. National Cyber Director and longtime Deputy Director of the NSA.With over 40 years in national security, Chris was at the center of one of the most high-stakes breaches in U.S. history: the Edward Snowden incident.In this episode, Chris shares what really happened inside the NSA during those critical months, and how siloed systems, password sharing, and missed signals allowed Snowden to operate undetected. He unpacks key lessons on preparing for low-probability, high-impact events, defending against identity misuse, and why trust must always come with verification.This is a behind-the-scenes look at the Snowden breach, and what every cybersecurity leader needs to learn from it.Guest Bio  Chris served as the first national cyber director of the United States, and as deputy director of the NSA for eight years. Chris has spent more than four decades in public service shaping the future of national cybersecurity.His career includes serving as a commissioner on the US Cyberspace, solarium Commission, and as as an advisor to the Department of Defense and the intelligence community. Chris has received numerous honors for his service, including the President's National Security Medal and the DNI distinguished service medal.A U.S. Air Force Academy graduate, he holds advanced degrees in engineering and computer science from Columbia University and the George Washington University. His military career includes over 30 years in the U.S. Air Force and Air National Guard, retiring as a brigadier general. Most recently, he served as a U.S. Naval Academy Looker Distinguished Visiting Professor for cyber studies and as a commissioner on the U.S. Cyberspace Solarium Commission.Guest Quote " The thing that you practice, whether it's one or a million things you're going to practice will never happen, but the thing that does will be informed by the muscle memory you've developed over that practice period. And you'll know that you either can or cannot weather the storm with your own resources.”Time stamps 01:29 The Snowden Incident: A Deep Dive 06:07 NSA's Internal Challenges and Lessons Learned 07:29 Organizational Silos and Technical Blind Spots 13:42 Crisis Management and Response Strategies 16:56 Public Perception and Trust 23:22  Misunderstandings of Snowden's Allegations 28:15 Lessons from the Snowden Incident 29:44 Cybersecurity in the Business World 29:57 How the Snowden Incident Reshaped NSA's Threat Monitoring 36:49 Strategic and Tactical Approaches to Security 42:35 Final Thoughts and TakeawaysSponsor Identity Breach Confidential is brought to you by Semperis, the leader in identity-driven cyber resilience for the hybrid enterprise. Trusted by the world's leading businesses, Semperis protects critical Active Directory environments from cyberattacks, ensuring rapid recovery and business continuity when every second counts. Visit semperis.com to learn more.Links Connect with Jeff on LinkedInDon't miss future episodesRegister for HIP Conf 2025Learn more about Semperis

On this episode of the Defense & Aerospace Report Technology Series, sponsored by Elbit America, Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies and a senior adviser on the bipartisan Cyberspace Solarium Commission, joins Defense & Aerospace Report Editor Vago Muradian to discuss what's next in the wake of the war between Israel and Iran that included US air strikes; how Iran might retaliate, including in cyberspace, and whether the administration's cybersecurity cuts will jeopardize America's ability to defend critical infrastructure; the implications of US strikes that damaged, but not destroyed, Iran's facilities; lessons from the conflict; analysis of the administrations plans to cut cyber and science; and a look at defense spending as the NATO leaders convene in The Hague of this year's alliance summit.

On this episode of the Defense & Aerospace Report Strategy Series, sponsored by General Atomics Aeronautical Systems, Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies and a senior adviser on the bipartisan Cyberspace Solarium Commission, joins Defense & Aerospace Report Editor Vago Muradian to discuss reconciliation, the Trump administration's “skinny” $1 trillion defense budget request, prospects the measure will pass Congress given the White House's proposed $164 billion in proposed discretionary spending cuts, the importance of soft power investments including the Voice of America, Rafio Free Europe and Radio Free Asia in countering Russian and Chinese disinformation worldwide, aid programs to advance US interests, and an update on the Ukraine war.

Cyber threats are evolving – but U.S. cyber policy coordination is still lagging behind. Four years after the establishment of the Office of the National Cyber Director, the Trump administration has a unique opportunity to establish stronger central coordination and drive meaningful improvements in how the federal government secures and defends cyberspace. How should the administration clarify and reinforce the role of the National Cyber Director? How can the administration create a more structured and accountable interagency cyber community? How can these structures set clearer national priorities and achieve the goals of deterring adversaries and advancing national resilience in cyberspace?To discuss these issues and more, FDD's Center on Cyber and Technology Innovation (CCTI) hosts a virtual conversation with former National Cyber Director Chris Inglis and John Costello, senior advisor to CSC 2.0, an initiative housed at FDD to continue the work of the congressionally mandated Cyberspace Solarium Commission. The conversation is moderated by RADM (Ret.) Mark Montgomery, senior director of CCTI and former executive director of the Cyberspace Solarium Commission with introductions by Dr. Samantha Ravich, Chair of FDD's Center on Cyber and Technology Innovation.For more, check out: https://www.fdd.org/events/2025/03/12/coaching-thecyberteam-the-future-of-the-office-of-the-national-cyber-director-and-cyber-governance/

Hugh covers the news of the day and talks with Rear Admiral Mark Montgomery (USN, ret.), Director of the U.S. Cyberspace Solarium Commission, Senior Fellow at the Foundation for Defense of Democracies, Former Missouri Senator Jim Talent, chairman of Reagan Institute's National Leadership Council, and Dan Senor, host of the Call Me Back podcast.See omnystudio.com/listener for privacy information.

China has prepositioned destructive cyber capabilities in U.S. energy and transportation infrastructure. Russia has capabilities to disrupt undersea cables and industrial control systems. Iran has exploited unprotected networks to deface machines monitoring water systems. The Cybersecurity and Infrastructure Agency (CISA) at the Department of Homeland Security is charged with collaborating with the private sector to secure critical systems. Since its creation in 2018, CISA has led federal efforts to understand and mitigate systemic cyber risk. How vulnerable is America in cyberspace? How has public-private cyber collaboration changed over the past six years? And, as U.S. adversaries become more aggressive in cyberspace, how can CISA bolster national cyber resilience?FDD's Center on Cyber and Technology Innovation hosts a fireside chat with CISA Director Jen Easterly on protecting critical infrastructure in the cyber age. The conversation will be moderated by RADM (Ret.) Mark Montgomery, CCTI senior director and former executive director of the congressionally mandated Cyberspace Solarium Commission.For more, check out: https://www.fdd.org/events/2024/01/15/infrastructure-security-in-the-cyber-age-a-conversation-with-cisa-director-jen-easterly/

Four years ago, Congress created the Office of the National Cyber Director to serve as the president's senior advisor on cybersecurity, implementing national strategy, supporting whole-of-nation cyber resilience, and working with the Office of Management and Budget to align federal resourcing to growing cyber threats from criminals and nation states including China, Russia, and Iran. The office led the charge developing a new national cybersecurity strategy and executed dozens of technical, governance, workforce, and policy solutions to implement the strategy. Has this implementation bolstered national cyber resilience? Has the government developed a whole-of-nation response to cyber incidents? Are federal resources aligned to thwart and deter U.S. adversaries in cyberspace?FDD's Center on Cyber and Technology Innovation hosts remarks and a fireside chat with National Cyber Director Harry Coker, Jr. on the role of the Office of the National Cyber Director, its past successes, and lessons learned for the future. The conversation will be moderated by RADM (Ret.) Mark Montgomery, CCTI senior director and former executive director of the congressionally mandated Cyberspace Solarium Commission.For more, check out: fdd.org/events/2025/01/07/cyber-strategies-and-successes-a-conversation-with-national-cyber-director-harry-coker-jr/

The energy transition is transforming how we power our world – clean energy systems are becoming more interconnected, automated, and reliant on digital infrastructure. But with this transformation comes a new vulnerability: cyberattacks. As our grid becomes smarter and our system more digitized, the potential for disruption grows. Earlier this year, the FBI warned of a serious threat that Chinese hackers had infiltrated U.S. critical infrastructure systems, raising the possibility of a “devastating blow” to energy and other vital services. The stakes are clear. As we move forward with the energy transition – and increasingly digitizing and electrifying our systems –  we are increasingly vulnerable to cyber attacks. This week, host Jason Bordoff speaks with Harry Krejsa about the cybersecurity risks at the intersection of operational technology and information technology in the clean energy transition, the destructive capabilities of China and Russia on American critical infrastructure, and what we should be doing about it. Harry is the director of studies at the Carnegie Mellon Institute for Strategy & Technology. He was previously in the Biden White House's Office of the National Cyber Director. There, he led development of the Biden-Harris administration's National Cybersecurity Strategy, established national clean energy security priorities, and represented the U.S. government in technology security consultations with foreign partners and the global private sector.  Prior to that, Harry worked at the intersection of technology, industrial strategy, and U.S.-China competition for the Department of Defense, the Cyberspace Solarium Commission, and the Center for a New American Security.

Tuesday, October 8, 2024 Hoover Institution, Stanford University The Hoover Institution's Wargaming and Crisis Simulation Initiative presents To War or Not to War: Vietnam and the Sigma Wargames on Tuesday, October 8, 2024 at 2:00PM PT. In 1964, America was slowly marching towards war in Vietnam. But what if that war could have been fought differently or avoided altogether? The Sigma Games, a series of politico-military wargames run by the Pentagon's Joint Staff in the 1960s, sought to understand the unfolding conflict in Southeast Asia. These games, which involved top figures from the Johnson Administration—including National Security Adviser McGeorge Bundy, Air Force General Curtis LeMay, and Chairman of the Joint Chiefs of Staff Earle Wheeler—offer a chillingly accurate forecast of the war's potential trajectory.  Choose your character for an immersive experience. See the game unfold through the eyes of pivotal figures such as John McCone, Curtis LeMay, Earle Wheeler, and McGeorge Bundy in this interactive event. This event introduces the games and turns to a panel of historians to explore the Sigma Wargames, their prescient warnings, and why these early insights failed to shape the Johnson Administration's decision-making, ultimately leading to one of America's most costly conflicts.  The conversation, while a look into a key set of games at a historical moment in American foreign policy, says something more broadly at the impact of wargames on US foreign and defense policy as well as how influence is created (and hijacked) within strategic decision making. ​PANELISTS H.R. McMaster is the Fouad and Michelle Ajami Senior Fellow at the Hoover Institution, Stanford University. He is also the Bernard and Susan Liautaud Fellow at the Freeman Spogli Institute and lecturer at Stanford University's Graduate School of Business.  McMaster holds a PhD in military history from the University of North Carolina at Chapel Hill. He was an assistant professor of history at the US Military Academy. He is author of the bestselling books Battlegrounds: The Fight to Defend the Free World and Dereliction of Duty: Lyndon Johnson, Robert McNamara, the Joint Chiefs of Staff and the Lies that Led to Vietnam. In August 2024, McMaster released his most recent book, At War with Ourselves: My Tour of Duty in the Trump White House. His many essays, articles, and book reviews on leadership, history, and the future of warfare have appeared in The Atlantic, Foreign Affairs, Foreign Policy, National Review, the Wall Street Journal, the Washington Post, and the New York Times. McMaster is the host of Battlegrounds: Vital Perspectives on Today's Challenges and is a regular on GoodFellows, both produced by the Hoover Institution. He is a Distinguished University Fellow at Arizona State University. Mai Elliott is the author of The Sacred Willow: Four Generations in the Life of a Vietnamese Family, a personal and family memoir which was nominated for the Pulitzer Prize, and RAND in Southeast Asia: A History of the Vietnam War Era. She served as an advisor to Ken Burns and Lynn Novick for their PBS documentary on “The Vietnam War” and featured in seven of its ten episodes.  She recently contributed a chapter analyzing “The South Vietnamese Home Front” for the soon to be published Cambridge University Press 3-volume work on the Vietnam War.    Mai Elliott was born in Vietnam and grew up in Hanoi and Saigon.  She attended French schools in Vietnam and is a graduate of Georgetown University in Washington, D.C.  (She also writes under the name of Duong Van Mai Elliott).   Mark Moyar is the director of the Center for Military History and Strategy at Hillsdale College, where he also holds the William P. Harris Chair of Military History. During the Trump administration, Dr. Moyar was a political appointee at the U.S. Agency for International Development, serving as the Director of the Office of Civilian–Military Cooperation. Previously, he directed the Project on Military and Diplomatic History at the Center for Strategic and International Studies in Washington, DC, and worked as a national security consultant. He has taught at the U.S. Marine Corps University, the Joint Special Operations University, and Texas A&M University. He is author of eight books, of which the most recent is Masters of Corruption: How the Federal Bureaucracy Sabotaged the Trump Presidency. He holds a B.A. summa cum laude from Harvard and a Ph.D. from Cambridge. MODERATOR Jacquelyn Schneider is the Hargrove Hoover Fellow at the Hoover Institution, the Director of the Hoover Wargaming and Crisis Simulation Initiative, and an affiliate with Stanford's Center for International Security and Cooperation. Her research focuses on the intersection of technology, national security, and political psychology with a special interest in cybersecurity, autonomous technologies, wargames, and Northeast Asia. She was previously an Assistant Professor at the Naval War College as well as a senior policy advisor to the Cyberspace Solarium Commission. Dr. Schneider was a 2020 winner of the Perry World House-Foreign Affairs Emerging Scholars Policy Prize. She is also the recipient of a Minerva grant on autonomy (with co-PIs Michael Horowitz, Julia Macdonald, and Allen Dafoe), a University of Denver grant to study public responses to the use of drones (with Macdonald), and a grant from the Stanton Foundation to study networks, cyber, and nuclear stability through wargames. Dr. Schneider is an active member of the defense policy community with previous positions at the Center for a New American Security and the RAND Corporation. Before beginning her academic career, she spent six years as an Air Force officer in South Korea and Japan and is currently a reservist assigned to US Space Systems Command. She has a BA from Columbia University, MA from Arizona State University, and PhD from George Washington University.

GOOD EVENING: The show begins in Russia as the Ukrainian incursion pushes on toward Kursk Oblast. More later. 1941 Moscow defense CBS EYE ON THE WORLD WITH JOHN BATCHELOR FIRST HOUR 9-915 1/2: UKRAINE: The incursion. Anatol Lieven, Quincy Institute. 915-930 2/2: UKRAINE: The incursion. Anatol Lieven, Quincy Institute. 930-945 #SCALAREPORT: Chip wars and Huawei. Chris Riegel CEO, Scala.com @Stratacache 945-1000 #VENEZUELA: The US hesitates to condemn. Mary Anastasia O'Grady, WSJ SECOND HOUR 10-1015 Northern Israel: Under constant attack. Lieutenant Colonel (Res.) Sarit Zehavi, Founder and president of Alma – a nonprofit and an independent research and education center specializing in Israel's security challenges on its northern border. Malcolm Hoenlein @Conf_of_pres @mhoenlein1 1015-1030 IRAN: Unknown weaponizing schedule. David Albright is an American physicist and a weapons expert who is the founder of the non-governmental Institute for Science and International Security (ISIS), its current president, and author of several books on the proliferation of atomic weapons. Malcolm Hoenlein @Conf_of_pres @mhoenlein1 1030-1045 #ISRAEL: Will the US counter-attack Iran or its proxies? Rear Admiral (Ret.) Mark Montgomery is the Senior Director at the Center on Cyber and Technology Innovation, leading efforts to enhance U.S. security and counter cyber threats. He also directs CSC 2.0, an initiative focused on implementing recommendations from the Cyberspace Solarium Commission, where he was the Executive Director. Malcolm Hoenlein @Conf_of_pres @mhoenlein1 1045-1100 #ISRAEL: The scale and pattern of the anti-Israel media: Ben-Dror Yemini is a senior journalist with the Hebrew daily Yediot Ahronot. He has conducted a lot of research on anti-Israeli propaganda. Malcolm Hoenlein @Conf_of_pres @mhoenlein1 THIRD HOUR 1100-1115 #TAIWAN: Can it mitigate the PLA attack? Cliff May, FDD 1115-1130 #PRC: Another twist at the Defense Ministry. Charles Burton, Sinopsis. 1130-1145 1/2: #HOTEL MARS: The postponed Mars Sample Return Mission & What is to be done? David Southwood, Imperial College. David Livingston, Space Show. 1145-1200 2/2: #HOTEL MARS: The postponed Mars Sample Return Mission & What is to be done? David Southwood, Imperial College. David Livingston, Space Show. FOURTH HOUR 12-1215 #MrMarket: US Industrial Policy of tariffs and subsidies means the voters pay more for lesser quality. Veronique de Rugy, Mercatus Center 1215-1230 #CANADA: Climate Change and Ottawa. Conrad Black, National Post. 1230-1245 #IRAN: The Pakistani national accused of planning assassinations at the direction of Tehran. Sadanand Dhume, WSJ, AEI 1245-100 am OCEANIA: Defending the Second Island Chain, Ronan Wordsworth, @GPFutures https://geopoliticalfutures.com/the-us-strengthens-the-second-island-chain/

#ISRAEL: Will the US counter attack Iran or its proxies Rear Admiral (Ret.) Mark Montgomery is the Senior Director at the Center on Cyber and Technology Innovation, leading efforts to enhance U.S. security and counter cyber threats. He also directs CSC 2.0, an initiative focused on implementing recommendations from the Cyberspace Solarium Commission, where he was the Executive Director. Malcolm Hoenlein @Conf_of_pres @mhoenlein1 1951 Galilee

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: The Case For A Cyber ForcePub date: 2024-07-23In this episode, Bryson sits down with Mark Montgomery, Senior Director at the Foundation for Defense of Democracies. For three years, Mark served as Executive Director of the Cyberspace Solarium Commission, created by congressional mandate to develop strategic approaches to defending against cyber attacks. Now, he directs CSC 2.0, an initiative that works to implement the recommendations of the Commission. What were the key recommendations of the Cyberspace Solarium Commission? What are the politics of cybersecurity? How do we ensure that our international partners have the same level of resiliency and recovery that we have domestically? “We'd like to fight our adversaries overseas. That means we have to fight with and through our allies and partners. So they have to have strong critical infrastructure as our forces arrive and execute their missions,” Mark said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This week, we are joined by Errol Weiss, CSO of Health-ISAC, and he is discussing the current threat landscape in healthcare and their contributions to the Cyberspace Solarium Commission's healthcare report. Dave and Ben discuss the latest rulings from the US Supreme Court including how the ruling will likely have a sweeping effect on regulations, including cybersecurity rules, in every sector. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Please take a moment to fill out an audience survey! Let us know how we are doing! Links to the stories: Chevron Pattern Disrupted: The Impact on Cybersecurity Regulations Caveat Briefing A companion weekly newsletter is available CyberWire Pro members on the CyberWire's website. If you are a member, make sure you subscribe to receive our weekly wrap-up of privacy, policy, and research news, focused on incidents, techniques, tips, compliance, rights, trends, threats, policy, and influence ops delivered to you inbox each Thursday. Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, Audra is joined by Mark Montgomery, senior director of the FDD's Center on Cyber and Technology Innovation and director of the CSC 2.0. Today's discussion focuses on the progress made implementing the recommendations of the Cyberspace Solarium Commission's 2020 report and securing critical infrastructure more broadly, including insights from Mark on the need for a distinct military force focused exclusively on cybersecurity.   Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD's efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy. Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy's nuclear power training program. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e277

The FBI takes down ALPHV/BlackCat. Comcast reveals breach of nearly 36 million Xfinity customers. Microsoft and Cyberspace Solarium Commission release water sector security report. Malware increasingly uses public infrastructure. Iran's Seedworm and its telco targets. QR code scams. Feds release joint analysis of 2022 election integrity. Joint advisory on Play ransomware group. In today's Mr Security Answer Person, John Pescatore considers the risks of AI. Rick Howard talks with Lauren Brennan of GuidePoint Security about evaluating and maturing your SOC. Iranian gas stations running on empty. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guests John Pescastore joins us for Mr. Security Answer Person to address the question, “Things seem to be moving quickly with AI, what is your feeling about that positioning for early 2024?” Today's guest is Lauren Brennan of GuidePoint Security. N2K's Rick Howard caught up with Lauren recently  at the MITRE ATT&CKcon 4.0. They discussed evaluating and maturing your SOC. Selected Reading Authorities claim seizure of notorious ALPHV ransomware gang's dark web leak site (TechCrunch+) Comcast says hackers stole data of close to 36 million Xfinity customers (TechCrunch+) Microsoft, Cyberspace Solarium Commission propose measures to strengthen water sector cybersecurity (Industrial Cyber) Malware leveraging public infrastructure like GitHub on the rise (Reversing Labs) Seedworm: Iranian Hackers Target Telecoms Orgs in North and East Africa (Symantec) “Quishing” you a Happy Holiday Season (netcraft) 2022 Election Not Impacted by Chinese, Russian Cyber Activity: DOJ, DHS (Securityweek) US and Australia Warn of Play Ransomware Threat (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Dr. Samantha Ravich, Chairman for the Center on Cyber and Technology Innovation at Foundation for Defense of Democracies joins the podcast this week. She shares insights from her many years on the geopolitical and economic front lines of cyber, and work with many renowned government leaders, on developing a plan of action to address today's cyber threat landscape and looming threat against critical infrastructure and essential services. She also provides perspective on building resiliency, what we can learn from natural disasters relative to cyber attacks, as well as the opportunity and impact of states creating and driving their own continuity of the economy plans. Dr. Samantha Ravich, Chairman, Center on Cyber and Technology Innovation, Foundation for Defense of Democracies ---- Dr. Samantha Ravich is the chairman of FDD's Center on Cyber and Technology Innovation and its Transformative Cyber Innovation Lab and the principal investigator on FDD's Cyber-Enabled Economic Warfare project. She is also a senior advisor at FDD, serving on the advisory boards of FDD's Center on Economic and Financial Power (CEFP) and Center on Military and Political Power (CMPP). Samantha serves as a commissioner on the congressionally mandated Cyberspace Solarium Commission and as a member of the U.S. Secret Service's Cyber Investigation Advisory Board. Samantha served as deputy national security advisor for Vice President Cheney, focusing on Asian and Middle East Affairs as well as on counter-terrorism and counter-proliferation. Following her time at the White House, Samantha was the Republican co-chair of the congressionally mandated National Commission for Review of Research and Development Programs in the United States Intelligence Community. Most recently, she served as vice chair of the President's Intelligence Advisory Board (PIAB) and co-chair of the Artificial Intelligence Working Group of the Secretary of Energy Advisory Board. She is advisor on cyber and geo-political threats and trends to numerous technology, manufacturing, and services companies; a managing partner of A2P, a social data analytics firm; and on the board of directors for International Game Technology (NYSE:IGT). Her book, Marketization and Democracy: East Asian Experiences (Cambridge University Press) is used as a basic textbook in international economics, political science, and Asian studies college courses. Samantha is a member of the Council on Foreign Relations and advises the U.S. Intelligence Community and the Department of Defense. She is a frequent keynote speaker on: What Corporate Boards need to know about Cyber Security and Warfare; The Longer-Term Trends in International Security; and the Future of Intelligence Collection and Analysis. Samantha received her PhD in Policy Analysis from the RAND Graduate School and her MCP/BSE from the Wharton School at the University of Pennsylvania. --- https://www.linkedin.com/in/samantha-ravich-7b5aa08b/ For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e254

The smooth function of America's economy is critical for national security, military readiness, and geopolitical influence, making it a likely target for an adversary during a conflict. To quickly recover in the event of a widespread cyberattack on multiple industries, Congress directed the president to establish a Continuity of the Economy (COTE) plan. The Biden administration delivered its response to Congress in August 2023, but the final product provides no plan to ensure rapid economic recovery. It asserts that COTE is sufficiently covered by other emergency response plans, and as a result, fails to grapple with important questions: Does the federal government have the information it needs to determine the order of recovery in the wake of a crisis? Can emergency response plans focused primarily on public health and safety work effectively to restart the economy? Who should be responsible for ensuring existing government plans actually get updated to incorporate COTE? And, critically, what role should the private sector – the owners and operators of the U.S. economy – play in COTE planning and implementation?To address these shortcomings and provide recommendations on how to remedy them, FDD is hosting a virtual discussion with Rep. Andrew Garbarino (R-NY), chairman of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection; Tom Fanning, executive chairman of Southern Company; Mark Harvey, former senior director for resilience policy on the National Security Council staff, and RADM (Ret.) Mark Montgomery, former executive director of the Cyberspace Solarium Commission. This panel will be moderated by Dr. Samantha Ravich, chair of FDD's Center on Cyber and Technology Innovation (CCTI).

Podcast: To The Point - Cybersecurity (LS 36 · TOP 2.5% what is this?)Episode: The Cyber Satellite Threat with Mark MontgomeryPub date: 2023-08-08This week on the podcast, we're joined by Mark Montgomery, senior director of the FDD's Center on Cyber and Technology Innovation and director of the CSC 2.0. Mark shares about the different physical and cyber threats faced by satellites and space networks. He also shares considerations for classifying satellites as critical infrastructure and what the legislation required to do so might look like.   Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD's efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy. Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy's nuclear power training program. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e245The podcast and artwork embedded on this page are from Forcepoint | Global Cybersecurity Leader | Security. Simplified., which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This week on the podcast, we're joined by Mark Montgomery, senior director of the FDD's Center on Cyber and Technology Innovation and director of the CSC 2.0. Mark shares about the different physical and cyber threats faced by satellites and space networks. He also shares considerations for classifying satellites as critical infrastructure and what the legislation required to do so might look like.   Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD's efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy. Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy's nuclear power training program. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e245

The Cyberspace Solarium Commission looks at obstacles to public-private collaboration in the industrial sector. Malware in the industrial sector increases. Organizations plan to increase their OT cybersecurity budgets. CISA and its partners have released a Joint Guide to Securing Remote Access Software. And the US DoD holds its Cyber Yankee exercise. Today's guest is Will Edwards of Schweitzer Engineering Labs discussing cyber awareness syndrome. The Learning Lab has the conclusion off the discussion between Dragos' Mark Urban, Principal Adversary Hunter Kyle O'Meara, and Principal Intelligence Technical Account Manager Michael Gardner on threat hunting.  Control Loop News Brief. Obstacles to public-private collaboration in the industrial sector. Revising Public-Private Collaboration to Protect U.S. Critical Infrastructure (CSC 2.0) NERC's role in public-private security collaboration can deter utilities from sharing information: report (Utility Dive) Malware in the industrial sector increases. 2023 Unit 42 Network Threat Trends Research Report (Unit 42) CISA and partners release Joint Guide to Securing Remote Access Software. Guide to Securing Remote Access Software (CISA) US DoD holds Cyber Yankee exercise. Cyber Yankee Prepares Military, Business for Cyber Threats (Air National Guard) Control Loop Interview. The interview is with Will Edwards of Schweitzer Engineering Labs discussing cyber awareness syndrome. Control Loop Learning Lab. On the Learning Lab, Mark Urban is joined by Dragos Principal Adversary Hunter Kyle O'Meara and Dragos Principal Intelligence Technical Account Manager Michael Gardener to conclude their discussion on threat hunting.  Control Loop OT Cybersecurity Briefing. A companion monthly newsletter is available through free subscription and on the CyberWire's website.

It was a disastrous week for cryptocurrency in the United States, as the Securities Exchange Commission (SEC) filed suit against the two biggest exchanges, Binance and Coinbase, on a theory that makes it nearly impossible to run a cryptocurrency exchange that is competitive with overseas exchanges. Nick Weaver lays out the differences between “process crimes” and “crime crimes,” and how they help distinguish the two lawsuits. The SEC action marks the end of an uneasy truce, but not the end of the debate. Both exchanges have the funds for a hundred-million-dollar defense and lobbying campaign. So you can expect to hear more about this issue for years (and years) to come. I touch on two AI regulation stories. First, I found Mark Andreessen's post trying to head off AI regulation pretty persuasive until the end, where he said that the risk of bad people using AI for bad things can be addressed by using AI to stop them. Sorry, Mark, it doesn't work that way. We aren't stopping the crimes that modern encryption makes possible by throwing more crypto at the culprits.  My nominee for the AI Regulation Hall of Fame, though, goes to Japan, which has decided to address the phony issue of AI copyright infringement by declaring that it's a phony issue and there'll be no copyright liability for their AI industry when they train models on copyrighted content. This is the right answer, but it's also a brilliant way of borrowing and subverting the EU's GDPR model (“We regulate the world, and help EU industry too”). If Japan applies this policy to models built and trained in Japan, it will give Japanese AI companies at least an arguable immunity from copyright claims  around the world. Companies will flock to Japan to train their models and build their datasets in relative regulatory certainty. The rest of the world can follow suit or watch their industries set up shop in Japan. It helps, of course, that copyright claims against AI are mostly rent-seeking by Big Content, but this has to be the smartest piece of international AI regulation any jurisdiction has come up with so far. Kurt Sanger, just back from a NATO cyber conference in Estonia, explains why military cyber defenders are stressing their need for access to the private networks they'll be defending. Whether they'll get it, we agree, is another kettle of fish entirely. David Kris turns to public-private cooperation issues in another context. The Cyberspace Solarium Commission has another report out. It calls on the government to refresh and rethink the aging orders that regulate how the government deals with the private sector on cyber matters. Kurt and I consider whether Russia is committing war crimes by DDOSing emergency services in Ukraine at the same time as its bombing of Ukrainian cities. We agree that the evidence isn't there yet.  Nick and I dig into two recent exploits that stand out from the crowd. It turns out that Barracuda's security appliance has been so badly compromised that the only remedial measure involve a woodchipper. Nick is confident that the tradecraft here suggests a nation-state attacker. I wonder if it's also a way to move Barracuda's customers to the cloud.  The other compromise is an attack on MOVEit Transfer. The attack on the secure file transfer system has allowed ransomware gang Clop to download so much proprietary data that they have resorted to telling their victims to self-identify and pay the ransom rather than wait for Clop to figure out who they've pawned. Kurt, David, and I talk about the White House effort to sell section 702 of FISA for its cybersecurity value and my effort, with Michael Ellis, to sell 702 (packaged with intelligence reform) to a conservative caucus that is newly skeptical of the intelligence community. David finds himself uncomfortably close to endorsing our efforts. Finally, in quick updates: Nick talks about Tesla's Full Self Driving, and the accidents it has been involved in I warn listeners that Virginia has joined the ranks of states that require an ID proving age to access Pornhub. I predict that twenty states will adopt such a requirement in the next year Download 462nd Episode (mp3) You can subscribe to The Cyberlaw Podcast using iTunes, Google Play, Spotify, Pocket Casts, or our RSS feed. As always, The Cyberlaw Podcast is open to feedback. Be sure to engage with @stewartbaker on Twitter. Send your questions, comments, and suggestions for topics or interviewees to CyberlawPodcast@gmail.com. Remember: If your suggested guest appears on the show, we will send you a highly coveted Cyberlaw Podcast mug! The views expressed in this podcast are those of the speakers and do not reflect the opinions of their institutions, clients, friends, families, or pets.  

Nikki - What does cyber resiliency mean to you?Nikki - Can you tell us a little bit more about the Cyberspace Solarium Commission or CSC, in particular I'm interested in the promotion of national resilience. Can you talk a little bit about what that means and what's in progress at the moment? Chris - There's been a lot of activity lately with the Cyber EO, OMB Memos, activities by NIST, publications by CISA and of course the National Cyber Strategy. How do you feel about where we're headed as a nation on the Cyber front and do you think we could be doing more, and if so, what in particular?Chris - I recently saw you made comments regarding Cloud Service Providers (CSP) and their lack of being designated as critical infrastructure I believe. I have seen similar comments from the OCND, due to how critical CSP's, especially major IaaS providers are to the nation. Why do you think they have avoided this designation as long as they have?Nikki - There are a lot of us in cybersecurity that got into it to help defend our nation and protect our country (myself included). Are there ways that other cyber defenders or technical professionals can get involved or any resources you would recommend? Nikki - I don't see a ton in legislature or in the Executive Order about the human element behind cybersecurity and our challenges with risk management. Do you foresee any legislation or anything that may come out around how to protect our users and even our security practitioners? Chris - I mentioned the NCS earlier, a big part of that was shifting market forces, the idea of software liability and also safe harbor. What are your thoughts on this topic?Chris - CISA recently released "Secure-by-Design/Default" guidance for software suppliers and manufacturers. I wrote an article recently tracing the advocacy for "secure by design" back 50 years to the Ware Report. Yet here we are, still advocating for the same concepts. What do you think it will take for this to become a requirement rather than a recommendation and how important is this paradigm shift for national security?

Podcast: Control Loop: The OT Cybersecurity Podcast (LS 33 · TOP 5% what is this?)Episode: The challenges of carrying out vulnerability management.Pub date: 2023-04-05The Vulkan Papers. The Cyberspace Solarium Commission recommends that CISA set up a test bed to improve maritime cybersecurity. Dragos CEO on critical infrastructure cybersecurity. The JCDC's pre-ransomware notification efforts. Guest Mike Hoffman, Technical Leader Global Services at Dragos & a SANS instructor, discusses challenges carrying out vulnerability management. In the Learning Lab, Dragos' VP Product & Industry Market Strategy Mark Urban concludes his two-part discussion about industrial cyber threat intel & collective intelligence with Seth Lacy, Principal Threat Hunter at Dragos.Control Loop News Brief.The Vulkan Papers. A Look Inside Putin's Secret Plans for Cyber-Warfare (Der Spiegel)Secret trove offers rare look into Russian cyberwar ambitions (The Washington Post)Maritime cybersecurity.Full Steam Ahead: Enhancing Maritime Cybersecurity (Cyberspace Solarium Commission 2.0)Cyber experts call for CISA to establish maritime equipment test bed (FedScoop)Dragos CEO on critical infrastructure cybersecurity.Full Committee Hearing to Examine Cybersecurity Vulnerabilities to the United States' Energy Infrastructure (Senate Committee on Energy and Natural Resources)JCDC and pre-ransomware notification.JCDC Cultivates Pre-Ransomware Notification Capability (CISA)Getting Ahead of the Ransomware Epidemic: CISA's Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs (CISA)Control Loop Interview.The interview is with Mike Hoffman, Technical Leader Global Services at Dragos & SANS instructor, discussing challenges carrying vulnerability management.Control Loop Learning Lab.In Part 2 of 2, Dragos' VP Product & Industry Market Strategy Mark Urban speaks with Seth Lacy, Principal Threat Hunter at Dragos, about industrial cyber threat intel & collective intelligence. Industrial Cyber Threat Intel & Collective Intelligence links: Neighborhood Keeper in the Broader Context of Cyber Threat Intelligence Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper Control Loop OT Cybersecurity Briefing.A companion monthly newsletter is available through free subscription and on the CyberWire's website.The podcast and artwork embedded on this page are from N2K Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Vulkan Papers. The Cyberspace Solarium Commission recommends that CISA set up a test bed to improve maritime cybersecurity. Dragos CEO on critical infrastructure cybersecurity. The JCDC's pre-ransomware notification efforts. Guest Mike Hoffman, Technical Leader Global Services at Dragos & a SANS instructor, discusses challenges carrying out vulnerability management. In the Learning Lab, Dragos' VP Product & Industry Market Strategy Mark Urban concludes his two-part discussion about industrial cyber threat intel & collective intelligence with Seth Lacy, Principal Threat Hunter at Dragos. Control Loop News Brief. The Vulkan Papers. A Look Inside Putin's Secret Plans for Cyber-Warfare (Der Spiegel) Secret trove offers rare look into Russian cyberwar ambitions (The Washington Post) Maritime cybersecurity. Full Steam Ahead: Enhancing Maritime Cybersecurity (Cyberspace Solarium Commission 2.0) Cyber experts call for CISA to establish maritime equipment test bed (FedScoop) Dragos CEO on critical infrastructure cybersecurity. Full Committee Hearing to Examine Cybersecurity Vulnerabilities to the United States' Energy Infrastructure (Senate Committee on Energy and Natural Resources) JCDC and pre-ransomware notification. JCDC Cultivates Pre-Ransomware Notification Capability (CISA) Getting Ahead of the Ransomware Epidemic: CISA's Pre-Ransomware Notifications Help Organizations Stop Attacks Before Damage Occurs (CISA) Control Loop Interview. The interview is with Mike Hoffman, Technical Leader Global Services at Dragos & SANS instructor, discussing challenges carrying vulnerability management. Control Loop Learning Lab. In Part 2 of 2, Dragos' VP Product & Industry Market Strategy Mark Urban speaks with Seth Lacy, Principal Threat Hunter at Dragos, about industrial cyber threat intel & collective intelligence.  Industrial Cyber Threat Intel & Collective Intelligence links: Neighborhood Keeper in the Broader Context of Cyber Threat Intelligence Using Trend Analysis to Operationalize OT Threat Intelligence with Neighborhood Keeper Control Loop OT Cybersecurity Briefing. A companion monthly newsletter is available through free subscription and on the CyberWire's website.

Vladimir Putin expected to conquer Ukraine in three days. But the brutal and bloody war he launched against his neighbor has dragged on for one year. The factors that gave rise to this war are still widely misunderstood. How or when it will end remains unclear, too. To unpack everything, Foreign Podicy host Cliff May — FDD's Founder and President and Chairman of its Russia Program — is joined by three FDD experts. RADM (ret) Mark Montgomery Mark Montgomery serves as senior director of FDD's Center on Cyber and Technology Innovation, countering cyber threats that seek to diminish America's national security. Mark also directs CSC 2.0, an FDD initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he was executive director. Mark previously served as policy director for the Senate Armed Services Committee under the leadership of Senator John McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy. Before that, Mark served for 32 years in the U.S. Navy, retiring as a rear admiral in 2017. Bradley Bowman Bradley Bowman is senior director of FDD's Center on Military and Political Power, focusing on U.S. defense strategy and policy. Brad spent nearly nine years as a national security and defense advisor in the U.S. Senate. Prior to that, he served more than 15 years on active duty in the U.S. Army, including as a company commander, helicopter pilot, congressional affairs officer in the Pentagon, and staff officer in Afghanistan. He also was an assistant professor at West Point, teaching foreign policy and grand strategy. John Hardie John Hardie serves as deputy director of FDD's Russia Program, focusing on Russian foreign and security policy, U.S. policy toward Russia and the post-Soviet space, and transatlantic relations. John holds an M.A. in security studies from the Georgetown University School of Foreign Service.

About Americans must be prepared to defend themselves from hostile armies, navies, air forces – and, not least, soldiers in cyberspace. With that in mind, in 2019, Congress created the Cyberspace Solarium Commission, the CSC. It's mission: “to develop a strategic approach to defending the United States in cyberspace against cyber-attacks of significant consequences.” The CSC operated successfully for two and a half years, publishing its flagship report in March 2020. It issued more than 80 recommendations to reform U.S. government structures and organization, promote national resilience, operationalize public-private collaboration, and preserve and employ military instruments of national power. Many of those recommendations have been implemented — but not all. At the CSC's planned sunset, the commissioners launched "CSC 2.0" to support the implementation of outstanding recommendations, provide annual assessments of progress, and conduct further research and analysis on cybersecurity issues. It's a critical project because there are still many gaping holes in America's cyberspace defense capabilities. To better understand what is being done and what still must be done to defeat this evolving threat, host Cliff May is joined by RADM (Ret) Mark Montgomery — former executive director of the Cyberspace Solarium Commission, now senior director of FDD's Center on Cyber and Technology Innovation, CCTI, which houses “CSC 2.0” — and Jiwon Ma, a program analyst at CCTI, where she focuses on this new project.  They recently co-authored the project's 2022 Annual Report on Implementation which examines the progress of efforts to harden our national security in cyberspace.

On this week's Cyber Report, sponsored by Fortress Information Security, Philip Niedermair, a managing director at the Ward & Berry law firm who is also chairman of the board of advisers at the National Cyber Group and a senior advisor to the Cyberspace Solarium Commission 2.0, discusses commission priorities, changing the prevalent mindset that cyber security is a costly burden rather than a critically important economic and security enabler, attracting more diverse talent to the cyber workforce, cyber takeaways from recent national security and law enforcement gatherings and remembering the legacy of Dr. Scott Dade, the director of the schools of cyber security, cryptology, business and foreign languages at Fort Gordon, with Defense & Aerospace Report Editor Vago Muradian.

This episode features a much deeper, and more diverse, examination of the Fifth Circuit decision upholding Texas's social media law. We devote the last half of the episode to a structured dialogue about the opinion between Adam Candeub and Alan Rozenshtein. Both have written about it already, Alan critically and Adam supportively. I lead off, arguing that, contrary to legal Twitter's dismissive reaction, the opinion is a brilliant and effective piece of Supreme Court advocacy. Alan thinks that is exactly the problem; he objects to the opinion's grating self-certainty and refusal to acknowledge the less convenient parts of past case law. Adam is closer to my view. We all seem to agree that the opinion succeeds as an audition for Judge Andrew Oldham to become Justice Oldham in the DeSantis Administration.   We walk through the opinion and what its critics don't like, touching on the competing free expression interests of social media users and of the platforms themselves, whether there's any basis for an injunction today, given the relative weakness of the overbreadth argument and the fundamental disagreement over whether “exercising editorial discretion” is a fundamental right under the first amendment or just an artifact of older technologies. Most intriguing, we find unexpected consensus that Judge Oldham's (and Clarence Thomas's) common carrier argument may turn out to be the most powerful point in the opinion and when the case reaches the Court. In the news roundup, we focus on the Congressional sprint to pass additional legislation before the end of the Congress. Michael Ellis explains the debate between the Cyberspace Solarium Commission alumni and business lobbyists over enacting a statutory set of obligations for systemically critical infrastructure companies. Adam outlines a strange-bedfellows bill that has united Sens. Amy Klobuchar (D-Minn.) and Ted Cruz (R-Texas) in an effort to give small media companies and broadcasters an antitrust immunity to bargain with the big social media platforms over the use of their content. Adam is a skeptic, Alan less so. The Pentagon, reliably braver when facing bullets than a bad Washington Post story, is performing to type in the flap over fake social media accounts. Michael tells us that the accounts pushed pro-U.S. stories but met with little success before Meta and Twitter caught on and kicked them off their platforms. Now the Department of Defense is conducting a broad review of military information operations. I predict fewer such efforts and don't mourn their loss. Adam and I touch on a decision of Meta's Oversight Board criticizing Facebook's automated image takedowns. I offer a new touchstone for understanding content regulation at the Big Platforms: They just don't care, so they've turned to whole project over to second-rate AI and second-rate employees. Michael walks us through the Department of the Treasury's new flexibility on sending communications software and services to Iran.  And, in quick hits, I note that: The Justice Department's China Initiative continues to suffer from pushback.  We should all expect bad things from the emergence of  violence as a service Russian botmasters have suddenly discovered that extradition to the U.S. may be better than going home and facing mobilization.

This episode features a much deeper, and more diverse, examination of the Fifth Circuit decision upholding Texas's social media law. We devote the last half of the episode to a structured dialogue about the opinion between Adam Candeub and Alan Rozenshtein. Both have written about it already, Alan critically and Adam supportively. I lead off, arguing that, contrary to legal Twitter's dismissive reaction, the opinion is a brilliant and effective piece of Supreme Court advocacy. Alan thinks that is exactly the problem; he objects to the opinion's grating self-certainty and refusal to acknowledge the less convenient parts of past case law. Adam is closer to my view. We all seem to agree that the opinion succeeds as an audition for Judge Andrew Oldham to become Justice Oldham in the DeSantis Administration.   We walk through the opinion and what its critics don't like, touching on the competing free expression interests of social media users and of the platforms themselves, whether there's any basis for an injunction today, given the relative weakness of the overbreadth argument and the fundamental disagreement over whether “exercising editorial discretion” is a fundamental right under the first amendment or just an artifact of older technologies. Most intriguing, we find unexpected consensus that Judge Oldham's (and Clarence Thomas's) common carrier argument may turn out to be the most powerful point in the opinion and when the case reaches the Court. In the news roundup, we focus on the Congressional sprint to pass additional legislation before the end of the Congress. Michael Ellis explains the debate between the Cyberspace Solarium Commission alumni and business lobbyists over enacting a statutory set of obligations for systemically critical infrastructure companies. Adam outlines a strange-bedfellows bill that has united Sens. Amy Klobuchar (D-Minn.) and Ted Cruz (R-Texas) in an effort to give small media companies and broadcasters an antitrust immunity to bargain with the big social media platforms over the use of their content. Adam is a skeptic, Alan less so. The Pentagon, reliably braver when facing bullets than a bad Washington Post story, is performing to type in the flap over fake social media accounts. Michael tells us that the accounts pushed pro-U.S. stories but met with little success before Meta and Twitter caught on and kicked them off their platforms. Now the Department of Defense is conducting a broad review of military information operations. I predict fewer such efforts and don't mourn their loss. Adam and I touch on a decision of Meta's Oversight Board criticizing Facebook's automated image takedowns. I offer a new touchstone for understanding content regulation at the Big Platforms: They just don't care, so they've turned to whole project over to second-rate AI and second-rate employees. Michael walks us through the Department of the Treasury's new flexibility on sending communications software and services to Iran.  And, in quick hits, I note that: The Justice Department's China Initiative continues to suffer from pushback.  We should all expect bad things from the emergence of  violence as a service Russian botmasters have suddenly discovered that extradition to the U.S. may be better than going home and facing mobilization.

On this week's Cyber Report, sponsored by Fortress Information Security, Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies and senior adviser on the bipartisan Cyber Solarium 2.0 commission, discusses the new report he co-authored with FDD's Jiwon Ma —“2022 Report on Implementation” of the Cyberspace Solarium Commission's recommendations — including legislations that's passed, in process, remaining challenges and impediments, as well as an update on what leadership changes in the House and Senate will mean for cyber legislation; and Fortress' Andrea Schaumann discusses cyber lessons from the revelation that Chinese alloys made it into a magnet in F-35 Lightning II fighters made by Lockheed Martin with Defense & Aerospace Report Editor Vago Muradian.

This episode features Cory Simpson, Founder & CEO of Gray Space Strategies Inc., who discusses the relationship between privacy, cybersecurity, and national security. He draws upon his experience as Senior Director and lead for the U.S. Cyberspace Solarium Commission and discusses whether the U.S. Government and private sector are prepared for conflict involving critical infrastructure. Cory also describes how national security has evolved over the past several decades and looks at how some privacy protections in the American Data Privacy & Protection Act may be important national security considerations.

Washington and Beijing are engaged in an increasingly intense contest spanning nearly all domains of power — and the stakes could not be higher. It's a competition between the world's leading constitutional democracy and the world's leading authoritarian power. While this contest between the U.S. and China is a global one, it's most acute in Taiwan where the free people there are confronting the very real prospect of military aggression by the Chinese Communist Party. Indeed, if there is to be a war between the United States and China, many expect that it would begin in the Taiwan Strait. To help illustrate why Taiwan matters and exactly what steps the U.S. must take to defend Taipei and counter Beijing, guest host Bradley Bowman — senior director of FDD's Center on Military and Political Power — is joined by top experts RADM (Ret) Mark Montgomery and Elbridge Colby. RADM (Ret) Mark Montgomery is the senior director of FDD's Center on Cyber and Technology Innovation. After his 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, Mark served as the policy director for the Senate Armed Services Committee under the leadership of Senator John McCain and later as the executive director of the Cyberspace Solarium Commission. Elbridge Colby is the Former Deputy Assistant Secretary of Defense for Strategy and Force Development, and he spearheaded the development of the 2018 National Defense Strategy. His recent book “The Strategy of Denial: American Defense in an Age of Great Power Conflict” extensively and expertly details the China threat — and what the U.S. response should be.

On this week's Cyber Report, Dr. Jim Lewis, the director of the Strategic Technologies Program at the Center for Strategic and International Studies, and Rear Adm. Mark Montgomery, USN Ret., the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies and a Cyberspace Solarium Commission senior advisor, review key cyber events in 2022 and what to expect through the end of the year with Defense & Aerospace Report Editor Vago Muradian.

On this week's Cyber Report, sponsored by Fortress Information Security, Rear Adm. Mark Montgomery, USN Ret., the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies who is also a senior adviser on the bipartisan Cyberspace Solarium Commission, discusses cyber-related appropriations as well as House and Senate budget markups with a roundup of key service-specific moves; and Heather Penney, a senior resident fellow at the Mitchell Institute for Aerospace Studies, discusses why it's so important to get operators and technical personal on the same page when it comes to cyber and artificial intelligence with Defense & Aerospace Report Editor Vago Muradian. Northrop Grumman also support our cyber coverage overall.

On this week's Cyber Report, sponsored by Fortress Information Technology, Rear Adm. Mark Montgomery, USN Ret., the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies and a senior adviser on the bipartisan Cyberspace Solarium Commission, discusses the new commission report he co-authored with Laura Bate — “Workforce Development Agenda for the National Cyber Director” — why the market hasn't addressed the need for federal cyber talent, capabilities needed for the future, and how to improve recruiting, training, education and retention; and Betsy Soehren Jones, Fortress Information Security's chief operating officer, and Tobias Whitney, the company's vice president for strategy and policy, discuss industry feedback for the Department of Homeland Security's Cybersecurity and Infrastructure Security Agency on software and hardware bill of materials — SBOMs and HBOMs — and how to improve the supply chain at the coding and component levels with Defense & Aerospace Report Editor Vago Muradian.

On today's episode of The Daily Scoop Podcast, a follow-on report to the Cyberspace Solarium Commission calls for a revamp of federal cyber hiring authorities. Federal Chief Information Officer Clare Martorana says a key element to providing better customer experience is meeting people where they are. Amanda Eamich, senior director of business development at Publicis Sapient and former director of web communications at the Department of Agriculture, says customer experience work at an agency is done across the entire organization. The General Services Administration and the Defense Innovation Unit will work together to speed up the introduction of new capabilities through non-traditional contractors. Tim Cooke, president and CEO of ASI Government and former senior economist with the Center for Naval Analyses, discusses speeding up the acquisition process across government. State Department Chief Information Security Officer Donna Bennett tells Scoop News Group's Wyatt Kash that data and security goes together while her agency builds out its zero-trust architecture. This interview is part of Scoop News Group's “Getting Ahead of the Adversaries” video campaign, underwritten by Trellix. The Daily Scoop Podcast is available every weekday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Google Podcasts, Spotify and Stitcher. And if you like what you hear, please let us know in the comments.

On this week's Cyber Report, sponsored by Fortress Information Security, Suzanne Spaulding, the former cyber director at the Department of Homeland Security during the Obama administration who is now at the Center for Strategic and International Studies and a member of the Cyberspace Solarium Commission, discusses the Biden administration's efforts to improve cyber security and what more should be done, Russian cyber operations in the wake of Moscow's invasion of Ukraine, issues the second Cyberspace Solarium Commission will address, improving operational technology vulnerabilities, and the importance of better cyber defenses for the nation's court systems; and Andrea Schaumann of Fortress discusses the technological, operational and business cyber concerns regarding unmanned systems and how to address them with Defense & Aerospace Report Editor Vago Muradian.

On this week's Cyber Report, sponsored by Fortress Information Security, Suzanne Spaulding, the former cyber director at the Department of Homeland Security during the Obama administration who is now at the Center for Strategic and International Studies and a member of the Cyberspace Solarium Commission, discusses the Biden administration's efforts to improve cyber security and what more should be done, Russian cyber operations in the wake of Moscow's invasion of Ukraine, issues the second Cyberspace Solarium Commission will address, improving operational technology vulnerabilities, and the importance of better cyber defenses for the nation's court systems; and Andrea Schaumann of Fortress discusses the technological, operational and business cyber concerns regarding unmanned systems and how to address them with Defense & Aerospace Report Editor Vago Muradian.

On this week's Cyber Report, sponsored by Fortress Information Security, Fortress' John Cofrancesco on cyber attack on Russia's Gazprom, how increasingly effective US defensive and offensive capabilities may lead of complacency across industry-government-public, and whether cyber defenders are improving their agility; and Rear Adm. Mark Montgomery, USN Ret., the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies who is also a senior adviser on the bipartisan Cyberspace Solarium Commission, discusses cyber elements of key legislations like the Competes-USICA, cyber spending priorities in Biden administration's 2023 budget request, military service J-book cyber details and the White House move to rewrite elements of National Security Presidential Memorandum 13 with Defense & Aerospace Report Editor Vago Muradian.

Photo:  Odessa opera house advertisement, Transnistria Times #Ukraine: The campaign to capture Odessa by sea and land. RADM Mark Montgomery,USN (ret) @MarkCMontgomery  @FDD, Executive Director at the U.S. Cyberspace Solarium Commission; Senior Fellow, Foundation for the Defense of Democracies; https://nationalinterest.org/blog/buzz/russia-strikes-strategic-black-sea-port-city-odessa-201637