Podcasts about infrastructure security agency

This week we are joined by Dr. Renée Burton, Vice President of Infoblox Threat Intel, discussing "Parked Domains and Direct Search: An Underreported Security Risk." Parked domains are no longer harmless ad pages — new research finds that in today's “direct search” or zero-click parking ecosystem, more than 90% of visits to certain parked lookalike domains lead to scams, malware, or deceptive content, often hidden behind layers of traffic distribution systems and device fingerprinting. The report details three previously unpublished domain portfolio actors who weaponize typosquatting, DNS manipulation — including rare “double fast flux” techniques highlighted in a 2025 advisory from Cybersecurity and Infrastructure Security Agency — and even misconfigured name server records to evade detection and funnel real users toward malicious advertisers. Beyond malvertising, some parked lookalike domains collect misdirected email, fuel business email compromise, and exploit outdated links — including those surfaced by generative AI — underscoring how a simple typo can expose users and enterprises to significant risk. The research can be found here: Parked Domains Become Weapons with Direct Search Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices

This week we are joined by Dr. Renée Burton, Vice President of Infoblox Threat Intel, discussing "Parked Domains and Direct Search: An Underreported Security Risk." Parked domains are no longer harmless ad pages — new research finds that in today's “direct search” or zero-click parking ecosystem, more than 90% of visits to certain parked lookalike domains lead to scams, malware, or deceptive content, often hidden behind layers of traffic distribution systems and device fingerprinting. The report details three previously unpublished domain portfolio actors who weaponize typosquatting, DNS manipulation — including rare “double fast flux” techniques highlighted in a 2025 advisory from Cybersecurity and Infrastructure Security Agency — and even misconfigured name server records to evade detection and funnel real users toward malicious advertisers. Beyond malvertising, some parked lookalike domains collect misdirected email, fuel business email compromise, and exploit outdated links — including those surfaced by generative AI — underscoring how a simple typo can expose users and enterprises to significant risk. The research can be found here: Parked Domains Become Weapons with Direct Search Advertising Learn more about your ad choices. Visit megaphone.fm/adchoices

There is a question that sounds almost embarrassingly simple. After a vulnerability is discovered in a piece of widely used software — something like Log4Shell, which shook the security world and left hundreds of thousands of organizations exposed overnight — the question organizations scrambled to answer was this: where is this code, and what does it touch? Most couldn't answer it. Not the Fortune 500 companies. Not the government agencies. Not the critical infrastructure operators. Not the hospitals or the banks or the utilities. They had built and bought mountains of software over years and decades, and when the moment came to understand what was actually inside it, they were effectively blind. That gap is exactly what Daniel Bardenstein set out to close when he co-founded Manifest Cyber in 2023. And in a conversation on ITSPmagazine's Brand Highlight series, he made a case for technology transparency that is hard to argue with — not because it's technically complex, but because the analogy he draws is so strikingly obvious once you hear it. "If you want to buy a house, you get to go inside the house, do the home inspection," he said. "You want to buy food from the grocery store — you can look at the ingredients. Even our clothes tell you what they're made of, how to care for them, and where they're from." But software? The technology running hospital MRI machines, weapon systems, financial infrastructure, water delivery? No transparency required. No ingredient label. No inspection rights. Just trust. That trust, as Log4Shell demonstrated, is a vulnerability in itself. Bardenstein came to this problem with credentials that few founders in the space can claim. Before starting Manifest, he spent four and a half years in the US government leading large-scale cyber programs and serving as technology strategy lead at CISA — the Cybersecurity and Infrastructure Security Agency. He saw firsthand how defenders are perpetually at a disadvantage, operating without the basic visibility they need to do their jobs. His mission became building the tools to change that. The problem, he's quick to point out, has not improved in the years since Log4Shell. Software supply chain attacks have multiplied — XZ Utils, NPM Polyfill, and others following the same pattern: trusted software becomes the attack vector, and it spreads fast. Meanwhile, most security teams are still operating with SCA tools that generate noisy, overwhelming alerts and vendor risk programs built on Excel spreadsheets and questionnaires rather than actual empirical data about the security of what they're buying. "Security teams have a false sense of security," Bardenstein said. The gap between what organizations think they know and what they actually know about their software supply chains remains dangerously wide. Manifest Cyber addresses this across the full lifecycle. For organizations that build software, the platform maps every open source dependency, assesses it for risk, and ensures developers can write more secure code without losing velocity. For organizations that buy software — which is everyone — it finds risks before procurement, then continuously monitors every third party component so that when something breaks, they know the blast radius in seconds, not weeks. The timing matters. Regulation is catching up to the problem. The EU AI Act, the Cyber Resilience Act, and a growing body of global policy are beginning to demand exactly the kind of software supply chain transparency that Manifest is built to provide. Organizations that wait to build this capability will find themselves scrambling to comply — those that build it in now will have it as a competitive advantage. The ingredient label for software has always been missing. Manifest Cyber is writing it. ________________________________________________________________ Marco Ciappelli interviews Daniel Bardenstein, CEO & Co-Founder of Manifest Cyber, for ITSPmagazine's Brand Highlight series. HOST Marco Ciappelli — Co-Founder & CMO, ITSPmagazine | Journalist, Writer & Branding Advisor

In this week's Security Sprint, Dave and Andy covered the following topics:Opening:• Tribal-ISAC and WaterISAC events!• Check out our newest webpage and our new blog post, kicking off this new Gate 15 blog series!• AI Threat Landscape: Fact vs. Fiction As We Start 2026• AI Threats Resilience, a new Gate 15 service page outlines a suite of AI threat informed workshops and tabletop exercises designed to help organizations understand AI driven risks, clarify ownership of AI exposure and rehearse response to AI enabled incidents. • TLP: CLEAR – WaterISAC Top Actions to Enhance Your Utility's Cybersecurity • (TLP:CLEAR) WaterISAC – TOP ACTIONS to Enhance Your Utility's Physical Security • Cyber Incident Reporting for Critical Infrastructure Act of 2022 (CIRCIA) – Cybersecurity and Infrastructure Security Agency – 18 Feb 2026: CISA posted an update stating that due to a lapse in DHS appropriations it may be unable to hold scheduled CIRCIA Town Halls and will not conduct meetings during any lapse in appropriations. Main Topics:Cyber Resilience: An Incident Doesn't Have to Be a Crisis Binary Defense, 19 Feb 2026. This blog reframes security operations around limiting business impact instead of chasing security perfection, noting that incidents are inevitable in complex enterprises and that the true differentiator is whether they escalate into crises. • The ENISA Cybersecurity Exercise Methodology ENISA | 16 Feb 2026 & ENISA publishes Cybersecurity Exercise Methodology to guide and standardize EU cybersecurity exercises) • Information Sharing – U.S. Legal and Regulatory Guidance – Health ISAC – 18 Feb 2026• Businesses urged to ‘lock the door' on cyber criminals as new government campaign launches – UK Government, 19 Feb 2026Violence & Extremism • Man Targets DHS Building With Stolen Ambulance In Attempted Arson Attack Source: The Daily Wire, 19 Feb 2026 • Armed man shot and killed after "unauthorized entry" into Mar-a-Lago perimeter, Secret Service says — CBS News, 22 Feb 2026• Mar-a-Lago Gunman Was Reportedly ‘Fixated' on Epstein Files and Believed There Was a Trump Government Cover-Up • USCP Officers Stop & Arrest Man with Loaded Shotgun Outside the U.S. Capitol — United States Capitol Police — 17 Feb 2026• FBI Albany, in Coordination with Nevada and New York Law Enforcement Partners, Investigating Vehicle Ramming at Electrical Substation in Nevada — FBI, 20 Feb 2026Quick Hits:• Launched: 9th Annual Dragos OT Cybersecurity Year in Review Dragos — 17 Feb 2026 • Significant Rise in Ransomware Attacks Targeting Industrial Organizations)• 3 Threat Groups Started Targeting ICS/OT in 2025: Dragos • CISA: Recently patched RoundCube flaws now exploited in attacks — BleepingComputer, 23 Feb 2026• CISA Adds Two Known Exploited Vulnerabilities to Catalog (RoundCube)• Government of Canada Alerts & Advisories: Roundcube security advisory (AV25-309) - Update 1 • CISA: BeyondTrust RCE flaw now exploited in ransomware attacks — Bleeping Computer, 20 Feb 2026 • 90% of Ransomware Incidents Exploit Firewalls • Ransomware Groups Shift Targets Mid-Sized Businesses Enterprise Defenses Harden, Research Shows • Searchlight Cyber Report: Ransomware Groups Claimed Record Number of Victims in 2025 with 30% Annual Increase — Searchlight Cyber — 17 Feb 2026• Securin 2025 Ransomware Report Finds AI Accelerating, Not Replacing, Human-Led Attacks • Record Number of Ransomware Victims and Groups in 2025 • Arctic Wolf Threat Report Highlights 11x Growth in Data Extortion Incidents and Continued Dominance of Ransomware Arctic Wolf | 17 Feb 2026 • 2026 Unit 42 Global Incident Response Report — Attacks Now 4x Faster Palo Alto Networks | 17 Feb 2026 • Blizzard slams Northeast with heavy snow and powerful winds • East Coast Blizzard Halts Travel, Cancels 8,000 Flights • El Nino is brewing: Here's what it means for U.S. weather in 2026

Send a textLast December the Cybersecurity and Infrastructure Security Agency, or CISA, issued an advisory warning manufacturers, operators of critical infrastructure, and really anybody associated with industrial control systems about the threats being presented by pro-Russian hacktivist groups.The advisory, issued in conjunction with numerous federal and international agencies, called out groups like the Cyber Army of Russia Reborn (CARR), Z-Pentest, NoName057 and Sector16 for taking advantage of insecure connection points and other vulnerabilities that allowed these state-sponsored actors to infiltrate, shut down, and ransom their targets in the United States.Historically, many manufacturers would find it hard to believe that their mid-size business in the heartland of America would be on the radar of foreign terrorist groups, but as our guest for today's episode explains, that is exactly the case.Will Dixon is a senior executive of Government & Law Enforcement at Intel 471 – a leading authority on the OT threat landscape. Watch/listen as he explains:How these group's initial plans to disrupt water treatment and other critical infrastructure has evolved into the strategic targeting of the U.S. manufacturing sector.Why hacktivist no longer applies to these "strategically aligned state groups."Why AI will not be as impactful for either side as many think.How these groups are part of Russia's bigger plans against the West.The important role vendors and suppliers can play in establishing cyber defenses.The ongoing challenges of breaking down IT-OT silos, and how hackers are using this dynamic against you.As a go-to podcast for our listeners, we want to help you align your brand with our expertise. By sponsoring our podcast, your brand will build trust, and your message will stand out to an audience searching for tools to assist their cybersecurity efforts. Click Here to Become a Sponsor.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, you can reach me at jeff@ien.com.

U.S. Immigration and Customs Enforcement's top official rejected claims from lawmakers Tuesday that the Department of Homeland Security component is building a database for protesters. The alleged detractor database has been referenced in several reports by think tanks, letters to DHS officials from lawmakers and in interviews with border czar Tom Homan. During Tuesday's House Homeland Security Committee hearing, Rep. Lou Correa, D-Calif., cited a well-circulated clip of an ICE agent in Portland, Maine, telling a person videotaping that she would be added to a “nice little database.” “I can't speak for that individual,” said Todd Lyons, who serves as acting director of ICE. “But I can assure you that there is no database that's tracking United States citizens.” Despite Lyons' pushback on the database claims, skepticism is persistent as stakeholders point to reports to the contrary. FedScoop reached out to DHS for clarification. Tricia McLaughlin, the agency's assistant security for public affairs, reaffirmed that there is no database of domestic terrorists run by DHS. “We do of course monitor and investigate and refer all threats, assaults and obstruction of our officers to the appropriate law enforcement,” McLaughlin said in an email. “Obstructing and assaulting law enforcement is a felony and a federal crime.” A recent attempt at a destructive cyberattack on Poland's power grid has prompted the Cybersecurity and Infrastructure Security Agency to publish a warning for U.S. critical infrastructure owners and operators. Tuesday's alert follows a Jan. 30 report from Poland's Computer Emergency Response Team concluded the December attack overlapped significantly with infrastructure used by a Russian government-linked hacking group, and that it targeted 30 wind and photovoltaic farms, among others. CISA said its warning was meant to “amplify” that Polish report. In particular, CISA said the attack highlighted the threats to operational technology and industrial control systems, most commonly used in the energy and manufacturing sectors. And CISA's alert continues a recent agency focus on securing edge devices like routers or firewalls, after a binding operational directive last week to federal agencies to strip unsupported products from their systems. “The malicious cyber activity highlights the need for critical infrastructure entities with vulnerable edge devices to act now to strengthen their cybersecurity posture against cyber threat activities targeting OT and ICS,” the alert reads. CISA urged owners and operators to review the Polish report, as well as security guidance from other U.S. agencies. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Senator Ron Wyden is pledging to keep his hold on the nominee to lead the Cybersecurity and Infrastructure Security Agency. Wyden says he will continue to object to Sean Plankey's nomination until CISA releases a 2022 report on security flaws in the U.S. telecommunications system. Wyden previously held up Plankey's nomination for much of last year over the same issue. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

The Office of Personnel Management finalized a new classification Thursday for career federal workers in policy-related roles that will effectively make them easier to terminate. The new “Schedule Policy/Career” creates an administrative category for nonpolitical “career” federal employees who work in roles that are defined as influencing policy. Workers added to that classification will be converted to “at-will” employees and will no longer be eligible for adverse action procedures or the ability to appeal terminations. Roughly 50,000 employees will be subject to the change, per an estimate in the final rule. Despite the administration's assertion that the new schedule is for “accountability” and will not be subject to political loyalty tests, federal employee advocates have long argued the policy is a thinly veiled attempt to strip career employees of safeguards in an effort to replace them with workers who are politically aligned with the president. The announcement from OPM on Thursday stated that the final rule explicitly does not allow discrimination based on politics, prohibits use of the new schedule to reshape the workforce or conduct mass layoffs, and would protect whistleblowers. OPM also stated that it would take on a role to review agency actions to ensure they are compliant. A Cybersecurity and Infrastructure Security Agency order published Thursday directs federal agencies to stop using “edge devices” like firewalls and routers that their manufacturers no longer support. It's a stab at tackling one of the most persistent and difficult-to-manage avenues of attack for hackers, a vector that has factored into some of the most consequential and most common types of exploits in recent years. New edge-device vulnerabilities surface frequently. Under the binding operational directive CISA released Thursday, federal civilian executive branch (FCEB) agencies must inventory edge devices in their systems that vendors no longer support within three months, and replace those on a dedicated list with supported devices within one year. To aid agencies in following the directive, CISA is producing a list of end-of-service edge devices. CISA developed the directive in conjunction with the Office of Management and Budget, and puts a bit more muscle behind a decade-old OMB circular on agencies phasing out unsupported technologies. Despite being called “binding operational directives,” CISA has no authority to mandate that agencies carry out the orders — although agencies have demonstrated they usually seek to follow them, and there are ways that CISA can work to ensure compliance. The private sector pays attention to CISA's directives even though they don't apply to companies. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

After leaving her role performing the duties of the chief information officer for the Department of Defense last month, Katie Arrington has taken a new position as CIO at quantum computing company IonQ. Arrington will step into the role Jan. 19, reporting to the company's COO and CFO Inder Singh, IonQ announced Wednesday. Kirsten Davies was nominated by President Donald Trump in May 2025 to be the Defense Department CIO, and it took most of the remainder of 2025 for the Senate to confirm her into the role. She was sworn in just before the Christmas holiday, at which point Arrington stepped away from her service to the Pentagon. In joining IonQ, Arrington will serve on the company's executive team. As CIO, Arrington will continue to support the U.S. military from a different vantage, leading modernization and security of IonQ's enterprise systems in support of its mission to deliver quantum capabilities to American warfighters. Before rejoining the Pentagon a year ago, then as deputy CIO for cybersecurity, Arrington had a previous stint as CISO in the Office of the Undersecretary of Defense for Acquisition and Sustainment, where she was largely responsible for the development of the Cybersecurity Maturity Model Certification (CMMC) program. Now: President Donald Trump re-nominated Sean Plankey to lead the Cybersecurity and Infrastructure Security Agency on Tuesday, after Plankey's bid for the position ended last year stuck in the Senate. It's not clear whether or how Plankey's resubmitted nomination will overcome the hurdles that left many observers convinced his chance of becoming CISA director had likely ended, but it does definitively signal that the Trump administration still wants Plankey to have the job. Plankey's nomination was included in a batch sent to the Senate announced on Tuesday. CISA spent all of 2025 under Trump without a permanent director. Trump nominated Plankey, who held a couple cybersecurity roles in the first Trump administration, to lead CISA in March. He got a Senate Homeland Security and Governmental Affairs Committee hearing in July, then won approval from that panel that same month. But Sen. Rick Scott, R-Fla., had placed a hold on Plankey's nomination over a Coast Guard contract that the Homeland Security Department had canceled in part. While he awaited confirmation, Plankey had been serving as a senior adviser to the secretary for the Coast Guard. A spokesperson for Scott did not immediately respond to a request for comment. North Carolina's GOP Senate delegation also had placed holds on DHS nominees related to disaster aid to their state. Sen. Thom Tillis, R-N.C., said last week that the holds would remain until Secretary Kristi Noem appeared before the Senate Judiciary Committee. A White House official had denied reports that Plankey's nomination was all but over last year. “President Trump has been clear that he wants all of his nominees confirmed as quickly as possible, including Sean Plankey, who will play a key role in ensuring a strong cyber defense infrastructure,” the official told CyberScoop. Asked Wednesday at the Surface Navy Association national symposium about what he was doing to convince senators to lift their holds, Plankey answered, “The administration, the White House has to say that this is a priority of us.” The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

It's been nearly a full year since the Cybersecurity and Infrastructure Security Agency has had a Senate-confirmed director. Cyber experts say the leadership void is preventing CISA from moving forward on key cybersecurity issues. For more, Federal News Network's Justin Doubleday is here.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Microsoft and the US Cybersecurity and Infrastructure Security Agency have issued an urgent call to patch a Windows vulnerability, CVE-2026-20805, which is currently being exploited and allows attackers to leak memory addresses that could lead to code execution. CISA has added the flaw to its Known Exploited Vulnerabilities catalog, requiring federal agencies to apply the fix by February 3. The vulnerability is part of a January security update that addresses 112 Microsoft issues, including a Secure Boot certificate expiration problem and an elevation of privilege flaw in Agere Modem drivers. Security experts recommend immediate patching and reviewing Secure Boot certificates to maintain protection.Learn more on this news by visiting us at: https://greyjournal.net/news/ Hosted on Acast. See acast.com/privacy for more information.

The Cybersecurity and Infrastructure Security Agency doesn't want to leave companies hanging when they reach out with a bold new innovation or tech development. So CISA this month unveiled its “Industry Engagement Platform,” where people can sign up to communicate directly with agency officials. For more on the new platform, Federal News Network's Justin Doubleday spoke with the chief information officer at CISA, Bob Costello.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

One of the most important cybersecurity laws in the country quietly expired last October with no sign of reauthorization on the horizon. Instead, the conflation between the 2015 Cybersecurity Information Sharing Act and the Cybersecurity and Infrastructure Security Agency has led to a political standstill that will only have negative impacts on American cybersecurity. What implications will not reauthorizing CISA 2015 have on national security? And how much risk are we taking on by letting protections for information sharing between the private sector and the government lapse?In this episode, Shane Tews is joined by Caitlin Clarke, Cristin Flynn Goodwin, and James Andrew Lewis. In this conversation, they unpack how confusion between the 2015 information-sharing law and the Cybersecurity and Infrastructure Security Agency (CISA) makes Americans vulnerable to foreign cyberattacks, how rescinded liability and FOIA protections are already slowing down cyber defense, and why speed matters more than ever as AI accelerates malicious actors.

Rep. Marjorie Taylor Greene of Georgia announced Friday she will resign from Congress and that her last day will be in January. CBS News' Nikole Killion has the latest. Chris Krebs, former director of the Cybersecurity and Infrastructure Security Agency, joins "CBS Mornings" to discuss his new Masterclass and share ways people can protect themselves from online scams, identity theft and deepfakes. Consumers are expected to spend more than $1 trillion this year on holiday shopping, according to the National Retail Federation. In an exclusive interview, Gap Inc.​​ CEO Richard Dickson talks about how he's preparing for the road ahead as shoppers remain anxious about the economy. Beloved father-son triathletes Jeff and Johnny Agar are getting back in the saddle months after Jeff faced a near-fatal diagnosis. In June, at just 62 years old, Jeff underwent triple bypass surgery. David Begnaud has more on the story for his series "Beg-Knows America." Gotham FC players Rose LaVelle and Emily Sonnett join "CBS Mornings" to talk about their tense NWSL championship game against the Washington Spirit, and LaVelle's game-winning goal in the 80th minute that secured the trophy on Saturday. Solo diners are fleeing to the Bayonet seafood restaurant in Birmingham, Alabama, as the restaurant caters to the "party of one." CBS News' Jan Crawford scored a seat at the joint, and spoke to chef Rob McDaniel about the experience for our series "The Dish." To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices

In this week's Security Sprint, Dave and Andy covered the following topics:Warm Open:• Happy Birthday to CISA! The Cybersecurity and Infrastructure Security Agency turned seven on Sunday. • Government funding bill temporarily revives cybersecurity information-sharing law• The Gate 15 Interview EP 64: Cody Barrow, CEO, EclecticlQ. “Nothing in cyber happens without a reason.”• Faith-Based (U.S.): FB-ISAO Newsletter, v7, Issue 10Main Topics:Cybersecurity!• OWASP Top Ten. Welcome to the 8th installment of the OWASP Top Ten! • ASD: Annual Cyber Threat Report 2024-2025• Checkout.com: Protecting Our Merchants: Standing Up to Extortion: “We will not be extorted by criminals. We will not pay this ransom.” Holidays & Hostile Events!• Europol: 10 years on: remembering the victims of the 13 November terrorist attack in Paris• DOJ: New Jersey Man Charged with Cyberstalking in Connection with Violent Network ‘764'• Indiana Republican called out by Trump on redistricting is swatted• Marjorie Taylor Greene Says She Received Pipe Bomb Threat: What We Know• Terror plot arrests reveal ‘more dangerous' online pathway to ISIS radicalization in America• Suspects charged in alleged Michigan Halloween terror plot eyed attack on Chicago Pride Parade: Docs • Racists are now openly targeting Indian Americans• Is left-wing terrorism returning? Quick Hits:• Blended Threats! Risky Biz News - German TV station hacked: A cyberattack has disrupted the broadcast of German radio station Radio Nordseewelle. Hardware components were damaged in the attack and had to be replaced. The broadcaster said it had to rebuild large parts of its IT network. The hack took place days after a similar incident crippled the transmission of Dutch radio and TV station RTV Noord. [Tarnkappe]

There are a lot of reasons why government shutdowns are harmful. The impact on the nation's cyber defenses is certainly one of those reasons, but it's also difficult to measure. We do know that significant percentages of cyber personnel are furloughed, including more than half the staff at the Cybersecurity and Infrastructure Security Agency. But for a deeper look at some of the less tangible impacts, we're joined now by Justin Miller. He's a former Secret Service special agent who specialized in cyber investigations – now an associate professor of cyber studies at the University of Tulsa.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Nearly two months after calling on the Office of Management and Budget to bar use of xAI's Grok chatbot in government, a coalition of advocacy groups is pressing its case further after the General Services Administration struck a deal with Elon Musk's AI company to deploy Grok across the federal government. In a letter sent Wednesday to OMB Director Russell Vought, the advocacy groups reiterated their concerns in the wake of the GSA OneGov deal, along with recent comments from Michael Kratsios, the director of the White House Office of Science and Technology Policy. “OMB is entrusted with ensuring that AI systems procured by the federal government meet the highest standards of truth-seeking, accuracy and neutrality,” the letter, led by Public Citizen, stated. “Grok has repeatedly demonstrated failures in these areas and Director Kratsios himself has confirmed that such behavior is the precise type that Executive Order 14319 was designed to prevent.” The letter refers to an executive order signed by President Donald Trump in July that seeks to prevent “woke AI,” or ideological biases in models that are used by the federal government. The groups argued in their August letter to Vought that the use of Grok contradicts this order, given its past controversies with spewing antisemitic and pro-Hitler content. Weeks after the letter was sent, GSA inked a deal with xAI to offer Grok models to the government for a nominal cost. Under the deal, federal agencies can buy Grok 4 and Grok 4 Fast for 42 cents until March 2027. The White House appears to be moving forward with plans to redesign federal government websites, registering a new government domain — techforce.gov — this week. The new URL, which was first discovered Thursday by a bot tracking new government domains, leads to a sign-in page that states “National Design Studio” and “Tech Force” at the top. It includes a form for users to submit their email and receive a code to access the website. Records maintained by the Cybersecurity and Infrastructure Security Agency show the domain was registered Oct. 24 and last changed Wednesday. The domain registration comes more than two months after President Donald Trump signed an executive order launching an “America by Design” initiative focused on both digital and physical spaces. A new National Design Studio and chief design officer will lead the initiative and coordinate agency actions. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Water systems—once considered too small or obscure to be hacked—are now squarely in the crosshairs of cyber actors. In recent months, Bluefield Research has tracked a surge of cyber activity targeting water and wastewater utilities around the world, from the U.S. Cybersecurity and Infrastructure Security Agency's (CISA) release of 32 new control system advisories to Poland's launch of a national cybersecurity framework for water utilities. In this episode of The Future of Water, Bluefield's Barcelona-based Maria Cardenal and Boston-based Leigh Ramsey join host Reese Tisdale to unpack one of the most pressing—and overlooked—threats facing the water sector: cybersecurity. Our water experts explore where these threats are emerging, how utilities are responding, and what the next phase of digital resilience looks like. Key discussion points include: What's really at stake when critical infrastructure is under attack The biggest vulnerabilities in today's water systems—from legacy hardware to weak IT–OT segmentation Real-world examples from the U.S., Norway, and Poland that show how cyberattacks on operational assets are evolving How governments are responding—including Poland's US$1.1 billion cybersecurity initiative for water and wastewater systems How smaller utilities are managing cybersecurity with limited resources The role of new regulations—from the EU's NIS2 Directive to state-level initiatives in the U.S. Why cybersecurity must become part of asset management and workforce training, not an afterthought If you enjoy listening to The Future of Water Podcast, please tell a friend or colleague, and if you haven't already, please click to follow this podcast wherever you listen. If you'd like to be informed of water market news, trends, perspectives and analysis from Bluefield Research, subscribe to Waterline, our weekly newsletter published each Wednesday. Related Research & Analysis: Poland Strengthens Cybersecurity in the Water Sector Cybersecurity Alerts Highlight Water HMI Vulnerabilities

Federal cyber authorities issued an emergency directive last week requiring federal agencies to identify and apply security updates to F5 devices after the cybersecurity vendor said a nation-state attacker had long-term, persistent access to its systems. The order, which mandates federal civilian executive branch agencies take action by Wednesday, Oct. 22, marked the second emergency directive issued by the Cybersecurity and Infrastructure Security Agency in three weeks. CISA issued both of the emergency directives months after impacted vendors were first made aware of attacks on their internal systems or products. F5 said it first learned of unauthorized access to its systems Aug. 9, resulting in data theft including segments of BIG-IP source code and details on vulnerabilities the company was addressing internally at the time. CISA declined to say when F5 first alerted the agency to the intrusion. CISA officials said they're not currently aware of any federal agencies that have been compromised, but similar to the emergency directive issued following an attack spree involving zero-day vulnerabilities affecting Cisco firewalls, they expect the response and mitigation efforts to provide a better understanding of the scope of any potential compromise in federal networks. Many federal agencies and private organizations could be impacted. CISA said there are thousands of F5 product types in use across executive branch agencies. Sens. Maria Cantwell, D-Wash., and Ted Cruz, R-Texas, moved to mandate comprehensive new safety reviews for all aircraft operations near DCA and at all major and mid-size U.S. airports, in a new bipartisan agreement that would also require fleets across the nation to be equipped with more precise situational awareness technology. Their proposal aims to resolve safety issues identified by the federal investigation into the tragic crash in January, where an Army UH-60M Black Hawk helicopter fatally collided with an American Airlines passenger plane over the Potomac River near Ronald Reagan Washington National Airport. All 67 people aboard both aircraft were killed in the collision. In a statement on Thursday, Tim and Sheri Lilley — whose son was the first officer onboard that AA Flight 5342 — called on Congress “to continue moving quickly and decisively to pass and fully implement these reforms, because every person who boards an aircraft depends on it.” The 42-page Cantwell-Cruz Bipartisan Aviation Safety Agreement combines elements of legislation the lawmakers previously put forward separately in the months after the fatal collision. It includes language that directs every military service with an aviation component to sign a memorandum of understanding with the Federal Aviation Administration to share appropriate safety information and expand coordination to prevent future accidents. Another safety failure that came to light in the wake of the crash was associated with the Army Black Hawk helicopter not transmitting via Automatic Dependent Surveillance–Broadcast (ADS-B) technology, which essentially enables aircraft to receive data and information about other systems, weather and traffic — delivered directly in the cockpit. The senators' proposal would set a clear 2031 deadline for aircraft operators to equip their fleets with the full package of ADS-B capabilities. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

This week on The Necessary Conversation, it's just Chad, Haley and Mary Lou. Bob's resting. But we break down another wild week in America under Trump's second term.

Federal agencies' latest status updates on how they're using artificial intelligence reveal persistent barriers and variability on where agencies stand with ”high-impact” use cases. The release of the 2025 AI compliance plans offers one of the first in-depth glimpses at how federal agencies are addressing issues of AI risk management, technical capacity and workforce readiness under the second Trump administration. Those documents, which were required under the Trump administration's AI governance memo to agencies, were supposed to be released publicly by Sept. 30. As of publication time, FedScoop located roughly 20 plans and 14 strategies across 22 agencies. For nine of the roughly two dozen Chief Financial Officers Act agencies, FedScoop was unable to find either a plan or a strategy. The U.S. Department of Agriculture and the Nuclear Regulatory Commission, meanwhile, produced only strategies. FedScoop and DefenseScoop attempted to contact the CFO Act agencies that didn't produce both documents, but the agencies either didn't respond or didn't provide the documents. Two of those agencies, NASA and the Justice Department, noted the government shutdown in their responses, and both the DOJ and Department of Defense indicated they were working to post at a later date. Agencies were also required to submit AI strategies for the first time this year. Those documents contain some of the same information as the compliance documents, including plans to train the workforce, examples of use cases, and systems for governance. The compliance plans, meanwhile, which are in their second year, have changed only slightly from their previous iterations, with some agencies showing progress on their implementation of the technology and risk management practices. A top Senate Democrat introduced legislation Thursday to extend and rename an expired information-sharing law, and make it retroactive to cover the lapse that began Oct. 1. Michigan Sen. Gary Peters, the ranking member of the Homeland Security and Governmental Affairs Committee, introduced the Protecting America from Cyber Threats (PACT) Act, to replace the expired Cybersecurity and Information Sharing Act of 2015 (CISA 2015) that has provided liability protections for organizations that share cyber threat data with each other and the federal government. Industry groups and cyber professionals have called those protections vital, sometimes describing the 2015 law as the most successful cyber legislation ever passed. The 2015 law shares an acronym with the Cybersecurity and Infrastructure Security Agency, which some Republicans — including the chairman of Peters' panel, Rand Paul of Kentucky — have accused of engaging in social media censorship. As CISA 2015 has lapsed and Peters has tried to renew it, “some people think that's a reauthorization of the agency,” Peters told reporters Thursday in explaining the new bill name. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The Senate Commerce Committee investigates the Cybersecurity and Infrastructure Security Agency for allegedly pressuring tech companies like Facebook to take down posts that were flagged as misinformation. Learn more about your ad choices. Visit podcastchoices.com/adchoices

The White House Office of Management and Budget is instructing agencies to consider reducing staff for programs that have a lapse in funding in the event of a government shutdown, as tensions rise ahead of the Sept. 30 end to the fiscal year. “With respect to those Federal programs whose funding would lapse and which are otherwise unfunded, such programs are no longer statutorily required to be carried out,” the undated message said. The guidance goes on to say that consistent with applicable law, including a federal reduction in force statute, agencies are directed to use this opportunity to consider RIF notices for employees working in projects, programs or activities that have a funding lapse on Oct.1, don't have another source of funding, and are not consistent with President Donald Trump's priorities. The project, program or activity must meet all three criteria, the message said. The message places blame for a possible shutdown squarely on congressional Democrats, calling their demands “insane.” The OMB message explains that the One Big Beautiful Bill Act, legislation passed earlier this year that is at the heart of Trump's second-term agenda, provided “ample resources to ensure that many core Trump Administration priorities will continue uninterrupted.” Federal cyber authorities sounded a rare alarm last week, issuing an emergency directive about an ongoing and widespread attack spree involving actively exploited zero-day vulnerabilities affecting Cisco firewalls. Cisco said it began investigating attacks on multiple government agencies linked to the state-sponsored campaign in May. The vendor, which attributes the attacks to the same threat group behind an early 2024 campaign targeting Cisco devices it dubbed “ArcaneDoor,” said the new zero-days were exploited to “implant malware, execute commands, and potentially exfiltrate data from the compromised devices.” Cisco disclosed three vulnerabilities affecting its Adaptive Security Appliances — CVE-2025-20333, CVE-2025-20363 and CVE-2025-20362 — but said “evidence collected strongly indicates CVE-2025-20333 and CVE-2025-20362 were used by the attacker in the current attack campaign.” The Cybersecurity and Infrastructure Security Agency said those two zero-days pose an “unacceptable risk” to federal agencies and require immediate action. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The Cybersecurity and Infrastructure Security Agency is ordering federal civilian agencies to take immediate action against a widespread hacking campaign targeting Cisco firewalls. The emergency directive was issued last Thursday in response to zero day vulnerabilities that hackers have been exploiting for quite some time. Federal News Network's Anastasia. Obis is here with more details. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Dr. Jim Lewis, a distinguished fellow with the Tech Policy Program at the Center for European Policy Analysis, and Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for Defense of Democracies as well as a Cyberspace Solarium Commission senior adviser, joins Defense & Aerospace Report Editor Vago Muradian to discuss Russia's recent cyber attacks on European airports as well as drone attacks and fighter incursions on NATO members; how allies must respond; outlook for TikTok in the United States; and reauthorization of the Cybersecurity and Infrastructure Security Agency.

The Department of Homeland Security failed to effectively implement a critical retention incentive program for cyber talent, according to a new report from the agency's inspector general, which found that federal funds meant for the Cybersecurity and Infrastructure Security Agency were used incorrectly. In 2015, the agency implemented the Cyber Incentive program. The goal, the inspector general said, was to provide extra incentives to employees that might otherwise leave the federal government. More than $100 million has been spent on the program in recent years. The program “was designed to help CISA retain mission-critical cybersecurity talent needed to execute its mission,” the report noted, and was meant to consider a series of qualifications to guide who received the retention benefit. The government hoped to keep in-demand technology experts in government. The watchdog wrote that “CISA's implementation of the program wasted taxpayer funds and invites the risk of attrition of cyber talent, thereby leaving CISA unable to adequately protect the Nation from cyber threats.” Instead of being targeted toward valuable talent likely to transition to the private sector, the payments were disbursed generally, with many ineligible employees receiving tens of thousands of dollars in payment. The Pentagon's chief information officer is undertaking yet another reform of the Defense Department's IT enterprise — this time focusing on streamlining its classified networks to enhance data sharing and interoperability. Katie Arrington, who is performing the duties of CIO, plans to introduce a new program dubbed “Mission Network-as-a-Service” that aims to reduce the number of disparate data fabrics used by combatant commands into a single, unified network. Speaking last week during the Billington Cybersecurity Summit, Arrington said the program will be key to realizing the department's vision for Combined Joint All-Domain Command and Control, or CJADC2. Broadly speaking, CJADC2 seeks to connect the U.S. military's sensors and weapons under a single network, enabling rapid data transfer between warfighting systems and domains. The Pentagon also wants to be able to quickly share relevant information with international partners and allies during conflicts, adding another layer of difficulty to realizing the construct. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The Cybersecurity and Infrastructure Security Agency is charting a new path forward for a widely used catalog of software vulnerabilities. Last week, CISA released a roadmap to guide the future of the common vulnerabilities and exposure program, and CISA's top cybersecurity official says the agency is committed to the future of the program Federal News Network's Justin Doubleday joins me with the latest.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

The Cybersecurity and Infrastructure Security Agency is warning about another China-linked cyber espionage campaign. In a joint advisory yesterday, CISA and partner agencies said Chinese state-sponsored actors are exploiting vulnerabilities in routers used by telecommunications providers and other infrastructure operators. They say the campaign's goal is to gain long-term access to critical infrastructure networks around the world. The advisory includes several recommendations to guard against the hacking spree. The threat groups highlighted in the advisory include Salt Typhoon and other advanced persistent threat actors. See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Two sophisticated ransomware groups, Akira and Lynx, are increasingly targeting managed service providers (MSPs) and small businesses by exploiting stolen credentials and vulnerabilities. Together, they have compromised over 365 organizations, with Akira targeting major firms like Hitachi Vantara and Lynx focusing on critical infrastructure, including a CBS affiliate in Chattanooga, Tennessee. Both groups utilize double extortion tactics, combining file encryption with data theft to pressure victims into paying ransoms. This shift in tactics highlights the evolving threat landscape for MSPs and small businesses.In response to the growing cybersecurity threats, the U.S. Cybersecurity and Infrastructure Security Agency has released Thorium, an open-source platform designed for malware and forensic analysis. Thorium can automate tasks and process over 10 million files per hour, empowering IT professionals without in-house malware analysis capabilities to conduct effective preliminary analyses. This tool aims to enhance cybersecurity operations and better manage risks associated with complex malware threats.Additionally, SonicWall has issued a warning to its customers to disable SSL Virtual Private Network (VPN) services due to active ransomware attacks targeting its systems. Meanwhile, Google's AI-powered bug hunter, Big Sleep, has identified 20 security vulnerabilities in popular open-source software, raising concerns about the reliability of AI-generated bug reports. A newly discovered prompt injection vulnerability in Google's Gemini AI chatbot poses serious security risks, enabling attackers to craft convincing phishing campaigns without relying on links or attachments.The podcast also discusses the alarming rise in cybersecurity incidents, particularly social engineering attacks, which have tripled in the first half of 2025. A report from Level Blue indicates that social engineering now accounts for 39% of initial access incidents, with fake CAPTCHA schemes rising dramatically. Furthermore, the report highlights the risks associated with unauthorized AI tool usage, revealing that 97% of organizations lack adequate access controls, exposing sensitive data to potential threats. This underscores the need for organizations to strengthen their defenses and educate users on emerging threats. Four things to know today00:00 Attackers Up Their Game: Ransomware Hits MSPs, SonicWall Vulnerable, and Google's AI Found Exploitable05:53 Social Engineering Surges as Shadow AI Breaches Drive Up Cyber Costs and Risk Exposure08:35 Neglected Tech, Rising Risk: Email and Printers Still Expose Businesses to Modern Threats11:04 From Ransomware to Retirements: Vendor Shifts Reveal Risks and Realignment in the IT Channel This is the Business of Tech.     Supported by:  https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/ Tell us about a newsletter! https://bit.ly/biztechnewsletter  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

The digital footprint left by DOGE in agency computer systems and IT networks would be thoroughly examined under legislation introduced Wednesday by a trio of Senate Democrats. The Pick Up After Your DOGE Act from Sens. Sheldon Whitehouse of Rhode Island, Ron Wyden of Oregon and Elizabeth Warren of Massachusetts would require the administrator of the Elon Musk-created tech collective to provide a full accounting to the U.S. comptroller general of all the agencies and IT systems that DOGE accessed. Those systems would then be subject to comprehensive performance and security audits. “The DOGE-boys have weaseled their way into Americans' most sensitive data systems, claiming to hunt ‘waste, fraud, and abuse,' while actually creating waste, fraud, and abuse. They're destroying Americans' trust in once-reliable government systems and could be hawking your stolen data to their friends in Big Tech and AI,” Whitehouse said in a press release. He added that the Pick Up After Your DOGE Act protects seniors and all Americans by fixing any bugs or backdoors that DOGE may have purposefully or negligently created in Social Security, Medicare, and other highly sensitive government data systems. The audit would be conducted by the Government Accountability Office, which has been bombarded with congressional requests to probe DOGE's agency IT dives since the beginning of the Trump administration. The United States Military Academy abruptly ended the appointment of Jen Easterly to a high-profile academic position in West Point's Department of Social Sciences, according to a memorandum issued Wednesday by the Secretary of the Army. On Tuesday, the academy announced that Easterly was named as the next Robert F. McDermott Distinguished Chair, a department position created in 1943 to bring a leading scholar, practitioner, or expert in the fields of social sciences — such as economics, political science, or international relations — to West Point. In a since-deleted LinkedIn post, the academy welcomed the former Cybersecurity and Infrastructure Security Agency director and academy alumnus after “an extraordinary career of service in the public and private sectors,” adding that her “unique perspective — combining military experience, advanced academic training, private sector innovation, and senior government service — makes her ideally suited to guide discussions on the critical issues facing our nation and the world.” After the announcement, far-right activist Laura Loomer suggested on X that Easterly should not be named to the position, due to her work under the Biden administration, allegedly with Nina Jankowicz, who served as the executive director of the Disinformation Governance Board of the United States. (Jankowicz later Wednesday posted on BlueSky that she had never worked with Easterly.) On Wednesday, Secretary of the Army Dan Driscoll announced in a post on X that the position would be rescinded, and a full review of the academy's hiring practices would be conducted. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

The Cybersecurity and Infrastructure Security Agency is out with some new guidance on how agencies can adopt zero trust security architectures. CISA's latest guide focuses on a security concept called micro segmentation. It's considered critical to containing hackers and malware before they wreak havoc across networks and steal sensitive data. For more, Federal News Network's Justin Doubleday spoke with Shelley Hartsook, an Acting Associate Director in CISA cybersecurity division.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Today's episode will focus on the challenges of the cyber landscape in the United States, as Steve sits down with Yolanda Williams, who is the Cybersecurity and Infrastructure Security Agency's cyber security coordinator in the state of Florida. Steve and Yolanda dive deep into her work communicating cyber in a region where it for many isn't top-of-mind and how state sovereignty and lack of standardisation between local stakeholders poses unique challenges. We hope that Yolanda's many examples of successfully working with Floridians and stakeholders across the state will resonate with listeners across the US—and perhaps across the pond, too. Key Takeaways: Cyber leaders must possess the ability to shape their communication based on what the audience is looking for. Organisations are much more open to cyber advice today than they were five years ago.  Look at the language in your contracts! Mistakes can prove costly from both a financial perspective and a cyber perspective. Tune in to hear more about: How cyber connects to physical security (3:25) The challenges of a lack of standardised guidelines or federal regulation (10:23) The importance of keeping local backups and not only use the cloud (18:24) Standout Quotes: “I hear a lot of people say, ‘dumb it down.' But you don't want to dumb it down. You just want to make sure that you're tailoring it specifically. You may have technical folks who are looking for, okay, what was the ransomware? Who did it? Who deployed it? How was it deployed? What was the payload? All those types of things. And they want to get into the deep dive of it. A lot of individuals don't. I'll speak to healthcare individuals and they're more looking at ‘I'm not a target. I'm a small doctor's office. I'm not a target.' And one of the things we try to get across to everyone is: you are definitely a target. If you have a US IP address, you are a target.” - Yolanda Williams “There are federal guidelines for federal agencies. However, we respect our states and their sovereignty, and one of the things I found in Florida definitely was a lack of collaboration. Even from the city to the county, there's nothing structured across the board.” - Yolanda Williams “One of the steps that I recommend across the board for anyone that I'm talking to is looking at the language in your contracts, making sure that language is covering, not just what you're purchasing.[…] So making sure that you're looking at that contract language and have somebody that's looking at it that understands the lexicon, understands what is required. You can't just hire somebody off the street and say, ‘Oh yeah, write this contract,' and they don't know what should be in the contract.” - Yolanda Williams Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

  David Waldman WILL RETURN from the Virgin Islands tomorrow! Meanwhile, let's take on an evergreen topic, the complete and utter corruption of Donald K. Trump and how that has infected every facet of American government.   Ex-prosecutors are raising alarms over Ed Martin, who everyone, including Ed Martin, will tell you is anti-law/pro-Trump.   White House aide Lynne Patton was suspended for violation of the Hatch Act. Strange, because who in the Trump administration hasn't violated the Hatch Act, and more vigorously? It's pretty much a job requirement.   DOGEy lawyer Jeremy Lewin is a violent racist, also no doubt a feature, not a bug, leading to his promotion to lead the wreckage of USAID.   The Department of Homeland Security wants to keep the number of people fired from the Cybersecurity and Infrastructure Security Agency a secret.

AI models have a defined memory ceiling, which is reshaping the ongoing debates surrounding copyright and data privacy. Recent research from Meta, Google DeepMind, Cornell, and NVIDIA reveals that large language models have a fixed memorization capacity of approximately 8.6 bits per parameter. This finding clarifies the distinction between memorized data and generalized knowledge, indicating that larger datasets do not necessarily lead to increased memorization of specific data points. This understanding is crucial as it informs the operational mechanisms of AI models and addresses concerns related to copyright infringement.Sundar Pichai, CEO of Google, has introduced the term "artificial jagged intelligence" to describe the current phase of AI development, highlighting the non-linear progress and the challenges faced by researchers despite significant advancements. Pichai's perspective reflects the mixed performance of AI models, which can exhibit extraordinary capabilities alongside notable errors. This sentiment is echoed by deep learning researcher Andrej Karpathy, emphasizing the unpredictability of AI performance and the need for a more nuanced understanding of its capabilities.The rise of AI retrieval bots is transforming how users access information online, with a significant increase in traffic from these bots. Companies like OpenAI and Anthropic are deploying these bots to summarize content in real-time, moving away from traditional search methods that provide links to multiple sources. This shift poses challenges for content publishers, as the growth of retrieval bots indicates a changing economic landscape where content is increasingly consumed by AI first, with human users following. Publishers may need to rethink their engagement strategies to adapt to this new reality.In the broader context of technology and cybersecurity, WhatsApp's intervention in a legal case concerning encryption and privacy rights highlights the growing role of platforms in surveillance debates. Additionally, the U.S. Cybersecurity and Infrastructure Security Agency faces leadership challenges amid a talent exodus, raising concerns about its operational effectiveness. As the IT services industry evolves, the integration of AI into various sectors, including hiring and cybersecurity, underscores the importance of execution, interoperability, and trust in automation. The future of technology will depend on how well businesses can navigate these changes and support their clients in making informed decisions.  Four things to know today  00:00 AI's Jagged Reality: Study Reveals Limits to Model Memory as Bots Redefine the Web Economy05:35 Cybersecurity Crossroads: WhatsApp Joins Apple in Legal Fight as U.S. Agency Leadership Crumbles08:29 AI Matures Into Infrastructure Layer as IT Vendors Shift Focus to Outcomes and Execution11:51 Legal Tech, GenAI, and Fast Food Bots All Show One Thing: Hype Doesn't Equal Success  This is the Business of Tech.    Supported by:  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

U.S. Customs and Border Protection is implementing an AI chatbot called “chatCBP” for its workforce, following in the footsteps of similar federal government creations like DHSChat and StateChat. “CBP's chatCBP is an AI-powered chatbot designed to improve efficiency and access to information for CBP personnel while meeting CBP's security standards,” a CBP spokesperson told FedScoop in an emailed statement. The tool uses a large language model and gives workers responses and guidance in a conversational format “quickly and securely.” According to the spokesperson: “chatCBP offers features like document summarization, compilation, information extraction, and multi-file analysis, reducing the time spent searching for and interpreting documents.” News of the chatbot comes after other agencies within the federal government have launched their own internal chatbots in an attempt to more securely provide the type of generative AI assistance made popular by ChatGPT. That includes the Department of State and the Department of Homeland Security, CBP's parent agency. DHSChat, for its part, was announced last year and is similarly aimed at aiding workers with routine tasks. But, per the spokesperson, chatCBP is different in that it's designed to meet unique operational needs that the subagency has, such as requiring more control over LLM development, monitoring, data management and security. Four senators asked Department of Homeland Security Secretary Kristi Noem to reestablish the Cyber Safety Review Board, citing the need to investigate a landmark breach of telecommunications networks by Chinese hackers known as Salt Typhoon. In a letter last Thursday, the senators also said the board has conducted important oversight of other incidents before DHS removed its members in January, such as its report on a breach of Microsoft by other Chinese hackers. Democratic Sens. Mark Warner of Virginia, Richard Blumenthal of Connecticut, Elissa Slotkin of Michigan and Ron Wyden of Oregon wrote in the letter: “The CSRB played a vital role in U.S. national security carrying out post-incident reviews and providing information and making recommendations to improve public and private sector cyber security. Therefore, we urge you to swiftly reconstitute the Board with qualified leaders to shape our nation's cyber response.” Warner is the top Democrat on the Senate Intelligence panel, and the four members sit on either the Intelligence Committee or the Homeland Security and Governmental Affairs Committee. DHS purged all members from its advisory boards and committees in January. While the later disbanding of other boards has drawn some concern, the removal of the Cybersecurity and Infrastructure Security Agency-led Cyber Safety Review Board's members has drawn the most negative reaction from the cybersecurity community. It halted a Salt Typhoon investigation that had only just begun.

As generative AI increasingly takes hold across the federal government, a class of that greater tech discipline called agentic AI is also gaining momentum. Think of it like an AI sidekick. Agentic AI moves beyond rules-based AI assistants of the past to act autonomously to accomplish something without the need for constant human intervention. According to Jonathan Alboum, federal CTO of ServiceNow and a former federal CIO at USDA, agentic AI holds massive potential for the future of the federal government, particularly amid the Trump administration's slashing of the federal workforce and placing a premium on efficiency. Alboum joins the podcast to discuss that, some exciting news from ServiceNow's Knowledge conference this week in Las Vegas and his thoughts on how federal CIOs are managing ongoing consolidation of federal IT programs. President Donald Trump's fiscal 2026 budget proposal would slash $491 million from the budget of the Cybersecurity and Infrastructure Security Agency, according to a summary released Friday. That would amount to a nearly 17% reduction to the agency's approximately $3 billion budget. The administration did not release a detailed itemization of the cuts, only an outline. “The Budget refocuses CISA on its core mission — Federal network defense and enhancing the security and resilience of critical infrastructure — while eliminating weaponization and waste,” a summary reads. In broad strokes, if approved by Congress, the budget would target for reduction what it identified as “so-called” disinformation and misinformation programs and offices; “duplicative” programs of other programs at the state and federal level; “external engagement offices such as international affairs”; and consolidate “redundant security advisors and programs.” A startup founder and Department of Government Efficiency associate named Sam Corcos is the new chief information officer of the Treasury Department, according to a person within the agency. Corcos was introduced with that title at a recent meeting for Treasury bureau chief information officers, the person added. Corcos, who most recently helped create a health company called Levels, had been representing DOGE in the Treasury Department, with the official title of special advisor. Corcos, who has appeared on Fox News with Treasury Secretary Scott Bessent, has said his top priority is looking at the operations and maintenance budget, as well as modernization, at the IRS. He's also sought access to government data and, according to Wired, was involved in an effort to organize an IRS hackathon. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Melissa Rogers joins the podcast for a conversation about how each of us can take steps to promote religious freedom and the common good in the United States today. After leading the White House Office of Faith-based and Neighborhood Partnerships in the Obama and Biden administrations, she shares her inside perspective on government, where we are right now, and how people can truly make an impact. Our religious freedom protects everyone's right to bring their faith to the public square, and you won't want to miss this conversation about opportunities we have as Americans to engage government at all levels and express ourselves in the face of injustice.    SHOW NOTES Segment 1 (starting at 00:38): The genius of our constitutional protections for religious freedom Melissa Rogers served as the executive director of the White House Office of Faith-based and Neighborhood Partnerships in the Obama and Biden administrations. You can click here to read her extensive biography. She is the author of Faith in American Public Life, published in 2019. She has been on two earlier BJC podcasts: Respecting Religion, S2, Ep. 06: What's next? The Biden administration and religious liberty (2020) The Dangers of Christian Nationalism series, episode 9: Religious freedom, church-state law and Christian nationalism (2019), alongside Rabbi David Saperstein. You also can watch a video of that podcast.  NOTE: On April 21, we released a special podcast episode recorded at the same time as this conversation, focusing on the case of Kilmar Armando Abrego Garcia and the rule of law. Click here to hear that portion of the conversation.    Segment 2 (starting at 10:09): Our current moment as a country Here are links with more information from this portion of the conversation:  Melissa discussed the work of the federal government to protect places of worship. Protecting Houses of Worship is a helpful resource on this topic from the CISA (the Cybersecurity and Infrastructure Security Agency of the Department of Homeland Security).  She also mentioned the Biden-Harris administration's work on countering hate. One example is the United We Stand Summit in 2022: Taking Action to Prevent and Address Hate-Fueled Violence and Foster Unity. Click here to read more about the summit, or click here to watch the full summit proceedings. In addition, the Biden-Harris administration released the U.S. National Strategy to Counter Antisemitism in 2023, and the U.S. National Strategy to Counter Islamophobia and Anti-Arab Hate in 2024. Learn more about BJC's Christians Against Christian Nationalism campaign at ChristiansAgainstChristianNationalism.org.   Segment 3 (starting 16:52): Practical ways to take action  Here are a few resources and organizations to connect with if you are interested in responding to governmental actions, including by sharing information about their impact on you or your community:  DOGE cuts: Have you been impacted by DOGE cuts? Share your story with the Center for American Progress Article published by The Century Foundation: We Led Federal Agencies. Here Are 10 Ways That President Trump and Elon Musk's Attacks on Federal Workers Will Hurt You by Mark Zuckerman, Julie Su, Lauren McFerran, Gayle Goldin, Rachel West, Chiquita Brooks-LaSure, Ruth Friedman, Carole Johnson, Viviann Anguiano, Kayla Patrick and Loredana Valtierra Information on various lawsuits challenging governmental actions: Melissa mentioned the lawsuit challenging the recission of the “sensitive locations” guidance as a violation of religious freedom protections under the federal Religious Freedom Restoration Act (RFRA). Read more about the lawsuit on our website, which is being led by Democracy Forward. Another lawsuit on sensitive locations is also being pursued by a group led by the Institute for Congressional Advocacy and Protection.  You can find more information about this and other pending lawsuits here: Updates from Democracy Forward  Just Security's litigation tracker  Legal actions of CREW (Citizens for Responsibility and Ethics in Washington) Resource on how to protect democracy: Protecting Democracy's Faithful Fight Toolkit Interested in calling your congressional representatives about issues you care about? Here's how you can find their contact information:  Click here to find your representative in the U.S. House Click here to find your U.S. Senators Respecting Religion is made possible by BJC's generous donors. Your gift to BJC is tax-deductible, and you can support these conversations with a gift to BJC.

Today on the show, Liz Wheeler interviews Mike Benz, Executive Director of Foundation For Freedom Online about the deep state and the Cybersecurity and Infrastructure Security Agency, better known as CISA. SPONSORS: PREBORN: Your tax-deductible donation of twenty-eight dollars sponsors one ultrasound and doubles a baby's chance at life. How many babies can you save? Please donate your best gift today– just dial #250 and say the keyword, “BABY" or go to https://preborn.com/LIZ. KEKSI COOKIES: Mother's Day is coming up so don't wait—go to https://keksi.com right now and use code LIZ15 for an exclusive 15% discount. Your mom deserves the best—give her something she'll remember! Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode of 'Cybersecurity Today,' host Jim Love discusses various pressing topics in the realm of cybersecurity. Highlights include Anthropic's prediction on AI-powered virtual employees and their potential security risks, Microsoft's introduction of AI security agents to mitigate workforce gaps and analyst burnout, and a pivotal court ruling allowing a data privacy class action against Shopify to proceed in California. Additionally, the show covers the last-minute extension of funding for the Common Vulnerabilities and Exposures (CVE) program by the US Cybersecurity and Infrastructure Security Agency, averting a potential crisis in cybersecurity coordination. These discussions underscore the evolving challenges and solutions within the cybersecurity landscape. 00:00 Introduction and Overview 00:26 AI Employees: Opportunities and Risks 01:48 Microsoft's AI Security Agents 03:58 Shopify's Legal Battle Over Data Privacy 05:12 CVE Program's Funding Crisis Averted 07:24 Conclusion and Contact Information

Labor Department employees can now access two OpenAI models through the company's partnership with Microsoft Azure, making the agency the latest to integrate generative AI into its workflow. The two OpenAI models now available to Labor staff are GPT-4o and GPT-4o mini, according to documents viewed by FedScoop. The agency's platform for the OpenAI tech suggests that staff use the technology for specific applications, including a language translator, a “pros and cons analyzer,” and a memo writer. A large document analyzer and document comparison tool are also available in the interface. Along with that, the department has published a guide on the appropriate use of AI systems and cautions agency users that their role in properly using the generative AI tools is “crucial.” Staff are flagged with a warning before using the tool and are instructed to review outputs for accuracy. Previously, these kinds of generative AI tools had not been approved for Labor Department use and employees were warned not to enter federal information into the systems, a source within the agency told FedScoop. Two top officials at the Cybersecurity and Infrastructure Security Agency who worked with the private sector to manufacture secure products and technology are leaving the agency. Bob Lord, senior technical adviser and Lauren Zabierek, senior advisor at CISA, were two of the chief architects behind CISA's Secure by Design initiative, which garnered voluntary commitments from major vendors and manufacturers to build cybersecurity protections into their products at the design stage. On Monday in separate posts on LinkedIn, Lord and Zabierek both said they are departing the agency. Neither offered a rationale or motivation for the decision, with Lord simply calling it a “difficult decision” and Zabierek saying it was “not an easy choice.” The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

Protect Your Retirement W/ a Gold or Silver IRA Today!! https://www.sgtreportgold.com/ CALL( 877) 646-5347 - Noble Gold is Who I Trust   Gold continues to soar to new all-time highs on a daily basis and the U.S. stock market continues to trend lower amidst tariff turmoil. Donald J. Trump is calling the Democrats the "T" word "TRAITORS" while specifically targeting one deep state snake, Christopher Krebs who was the Director of the Cybersecurity and Infrastructure Security Agency under Biden, Mr. Krebs must now lawyer up because he's going down. Meanwhile Michigan Governor Gretchen Whitmer bent the knee in the oval office. Jim Willie joins me to process the latest!   https://rumble.com/embed/v6pqx7h/?pub=2peuz  

Customs and Border Protection's Office of Information Technology says it's reviewing the loss of three physical servers, a public records request shows. According to a document produced by CBP's Cybersecurity Directorate, about 200 government devices have been stolen or gone missing in recent years. Of these devices, 140 were cell phones, and just under 40 were laptops. No items were reported to be lost abroad, according to the document. That federal employees would have lost phones and tablets isn't surprising. FedScoop has reported on lost electronics at the U.S. Agency for International Development and NASA, and agencies often review inventories of employee devices. Still, the loss of government-furnished equipment can raise concerns about the security of sensitive data. Some federal employees have even been caught stealing government IT equipment in order to sell it. The loss of three servers is somewhat unusual. The agency did not answer a series of questions about the lost servers, including what data they might have held or whether the losses were ever reported to law enforcement. In response to FedScoop questions, an agency spokesperson said, “CBP is currently reviewing this issue.” The Cybersecurity and Infrastructure Security Agency must brief Congress on proposed deep cuts to agency personnel, a top Democrat said in a letter to its acting director. California Rep. Eric Swalwell, ranking member of the House Homeland Security Subcommittee on Cybersecurity and Infrastructure Protection, wrote in the letter to acting Director Bridget Bean on Thursday that CISA is obligated to notify Congress of its plans. CISA reportedly plans to cut agency staff by nearly 40%, or 1,300 people. Swallwell wrote in his letter that “upending an agency that plays such an important role in defending the homeland while keeping Congress in the dark is wholly unacceptable,” adding that CISA hasn't provided the subcommittee any justification for the cuts or explained how it will execute its congressionally mandated mission with a fraction of the workforce and resources. CISA had already cut 130 probationary staffers, a move blocked in court before being overturned in an appeal. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

John is joined by former U.S. Cybersecurity and Infrastructure Security Agency director Chris Krebs to discuss the Trump 2.0 rollback of the nation's cyberdefenses—an interview taped just an hour before Trump ordered the Justice Department to investigate Krebs, who earned the president's enmity four years ago by declaring the 2020 election “the most secure in American history.” Krebs details the rapidly escalating and dramatically expanding threats posed by Chinese and Russian hackers to America's corporations, public and private infrastructure, and voting systems; how and why the administration is dismantling the agencies and programs designed to stave off those threats; and the potential risks to the security of our elections as a result of gutting CISA, the organization Krebs once led … and Trump himself signed into law. To learn more about listener data and our privacy practices visit: https://www.audacyinc.com/privacy-policy Learn more about your ad choices. Visit https://podcastchoices.com/adchoices

Qasim Ijaz Qasim Ijaz is the director of cybersecurity at a leading healthcare organization, overseeing detection, incident response, vulnerability management, purple teaming, and cybersecurity engineering. With a strong background in offensive security and risk management, he has helped organizations strengthen their defenses against evolving threats. He is also a dedicated educator, mentoring professionals and sharing his expertise at conferences such as BSides and Black Hat. You don't need to go far in the news these days to find out that another organization was hacked. Data breeches are a nightmare scenario for both leaders and the people they support. In this episode, Qasim and I explore what your team and you can do to be a bit more prepared. Key Points Use multi-factor authentication, passphrases, and a password manager. Freeze your personal credit reports. Do this for free directly with Experian, Equifax, and TransUnion. Leaders in bigger roles (executives, CEOs, board members) are larger targets for hackers due to their access and also their ability to occasionally side-step organizational guidelines. It's the non-technical pieces of a cyber response that organizations are least prepared for. Conduct incident response and disaster recovery tabletop exercises to uncover vulnerabilities before an attack. Regardless of organizational policy, employees will use AI. The best prevention assumes the inevitability of human behavior and works with it to improve systems. Resources Mentioned Recommended password managers: 1Password, Apple password app, Proton Pass Critical Security Controls by the Center for Internet Security Resources for Small and Medium Businesses by the Cybersecurity & Infrastructure Security Agency 2024 Data Breach Investigations Report by Verizon Business Related Episodes Dumb Things Smart People Do With Money, with Jill Schlesinger (episode 396) Where to Start When Inheriting a Team in Crisis, with Lynn Perry Wooten (episode 603) How to Use AI to Think Better, with José Antonio Bowen (episode 689) Discover More Activate your free membership for full access to the entire library of interviews since 2011, searchable by topic. To accelerate your learning, uncover more inside Coaching for Leaders Plus.

Members of Elon Musk's Department of Government Efficiency now have access to technical systems maintained by United States Citizenship and Immigration Services, according to a recent memorandum viewed by FedScoop. The memo, which was sent from and digitally signed by USCIS Chief Information Officer William McElhaney, states that Kyle Shutt, Edward Coristine, Aram Mogahaddassi and Payton Rehling were granted access to USCIS systems and data repositories, and that a Department of Homeland Security review was required to determine whether that access should continue. Coristine, 19, is one of the more polarizing members of DOGE. He previously provided assistance to a cybercrime ring through a company he operated while he was in high school, according to other news outlets. Coristine worked for a short period at Neuralink, Musk's brain implant company, and was previously stationed by DOGE at the Cybersecurity and Infrastructure Security Agency. The memo, dated March 28, asks DHS Deputy Secretary Troy Edgar to have his office review and provide direction for the four DOGE men regarding their access to the agency's “data lake” — called USCIS Data Business Intelligence Services — as well as two associated enabling technologies, Databricks and Github. The document says DHS CIO Antoine McCord and Michael Weissman, the agency's chief data officer, asked USCIS to enable Shutt and Coristine's access to the USCIS data lake in mid-March, and Mogahaddassi requested similar access days later. A bipartisan bill to fully establish a National Science Foundation-based resource aimed at providing essential tools for AI research to academics, nonprofits, small businesses and others was reintroduced in the House last week. Under the Creating Resources for Every American To Experiment with Artificial Intelligence (CREATE AI) Act of 2025 (H.R. 2385), a full-scale National AI Research Resource would be codified at NSF. While that resource currently exists in pilot form, legislation authorizing the NAIRR is needed to continue that work. Rep. Jay Obernolte, R-Calif., who sponsors the bill, said in a written statement announcing the reintroduction: “By empowering students, universities, startups, and small businesses to participate in the future of AI, we can drive innovation, strengthen our workforce, and ensure that American leadership in this critical field is broad-based and secure.” The NAIRR pilot, as it stands, is a collection of resources from the public and private sectors — such as computing power, storage, AI models, and data — that are made available to those researching AI to make the process of accessing those types of tools easier. The Daily Scoop Podcast is available every Monday-Friday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast  on Apple Podcasts, Soundcloud, Spotify and YouTube.

In this episode of 'Cybersecurity Today,' host Jim Love covers several major cybersecurity events. A devastating breach at Oracle Cloud Infrastructure has exposed 6 million records affecting 140,000 businesses, linked to a threat actor known as Rose87168. The attack exploited vulnerabilities in Oracle Fusion Middleware 11G. New browser-in-the-middle attack techniques are discussed, which can steal data by bypassing multi-factor authentication. The episode also highlights a severe vulnerability in Synology's DiskStation Manager software that could allow remote attackers to take full control of affected systems. Lastly, significant budget cuts in the Cybersecurity and Infrastructure Security Agency's (CISA) Red Team might weaken US government cyber defenses. Critical insights and mitigation strategies for these emerging threats are provided. 00:00 Massive Oracle Supply Chain Attack 03:08 Browser in the Middle Attack Explained 06:03 Synology's Major Security Flaw 08:08 US Government Red Team Disruptions 10:31 Conclusion and Final Thoughts

Everything, everywhere, all at once — but not the movie. This is how cybersecurity experts describe a scenario where a foreign adversary shuts off critical infrastructure, like oil pipelines, water networks, ports, and electric grids, all over the country. The terrifying truth is that China has already hacked into our critical infrastructure. They're “living off the land” and could conceivably attack whenever is most convenient. What's worse? Our political leaders are defunding America's cybersecurity efforts. In order to dig in deeper, Kara talks to Nicole Perlorth, Michael Schmidt, and Lt. Col. Alexander Vindman, (Ret.)   Nicole Perlroth spent a decade as the lead cybersecurity reporter at The New York Times, before going inside the tent and joining the advisory board of the Cybersecurity and Infrastructure Security Agency and the Council on Foreign Relations' Cyber Task Force. She is a founding partner at Silverbuckshot Ventures and the host and producer  of To Catch a Thief, a new podcast on China's rise to cyber dominance. Michael Schmidt is a Pulitzer Prize-winning investigative reporter for The New York Times and the author of the best-selling book Donald Trump v. The United States. He's also the executive producer and co-creator of the Netflix series Zero Day, a political thriller about a devastating cyberattack on the U.S. Lt. Col. Alexander Vindman is the former director of European Affairs for the National Security Council. Vindman was a key witness during President Trump's first impeachment and testified about Trump's infamous phone call with President Zelensky of Ukraine. He is a senior fellow at the Johns Hopkins Foreign Policy Institute and the author of The Folly of Realism: How the West Deceived Itself About Russia and Betrayed Ukraine. Questions? Comments? Email us at on@voxmedia.com or find us on Instagram, TikTok and Bluesky @onwithkaraswisher. Learn more about your ad choices. Visit podcastchoices.com/adchoices

As Elon Musk and his Department of Government Efficiency pursue sweeping cuts across federal agencies, the Trump administration is also scaling back efforts to confront election disinformation. Several officials in the Cybersecurity and Infrastructure Security Agency, a political target of Republicans since the 2020 election, were recently put on leave. On POLITICO Tech, cybersecurity reporter Maggie Miller joins host Steven Overly to detail the quiet cuts and why others at the agency are worried about their futures.  Learn more about your ad choices. Visit megaphone.fm/adchoices

Some Republican lawmakers and policy agenda Project 2025 have criticized the Cybersecurity and Infrastructure Security Agency for overreach. WSJ reporter James Rundle joins host Belle Lin to talk about how President-elect Trump's second term might shape the cyber agency, from more robust abilities for it to detect and respond to cyber threats, to drastic budget cuts.Plus, why some techies are taking their meetings and networking events to saunas. Sign up for the WSJ's free Technology newsletter. Learn more about your ad choices. Visit megaphone.fm/adchoices

Vice President Kamala Harris and former President Trump are on the campaign trail with just 15 days until Election Day. Election law expert Nate Persily weighs in on the legal questions surround Elon Musk's $1 million giveaway. Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, explains how foreign actors are seeking to influence the U.S. elections.