Cyber Focus: Cybersecurity, National Security, and Critical Infrastructure

Episodes

• AI Is Not Your Friend: Geoffrey Fowler on Rating AI for Kids 02.06.2026 39m

  In this episode of Cyber Focus, Frank Cilluffo speaks with Geoffrey Fowler, head of public engagement for the Youth AI Safety Institute at Common Sense Media, about why AI requires a different kind of safety framework than movies, apps, games, or social media. Fowler argues that generative AI is not static content; it is dynamic, conversational, multipurpose, and capable of changing from one interaction to the next based on the user, the prompt, the model, and the length of the conversation. The conversation explores how AI products that appear friendly, educational, or therapeutic can create new risks for children, from emotional dependency and privacy concerns to unsafe mental-health guidance and weakening guardrails over extended conversations. Fowler explains how Common Sense Media is working to build independent AI safety ratings for kids, modeled in part on crash testing for cars: transparent evaluations that help parents and schools make better decisions while pushing companies toward safer design. Main Topics Covered Why AI needs a new safety rating Lessons from social media and smartphone adoption AI companions, mental-health claims, and dependency risk AI toys, privacy, and weakening guardrails Independent testing, ratings, and child-development standards Company responsibility, public policy, and trust Key Quotes "AI is not your friend. AI is not human. It does not make the kinds of choices that a human being would make when you're having a bad day or when you're in a crisis or when you need somebody to really trust." — Geoffrey Fowler, Common Sense Media "[AI companies] shouldn't be experimenting on our kids. They should make it safe from the get go." — Geoffrey Fowler, Common Sense Media "These AI toys are little spies that you're putting in kids' rooms. They're recording their voices, they're recording behavioral data." — Geoffrey Fowler, Common Sense Media "The Common Sense Media Youth AI Safety Institute is neither pro AI nor anti AI. It's pro kid." — Geoffrey Fowler, Common Sense Media "We are here to research not just the hype of what companies say about what their technology does, we're here to see what it actually does and tell the truth about it." — Geoffrey Fowler, Common Sense Media Relevant Links and Resources https://www.commonsensemedia.org/ai-ratings/ai-risk-assessments Guest Bio Geoffrey Fowler is head of public engagement for the Youth AI Safety Institute at Common Sense Media. He is a longtime technology journalist whose work has appeared at The Washington Post and The Wall Street Journal. In this role, Fowler helps communicate Common Sense Media's work to evaluate AI products used by children, teens, families, and schools, including the development of independent safety ratings and risk assessments for youth-facing AI tools.  
• Estonia's Lessons for the Cyber Future with Ambassador Kristjan Prikk 26.05.2026 37m

  For Estonia, cyber resilience is not an abstract policy goal. It is a national survival issue shaped by history, geography, and the reality of living next to Russia. In this episode, Ambassador Kristjan Prikk explains how Estonia turned a lack of legacy infrastructure into a digital advantage, why the 2007 cyberattacks became a strategic wake-up call for the West, and what Ukraine's defense against Russia reveals about preparation, public-private cooperation, and the future of conflict. The conversation also looks ahead: to AI in government and education, to Estonia's support for Ukraine, and to the cyber lessons NATO must operationalize before the next crisis. At the center is a clear argument from one of the world's most digitally advanced democracies: cyber defense is not just about hardening systems, but building the relationships, institutions, and resilience needed to keep a society functioning under pressure. Main Topics Covered Estonia's digital transformation Life after Soviet occupation The 2007 cyberattacks Resilience over perfect defense Ukraine's cyber defense Private-sector support in wartime AI in government and education Support for Ukraine NATO's cyber priorities Key Quotes "We had a really strong incentive to go ahead and try out something almost crazy, something that no one had ever tried before, and just see what's going to happen." — Ambassador Kristjan Prikk "We believe that our kids will not lose [their] jobs to AI, but rather they may risk losing their jobs to other kids who know how to use AI better than them." — Ambassador Kristjan Prikk "We reduce or limit the risk of particularly high impact threats, risks materializing. But then again, the more important part is the ability to rebound; the ability to use alternatives if plan A is not working." — Ambassador Kristjan Prikk  "The way the cyberspace is set up means that we cannot only be confined in our own quarters and expect that if we keep it in order, then nothing happens." — Ambassador Kristjan Prikk  "Cybersecurity is a team sport…we have to make sure that when the problem appears, then we don't have to start searching for contacts of other people. The organization has to be there." — Ambassador Kristjan Prikk Relevant Links and Resources Embassy of Estonia in Washington, D.C. Estonia's national cybersecurity strategy or cyber agency resources Tallinn Mechanism information page IT Coalition for Ukraine information page About the Guest: Kristjan Prikk has served as Estonia's Ambassador to the United States since May 2021, and will soon serve as Estonia's Ambassador to NATO. Before assuming his current duties, Prikk served for nearly three years as the Permanent Secretary of the Estonian Ministry of Defense. In this role he was responsible for the management of the Ministry and for the coordination of activities of the agencies under the Ministry, including the Estonian Defense Forces, the Estonian Foreign Intelligence Service, and the Centre for Defense Investments.  
• Who's Accountable When AI Acts? — With Walter Haydock 19.05.2026 31m

  In this episode of Cyber Focus, Frank Cilluffo speaks with Walter Haydock, founder of StackAware, about the accountability, governance, and national security challenges emerging as organizations rush to deploy artificial intelligence. Haydock argues that AI does not erase familiar cybersecurity and risk-management problems; it accelerates them. From non-human identities and AI agents to third-party risk, federal regulation, and the environmental demands of AI infrastructure, the conversation centers on a core question: who is accountable when AI systems act, fail, or cause harm? Rather than treating AI governance as a compliance checklist, Haydock makes the case for assigning clear ownership, focusing policy on outcomes, and giving business leaders—not risk advisors alone—responsibility for the risks their organizations accept. Main Topics Covered AI accountability and non-human identities Managing AI agents as unpredictable actors Who should own AI risk inside an organization Third-party risk, supply chains, and contractual accountability Avoiding checkbox compliance in AI governance National AI policy, innovation, and strategic competition Key Quotes: "I see organizations spending a lot of time, money, resources, brain power on low-impact problems, on things that they shouldn't be focused on, and instead they're kind of ignoring the higher-risk issues that have easier mitigations, easier solutions." — Walter Haydock "The question of who is accountable for a given outcome is a critically important one." — Walter Haydock "At the level of an individual business, I think it's important to assign accountability for actions of AI agents to cross-functional business leaders who have the wherewithal, the full understanding of all the issues that are impacting a given company." — Walter Haydock "The framework I use is that business leaders are risk and system owners. They are ultimately accountable. They make the final decisions." — Walter Haydock "When the government hard codes in supposed best practices, they end up creating perverse incentives where companies are focused very closely on checking the box and not necessarily on getting the good outcome." — Walter Haydock Relevant Links and Resources Stack Aware Guest Bio Walter Haydock is the founder of StackAware, an AI security and governance company. Before founding StackAware, he worked in government, national security, and the military, including service on the House Homeland Security Committee, at the National Counterterrorism Center, and in the U.S. Marine Corps in intelligence and reconnaissance roles.
• The End of Human-Speed Cyber: Mythos, Glasswing & the AI Exploit Race with CrowdStrike's Drew Bagley 12.05.2026 34m

  Cyber defense is entering a machine-speed era. With Anthropic's Mythos and Project Glasswing bringing AI-driven vulnerability discovery and exploit development into the center of the cyber conversation, CrowdStrike's Drew Bagley says organizations need to prepare for a world where vulnerabilities can be found, chained, and exploited faster than traditional patching cycles can handle. Bagley joins Frank Cilluffo to explain why this shift is not just about one model, one company, or one headline-grabbing project. It points to a broader change in how attackers and defenders will operate: exploit stacks may make once-latent vulnerabilities newly dangerous, critical infrastructure operators may face risks they cannot patch away, and unmanaged AI agents inside organizations may become another source of exposure. The answer, Bagley argues, is not panic or patching alone, but continuous discovery, continuous remediation, visibility across the kill chain, AI-powered defense, and resilience planning built for a world moving faster than human-speed cyber. Main Topics Covered Mythos, Project Glasswing, and AI-driven vulnerability discovery Why exploit stacks change how organizations should think about risk Continuous patching, prioritization, and machine-speed defense Critical infrastructure, OT systems, and unpatchable legacy technology AI agents, unmanaged access, and the next insider-style risk Key Quotes "We're now in an era in which AI has been proven to be able to find vulnerabilities and write exploits at scale much quicker than humans can." — Drew Bagley "We should think about this as an opportunity to think through this problem set now and assume that this is going to be just a widespread capability pretty soon." — Drew Bagley "Previously latent [OT] vulnerabilities… [relied on] security through obscurity. That's no longer the case. And now those are exploitable." — Drew Bagley "If you don't have visibility and you can't see the risk, then you can't mitigate the risk." — Drew Bagley "It's important to think about the ways in which AI has been incorporated over the past two years, especially in organizations to get work done better, but in ways that have often been unmanaged where AI has access to things you wouldn't give an intern access to." — Drew Bagley Relevant Links and Resources Anthropic's Project Glasswing CrowdStrike's Project Quiltworks Guest Bio:   Drew Bagley is CrowdStrike's Chief Privacy Officer, where he leads the company's privacy and public policy work. In his 12 years at CrowdStrike, he has helped shape the company's approach to data protection, cybersecurity policy, and engagement with government leaders as CrowdStrike grew into a global cybersecurity company.
• What Most People Get Wrong About Secure Messaging with Signal CTO Ehren Kret 05.05.2026 31m

  Most people think secure messaging begins and ends with encryption. Signal CTO Ehren Kret says that is only part of the picture. In this episode of Cyber Focus, host Frank Cilluffo sits down with Kret to discuss what private communication really requires, from protecting message content to limiting what platforms can learn from metadata, identity, group membership and social graphs. Kret explains how Signal's nonprofit model shapes its privacy-first design choices, why endpoint security remains a major challenge, and how AI built into operating systems could create new risks for private communication. The conversation also explores post-quantum encryption, lawful access debates, phishing threats against messaging accounts, and why the future of secure communication depends not only on better technology, but on helping users understand what is and is not truly private. Main Topics Secure messaging misconceptions Metadata and social graphs Endpoint security risks AI and platform privacy Post-quantum encryption Signal's nonprofit model Key Quotes "Disappearing messages, and that's one piece of the puzzle... But a lot of people think that's sort of the end." — Ehren Kret "You should also be looking at does your service provider have access to the message content and is it protected from visibility from them?" — Ehren Kret  "Being able to build a social graph can reveal information, even though you don't necessarily have the message content, it is highly leaky. You can infer from a social graph, you can see who is talking to who, and a lot of times that reveals information about the content of those communications ." — Ehren Kret "Signal...is an anti mass surveillance tool. It's not necessarily an anti targeted surveillance tool because at the end of the day your phone is still an endpoint that can be targeted." — Ehren Kret "Since it's a nonprofit, the primary goal for Signal is to spread the use of end-to-end encrypted for messaging and for communications in general." — Ehren Kret Relevant Links and Resources Signal Foundation Signal: Sealed Sender Signal: Quantum Resistance and the Signal Protocol Cloudflare Post-Quantum Roadmap Google Research on Quantum Vulnerabilities About Ehren Kret Ehren Kret is the Chief Technology Officer at Signal, where he helps lead the development of privacy-preserving communication technology. He previously served as an engineering director at WhatsApp, where he helped scale end-to-end encryption for more than a billion users.  
• How Idaho National Laboratory Is Building the Future of Infrastructure Security with Zach Tudor 27.04.2026 33m

  America is asking more from its critical infrastructure just as adversaries are finding more ways to target it. AI, data centers, electrification, and next-generation energy systems all depend on operational technology—the control systems that keep power, water, transportation, and industry moving. As that backbone grows more connected, the stakes of securing it grow even higher. In this episode of Cyber Focus, Frank Cilluffo speaks with Zach Tudor, Associate Laboratory Director at Idaho National Laboratory, about how INL tests and secures critical infrastructure at scale. Tudor explains why resilience must guide infrastructure defense, what Ukraine and China reveal about the risks facing critical infrastructure, and why cyber-informed engineering is essential as new technologies move into energy, nuclear, wireless, and industrial systems. The conversation also covers AI's role in control environments, the workforce needed to secure future infrastructure, and the challenge of moving faster before a major event forces action. Main Topics Covered INL's critical infrastructure mission Testing infrastructure at scale OT security and resilience AI risks in control systems Cyber-informed engineering Workforce needs for energy security Key Quotes "No infrastructure is impervious to attack." — Zach Tudor "I think we're getting to the point where, if you are delivering power to the nation, then you are a risk professional as well as a power engineer." — Zach Tudor "Resilience for me is not just the preparation for an attack or the response to an attack, but the ability to mitigate the effects of an attack, to respond quickly, and to recover quickly as well." — Zach Tudor "We are a national lab in the public economic and national security interest. And so we'll do what needs to be done. We say that labs do what others can't, won't or shouldn't do." — Zach Tudor "The mindset of an engineer who's thinking about operations is different from the mindset of an IT security person who's protecting databases or privacy or other data." — Zach Tudor Relevant Links and Resources Idaho National Laboratory Department of Energy National Laboratories Cyber-Informed Engineering (CIE) Guest Bio Zach Tudor is Associate Laboratory Director for National and Homeland Security at Idaho National Laboratory, where he leads programs focused on critical infrastructure protection, operational technology security, and national security innovation. He previously served at the Department of Homeland Security's ICS-CERT and is a former U.S. Navy submariner. Tudor has spent decades working at the intersection of cybersecurity, energy systems, and national defense.
• Hacking Reputation: Disinformation, Trust, and Cyber Crisis Response with Preston Golson 21.04.2026 24m

  A cyber incident can damage far more than systems and networks. It can also become a reputational crisis, especially when false or misleading narratives move faster than facts. In this episode of Cyber Focus, Frank Cilluffo speaks with Preston Golson of Brunswick Group about why organizations need to treat reputation as a vulnerability that can be tested, stress-tested, and defended much like any other part of their cyber posture. Drawing on his work in cyber incident response and his earlier career at the CIA, Golson explains how misinformation and disinformation take hold, why many damaging narratives are foreseeable, and how companies can prepare before a crisis hits. The conversation explores red teaming, "prebunking," unified crisis response, and the growing importance of trust, credibility, and AI-generated search results in shaping public perception. For leaders trying to manage cyber risk in a more volatile information environment, this episode offers a practical framework for thinking about reputation, crisis communications, and resilience. Main Topics Covered Reputation as a cyber target Disinformation and viral narratives Red teaming reputational risk Cyber crisis communications Prebunking and digital inoculation Key Quotes "Misinformation is like a forest fire and we live in a forest with combustible conditions … false and misleading narratives can be caught quickly and they can affect a company's license to operate." — Preston Golson   "If you have a dedicated team to look for [reputational risks], you can hack your own reputation, understand where your vulnerabilities are and then reverse engineer defenses and proactive communications … to help build resiliency amongst your audiences." — Preston Golson "We don't play whack a mole. Not every narrative deserves a response. As a matter of fact, some narrative, if you give them a response, it'll give it more oxygen." — Preston Golson "What effective [misinformation] narratives are doing are playing on people's insecurities, [and] people's desire to understand a world that is increasingly complex. It doesn't always make sense." — Preston Golson "Ransomware really did democratize cyber. Everyone's a target from the biggest Fortune 10 down to every mom and pop shop..." — Frank Cilluffo Relevant Links and Resources Brunswick Group Preston Golson's article, "Hacking Reputation" Guest Bio Preston Golson is a director at Brunswick Group, where he works on cyber incident response and related communications challenges. Before joining Brunswick, he spent more than 15 years at the Central Intelligence Agency. In this episode, he draws on that experience to discuss cyber crisis response, disinformation, reputational risk, and how organizations can prepare for false or misleading narratives before they take hold.
• Cult of the Dead Cow and the Roots of Modern Cyber Ethics with Joe Menn 13.04.2026 34m

  Cybersecurity's history is often told through breaches, crime, and disruption. Joe Menn argues that the story of early hacker culture also offers something constructive: a model for how technical curiosity, ethical reflection, and independent thinking can shape the public good. Drawing from his work on Cult of the Dead Cow, Menn traces how figures once associated with pranks, underground tools, and legal gray zones helped influence vulnerability disclosure, hacktivism, privacy debates, and even the way government and major companies think about security today. But the episode does not stay in the past. Menn connects those earlier lessons to much more current concerns: digital surveillance, the tightening relationship between big tech and government, and the security risks emerging from the rush into AI. The result is a conversation about far more than hacker lore. It is about who gets to shape technology, what values guide that work, and why critical thinking itself may now be part of the infrastructure worth defending. Main Topics Covered The legacy of Cult of the Dead Cow The evolution of hacktivism Ethics and critical thinking in cyber Surveillance, privacy, and state power AI security and concentrated tech influence Key Quotes "I think it's very interesting to me that... any Fortune 100 CISO who's in his mid-50s or older broke the law as a teenager." — Joe Menn "Hackers are by definition, if they're any good, are critical thinkers, because they're taking stuff and saying, well, okay, this is the intended purpose. What else can it do? What else can I make it do?" ­— Joe Menn "Hackers should be big players in legislation and in protecting critical infrastructure, and all these other things because they are critical thinkers and won't just repeat what the conventional wisdom is. You get value from people who are thinking differently. — Joe Menn "[A]t the most recent inauguration, you had Jeff Bezos and Mark Zuckerberg, and I believe Elon Musk standing closer to Trump than his cabinet members. The allegiance of big tech is actually more important than some of the entire branches of government. And their interests are now, by and large, very closely joined." — Joe Menn "[W]henever there's a new exciting technology; people rush into it and then sometime later they figure out about security ... And right now, there's this land rush where all the vulnerabilities are now visible through the wonder of AI. And so, tech debt that was swept under the rug is now become a forest fire." — Joe Menn Relevant Links and Resources  Cult of the Dead Cow Fatal System Error    Citizen Lab About the Guest Joe Menn is a longtime technology reporter and author who has covered cybersecurity, privacy, and related policy issues for decades. In the episode, Frank Cilluffo notes that Menn has written for The Washington Post, Financial Times, Reuters, and the Los Angeles Times, and is the author of two bestselling cybersecurity books, including Cult of the Dead Cow.
• From Fax Machines to Quantum: Canada's Sami Khoury Reflects on Three Decades in Cyber 07.04.2026 24m

  Cybersecurity now reaches far beyond government networks and traditional IT systems. In this episode, Sami Khoury explains how the threat environment increasingly touches critical infrastructure, operational technology, undersea cables, and space—and why that shift is pushing governments to work more closely with private industry and trusted international partners. Drawing on more than three decades in Canadian government, Khoury offers a clear view of how Canada has built out its cyber posture, how the Canadian Centre for Cyber Security fits into that mission, and where the threat is evolving fastest. He also reflects on the growing overlap between nation-state activity, cybercrime, and hacktivism; the promise and risk of AI; the long transition toward post-quantum security; and the enduring pull of public service in a field where the stakes keep rising. Main Topics Covered Canada's cyber strategy Critical infrastructure security OT, undersea cables, and space AI and post-quantum risk Public-private and international partnership Key Quotes:  "When cyber came about or when we started paying attention to cyber, it was predominantly an IT issue. But unfortunately, these days it's not just an IT issue and we have to pay attention to OT." — Sami Khoury "We know that cyber, and it might be cliche, cyber knows no border." — Sami Khoury  "We welcome people from different educational background because it's the analytical thinking capacity that we're looking for, not critical thinking skills. It's not necessarily that you're the best coder or that you are the best hardware architect. We want people with the critical thinking skills." — Sami Khoury "The day there's a cryptographically relevant quantum computer that can break today's encryption will not, I presume, will not come with a press release." — Sami Khoury "It's no longer government on government, it's government on private sector, it's mercenaries on private sector, it's mercenaries on government or hacktivist on government. So it's completely asymmetric and it takes a whole team to basically make a difference." — Sami Khoury Relevant Links and Resources Canadian Centre for Cyber Security  Canada's national cyber threat assessment Canada's AI strategy Canada's Post-quantum encryption bulletin Guest Bio: Sami Khoury is the Government of Canada Senior Official for Cyber Security and the former head of the Canadian Centre for Cyber Security. He has spent over 30 years in the Canadian government, primarily within the Communications Security Establishment (CSE), Canada's signals intelligence and cryptologic agency. A veteran of the "Five Eyes" intelligence community, Khoury has been instrumental in shaping Canada's national cyber strategy and fostering deep operational ties with international partners.
• Ukraine, Private Sector Power, and Cyber Defense with Greg Rattray 31.03.2026 33m

  Ukraine's cyber defense has become one of the clearest real-world tests of what resilience actually looks like under sustained attack. In this episode of Cyber Focus, Greg Rattray explains why Ukrainian defenders held up better than many expected, and what their experience reveals about the limits of prevention, the value of shared visibility, and the growing operational role of the private sector. Drawing on his work leading the Cyber Defense Assistance Collaborative, Rattray argues that exposing adversary activity across a more "brightly illuminated cyberspace" helped blunt Russia's offensive advantage. But the larger lesson is not just about threat visibility. It is about recovery, adaptability, and trust: teams under pressure need tools they already know how to use, leaders need to plan for bad days, and governments need to make room for industry to do more than simply wait for direction. Main Topics Covered The "bright room" concept in cyber defense Why resilience matters more than perfect prevention Familiar tools vs. cutting-edge tech in crisis The private sector's front-line role How cyber, EW, and drones are converging Key Quotes: "It's pretty hard to do cyber offense in a bright room, in a dark room, it's a lot easier. But like what we've done here is give the Ukrainians the position that the Russian attacks are trying to occur in a pretty brightly illuminated cyberspace." — Greg Rattray "Kyivstar, [Ukraine's] major telecommunications provider, got leveled in December of 2023. I thought they would be out for weeks. Two days later they were back up and running." — Greg Rattray "The speed at which drones have to change in order to stay survivable and effective; these innovation cycles are weeks, not years." — Greg Rattray "While the NIST cybersecurity framework talks about respond and recover, the amount of energy that goes into resilience is still to my mind, under thought, under exercised, [and] under invested in." — Greg Rattray "The notion that you're going to be targeted has to be part of your risk calculus. And therefore you even with a good team... you cannot guarantee you won't have a bad day." — Greg Rattray Links/Resources Cyber Defense Assistance Collaborative: https://crdfglobal-cdac.org Guest Bio:  Dr. Greg Rattray is Chief Strategy and Risk Officer at Andesite and Executive Director of the Cyber Defense Assistance Collaborative (CDAC), which has facilitated more than $30 million in voluntary cyber defense support to Ukraine. He previously served as J.P. Morgan Chase's Global CISO and Head of Global Cyber Partnerships, and spent 23 years in the U.S. Air Force, including as the National Security Council's Director for Cybersecurity.  
• Transatlantic Reset: Private Sector Diplomacy & Digital Trust with Sébastien Garnault 24.03.2026 35m

  Overview Transatlantic cyber cooperation is being tested by political strain, regulatory divergence, and competing ideas about sovereignty, trust, and market access. In this episode of Cyber Focus, Sébastien Garnault argues that if the United States and Europe want to keep working together on security, they need to move quickly to make that cooperation practical, especially in critical infrastructure and digital markets. Speaking from a French private-sector perspective, Garnault makes the case that governments alone may not be able to repair or sustain that cooperation at the speed the moment requires. He points instead to private-sector partnerships, shared market incentives, and clearer language around security standards as possible ways to keep the transatlantic relationship workable even when public-sector trust is under pressure. The conversation also explores how Europe and the United States differ on clean versus trusted technology stacks, how threat perceptions shape national requirements, and how privacy, AI, and data localization debates can either strengthen or complicate cooperation. The conversation was recorded on February 11, 2026. Main Topics Covered Private-Sector Cooperation as a Strategic Bridge: Why Garnault believes business-to-business cooperation may move faster than government-to-government diplomacy when trust is strained. Clean Stack vs. Trusted Stack: How U.S. national-security thinking and EU market-standard thinking create different paths for defining who can participate in secure digital markets. Threat Perception and Market Access: How geography, history, and national priorities shape security requirements across Europe and affect access to critical infrastructure markets. Trust, Sovereignty, and the Transatlantic Reset: Why Garnault sees damaged trust as a real obstacle, and why he argues for a reset rather than a rupture in U.S.-European cyber cooperation. Privacy, AI, and Data Localization: How French and European views on privacy, regulation, and AI governance differ from those in the United States, and why those differences matter for security and interoperability. Key Quotes "Maybe what we've done in the last decade and what we will do in the next decade don't belong from government but belongs to us." — Sébastien Garnault "We can do a reset; we cannot afford a reboot." — Sébastien Garnault "The damages that have been done in our trust, mutual trust, are very deep. So we need to fix it quickly." — Sébastien Garnault "The best way for us to cooperate with our allies is to use the market because the market is less political than national security." — Sébastien Garnault "From my standpoint, the glue that binds us together is much greater than anything that can tear us apart." — Frank Cilluffo Links/Resources CyberTaskForce: https://www.cybertaskforce.fr/ Paris Cyber Summit: https://www.paris-cyber-summit.com/ Guest Bio Sébastien Garnault is the founder of the CyberTaskForce and president of the Paris Cyber Summit. He joined Cyber Focus while in Washington leading a French delegation meeting with U.S. policymakers, industry leaders, and other decision-makers, and spoke in a private-sector capacity rather than on behalf of the French government.  
• Keeping the Lights On in the AI Era with DOE's Alex Fitzsimmons 17.03.2026 38m

  Electricity demand is surging—and DOE's Alex Fitzsimmons argues that the country's ability to "keep the lights on" is now inseparable from how fast we can expand energy infrastructure, how we manage affordability, and how seriously we treat security. In this conversation with Frank Cilluffo, Fitzsimmons, the Acting Under Secretary of Energy and Director of the Office of Cybersecurity, Energy Security, and Emergency Response (CESER), frames "energy dominance" as a practical governing problem: meet rapid load growth (including from AI and data centers), avoid reliability shortfalls, and do it in a way that doesn't push unacceptable costs onto everyday Americans. Main Topics Covered AI- and data center-driven demand growth Affordability and "ratepayer protection" Resource adequacy and reliability risk OT security and critical infrastructure stakes Supply chain risk and security vs speed Key Quotes "Privacy, data breaches, all of these things are important. They matter. They matter. But OT matters more. Keeping the lights on matters more." — Alex Fitzsimmons "These tech companies recognize that for their technology to be politically and economically viable, that the American people cannot be shouldered with the burden of new data centers." — Alex Fitzsimmons "We were set to lose 100 gigawatts of reliable dispatchable generation by 2030, at the same time that we may need to build 100 gigawatts of generation and associated infrastructure to win the AI race." — Alex Fitzsimmons "We have to [build supply] securely. So we can't sacrifice security for speed." — Alex Fitzsimmons "[AI-FORTS] is focused on 3 things: secure the energy system from AI, secure it with AI, and secure the AI itself." — Alex Fitzsimmons Relevant Links and Resources DOE's CESER Office DOE's Genesis Mission  DOE 2025 resource adequacy report NERC; RTOs and ISOs (mentioned in the episode; link not provided) Guest Bio Alex Fitzsimmons serves in the Trump Administration as the Acting Under Secretary of Energy at the U.S. Department of Energy (DOE), where he spearheads DOE's energy dominance mission and oversees a broad portfolio of offices advancing affordable, reliable, and secure energy for the American people. He also serves as Director of DOE's Office of Cybersecurity, Energy Security, and Emergency Response (CESER), leading efforts to safeguard the nation's energy infrastructure against evolving cyber and physical threats and strengthen resilience across critical energy systems.
• Deterrence and the New Cyber Strategy with White House National Cyber Director Sean Cairncross 12.03.2026 33m

  Cyber deterrence has long lagged behind the threat. In this special episode of Cyber Focus recorded on March 11, 2026, White House National Cyber Director Sean Cairncross argues that the United States can no longer afford a posture built mainly around resilience and response while adversaries, criminal groups, and state-backed proxies operate at low cost and low risk. He presents President Trump's new National Cyber Strategy as an effort to change that calculus by aligning government policy, offensive and defensive capabilities, industry partnership, and international coordination around a more forward-leaning approach. The conversation walks through the strategy's six pillars, from shaping adversary behavior and streamlining regulation to modernizing federal systems, securing critical infrastructure, protecting U.S. technological advantage, and expanding the cyber workforce. Cairncross emphasizes a core theme throughout: private companies should not be left to fend for themselves against foreign intelligence services and military-linked actors, and government must do more to impose cost, remove friction, and support practical security outcomes. Main Topics Covered Cyber deterrence and imposing costs on adversaries Public-private partnership and smarter regulation Federal modernization and procurement reform Critical infrastructure resilience AI, post-quantum policy, and cyber workforce development Key Quotes "Resiliency is great, but resiliency…implies that you're taking hits." — Sean Cairncross "There is a lot that can be done to deny [bad cyber actors] the benefits of their activity, to make life harder for them online and to deny them safe haven." — Sean Cairncross "I think if you get hit by a foreign adversary, for the USG to turn around and point a finger at you is essentially shifting blame… It's not going to succeed unless both sides of that coin are working together and being collaborative." — Sean Cairncross "We can work on procurement speed. We can work on technological innovation and adopting that technology much more quickly than we have." — Sean Cairncross "This [low-cost, high-reward incentive structure for malicious cyber actors] has been allowed to go too far and get too far out of whack ... and we need to reset that." — Sean Cairncross Relevant Links and Resources President Trump's National Cyber Strategy Cybercrime executive order signed the same day as the strategy Post-quantum policy / "PQC" executive order or action under development Guest Bio Sean Cairncross is the White House National Cyber Director, serving as the principal adviser to the president on cyber policy matters. Before taking this role, he served in the Trump White House as deputy assistant to the president and senior adviser to the chief of staff. He also served as CEO of the Millennium Challenge Corporation and has held senior leadership roles in politics, government, and strategic consulting.
• The Cyber Dimension of the Iran Conflict with Cynthia Kaiser & Mark Montgomery 10.03.2026 35m

  Cyber is now woven into modern conflict, alongside conventional military force. In this episode, Frank Cilluffo examines how that shift shapes the threat from Iran—especially the risk of cyber retaliation aimed at U.S. critical infrastructure, U.S. businesses, and public confidence. Rear Admiral (Ret.) Mark Montgomery of the Foundation for Defense of Democracies brings a strategic and military lens to the discussion, explaining how cyber is being built into conflict planning alongside kinetic operations. Cynthia Kaiser, a former FBI cyber leader now with Halcyon, brings an operational view of how Iranian cyber activity can create disruption, spread fear, and produce real effects even without the sophistication of China or Russia. Main Topics Covered Cyber as an integrated warfighting tool Iran's cyber posture and likely retaliation paths Critical infrastructure and OT vulnerabilities Disruption, fear, and information effects Gaps in U.S. civilian cyber defense Key Quotes "They're not at the level of capability as Russia and China, but that's almost irrelevant. They've got a drive-by shooting capability." — Frank Cilluffo "We're seeing cyber integrated at the front end of planning. It's not cyber only or cyber as an afterthought, but it's cyber as an integrated element." — Mark Montgomery "The vast majority of our critical infrastructure doesn't have a shield."— Mark Montgomery "[Iran is] really one of the world's most malicious and capable cyber actors. They're not necessarily as good as China or Russia, but they don't need to be to have an effect." — Cynthia Kaiser "The point's the fear. The point's the chaos. And the point is the internal messaging for their own people—to say we did something in retaliation." — Cynthia Kaiser Relevant Links and Resources Foundation for Defense of Democracies Halcyon Ransomware Research Center NSA Cybersecurity Collaboration Center Guest Bio Mark Montgomery is a senior fellow at the Foundation for Defense of Democracies and former executive director of the Cyberspace Solarium Commission. He brings deep experience in cyber strategy, defense policy, and national security planning. Cynthia Kaiser is a senior cyber executive at Halcyon and a former FBI leader with extensive experience in cyber investigations and ransomware response. She brings an operational perspective on Iranian cyber activity, disruption campaigns, and cyber risk to critical infrastructure.  
• The Regulatory Shift: How CIRCIA and NIST are Redefining Cyber Defense with Sara Friedman 03.03.2026 26m

   Cyber incident reporting is about to become mandatory for much of critical infrastructure—and the details are where the fight is. On February 26th, Frank Cilluffo spoke with Inside Cybersecurity managing editor Sara Friedman about CIRCIA's proposed reporting rules, what industry says is overbroad, and why the 72-hour clock is hard in the real world. They also dig into overlap with other federal requirements, CISA's capacity to execute the rulemaking, and what "getting it right" means for public-private trust. The conversation then pivots to NIST, AI agent standards, and how Washington is balancing innovation, security, and competitiveness. Main Topics Covered What CIRCIA is designed to do. Who's covered and what counts as reportable. The practical challenge of determining incident facts within 72 hours. Duplication concerns across rules, including SEC cyber disclosure timelines. Whether CISA has the staffing and leadership capacity to deliver. NIST's role in AI agent standards and broader cyber "rules of the road." Key Quotes "CISA was supposed to have voluntary partnerships… And with this new role, CISA is moving into more of a regulator role." —Sara Friedman "This rulemaking, when it was put out, it's over 400 pages. There's a lot in there." — Sara Friedman "House Homeland Security Chairman Andrew Garbarino threatened to, if the rulemaking does not meet congressional intent…to potentially roll this back." — Sara Friedman "When there's a large attack on critical infrastructure, it just seems to wake up lawmakers in some ways that they need to be able to do something." —Sara Friedman "They've shed about a third of their workforce…One of the questions is, does CISA have the capacity that they need for this rulemaking and to do it effectively? —Sara Friedman Relevant Links and Resources CIRCIA town halls scheduled for March: https://insidecybersecurity.com/share/17759 When the CIRCIA NPRM was published: https://insidecybersecurity.com/share/15688 RSA 2024 panel on the rulemaking: https://insidecybersecurity.com/share/15832 NIST launches AI Agent Standards initiative: https://insidecybersecurity.com/share/17775 NIST AI security request for information: https://insidecybersecurity.com/share/17654 NIST work on an AI profile for the Cybersecurity Framework: https://insidecybersecurity.com/daily-news/stakeholders-weigh-ai-considerations-cybersecurity-nist-workshop-draft-framework-profile Guest Bio Sara Friedman is the managing editor of Inside Cybersecurity and has covered federal cybersecurity policy for years, including CIRCIA, NIST standards, and related rulemakings.
• Deepfakes & Laptop Farms: How Nation-States Infiltrate the Defense Supply Chain with Luke McNamara 24.02.2026 26m

  Cyber threats against the Defense Industrial Base (DIB) don't stop at the battlefield—they extend into suppliers, perimeter devices, and even hiring pipelines. Luke McNamara of Google's Threat Intelligence Group joins Frank Cilluffo to unpack Mandiant's report Beyond the Battlefield: Threats to the Defense Intelligence Base and the patterns it flags across today's threat landscape. They discuss how the war in Ukraine is shaping targeting priorities, why China's cyber espionage increasingly begins at the network edge, and how "fast follower" exploit cycles compress patch timelines. McNamara also explains the North Korean IT worker problem, where remote hiring fraud can create both revenue and potential access pathways. The takeaway for mid-sized defense suppliers is practical: harden identity, reduce perimeter exposure, and assume meaningful risk often starts outside traditional corporate visibility. Main Topics Covered Why manufacturing remains a top target and a warning sign for broader supply-chain risk How the war in Ukraine is influencing cyber targeting tied to drones and UAS ecosystems China's focus on edge-device compromise (VPNs, routers, email gateways) and why it matters The "fast follower" dynamic that turns one vulnerability into many intrusions North Korean IT worker operations, remote hiring fraud, and AI-enabled deception The highest-leverage defensive priorities for DIB organizations, especially identity and MFA Key Quotes "Manufacturing is always the most targeted sector going back to 2020. And I think that's a larger canary in the coal mine." ­­— Luke McNamara "It's not just some of these top-tier Chinese APT actors and their ability to leverage these as a zero-day, but the ability for secondary groups, once some of the details leak around a particular vulnerability, to start weaponizing it themselves." — Luke McNamara "If I had to narrow it down to one category to put more resources to, I would say identity…hardening around the identity piece is certainly key." — Luke McNamara "Organizations that are more aware of [the North Korean IT worker infiltration], where the security teams have met with their HR folks, their recruiters, helped inform them about the nature of these threats, I think they're a little bit better secured." — Luke McNamara "It sounds more like a movie than reality, but it's happening." — Frank Cilluffo Relevant Links and Resources Mandiant report — Beyond the Battlefield: Threats to the Defense Intelligence Base Mandiant podcast — Defenders Advantage Guest Bio Luke McNamara is a Deputy Chief Analyst at Google Cloud's Mandiant Intelligence and part of Google's Threat Intelligence Group, focused on cyber threat trends and emerging risks.
• Botnets, Edge Devices, and AI: Inside Forescout's Threat Findings with Daniel dos Santos 17.02.2026 32m

  A new wave of cyberattacks is being routed through everyday devices—and defenders can't rely on old assumptions about geography or "known bad" infrastructure. Daniel dos Santos, VP at Vedere Labs (Forescout), walks through findings from their 2025 Threat Roundup, drawn from a global network of hundreds of honeypots and decoy systems. The conversation focuses on why web-facing systems and edge devices have become prime targets, how attackers hide inside cloud and ISP-managed networks, and what defenders can do earlier in the kill chain. Dos Santos also explains why many exploited vulnerabilities never appear on CISA's KEV list—and how security teams should think about patching and risk anyway. Main Topics How honeypots reveal attacker intent across IT, IoT, and OT environments. Why attacks increasingly come from ISP-managed networks and consumer devices. Cloud and "benign" services used to blend in and evade traditional filters. Why distributed botnets weaken country-based blocking for defenders. The rise of web-facing exploitation and the shift away from stolen passwords. Edge devices, OT exposure, and why "discovery" dominates post-breach activity. Key Quotes "We have hundreds [of honeypots] throughout the world. Some of them are simulations… Some of them are real devices… we expose them with the intention of seeing them attacked." — Daniel dos Santos "Home routers, but also home IP cameras or doorbells or solar inverters or…whatever it is that you have in your house that might be exposed to the internet and might be vulnerable can be these days recruited into a botnet." — Daniel dos Santos "Attackers…have figured out that when you find a zero-day in a popular router or a popular firewall or a popular VPN appliance, you can really go against thousands and thousands of organizations." — Daniel dos Santos "With one zero-day or one critical exploit, you can compromise thousands of organizations today." — Daniel dos Santos "But what we do see in the signals that we see there and what we present in the report is that there is a whole world of vulnerabilities being exploited." — Daniel dos Santos Relevant Links and Resources https://www.forescout.com/research-labs/2025-threat-roundup/ https://www.forescout.com/blog/anatomy-of-a-hacktivist-attack-russian-aligned-group-targets-otics/ About the Guest: Daniel dos Santos is the VP of Research at Forescout Research — Vedere Labs, where he leads a team of researchers that identifies new vulnerabilities and monitors active threats. He holds a PhD in computer science, has published over 35 peer-reviewed papers, has found or disclosed hundreds of CVEs — and is a frequent speaker at security conferences.
• Storms, Cyber, and the Fight to Keep the Lights On with Scott Aaronson 10.02.2026 45m

  Grid resilience has become a test of whether the U.S. can keep essential systems running through disruption—and recover fast when they don't. In this episode, Frank Cilluffo talks with Scott Aaronson about how the electric power sector plans for and responds to an "all-hazards" landscape, from major storms to cyber and physical attacks. Aaronson explains why the grid is a "network of networks" with a huge attack surface but few true single points of failure, and how mutual assistance became a national-scale capability. They also dig into interdependencies across "lifeline" sectors, the practical reality of IT/OT differences, and why surging demand—from AI and data centers to EVs and reshoring—raises urgent reliability and supply chain questions. Main Topics Covered Why electricity is consumed the moment it's produced—and why balance matters. How mutual assistance evolved from bilateral help to national-scale response. Lessons from severe weather events, including what makes ice storms uniquely hard. The IT vs. OT gap, and why operational tech changes the cyber playbook. Interdependencies: why adversaries can hit electricity by targeting other sectors. Rising demand and the push to rebuild domestic manufacturing capacity for grid equipment. Key Quotes "Electricity is the only commodity that is consumed at the moment it is produced." – Scott Aaronson "[Power companies] are competitive in some ways, but we are completely non-competitive when it comes to security, when it comes to resilience, when it comes to response and recovery." – Scott Aaronson "I don't really care if it is a storm or a pandemic or a cyber or physical attack or the zombie apocalypse… The impact is what matters." – Scott Aaronson "The adversary is not attacking the electric sector. They are attacking the United States." – Scott Aaronson "The first 72 are on you… Have food, have water, have a plan, be prepared. The cavalry is coming." – Scott Aaronson "Regulations are great, but they are a foundational level of security… if you mandate… a 10-foot fence… the adversary brings a 12-foot ladder." – Scott Aaronson Relevant Links and Resources Edison Electric Institute (EEI) Electricity Subsector Coordinating Council (ESCC) CRISP (Cyber Risk Information Sharing Program) STEP (Spare Transformer Equipment Program) ESF-12 (Emergency Support Function 12 – Energy) About the Guest Scott Aaronson is Senior Vice President for Energy Security and Industry Operations at Edison Electric Institute (EEI) and Secretary of the Electricity Subsector Coordinating Council (ESCC), serving as a key industry-government liaison on power-sector security and preparedness.
• How Apple's iPhone Supply Chain Built China into a Manufacturing Superpower with Patrick McGee 03.02.2026 42m

  Supply chains are essential infrastructure—and the iPhone's supply chain sits at the center of U.S.–China competition. As Washington reassesses economic security, this episode explores what it looks like when market incentives collide with geopolitical reality. Frank Cilluffo speaks with Patrick McGee, author of Apple in China, about his reporting on Apple's deep manufacturing reliance on China—and what that reveals about leverage, resilience, and risk. They explore how industrial capacity is built through repetition, why diversification is harder than headlines suggest, and how concentrated production creates choke points that can ripple far beyond consumer tech. The result is a clear, practical case study in why supply chains matter for critical infrastructure, national security, and long-term competition. Main Topics Covered How "learning by doing" powered China's rise in high-end electronics manufacturing The "epic transfer of technology" behind Apple's scale and China's supply-chain competence Xi Jinping's post-2013 pressure campaign and Apple's strategic recalibration in China Why supply-chain diversification is slower than headlines suggest, especially in India The "red supply chain" and how Apple suppliers became capability multipliers Taiwan/TSMC as a single-point-of-failure risk—and the AI chip-export debate it echoes Key Quotes "China isn't dependent on Apple in the way that Apple is inarguably dependent on China. My big worry in a certain sense is that the student has become the master." — Patrick McGee "If you just take the $55 billion that they invested in 2015 alone, which was 22% of revenue … and just go from let's say the birth of the iPhone 2007–2025, you're talking about a trillion dollars that Apple's invested in China." — Patrick McGee "None of those phones are really being made in India, they're just being assembled there. The joke that one manufacturing design engineer told me was that the phones are assembled in China, disassembled in China and sent to India for reassembly." — Patrick McGee "Our narrative is essentially that Apple exploits Chinese workers. In a certain sense, that's the only narrative about Apple in China we've had in the past two decades. And I flip that on its head…[China is] getting more out of the relationship. It's a story about China exploiting Apple. — Patrick McGee "I think there still is a mindset that China is an imitator, not an innovator. I think we should recognize that… is not the case." — Frank Cilluffo Relevant Links and Resources Apple in China (Patrick McGee's book) McCrary Institute' Code Red report on "Typhoon" threat actors (Vault/Salt/Flax) Anthropic's Dario Amodei's essay: "The Adolescence of Technology" Guest Bio Patrick McGee is a Financial Times journalist and the author of Apple in China, covering geopolitics, technology, and global supply chains.
• AI, Critical Infrastructure, and Cascading Failures with Madison Horn 27.01.2026 38m

  Madison Horn joins host Frank Cilluffo to explain why AI-driven cyber risk may be quieter, faster, and harder to spot in 2026. She breaks down "cascading failures" in critical infrastructure—and how a disruption in one sector can quickly ripple into others. The conversation zeroes in on AI agents, especially their ability to create new user accounts, get access to systems, and hide inside everyday routine activity. Horn also warns that AI supply chain weaknesses could spread faster than traditional zero-days.   Main Topics Covered  Why AI-enabled attacks may look like normal business activity.  Cascading failures across water, power, telecom, and healthcare systems.  AI agents creating identities and operating with "human-like" access.  Why "AI supply chain" risk could eclipse zero-day exploits.  "Slow and steady" AI adoption for critical infrastructure operators.  Why quantum planning should happen alongside today's AI rollouts.   Key Quotes "Within critical infrastructure… water needs electricity, electricity needs telcos, and healthcare needs all three." —Madison Horn "Hackers are lazy. And I mean that not to be offensive, but if you can reach your objective, reaching the lowest hanging fruit, then you're going to." —Madison Horn "Attacks are not going to look as restricting and as loud. I think it's going to look just like business as normal until we see [impacts] in the physical world." — Madison Horn "What I worry about is people assuming and trusting that an AI tool is doing what it's supposed to and not necessarily understanding or being able to detect that it's doing something malicious." — Madison Horn "I just don't want quantum to get lost into the AI conversation." — Madison Horn Relevant Links and Resources Madison Horn's 2026 predictions (Nextgov) About the Guest  Madison Horn is the national security and critical infrastructure chief advisor at World Wide Technology, with 15+ years leading cyber strategy and incident response in high-consequence, regulated environments. She previously held senior roles at Siemens Energy, PwC, and Accenture Security, and founded Roserock Advisory Group focused on cybersecurity and geopolitics.