Afternoon Cyber Tea with Ann Johnson

Episode: Code War with Allie Mellen
Date: March 17, 2026
Guest: Allie Mellen, Principal Analyst & Author of "Code War"
Host: Ann Johnson, Corporate Vice President and Deputy Chief Information Security Officer at Microsoft

Episode Overview

This episode features a conversation between Ann Johnson and Allie Mellen, whose new book “Code War: How Nations Hack, Spy, and Shape the Digital Battlefield” explores the intersection of cyber conflict, geopolitics, and the practical realities CISOs face today. Together, they discuss the myths and realities of nation-state cyber warfare, its historical roots, how cyber activity reflects national cultures, ongoing AI-driven transformations, and what security leaders and organizations should focus on amid evolving cyber threats.

Key Discussion Points & Insights

1. The Premise and Motivation Behind "Code War"

• Historical Context and National Identity:
  Allie Mellen explains,

  “Ultimately, what Code War is about is... the intersection of cybersecurity and geopolitics. ...how the histories of Russia, China, and the United States have led to the way that they use cyber attacks and defenses against other nation states and their citizens.”
  —Allie Mellen [01:42]

• The Reality Over PR:
  Citing Richard Feynman, Mellen underscores that,

  “For a successful technology, reality must take precedence over public relations, for nature cannot be fooled. ...Without a real world impact, without a real world purpose and meaning, cyber attacks and defenses by nation states… they're motivated by something that every person can understand, by some element of national power, whether that's diplomatic, economic, military, or resource related.”
  —Allie Mellen [02:56]

2. Cyber Conflict is Not Mystical—It’s Practical

• Myth-busting the Idea of 'Specialness':
  Mellen deconstructs the notion that only large organizations are targets:

  “Honestly, it remains that these attacks won't happen to [small businesses]... Notpetya as a great example... started with this tax document software created by this company, Intellect Service, which was a small family owned Ukrainian company… The supply chain is everything.”
  —Allie Mellen [05:02]

• Ann Johnson adds:

  “I do think that a lot of folks, when they think about nation state actors, they think that they're going to attack the largest companies in the world…In reality, they're not always there. They often find the softest targets to make a point.”
  —Ann Johnson [06:31]

3. How Culture Shapes Cyber Operations

• Variations by Nation:
  Mellen explains nuanced national approaches:
  • The US: Focus on clandestine, quiet operations.
  • Russia: Bombastic, attention-seeking attacks, driven by internal power dynamics.
  • North Korea: Cyberattacks mainly for resource gathering (e.g., cryptocurrency theft) because traditional sanctions are maxed out.
  • China: Heavy censorship resulting in hackers needing to use external boxes or third countries (e.g., Malaysia) to operate.

  “So it's fascinating to see the workarounds that they have to do in order to make it work, especially when put in the context of the geopolitical presence that they have.”
  —Allie Mellen [09:56]

4. CISO Priorities in the Age of Nation-State Activity

• When Should CISOs Worry About Nation-State Threats?

  “If there was a moment to be worried about nation state cyber attacks, geopolitical risk, that moment is now. ...The collateral damage of more offensive nation state activity is inevitably going to be the private sector.”
  —Allie Mellen [10:52]

• Advice to CISOs:

  “Every organization should be holding regular meetings on geopolitical risk and the geopolitical threat landscape…While you may not be a target today, you could be a much higher priority target tomorrow because of what's happening on the geopolitical stage.”
  —Allie Mellen [13:22]

5. AI and the Accelerating Digital Battlefield

• AI Risks: Powerful States or More Numerous Threats?

  “I'm starting to see the tide turn here. I am definitely more worried about AI empowering highly capable cyberpowers… Whoever gets to [AI-augmented cyber] first is going to have a significant advantage.”
  —Allie Mellen [14:52]

  • Reference: Chinese threat actors attempting to automate multiple attack phases using AI.
  • The innovation race: LLMs can enable attackers to develop dynamic, adaptable malware with less manual effort.
• Signal Monitoring for Leaders:
  Organizations must track:
  • Research by model providers about how their AIs are abused [17:55]
  • Policy signals (e.g., US cyber strategy emphasizing offense)
  • Breaking geopolitical events as early indicators of shifting threat levels

  “The other factor is definitely just what is the situation in the world? What new conflicts have broken out. Those are the signals that are gonna make a difference.”
  —Allie Mellen [19:37]

6. Historical Echoes and Lessons for Leadership

• Linking Old and New Attacks:
  Mellen shares:

  "In every chapter of the book, I start with a historical example and then show how it ties through. ...For example… attacks on US Elections are strongly related to Edgar Allan Poe and his death..."
  —Allie Mellen [20:31]

• Edgar Allan Poe and Voter Fraud (“Cooping”):

  “[Cooping] was where people were kidnapped and forced to vote multiple times... In the book, I take this example and tie it into a lot of the challenges that we saw in the 2016 and 2020 US elections.”
  —Allie Mellen [22:30]

7. Optimism for the Cybersecurity Future

• Community, Creativity & Mission-Driven Work:

  “For me, it ultimately comes back to the community that we have in cybersecurity and the people... As we see tech evolve, as we see AI evolve, what we're seeing is a group of people that are very dedicated to making the best out of this and making sure that technology is used in a safe, responsible way and a secure way.”
  —Allie Mellen [24:59]

Notable Quotes & Memorable Moments

• “Cyber attacks are another tool at a nation's disposal. They are not the only tool, they're not the most important tool, but when they're used well, they can be really effective…”
  —Allie Mellen [04:19]

• “Cyber activity reflects national identity... so much of the success of the cyber attacks nation states perpetrate is based on the coordination that they have between different branches of the military.”
  —Allie Mellen [08:31]

• “We are at an inflection point right now. Russia's war in Ukraine has evolved hybrid warfare and shown just where it can and cannot be effective.”
  —Allie Mellen [11:36]

• “It's not a book about panic, it's a book about clarity.”
  —Ann Johnson [26:44]

Timestamps for Key Segments

• [01:42] - Allie explains the thesis behind "Code War"
• [05:02] - Supply chain as entry point; NotPetya example
• [07:10] - Cultural distinctions in cyber operations (US, Russia, China, North Korea)
• [10:52] - Nation-state risk: relevant now more than ever
• [13:22] - Practical CISO advice: regular geopolitical threat meetings
• [14:52] - AI: biggest risk is capable states harnessing AI for attacks
• [17:55] - What signals should leaders watch for? AI threats & shifting rules
• [20:31] - Surprising history—Edgar Allan Poe and voter fraud’s modern cyber parallels
• [24:59] - What keeps Allie optimistic: community and collaboration in cybersecurity

Resources & Further Engagement

• "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield" — Available wherever books are sold.
• Allie Mellen on Substack: "The Latest Breach"
• LinkedIn: Allie welcomes connections and feedback.

This episode provides a timely, accessible, and practical exploration of nation-state cyber conflict through historical, cultural, technical, and leadership lenses, equipping cyber leaders with much-needed clarity—and just a bit of hope—amid growing uncertainty.