Cybersecurity Headlines — Department of No: Easterly Helms RSAC, Third Party Apps Report, Self-Poisoning AI

Date: January 20, 2026
Host: Sarah Lane (A)
Guests: Dmitry Sokolovsky, SVP Information Security, Semrush (B); Nick Espinosa, Host, Deep Dive Radio Show (C)
Theme: Security leadership roundtable on recent cybersecurity stories: AI’s hallucination risks, the evolution of ransomware methods, offensive cyber operations, Jen Easterly’s move to RSAC, third-party data access, and “poisoning” AI models.

Main Theme/Purpose

This episode of the Department of No tackles the top cybersecurity news stories that leaders need to know about right now, focusing on:

• Major data breaches and third-party risks
• AI system failures and emerging threats
• The evolution of ransomware tactics
• The shifting landscape of cyber offense, including public-private partnerships
• Leadership strategies for CISOs in a rapidly changing environment

The panel critically weighs which incidents merit action versus which are merely “noise,” and ends with practical advice for security leaders.

Key Discussion Points and Insights

1. JP Morgan/Freed Frank Data Breach: Old News or Critical Alert?

• Summary: Another financial-sector data breach tied to vendors.
• Nick Espinosa (02:02): Downplays its novelty:
  "This is par for the course. Everybody knows these... unless you’re working with or are a client of JP Morgan, in which case you’re probably having a bad week. We could skip this one."
• Dmitry Sokolovsky (02:21):
  Advises a quick due diligence check:
  "Maybe legal, maybe finance, let’s just make sure there’s no connection we need to follow up on. Other than that, I don’t think so."

2. AI Copilot Hallucination Creates Fake Soccer Threat (03:00)

• Story: UK police considered banning fans based on a non-existent match generated by AI “hallucination.” Microsoft disclaims responsibility.
• Dmitry Sokolovsky (03:15):
  "That’s definitely a no with a K. We definitely want to be checking whenever we do use AI systems... Someone should at least glance at it."
• Nick Espinosa (03:42): "This is a governance failure masquerading as an AI mistake. The hallucination itself isn’t news, but what’s unacceptable is the uncontrolled insertion of generative output into an intelligence product with real world consequences... That’s a shared responsibility."
• Memorable moment (05:45):
  "It’s like the stoner kid in the back that’s now doing dissertations on 7th century poetry. Dude. Using ChatGPT. Come on. Let’s use some common sense here."

3. Ransomware Gang ‘Deadlock’ Uses Blockchain C2 (05:58)

• Story: Ransomware gang hides control channels in Polygon smart contracts, making shutdown nearly impossible.
• Nick Espinosa (06:24): "This is a no with a K by far... Blockchain as C2 is genius. They’re globally accessible, super resilient to takedowns. This looks like evolution and maturity. I hate this. But it’s brilliant."
• Dmitry Sokolovsky (07:14): "Totally agree. This is next level strategic thinking—we’d expect it from governments, but bad actors are using it... Requires in-depth thinking; this evolution is here to stay."
• Discussion (08:21):
  • New detection models, potential for ‘white networks’ and stricter trust boundaries raised.
  • Traditional responses (ISP collaboration, IP blocking) largely ineffective.
• Nick Espinosa (09:19): "You lose traditional response tactics. Indicators age out quickly. We just have to go back to the drawing board. It’s brilliant, and it sucks."

4. Expanding Offensive Cyber Ops to Private Sector (09:55)

• Story: US considers permitting private sector to conduct offensive cyber-operations.
• Nick Espinosa (10:29): "We need to talk about what cyber warfare means. Offensive cyber ops aren’t just technical—this is about intertwining state power with the private sector... Should remain under direct control. If we’re going to do this, it would need an insanely tight legal framework."
• Dmitry Sokolovsky (11:45): "Our cyber surface is hundreds of times larger than our physical one. The government can’t catch up... If it’s at the economic level—they’re counting on this becoming a massive booster for the US... I love this news." "Controls...are for sure, but we also know they’re not going to work as designed...I’m just excited this is finally becoming important enough to come up to this level."
• Dynamic exchange (13:16):
  • Nick: "My fear is it’s going to go off the rails...letting operators off their leash probably isn’t a bad thing, but the creep will be profound."
  • Dmitry: "It is a large part of Israeli GDP. Why can’t it be ours?"

5. Jen Easterly Appointed CEO of RSAC (16:37)

• Story: Top US government cybersecurity official moves to lead largest security conference.
• Dmitry Sokolovsky (16:45): "Perfect person...her experience running offensive and defensive operations—she knows what we face in the next 5–20 years of cyber war. If I wanted someone to run this communication hub, I couldn’t pick better. Bravo. This is amazing."
• Nick Espinosa (17:49): "Think about RSAC. It’s not just an event organizer, it’s a platform that shapes the narrative of our industry. Appointing Easterly signals much more policy and geopolitics awareness...she’ll influence our entire ecosystem."
  "She’s deeply respected...she’s going to do a great job."
• Challenges:
  • US government agencies banned from participation; raises issues about industry-government collaboration versus politicization.
  • Both panelists agree Easterly could act as a valuable diplomatic buffer.

6. Third-Party Apps Overreaching on Sensitive Data (23:36)

• Story: 2/3 of third-party web apps access sensitive data without justification; up sharply from prior years.
• Dmitry Sokolovsky (24:13): "You probably got the number too low. It’s probably higher...It’s an indication we, as a society, don’t see this for what it is...Don’t have the perception of how much is out there."
  "Five, ten years from even trying to solve this problem."
• Nick Espinosa (25:18): "Clearly a governance failure. Not a malware problem...the real issue is unjustified access. Why does this vendor have all this data at all? Most organizations are less mature at mapping what third-party scripts are accessing, and validating business purposes."
• Advice (27:15):
  Dmitry: "It is on us, the customers, to also get really involved into who has access to our data and why...not just the third party’s fault." Nick: "It’s not the infrastructure’s fault—it’s the absence of governance around the tool."

7. “Poison Fountain”: Poisoning Data for AI Model Training (29:04)

• Story: Activist group encourages admins to add URLs designed to sabotage AI model training (“data poisoning”).
• Nick Espinosa (29:44): "Poison Fountain isn’t showing us anything new—they’re weaponizing a well-known vulnerability...you just need to inject enough poison content to create bias or degrade reliability. It’s cheap, super easy, and super hard to detect." "It’s not about prompt injection, it’s about poisoning the upstream data...delayed, subtle effects."
• Dmitry Sokolovsky (31:28): "I just see the overlord, AI overlord coming...these people are going to be in trouble."
• Risks to Trust:
  Sarah Lane (31:37):
  "People are already saying, 'I don’t know, you can’t trust it.' Well, now you really won’t be able to."
• Nick Espinosa (32:51): "Intent is to poison the well, not just spread demonstrably false information, but make AI output garbage...it gets shut down."

Notable Quotes & Memorable Moments

• On AI Hallucinations:
  Nick (05:45): "It's like the stoner kid in the back that's now doing dissertations on 7th century poetry. Dude. Using ChatGPT. Come on..."

• On Ransomware Tactics:
  Nick (06:24): "Blockchain as C2...it's brilliant and I hate it."

• On Offensive Cyber:
  Nick (10:29): "We are talking about intertwining essentially state power with the private sector."

• On Governance Failures:
  Nick (25:18): "It's not mainly about compromises...It's a fundamental shift from 'Are we breached?' to 'Why does this vendor have all this data at all?'"

• On Jen Easterly at RSAC:
  Dmitry (16:45): "If I wanted someone to run this communication hub...I'd try and find a colonel that ran this on my side in the army. I could not find a better person to put there. Bravo. This is amazing."

• On AI Data Poisoning:
  Nick (31:53): "Retraining an AI is going to be so super expensive...This is actively encouraging adversarial, most likely criminal, probably criminal behavior, and it normalizes offensive manipulation."

• Advice for CISOs:
  Dmitry (34:45): "Check your sources. When you get that ChatGPT dirty first draft—read it, really read it, and then use it." Nick (34:57): "Learn nerd-to-English translation...And, don't be the obstacle. A good CISO removes obstacles to let their people achieve."

Timestamps for Important Segments

• 00:11 — Priorities for the week (panel intros)
• 02:00 — JP Morgan vendor breach: 'Need to know, or just noise?'
• 03:00 — AI hallucination misleads police (governance implications)
• 05:58 — Ransomware gang hides C2 via blockchain
• 09:55 — US weighs private-sector offensive cyber – panel split
• 16:37 — Jen Easterly moves from CISA to RSAC
• 23:36 — Report on third-party apps' overreach; governance failures
• 29:04 — 'Poison Fountain' and AI model data poisoning
• 34:45 — Final advice for CISOs

Closing Advice & Takeaways

• AI and automation: Trust but verify. Human review is essential, especially for decisions with real-world impact.
• Evolving threat models: Traditional controls may soon be obsolete in the face of blockchain-enabled command-and-control or data poisoning attacks.
• Governance, not just tech: Many modern security challenges are fundamentally about appropriate controls, transparency, and enforcement—whether for vendors, AI, or cyber offensive operations.
• Leadership: Translation skills and removing barriers for your teams are key to CISO effectiveness in today’s environment.
• Industry changes: Moves like Jen Easterly’s to RSAC reflect the growing integration (and tension) between public-private spheres and the politicization of cyber defense.

For more details on the stories, visit CISOseries.com.
Next episode: Every Monday at 4pm Eastern. Join the live chat or catch up via podcast.