C (11:47)

So good, so good, so good.

A (11:50)

Give big, save big with rac. Friday deals at Nordstrom Racing. For a limited time, take an extra 40% off red tag clearance for a total Savings up to 75% off. Save on gifts for everyone on your list from brands like Vince Cole, Haan, Sam Edelman and more. All sales final and restrictions apply. The best stuff goes fast. So bring your gift list and your wish list to your nearest Nordstrom rack today. This message may be shocking to many millennials. If you are one, you might want to sit down. Right now, loads of people are searching the following on low rise jeans, halter top, velour, tracksuit, hookah shell, necklace, disc belt. You likely place these in the dark of your closet in 2004, never to be seen again. But if you can find it in yourself to dust them off, there are a lot of people who will give you money for them. Sell on depop, where taste recognizes taste.

B (12:54)

It is always my pleasure to welcome back to the show Tim Starks. He is a senior reporter at cyberscoop. Tim, welcome back.

C (13:00)

Howdy, Dave.

B (13:01)

Looking at your coverage about the defense cyber bill that, as we're recording this, recently passed. Overall good news for the administration, I suppose.

C (13:15)

Yeah, certainly if you're taking the broader defense picture, it's a lot of money in there. On the cyber front, I think there's a little, there are some pieces that would maybe be seen as bad news for the administration. One of them is that there are some language in there about mandating that the phones of senior personnel, the mobile phones that they have to meet certain kinds of cybersecurity benchmarks, which I think is rather easy to take as a response to Signal gate right now.

B (13:46)

It seemed, it struck me as being reactive.

C (13:48)

Yeah. Yeah. There's a little, a little reason to think that, you know, there was some debate about, about what kind of thing they might include about this. And this is actually stronger language than they had put in there. And it did come out, you know, they put out the final deal shortly after the IG report. That was not flattering to the administration on that front. I mean, the good news, I guess, is that for, for the administration, they'll have more secure phones if they follow, you know, if they, if they meet these obligations. So that's good. Another thing that it does that, you know, the administration has kind of backed away from this whole idea of separating the leadership of NSA and Cyber Command. But it's still something I think they like the idea of. And this puts some barriers in the way should they try to do that. So in that way said some bad news on the cyber front. There are some other things I think they'll probably be fine with. Things like making sure that there's artificial intelligence that is involved in the training, the cyber security training that key personnel do. So I think there's some things in there on cyber that I think are meaningful and that might be good for the administration in the long term, even if it's not the things that they wanted or asked for. There's some stuff in there that kind of seems to reinforce some of the things the administration has been wanting to do on keeping foreign components out of critical systems that's in there that Pete Hagsoth has talked about wanting to do. So I think there are some things that they're probably happy with.

B (15:09)

Is your sense that folks like Cyber Command and NSA pretty much got the funding that they asked for.

C (15:16)

It's always hard to tell because some significant percentage of it is classified. In the context of things they've been wanting to get over the course of the year, they've gotten some big boosts that we know of. So based on what we can know, there have been some big increases.

B (15:29)

Well, let's take a look at this past year as 2025 winds down. And I think I keep saying it's been a heck of a year. And that means, you know, for good and for bad, what's your. What's your sense as we wind down here? As you look back on this year, any overarching thoughts on where we land this year?

C (15:51)

Yeah, I think I'm with you on that. I think Time magazine would always make its most interesting, most most important person of the year. Didn't necessarily have to be a hero. So I think Hitler was the most the person of the year one year. Yes. Interesting times to say the least. You know, a lot of the things that jump out at me in terms of things I've covered, I can talk about some things my colleagues have covered, too, but the policy apparatus of things and what's been happening with the federal government, I feel like we're in a very unsettled period as of the end of this year in a lot of ways. One, we still don't have a leader of cisa, which is arguably the cyber agency. There's competition, of course, from things that the FBI does and things that the Cyber Command does. We do have a top person in the National Security Council. We do have a national cyber director, so it's not completely unsettled, but not having assistant director is huge. I think that agency has taken a step back in that sense because they've also dramatically reduced the number of personnel. They've cut major things that the department used to do, like election security. Even in some of the areas where there are things that are happening in this administration, they're still unsettled. I mean, we don't have a national cyber security strategy, although we probably will, to start the year. Those are things that have been worked on by this administration. The administration has been talking an awful lot about wanting to take it to the enemy in cyberspace. We haven't seen that really materialize yet. Maybe that will materialize after the cyber strategy is out. They've talked about wanting to protect federal cyber networks as part of that strategy. But talk to a lot of the people who are experts on data breaches and data security. And a lot of the things that this administration has done via, like the Department of Government efficiency, have arguably weakened the federal government's networks. Consolidating of databases, opening to data privacy using the satellite company that Elon Musk created, Starlink, that there's so many ways in which they might have. Might have weakened the federal cybersecurity posture. And so that on the policy side, I look at that, I think there's a lot that's been really unsettled. We still don't have CISA 2015 reauthorized for good. That's the Cybersecurity Information Sharing act, not to be used with the agency cisa. It's just been an awful lot of turbulence and turmoil and not, Not a lot you can point to and say these are concrete cybersecurity successes that the federal government has had some amount of that you might expect from the first year of an administration. Some of it very much stands out as being not at all like what we usually would see in a first year of an administration.

B (18:37)

Is it fair to consider it the first year of an administration when it's their second time around?

C (18:42)

Yeah. I mean, you would think that maybe they'd come in. One of the things that I remember writing a story last year when, when there was a, you know, we were looking at who might win the next. The next election. And I remember talking to some people who were a little optimistic, not everybody was to be sure about the idea that Trump would bring in people who, who. Who had more experience and knew how to operate right. In the first administration, they brought in a lot of people who weren't experienced in government. The idea of, you know, being disruptors and outsiders who are not going to do things the usual way, and that meant a lot of things they wanted to do, they probably didn't do as fast as they wanted because they didn't know how to work the bureaucracy. So there were people who thought, oh, this time they're going to bring in people who were in the first administration and we're going to get a better group of people who know how the federal government operates and therefore they're going to be more efficient and they're going to get more done. That doesn't seem to be the case.

B (19:36)

No, no. I mean, you mentioned Doge earlier and, you know, the notion of having Elon Musk come in with his metaphorical and on stage literal chainsaw rather than to work their way through the bureaucracy to try to shred it. And we see, I think it's fair to say ultimately that Doge certainly didn't achieve what they set out to do.

C (20:04)

Yeah. And I think, you know, I'm trying not to sound biased here. I'm a reporter. I mean, I think that there's been a certain amount of, you know, there's the old saying, measure twice, cut once. A lot of what the approach seemed to be here was measure not at all cut twice. Right. It was just sort of like everything and sort it out later. And so now you have things happening with this administration wanting to rebuild the tech personnel corps. They're talking about trying to get some more people into the Cyber Corps program that they've. That they. You know, I wrote a story this year about the Cyber Corps program, leaving a lot of people in that program in a lurch because they don't, you know, they're here they are. They've signed up for the program, they've gotten scholarship funding, and they have to repay that scholarship funding by doing service in the federal government, but those jobs don't exist. So it seems like they've kind of torn everything down and they're in the process of trying to maybe build some things back up. You question whether that's the right way to do it? Right? I mean, I think that's reasonable to question that.

B (21:05)

Yeah.

C (21:06)

You know, so. So, yeah, Doge has certainly disrupted. But. But have we gotten the next step in the theoretical benefit that you get from something like that, which is to build it back up stronger? And I don't think we can say that that's the case. And I think there are reasons to be skeptical, skeptical that that can happen. Because, you know, we talked about this recently as well, Dave, that the number of people, the kind of people who are going to work for the federal government, it's smaller now.

B (21:31)

Mm, yeah, yeah, I've said it. I. It's a hard time to be a good faith public servant these days. There's a lot of challenges, lots of sand being thrown in those gears.

C (21:45)

And the threat picture, you know, it feels like it never gets smaller. You know, it feels like what's threatening us doesn't ever go away and get, oh, no, it's all taken care of. Every year it seems like there are more and more threats and, you know, and different kinds of ways in which we're seeing threat actors get into these big targets. You know, if you think of some of the really big tech companies like Salesforce and Microsoft and all those companies had huge, huge amounts of breaches and cybersecurity problems this year that affect vast swaths of people because of who they're attacking. We're still seeing some fallout from Salt Typhoon and the Telecommunications act there. That just opened the window to much larger breaches and much larger access from cyber threat groups and foreign nations than we've ever seen before. So at a time when that's happening, we're seeing a very, very unsettled federal government.

B (22:41)

Tim Starks is senior reporter at cyberscoop. Tim, I have enjoyed our conversations throughout this year and I very much look forward to continuing it in 2026. Thank you, my friend.

C (22:52)

Listen, we're probably not gonna have anything to talk about because everything's gonna be fun.

B (22:57)

From your lips to God's ears, right? Is that the saying?

C (23:01)

All right, take care, Tim. Bye bye.

A (23:07)

Ford BlueCruise Hands Free highway driving takes the work out of being behind the wheel, allowing you to relax and reconnect while also staying in control. Enjoy the drive in blue cruise enabled vehicles like the F150 Explorer and Mustang Mach E available feature on equipped vehicles. Terms apply. Does not replace safe driving. See Ford.com BlueCruise for more details. Running a business comes with a lot of what ifs, but luckily there's a simple answer to them. Shopify. It's the commerce platform behind millions of businesses including Thrive Cosmetics and Momofuku. And it'll help you with everything you need, from website design and marketing to boosting sales and expanding operations. Shopify can get the job done and make your dream a reality. Turn those what ifs into sign up for your $1 per month trial at shopify.com specialoffer.

B (24:14)

And finally at Beverly Hills High School. The future has arrived, and it is watching you, listening to especially in the bathroom. Cameras scan faces, AI analyzes behavior, license plate readers track arrivals, and drones wait patiently like very expensive hall monitors. Inside restrooms, devices disguised as smoke detectors listen for cries of distress, gunshots or trouble, promising safety while raising eyebrows. Administrators call it necessary vigilance in an era of relentless school violence, backed by millions in security spending and daily threat alerts, many students and parents agree. Others are less comforted by a campus where even snack bags, water bottles or awkward roughhousing can trigger armed responses. Civil liberties advocates argue the technology has not proven it prevents shootings and may instead chill trust, discouraging students from seeking help. Benders admit false alarms happen. Schools reply that imperfect protection beats none at all. So class continues under ever watchful sensors with the quiet understanding that privacy, like open campuses, is now mostly extracurricular. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher, and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. Sam.