Dave Bittner (12:09)

Your business needs AI solutions that are not only ambitious, but also practical and adaptable. That's where Domo's AI and data products platform comes in. With Domo, you can channel AI and data into innovative uses that deliver measurable impact. Secure AI agents connect, prepare and automate your data workflows, helping you gain insights, receive alerts, and act with ease through guided apps tailored to your role. Data is hard. Domo is easy. Learn more@AI.domo.com that's AI.domo.com cyber threats are more sophisticated than ever. Passwords. They're outdated and can be cracked in a minute. Cybercriminals are intercepting SMS codes and bypassing authentication apps. While businesses invest in network security, they often overlook the front door, the login yubico believes the future is passwordless. Yubikeys offer unparalleled protection against phishing for individuals, SMBs and enterprises. They deliver a fast, frictionless experience that users love. Yubico is offering N2K followers a limited buy one, get one offer. Visit yubico.com N2K to unlock this deal. That's Yubico. Say no to modern cyber threats. Upgrade your security Today.

Maria Varmazes (13:48)

Our very own Dave Buettner joined hosts Elliot Volkman and Neil Dennis on the Adopting Zero Trust podcast at ThreatLocker Zero Trust World 2025. And together they explored the balance between delivering refined news versus raw perspective, the tipping point for AI adoption, and how the current political landscape is shaping cybersecurity. Here's a bit of their conversation.

Elliot Volkman (14:12)

Hello and welcome to Adoption Zero Trust, live from Zero Trust World or zdw. I'm Ellie Volkman, your producer and media host. I might actually say more than five words as ten we have our wonderful Neil Dennis, I hope you know who Dr. Chase can I am. Or doctors Air trusters. And then Dave, you're new to this, but if you're listening to us and you're not seeing us, I suspect you're going to know his voice more than anything. He is the, I don't know, I would argue, probably the source of all proper cybersecurity news that most of us listen to. Dave, who are you, though?

Neil Dennis (14:46)

He's the guy Graham absolutely wants to.

Dr. Chase Cunningham (14:48)

Grow up to be. Oh, wow. Your words, not mine, but okay. Graham will be here, I think later today. So I'm the host of the Cyber Wire podcast, which is a popular daily cyber security news brief enjoyed by many.

Dave Bittner (15:01)

So thank you for having me.

Elliot Volkman (15:03)

Just a few, right?

Dr. Chase Cunningham (15:03)

Just a few. Just a few, yeah. It's nice to be able to help try to make the world a little safer day by day.

Elliot Volkman (15:09)

I love it. That all said, well, I'll start with some basics. What I would love to do is get your perspective on the world of cyber security that we're in now. What is your maybe lukewarm take on the year ahead for cyber security? Having seen everything and anything in between?

Dr. Chase Cunningham (15:25)

Well, I think the hottest take right now is just trying to navigate the chaos that's going on in Washington, D.C. and which is directly related to cybersecurity. So the unpredictability of that, things that are happening that we have not seen before in ways that we have not seen before. I think as a friend of mine used to say, do you hear that clicking sound? I say, what are you talking about he'd say we're headed up the first lift hill and hold on to the bar. Here we go. So to me, that's the big disruptor this year and I would love to see it end sooner than later, but I don't have high hopes that that's going to happen.

Elliot Volkman (16:03)

That sounds reasonable. Chase, I feel like you might have some opinions here.

Kevin Beaumont (16:06)

Yeah, well, I mean I wrote a piece about the cat that was just appointed to be the director of National Cyber that knows as much about cyber as I do about underwater basket weaving. So I think we're continuing to propagate a lot of the shenanigans in that space, which is not going to help. I think the, the way we're rushing into things. And I'm all for fixing of fraud, waste and abuse because I've been in the government and I've seen this stuff. But the leadership style here needs to be fixed, especially in cyber.

Dr. Chase Cunningham (16:31)

That's fair.

Elliot Volkman (16:32)

Can't argue with that. Neil, what are you going to throw at us?

Neil Dennis (16:35)

I'm with Chase, obviously. I'm working day to day job. There are some things working on that kind of got put on hiatus like most government contracting stuff will do if it hasn't already been signed before. Shifter. But I will say the current future of cisa, which was a pet project six years ago, is no longer seeming to be a pet project anymore. So the outcome of what happens with that particular effort will obviously have massive repercussions for where we go from standards and policy and procedure for the next three, five, ten years even. We were just getting used to cisa. We were just getting things that actually worked with cisa. So it'll be fun to see where that goes in my opinion.

Elliot Volkman (17:17)

I'm gonna throw out one more lob that I feel like Chase is gonna sink his teeth maybe into a little bit. Then we'll see if you have some context. You want to add Bunny repercussions. So let's say the world of compliance and frameworks is tied to government. How to thin ice? Maybe a little bit. Will HIPAA, CMMC, FedRamp those survive? We don't know. But in past conversations we've talked about repercussions and usually they come in fines and that's like the cost of doing business. Do you feel like there could be any shifts in those wins from being.

Kevin Beaumont (17:50)

Engaged in some of the working groups that are doing things up on the hill and in those closed door sessions? I say that there's a sea change that's lining up which is Going to potentially change the way that people view violations and negligence, which is something I've been like trying to champion for a long time. So the cost of doing business might include some shiny bracelets here pretty soon, which is the way it ought to be.

Dr. Chase Cunningham (18:16)

So more than fines, perhaps actually seeing criminal charges for negligence, very much like.

Kevin Beaumont (18:21)

You have in the airline industry and in every other regulated industry where if you do knowingly negligent stuff, especially for years on end, you don't get to go, oh, sorry, let me cut you a check. You get to go to federal prison for a little while.

Dr. Chase Cunningham (18:34)

That could move the needle that there's.

Kevin Beaumont (18:36)

Nothing like prison that will change people's approach to a problem.

Dave Bittner (18:39)

Yeah.

Elliot Volkman (18:39)

Dave, I do want to pull back from like your history a little bit and maybe get some perspective from your side. And I'll probably just skip through some of the fluffier stuff, but you probably are privy to a lot of information that the world wants to know. You have to get a certain amount of information before it is ready to, to be released. I'm just curious, like, how do you even begin to manage what is what you are comfortable sharing with the world or how you vet and go through that information? Because obviously we get a little bit of closed door information that's not quite baked in.

Dr. Chase Cunningham (19:12)

Right?

Elliot Volkman (19:12)

Yeah.

Dave Bittner (19:13)

Right.

Dr. Chase Cunningham (19:13)

Well, I'd say first of all, we think it's really important to have a process and to be careful. We're very deliberate about not dealing in rumors or speculation or gossip or any of that kind of stuff. There's plenty of that out there, but we feel like that's not what people come to us for. It is not unusual for us to hold a story until we can get verification from an additional legit news source that something is actually happening. I think if you build trust with your audience and you're straight with them and you admit when you've made a mistake, then everything will work out fine. But it's a responsibility that we take very seriously. And I feel fortunate we have a really good team to back me up. So I'm glad it's not just me out there doing it.

Elliot Volkman (20:04)

Right.

Neil Dennis (20:04)

You got to start somewhere. You have to have a filter. You have to have someone who provides perspective and then you have to be able to provide your own on top of that and make an educated assessment of around what's going on. Yeah, but you have to get to the floor, to the bottom floor of what's there.

Kevin Beaumont (20:15)

And there's so much now. There's just so much. And it's at such speed, being able to filter down is, is so valuable. I feel that there will be an unrealized benefits of this because people are going to do bad things that can. And that's just the nature since Cain and Abel.

Dave Bittner (20:33)

Yeah.

Elliot Volkman (20:33)

I mean it was less than quantum ominator.

Kevin Beaumont (20:36)

Quantum is. Yeah.

Dr. Chase Cunningham (20:38)

Quantum Is that, is that, is it somebody just put a check on their bingo card for you. You use the word quantum.

Kevin Beaumont (20:47)

Yeah, yeah. The biggest thing about quantum that I think a lot of folks don't really get because I was talking with some folks on the MIT side, is it's not even the quantum computing that's the actual problem. It's the cooling. They can't run the machines long enough, keep it cool enough to actually work long enough to be valuable.

Dr. Chase Cunningham (21:03)

Oh, interesting.

Kevin Beaumont (21:04)

Yeah. So they have to get them almost degrees Kelvin cold, which is. It's easy to heat stuff up. Cooling it down is a whole other issue, which is why there are people sinking data centers in the ocean to try and cool them off as fast as possible. So until we crack better ways of cooling, I don't think quantum is a realistic issue that we face anytime soon. And from everyone I've talked to that are technologists that actually understand that stuff, they say we're 10 to 20 years out now. I think there will be quantum computations that are going to come and as we get more cloud and more distributed type of infrastructure, it'll solve itself. But quantum computing at its current iteration.

Dr. Chase Cunningham (21:44)

Yeah, it's like the joke about nuclear fusion that it's always 20 years away, no matter when you ask. Yeah, right, Right.

Neil Dennis (21:53)

The moment the first public version of ChatGPT went live, two point whatever it was, it was already published inside tour for various threat actors to take advantage of that LLM. Everybody's trying to figure out ways to make it spit out ransomware. On this side, just log into Tor.

Kevin Beaumont (22:09)

And some other places use your neighbor's WI fi.

Neil Dennis (22:11)

Yeah, but to your point though, force multipliers, things that lower the barrier to entry on anything, technology wise, they're are always going to be used nefariously and sometimes for fun as well.

Elliot Volkman (22:23)

But we, we've gone through every buzzword that's currently like brewing.

Kevin Beaumont (22:27)

Yeah, I was trying to think of what one which one we missed, but.

Elliot Volkman (22:29)

I think, I think we can deviate away from that. I do want a loud one question your way, Dave and I'll like wrap things up.

Dr. Chase Cunningham (22:35)

Okay.

Elliot Volkman (22:36)

You obviously cover in aggregate every news piece that are out there from the cybersecurity perspective, but is there a. That you feel like you would love to tell and just. It's not part of the equation for you, is there? Neil and I, we don't really cover incidents and breaches. Everyone else already does that.

Dr. Chase Cunningham (22:52)

Right.

Elliot Volkman (22:53)

What's hiding in the back of your mind that a story that you've been wanting to tell is just not there yet?

Dr. Chase Cunningham (22:59)

Well, I come at it from a different direction, which is kind of a. There's a historical story that I've. In fits and starts, I've tried to chase a couple times over the years, and I haven't gotten anywhere. And since I first started chasing this story, we started a daily space podcast. So now we have a team who's focused on space news. So the story I was trying to track down was years ago, during the Apollo program. How was it that people didn't basically mess with each other's signals, all that stuff? Because it was analog in the clear. Was this just a gentleman's agreement that we said to the Russians? The Russians said to us, we're going to leave each other alone while we're sending things to the moon.

Elliot Volkman (23:49)

Right.

Dave Bittner (23:50)

So it.

Dr. Chase Cunningham (23:50)

Like it. What intrigues me about it is like somehow, even with the historians, that particular security question hasn't come up that I. That I can tell, or I haven't found it yet. Maybe there's probably a book out there somewhere.

Elliot Volkman (24:04)

But, yeah.

Dr. Chase Cunningham (24:05)

Was it just a gentleman's agreement that we're. We're pushing the boundaries here, and I'm not going to jam your space capsule, even though I can.

Maria Varmazes (24:16)

For the full conversation, be sure to visit our show Notes for links to the Adopting Zero Trust podcast, and you can also check out the video of their discussion to dive deeper into their insights on implementing Zero Trust strategies.

Dave Bittner (24:43)

Hey, everybody. Dave here. Have you ever wondered where your personal information is lurking online? Like many of you, I was concerned about my data being sold by data brokers, so I decided to try Delete me. I have to say, delete Me is a game changer. Within days of signing up, they started removing my personal information from hundreds of data brokers. I finally have peace of mind knowing my data Privacy is protected. DeleteMe's team does all the work for you with detailed reports so you know exactly what's been done. Take control of your data and keep your private life private by signing up for Deleteme now at a special discount for our listeners today. Get 20% off your DeleteMe plan when you go to JoinDeleteMe.comN2K and use promo code N2K at checkout the only way to get 20% off is to go to JoinDeleteMe.com N2K and enter code N2K at checkout. That's JoinDeleteMe.com N2k code N2K.

Maria Varmazes (25:59)

North Korea's Lazarus Group has swiped over a billion dollars from crypto exchange Bybit, and they're already busy laundering the stolen funds. Using decentralized finance, or DeFi tools to cover their tracks, they've pulled off a lightning fast, highly organized operation that's leaving investigators scratching their heads. The FBI has confirmed Lazarus as the mastermind, and experts say that the group's infrastructure has likely expanded, with underground networks, especially in China, helping them wash the funds. They've already laundered around $400 million, and their sheer speed and volume are creating headaches for anyone that's trying to stop them. Bybit has launched a bounty for those who can help trace the stolen crypto. But with 77% of the funds still traceable, it's a race against time. This hack is officially the largest in crypto history, blowing past even the notorious Ronin Network and Poly network thefts. It is a truly staggering breach, one that'll have the crypto world on high alert for quite some time. And that is the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your teams smarter. Learn how@n2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I am your host, Maria Varmazes in for Dave Pittner. Thanks for listening. We'll see you tomorrow.

Dave Bittner (28:48)

And now, a message from our sponsor Zscaler, the leader in cloud security. Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue to rise by an 18% year over year increase in ransomware attacks and a $75 million record payout in 2024. These traditional security tools expand your attack surface with public facing IPs that are exploited by bad actors more easily than ever with AI tools, It's time to rethink your security. Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps and IPs invisible, eliminating lateral movement, connecting users only to specific apps, not the entire network continuously verifying every request based on identity and context simplifying security management with AI powered automation and detecting threats using AI to analyze over 500 billion daily transactions. Hackers can't attack what they can't see. Protect your organization with Zscaler Zero Trust and AI. Learn more@Zscaler.com Security.