D (9:58)

Thanks, Dave. Two Russian satellites have spent years sidling up to Western communications spacecraft in geostationary orbit, and now European officials worry that their mission goes beyond simply eavesdropping. A new investigation by the Financial Times reports that the Russian satellites that are known publicly as LUCH and LUCH 5X have now maneuvered within roughly 0.1 degrees of commercial operators such as Intelsat and Eutelsat, lingering for weeks or months. The tracking data cited by independent researchers show a pattern of close approaches dating back to 2014. One satellite was moved to a graveyard orbit in 2025 and then later fragmented. Its successor, which was launched in 2023, has repeated similar maneuvers, including near satellites supporting government and military communications. Experts say that intercepted signals could provide intelligence that's useful for future interference or cyber operations, particularly amid the war in Ukraine.

C (11:07)

Two South Korean teenagers have been charged with breaching Seoul's public bike service in a June 2024 attack that exposed data on 4.6 million users, roughly 90% of the platform's 5 million registrants. Police say the pair, identified only as persons A and B, accessed and downloaded user data, including IDs, phone numbers, addresses and dates of birth while still in middle school. The suspects met on Telegram and allegedly aimed to test their skills and profit. Authorities report no evidence the data was leaked or sold. Coming up after the break, Krishna Sai, CTO at SolarWinds, discusses why leaders should focus less on speculating about an AI bubble and more on how to quantify AI's tangible contributions. And the Pope pushes prayerful priests past predictable programs. Stay with us. No, it's not your imagination. Risk and regulation really are ramping up, and customers expect proof of security before they'll sign that deal. That's where Vanta comes in. Vanta automates your compliance process and brings compliance, risk and customer trust together on one AI powered platform. Whether you're preparing for SOC 2 or managing an enterprise governance risk and compliance program, Vanta helps keep you secure and keeps your deals moving. Companies like Ramp and RYTR spend 82% less time on audits with Vanta. That's not just faster compliance, that's more time for growth. Take it from me, if you're thinking about compliance, take the time to check out Vanta. Get started@vanta.com cyber.

A (13:18)

Close your eyes, exhale, feel your body relax and let go of whatever you're carrying today. Well, I'm letting go of the worry that I wouldn't get my new contacts in time for this class. I got them delivered free from 1-800-contacts. Oh my gosh, they're so fast.

D (13:33)

And breathe.

A (13:35)

Oh, sorry. I almost couldn't breathe when I saw the discount they gave me on my first order. Oh, sorry. Namaste.

D (13:42)

Visit 1-800-contacts.com today to save on your first order.

E (13:46)

1-800-contacts.

C (13:54)

Krishna Sai is chief technology officer at SolarWinds. I recently got together with him to discuss why leaders should focus less on speculating about an AI bubble and more on how to quantify AI's tangible contributions.

E (14:08)

When I think of bubbles, there's the economic bubble that folks refer to a lot of time. But I actually have a slightly different view of this in terms of the value or the technology or the possibility. I mean, we talk about AI as an ex industrial revolution. It's been compared to steam engine, electricity and so on and so forth. How real is that is the one lens with which I look at this conversation when we talk about the bubble. And you know, sometimes when you take a step back and look at what it's actually already doing. So if you think about folks who are actively engaging with consumer AI tools, right, like ChatGPT and others, you know, the numbers are pretty staggering. I think there's like 250 to close to 500 million, maybe even more if you include China and others who are actively daily consuming AI tools. And what I think about it is if those tools went away today, you know, folks, a lot of folks are going to be very disappointed because I think they're actively using them for specific reasons. Now this is very, very different from, let's call it the previous so back in the times of the Internet and so on. If I don't know, e pets or pets.com or something went away, probably nobody would have noticed. Right now it's different from an economic and the speculative perspective, but in terms of the daily usage, I think that's a very, very different dimension or lens to look at how AI is penetrated, making a difference. Now that's true in the consumer space, in the enterprise space, arguably you can say that number is a lot lower. But even in terms of new enterprise technologies take a much longer penetration time as well. But even here, if you look through it, the number of folks who are actually starting to use AI pretty significantly across the daily use cases when it comes to enterprise, it's still pretty high compared to any other technology. Which is why I think that there's a slight difference when it comes to AI in terms of, if you take the enterprise as an example, it's already getting built into core workflows, which is very, very different. And we're starting to see AI making a difference in reducing toil, accelerating decisions, improving reliability, for example, in the business that we're in. So it's not a side experiment anymore. I think it's starting to sit into these core workflows. And that's why I think it's less about hype per se, but it's more about execution, maturity and what are the things that you need to for us to Fully realize the value.

C (17:13)

Do you understand the skepticism that folks have and the concerns that this may all blow up in our faces?

E (17:23)

Yes, I think a lot of the investment, the discussions are around the level of capital investment that's going into building chips and data centers and to allow the training models and so on and so forth. And there's always, and that's very, very hard to tell exactly what is the level of investment that is needed to unleash the future potential of a technology. But if you wear a different lens and say, hey, what is like even the capabilities that are available today in terms of AI, how much are those being used or realized in the day to day heartbeat of both consumer use cases as well as enterprise use cases? And that's what I tend to be a little bit more bullish on this and I think a lot of that is related to the ROI discussion. Hey, we're not seeing the ROI just yet, and so on and so forth. Which is why I go back to. This is less about the potential of the technology, more about the execution, maturity and understanding and the natural, I would say, life cycle of how these types of technologies penetrate the day to day heartbeat in the enterprise.

C (18:45)

When you look at the potential for roi, are there any particular use cases that you think could play out favorably here?

E (18:55)

100% right. I think when we think about enterprise use cases as an example for the business that we are in, we like, we talk a lot with IT and operational teams and so on. Things like, you know, a lot of those teams are buried in ROIs that are already defined for them. Things like the meantime to detect an issue when something goes wrong, the meantime to recover or meantime to respond in terms of customer issues, how many issues get escalated, what is your first contact resolution, what is your operational cost per incident or when there's an outage? These types of things are in case of security and operations. Right. How many incidents can you avoid? What is a reduced blast radius like? A lot of these ROIs are pretty well defined. And I think what we're starting to see is as an example, when you have a well designed or well thought out AI use case that we offer, we see both acceleration in terms of the time to value, meaning how quickly is the adoption of this particular capability in a natural workflow that already exists and how quickly are things like the meantime to resolution of a ticket, as an example, getting accelerated. Those numbers are starting to be a lot more clear in terms of the actual ROI that's being realized.

C (20:24)

Do you feel like we are on the downward slope of the hype cycle, that it's not so much that people are adopting AI because their competitors are, but that, as you say, they're starting to see the real places where it's actually going to be useful.

E (20:42)

I think so. I think so. And I think there's a collective. If you think about a tool that you have to buy today, like any new tool purchase that you can think of, if it does not have an AI capability, you perhaps won't even consider it. Right. So a lot of the questions now, even from a end user or buying decision or an end user adoption decision, everybody is looking at it from the lens of how is this tool or this capability going to leverage AI to accelerate what I want to get out of the store? Right. So that lens is super clear across every value stream in the enterprise. Right. So which is why I'm a lot more bullish in terms of the, as you say, the other end of the hype cycle, where folks are actually thinking about operationalizing a lot of this.

C (21:40)

What are your recommendations then for folks who are looking to set their priorities? You know, they want to balance the things that they clearly see are good outcomes, good potential outcomes from AI, but they also want to be secure, they want to be responsible. How do you go about weighing those needs?

E (22:02)

One of the kind of the core things I try to highlight is make sure that you are separating what AI is good at from what other things need to do. As an example, if you think about separating the responsibilities, AI is good at reasoning, he's good at exploring, he's good at looking at lots of data, he's great at looking at routine tasks and reducing the toil. But it's not great at authority. So which is why you need to be able to. The way I quote it is you want AI to reason broadly but act narrowly, which means that innovation moves really fast when you have AI in the reasoning layer, things like exploring, correlating, recommending. Whereas execution is what needs to be gated behind the routine things that are absolutely important in enterprise policy, identity, auditability, making sure that there's a clear separation. What you don't want is to give AI the authority to go act unfettered as an example, which is why I think a lot of those types of base understanding and say, how are you going to insert, how are you going to let AI explore? But how are you going to make sure that responsible AI comes in the form of designing platforms where speed and safety are able to scale together? Like that's the lens with which I look at it now in terms of what that means and how you adopt. And this is where I think having a good understanding of anchoring AI initiatives to specific ROIs, whether it's time, cost, risk, reliability, and then designing back from that is super important.

C (23:47)

That's Krishna Sai from SolarWinds. No, it's not your imagination. Risk and regulation really are ramping up and customers expect proof of security before they'll sign that deal. That's where Vanta comes in. Vanta automates your compliance process and brings compliance, risk and customer trust together on one AI powered platform. Whether you're preparing for SOC 2 or managing an enterprise governance risk and compliance program, Banta helps keep you secure and keeps your deals moving. Companies like Ramp and RYTR spend 82% less time on audits with Vanta. That's not just faster compliance, that's more time for growth. Take it from me. If you're thinking about compliance, take the time to check out Vanta. Get started@vanta.com cyber.

A (24:57)

This episode is brought to you by indeed. Stop waiting around for the perfect candidate. Instead, use Indeed sponsored jobs to find the right people with the right skills fast. It's a simple way to make sure your listing is the first candidate C According to indeed data, sponsored jobs have four times more applicants than non sponsored jobs. So go build your dream team today with Indeed. Get a $75 sponsored job credit at Indeed.com podcast terms and conditions Appreciate and

C (25:30)

finally, in a private exchange with Rome's priests, Pope Leo XIV offered encouragement, practical counsel, and one gently barbed warning that likely landed with particular clarity. When asked how to reach young people, he pointed first to personal witness, then widening the circle through genuine communion. On parish life, he advised priests to truly know their communities because loving them requires more than a passing familiarity with the parish calendar. But it was his aside on homily preparation that drew knowing smiles. The pope urged priests to use their own minds, not artificial intelligence, to craft their sermons. He has, he noted, seen and heard what happens otherwise. Prayer, he added, cannot be outsourced either. It requires time with the Lord, not just efficient recitation. On rivalry and the loneliness of older clergy, Leo returned to fraternity, gratitude and humility. In other words, no shortcuts there either. And that's the Cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com as we celebrate 10 years of bringing you this daily Cyberwire podcast, we would love to know what you think are some of the most impactful breaches of the last 10 years. We'd love to hear from you. You can email us@cyberwire2k.com N2K's lead producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning, and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco.