Ann Johnson (13:38)

Anne speaks with Ali Mellon about her

Narrator/Host (13:40)

new book Code How Nations Hack, Spy and Shape the Digital Battlefield and users find CoPilot's terms of use highly entertaining. Stay with us.

Ann Johnson (14:06)

Maybe that's an urgent message from your

Narrator/Host (14:09)

CEO, or maybe it's a deep fake trying to target your business. Doppel is the AI native social engineering defense platform fighting back against impersonation and manipulation. As attackers use AI to make their tactics more sophisticated, Doppel uses it to fight back from automatically dismantling cross channel attacks to building team resilience and more. Doppel outpacing what's next in social engineering? Learn more@doppel.com that'S-O-P-P-E-L.com.

Depop Advertiser (14:47)

You tell yourself no one wants your college era band tees, but on Depop, people are searching for exactly what you've got. You once paid a small fortune for them at merch stands. Now a teenager who calls them vintage will offer that same small fortune back. Sell them easily on Depop. Just snap a few photos and we'll take care of the rest. Who knew your questionable music taste would be a money making machine? Your style can make you cash start selling on Depop where taste recognizes taste.

Narrator/Host (15:22)

Kevin McGee is global director of Cybersecurity Startups at Microsoft. I recently caught up with him at RSAC 2026. Gave him a break from being my intern to hear him describe some of the emerging trends he's tracking. When it comes to startups, you need

Kevin McGee (15:40)

a certain level of scaffolding to work with a hyperscaler like us or AWS or whatnot, because you'll get on a call with 60 people from the, from Microsoft and they're all going to want things from you. So you need sort of a certain level of size and complexity within your organization to be able to, to tap into hyperscalers. But when you build that infrastructure, then you can sort of get the lift off that comes with working with us. It can be very difficult sometimes to figure out and navigate Microsoft. I have all the entire tools to see who people are. I often find out about new products we're releasing from customers because we're doing so many different things and releasing so many things so quickly. So. And I've given up being, you know, being upset about that, that I can't keep up on everything.

Ann Johnson (16:28)

Right. And here we are at RSAC 2026. We are on the show floor, right in the middle of everything. And it is my pleasure to welcome Kevin McGee from Microsoft. Kevin, thanks for joining us here today.

Kevin McGee (16:43)

Thanks for having me, Dave.

Ann Johnson (16:45)

I always get it wrong, so I'm going to ask you to say it yourself because your title somehow gets convoluted in my brain. What is your official title with Microsoft now?

Kevin McGee (16:55)

I wish I had my notes so that I get it right. I lead our cybersecurity portfolio for Microsoft, for startups globally.

Ann Johnson (17:03)

All right, let's dig into that. When you are at a conference like this and part of your responsibility is finding and nurturing that next generation of cybersecurity startups, what's your strategy for surveying the lay of the land when it comes to new companies?

Kevin McGee (17:20)

I think a lot of it is the prep work up front. So knowing who you want to see, who are those interesting ones who can make a connection to some of the smarter startups because they won't have a booth maybe to go by and see, they won't have a presence here. So connecting with them is a little more difficult. If you want to see Microsoft or CrowdStrike or Palo, you can go to their gigantic booth and it's pretty easy to book a meeting or whatnot. But the startups don't really necessarily have those connections. They're harder to find. So you have to do the reconciliation upfront, I think is really the key. And then introductions and whatnot can be one of the best ways to figure

Narrator/Host (17:53)

out who to speak to now as

Ann Johnson (17:56)

part of your position, the way that you all do things with the Startup group at Microsoft. Do you have an inbound channel where people are hopefuls, are reaching out to you?

Kevin McGee (18:07)

Yes. So we have a whole set of programs. I like to think of it as kind of like an airplane. Microsoft restarts an airplane. We have different classes of. If you're two folks in a dorm room with a case of beer and a pizza and you've got an idea, we've got a solution for you. If you need a higher level of service or go to market product growth integrations, we have a service for you as well, too. Ultimately, the program's based on how do we make partners successful. And I founded my first two companies in the 90s on BizPark, which was then what Microsoft for startup was called. And it was not just access to the software because it came on disk ads. They used to send me a box of disk ads. It was the access. It was the access to customers, it was the support, it was the brand association. And I think we've really gone back to our roots with the program, which is why I'm excited to sort of have the later part of my career associated with the program as well too.

Narrator/Host (18:57)

Yeah.

Ann Johnson (18:58)

So when we're here at a conference like this and there is one topic that is so dominant, so present, you know, and this year it's AI, and not just AI, but agentic AI is every booth, it seems. If you don't have that as part of your message, why. Why are you even here?

Kevin McGee (19:18)

You're not even allowed in the door.

Dave Bittner (19:21)

Exactly.

Ann Johnson (19:22)

But how do you track what's next? Because I would guess, correct me if I'm wrong, that a lot of the companies, the startups want to ride on the coattails of that.

Kevin McGee (19:35)

Yeah.

Ann Johnson (19:36)

But you still have to keep your eye on what's coming after that.

Kevin McGee (19:39)

I think there's. We're at this inflection point. I think when we look back, maybe the Wiz acquisition will be sort of the end of the one phase, the beginning of the new one. So I'm sort of tracking what's happening in the AI space, what they're building and seeing how broken it is, and then knowing that three to six months later there will be a startup surge to fix those problems. So I think we'll. We'll see a lagging surge of cybersecurity startups behind the technologies. So take mcp. I didn't even know what MCP was three, four months ago. Probably I'm way behind some of the viewers, but now I'm looking at six different companies that are in that space. Because of the wide adoption. So I'm trying to get ahead of the curve in that way. And I think this, there's a new wave coming up, and I've heard consolidations, you know, gonna end our industry. I think it's the exact opposite. I think we've kind of closed off one phase. We're at the beginning of the next one.

Ann Johnson (20:30)

What, what is your advice for those hopeful startups? Do you have a general checklist of you should have these things in place?

Kevin McGee (20:40)

I can tell you what works and what doesn't.

Ann Johnson (20:42)

Oh, that's even better.

Kevin McGee (20:44)

Yeah. One is, are you building a feature or product? Know what you're doing? If you're building a feature you want to sell to a bigger company, build a company that way. But if you got a very small total addressable market and it's a feature, not a product, that's one thing. We kind of figure out where you are, and then two, know your ideal customer profile. A lot of the startups I talk to, who do you sell to? We sell to everybody. You'll never gain any expertise understanding that. Find, you know, one customer you can serve really well. Figure out everything there is to serve them well and do a great job and execute and then work on your next ideal customer profile, icp. And I think that's really the way to scale because then you understand a customer problem and you're delivering a real solution, and that's ultimately what customers are buying. They're not buying the technology, they're not buying the model. They're buying a solution to their problem, and everyone feels they have to sell to everybody. Well, if you sold to just Midwest credit unions and you own that market, that's a great base to build from. I feel. We have this Silicon Valley story where you're supposed to go large, go quickly. Sometimes you need to move in a small area to really understand the problem. Like Y Combinator really, really preaches this as the approach to do things that don't scale at first to learn, and whoever learns faster, I think wins in the market.

Ann Johnson (22:04)

Are there common pitfalls that you see people, the mistakes that people make that sort of sink their hopes or chances?

Kevin McGee (22:11)

I think every pitch is not about a VC pitch. I don't really need to know the history of the company. I don't need to know the lineage of every one of your founders. Get to the point. What problem are you solving for the customer? How big of a problem it is, and how does it work? I think customers want to get to pass the slides. Show me the demo show me the pov. And so one of the questions I ask quite often, and you'll hear me in a lot of my interviews, is what's the moment when the customer says, I get it. When you do your presentation? Skip everything before that and go right to that. Right. Because that's really where, where the traction happens when, when they have their aha moment. Everything before that is just noise till they get to that. And then you'll see them actually then say, oh, yeah, well, okay, well, that's your presentation. Everything you said after I asked that question to your presentation. Get rid of all the stuff before.

Ann Johnson (23:04)

How important is the team?

Kevin McGee (23:06)

I think the team really matters for, especially for VC raising and whatnot. They want to bet on folks that have been there, done that before. Having built a few companies myself, I think I really got lucky. The first one had a little bit of victory disease. The second one, oh, those are the lessons I learned that made the third one super successful. So I think having a team is really key. And then having been a founder myself, it's a tough slog. I think we have this TV version or movie version where there's this lone genius that invents something. The best companies are teams, you know, Hewlett Packard team, you know. Yeah, yeah, Bill and Paul, Steven. Yeah. You bring different aspects to the relationship, but also you can share the load. I think that's really key.

Ann Johnson (23:55)

What do you bring to the startups in terms of the spectrum of support that they get when they partner up with Microsoft?

Kevin McGee (24:04)

I think, and this. A lot of big companies are doing this, not just us. I think it's the right thing to do for innovation in our marketplace. One, just brand association can be a huge thing. Hey, we're working with Microsoft. Two, enterprise distributions are key. We have huge contracts with all sorts of major customers. So if you want to get into XYZ bank, we have probably 60 people working with that account already. If you can prove your product solves a problem and enhances and extends our solutions, we're happy to make that introduction. So there's sort of the trust. There's also just the platform that we make enabled. So a lot of our solutions we're building now are exactly platforms. And our philosophy, at least mine, is we look to partner, partner, partner. Then we'll build it if we can't find a partner in the market space, and then maybe we'll look at buying it. So we're very open to entrepreneurs building on our platform. Quite the opposite of what you think. We're not looking to sort of compete in every market. We're actually looking to enable entrepreneurship and so are many of the other major vendors. And I think that's just, just good for our industry as a whole.

Ann Johnson (25:06)

All right, well, Kevin McGee from Microsoft, thanks so much for joining us.

Kevin McGee (25:09)

Thanks for having me, Dave.

Narrator/Host (25:14)

There's a lot more to this conversation than we have time to share here, so please check out the full unedited interview. You can find a link to that in our show. Notes. On today's segment from Microsoft Afternoon cybertea podcast with Ann Johnson. Ann speaks with Allie Mellon about her new book Code How Nations Hack, Spy and Shape the Digital Battlefield.

Ali Mellon (25:50)

Today on Afternoon cybertea, I am joined by Ali Mellon, a principal analyst and one of the most clear eyed voices in cybersecurity today. One of the things you actually do beautifully in the book is you strip away the mythology about cyber war, the idea that it's chaotic or that it's even mysterious or driven by these shadowy geniuses. What do you think is the most dangerous misconception leaders still have about nation state cyber attacks?

Dave Bittner (26:15)

Honestly, it remains that these attacks won't happen to them, that they don't apply to them. I especially see this with small and mid sized businesses and unfortunately the reality is that it's just not true. I think about and I talk about in this book NotPetya as a great example of this. How did NotPetya start? It started with this tax document software created by this company, Intellect Service, which was a small family owned Ukrainian company that just made tax software and was just doing that for the country of Ukraine. It was a small business, it was a family run business and it ended up causing such a larger conflict when it was originally hit and especially in the past few years. And I know that your team has done a ton of research here that's been really valuable to paint this picture. The supply chain is everything. It is the way in for so many threat actors that don't want to just target the big players and want to find ways in that are a little bit more simple for them or where they can take advantage of some things that they might not be able to take in these larger scenarios. And unfortunately, like the scale that you can get with those attacks is everything too. So especially as we move forward, as we continue to somehow be even more interconnected than we are already today, that is the thing that really needs to be driven home, is that at the end of the day, everyone has a role to play in this and it's important that we address that at the source and do our best to have the strongest security posture possible.

Ali Mellon (27:44)

I think that's right. I do think that a lot of folks, when they think about nation state actors, they think that they're going to attack the largest companies in the world. Right. The Global 2000 or the Fortune 500. And in reality, they're not always there. Right. They often find the softest targets to make a point.

Dave Bittner (28:01)

Exactly.

Ali Mellon (28:02)

So a core idea is that, and I love this by the way you talk about it, it's that cyber activity reflects national identity, whether it's history. You talked about a little doctrine, even culture, and you focus heavily on the US and on Russia and on China. What should executives understand about how these differences actually play out in cyber operations?

Dave Bittner (28:23)

It was really fascinating as I was writing this book, because I originally started out with the intent to just look at the cyber attacks that these nations were perpetrating and focus most of my energies on that. But what I found is the more I went into it, the more that I couldn't ignore the regulations that were being put in place, the defensive actions that were being put in place, and the actual choices that the governments had made and the social contracts they'd established with their people and how all of those things factored into the defensive and offensive decisions they could make and what was available to them. It's been really interesting because I do feel like when we look at the United States as an example, it's so much quieter with the attacks, or it has historically been so much quieter with the attacks that have been perpetrated, much more focused on being clandestine as much as possible, concealing the existence of the operation in any way possible. And a part of that is because there is an expectation that the US Is going to act a certain way on the global stage. But you can contrast that with other nations. We can go beyond China and Russia into, like, North Korea as an example. There they use the cyber attacks that they do particularly to gather resources through Bitcoin and other cryptocurrencies, because there's no reason for them not to. It's not like we could sanction them more at this point. So they might as well go and use cyber attacks that way. Or you can look at Russia and see just how bombastic a lot of the attacks that they use are and how loud a lot of the attacks that they use are, because at the end of the day, all the attacker groups associated with Russia are trying to do is get as much attention, as much meaningful attention from Putin as they possibly can. And I find that really interesting. Because when we look at a lot of the historical decisions that have been made with these cyber attacks, so much of the success of the cyber attacks nation states perpetrate is based on the coordination that they have between different branches of the military. And so when you've set up a system like there is in Russia, where everyone is vying for some type of attention from Putin, it makes it so much more difficult to execute these attacks in a coordinated way where everyone plays their own part.

Narrator/Host (30:42)

Be sure to check out afternoon Cyber Tea wherever you get your favorite podcasts.

American Express Advertiser (30:58)

Go further with the American Express Business Gold Card earn 3 times Membership Rewards points on flights and prepaid hotels when you book through amextravel.com whether your destination is a business conference or a client meeting, Your purchases will help you earn more points for future trips. Experience more on your travels with Amex Business Gold. Terms apply. Learn more@americanexpress.com Business Gold AmEx Business Gold Card Built for Business by American Express

McDonald's Advertiser (31:28)

K Pop demon hunters Haja Boy's breakfast meal and Hunt Trick's meal have just dropped at McDonald's. They're calling this a battle for the fans. What do you say to that, Rumi? It's not a battle. So glad the Saja Boys could take

Dave Bittner (31:40)

breakfast and give our meal the rest of the day.

Narrator/Host (31:42)

It is an honor to share.

Kevin McGee (31:44)

No, it's our honor.

American Express Advertiser (31:46)

It is our larger honor.

Dave Bittner (31:48)

No, really, stop.

McDonald's Advertiser (31:50)

You can really feel the respect in this battle. Pick a meal to pick a side

American Express Advertiser (31:56)

and participate in McDonald's while supplies last.

Narrator/Host (32:04)

And finally, Microsoft is drawing renewed attention to Copilot's Terms of Use, which plainly warn the AI assistant is for entertainment purposes only and may not work as intended. The notice, unchanged since late 2025, resurfaced online after users rediscovered language advising people not to rely on Copilot for important decisions. Microsoft has repeatedly issued similar cautions during demonstrations, emphasizing human verification is required. Comparable limits appear elsewhere in the industry, reinforcing that even pro branded AI tools may still discourage professional reliance. Vendor disclaimers quietly undercut the genius in every laptop narrative. The reminder is simple and straightforward. AI assistants can be useful occasionally impressive and confidently wrong in equal measure. As the great philosopher Tom Waits stated, the large print giveth and the small print taketh away. And that's the cyberwire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's lead producer is Liz Stokes. We're mixed by Trey Hester with original music and sound design by Elliot Peltzman. Our contributing host is Maria Vermazes. Our executive producer is Jennifer Ivan. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow.

McDonald's Advertiser (34:29)

Your next chapter in health care starts at Carrington College's School of Nursing in Portland. Join us for our open house on Tuesday, January 13th from 4 to 7pm you'll tour our campus, see live demos, meet instructors and learn about our Associate Degree in Nursing program that provides prepares you to become a registered nurse. Take the first step toward your nursing career. Save your spot now at Carrington. Edu Events. For information on program outcomes, visit carrington. Edu Sci Fi.