A (12:59)

This episode is brought to you by indeed. Stop waiting around for the perfect candidate. Instead, use Indeed sponsored jobs to find the right people with the right skills fast. It's a simple way to make sure your listing is the first candidate. C. According to INDEED data, sponsored jobs have four times more applicants than non sponsored jobs. So go build your dream team today with Indeed. Get a $75 sponsored job credit at Indeed.com podcast. Terms and conditions apply.

B (13:32)

It is always a treat for me when I welcome into the studio Brandon Karp. He is the leader of international Public Private Partnerships at ntt. Brandon, welcome.

C (13:42)

Thank you, Dave. You look just as good as you sound today, sir.

B (13:45)

Thank you. And that laugh our listeners surely recognize is my colleague Maria Vermazes.

C (13:55)

Hi.

B (13:56)

Giving me the amount of respect that I truly deserve. She is the host of the T Minus Space Daily podcast. Maria, welcome.

A (14:04)

Thank you, Dave. It's always a pleasure. And hello, Brandon.

C (14:06)

Hi, Maria.

B (14:07)

So I want to talk about digital sovereignty today, both in space and cyber. A hot topic and one I think is pretty darn important. Maria, let's start off with space. It was actually a space story that caught my eye when it comes to this. Is it fair to say that nations around the world are looking to decrease their dependence on the us?

A (14:30)

We're seeing a lot of money going into this, especially from Europe, into the amounts of billions of euros being invested in sovereign space communication systems, sovereign space, you name it, type of space systems. Basically, there has been talk of sovereign space Access for a long time from especially European sectors. But I think 2025 was the first year we saw some very serious money from another, a number of European countries going towards this effort. So I think Europe is really taking this seriously. Of course, it takes many years for something like this to get up and running. So it's not like the satellites are going to be up on orbit tomorrow. But it is a huge driver of a lot of space activity in Europe. So we're seeing a lot of money going to European contracts. And a lot of the rhetoric is also, instead of being sort of an implied thing, it's very explicit now. There was a big space conference that was in Europe just right before we recorded this episode. And that was all of the rhetoric was explicitly our space traffic data, our space infrastructure. It all needs to be made by Europeans, governed by Europeans, for Europeans. There's no bones about it, basically.

B (15:40)

Well, Brandon, how about in cyber? What are you seeing in your travels?

C (15:44)

Yeah, we're encountering the same drive towards digital and supply chain sovereignty and cyber, for sure. You know, in. I travel to Japan for work quite often, and I was also recently in Taiwan and the conversations around cloud infrastructure, sovereign cloud, not even just public cloud, which is what we're, you know, mostly used to in the US but actually sovereign cloud, where data does not leave the national boundaries of Japan or Taiwan. Japan's implementing this right now as we speak. Taiwan is. I was in conversations with senior government representatives just in December, and they're talking about acquiring services that are totally sovereign. So the data never leaves the geographic boundaries of those regions. And the challenge there is there's a lot of US cloud providers that just can't architecturally do that right now. There's, in fact, very few who can. And so this has broadly been a challenge for those types of organizations.

B (16:44)

Yeah, I mean, let's talk about the practicality of this, the degree to which it is actually possible. You know, I think in regular conversation, you hear folks talk about how if we wanted to build an iPhone, for example, here in the US that we simply don't have the capability to do that right now.

A (17:02)

Yep.

B (17:02)

What does the rest of the world face when it comes to untethering themselves from the U.S. so let's stay with cyber for the moment, Brandon.

C (17:10)

Yeah, so I mean, they're facing first, foremost cost, broadly speaking. There are benefits of the push towards sovereign cloud and data sovereignty. And then there are challenges for US Companies. Of course, I think the primary challenge we could see is a shifting away from US Standardization and how US decides to move data and the architectures we tend to use and the technologies we use. And as more countries, again, these are large countries with massive multibillion dollar markets, as they start pushing towards sovereignty, the US Companies will lose a little bit of control over where that goes. Now, some of those US Companies will play in that space, but that means that those organizations, whether it's Microsoft or Google or Oracle or what have you, need to invest in those new technologies. So it's a big new capital expenditure that requires building data centers. It's one of the things that my company is focused on. Right. NTT builds data centers. One of the things we do. And so it's why we're having these conversations. But means those companies need to invest in that infrastructure so that, I mean, massive capital expenditure for those organizations. But at the same time, you know, it's beneficial to the people in those countries in those organizations. You know, anecdotally, you know, people talk about sovereignty and it's a highfalutin term, but, you know, this comes down to like in high school, right? Or in college, you know, you've got a bunch of friends, you know, I went to the Naval Academy and a bunch of Rowan buddies, you know, we were taking crazy pictures, going out on the weekends, and they all have these pictures of me. And probably the.

A (18:44)

Are you sure you want to put this on a podcast?

B (18:45)

Highly specific, Brandon.

C (18:48)

Exactly. You know where I'm going with this. And you know, they have data about me that I don't really want out there in the world. You know, you think about a young.

A (18:58)

My email is Maria Vermoz.

C (18:59)

Okay, exactly. And so, you know, and how many of us have had those experiences personally of. Okay, someone else has information about us that we don't necessarily want them to have control over. They get to my buddy Luis, he gets to decide who sends that picture of me in a specific tank top. And he knows if he listens to this, which one I'm talking about. And that's this principle of sovereignty of like when the data is sovereign, when it is, the architecture is localized, the laws, the regulations, the controls are also localized. And so if you're in Japan and you're leveraging a sovereign cloud architecture, if you're leveraging a sovereign AI tool and a model that is localized, the laws of Japan, which, by the way, are incredibly strict on privacy protection, apply to you, as opposed to just relying on the US Kind of laissez faire open. You know, you get what you get. You know, we've got a social safety Net, but it's located on the ground and it's covered in spikes. Right. So it's just a little bit different.

A (20:04)

Right.

B (20:05)

So, but let me use space is an example here, Maria. I mean, to what degree do you think that we're talking about true sovereignty versus shifting alliances and allegiances? In other words, has the experience that folks are going through right now put them off of partnerships altogether or are there still practical considerations, I think about space and if your nation's closer to the equator, you got an easier time chucking stuff up into orbit.

A (20:37)

Right. That is the scientific term, is chucking up.

B (20:40)

Thank you very much.

A (20:41)

Yes. Yeah. I mean the practicalities of space, I mean, the very easy one is how do you get there in a lot of things in global space, A lot of other countries and international organizations follow the United States lead on policy and how regulations, for lack of a better term, because the US has been the big dog on that front for a long time. But I'm thinking about ESA and India specifically. Right now that mentality is changing. More partnerships are happening without the United States to try and secure access to space without going through the United States. But the reality is, for example, going back to Europe, them trying to put more of their own sovereign satellite constellations onto orbit. They do have a sovereign rocket, the Arian 6. They have their own spaceport, but they do not have the launch capacity anywhere close to what the United States can do. They can't get things into space nearly as quickly as we can. So in a lot of cases they're still having to launch their sovereign satellite constellations through the United States on American launch vehicles. The hope is that that will change, but that also takes a long time to use the massive cliche. Space is hard. Getting, getting rockets to launch is a lot harder than people think because it literally is rocket science. So there are going to be a lot of practical constraints for some time. And same thing for as other nations and international organizations create their own regulations and policies and norms. A lot of them are still cribbing the United States. But I do think that is going to change when you have these off the record conversations with people. I just had some last week actually, before we recorded this episode. There is an element of while we're going and driving hard towards sovereign space, we still have to work with the United States and a lot of things, if only for components. And if you know that there's a lot of restrictions on what the nations are wanting to do versus what they actually can do, simply because we've had a Large head start in the United States, but that's not going to last forever. A lot of other nations are quickly catching up. So the idea that this is going to be a US Exclusive thing, to say nothing of China, that, that's, that's definitely not going to last. So I think it would behoove folks in the United States who are in this world to really think hard about how they can maintain these relationships, because I know ESA and India are, especially in Australia, for that matter. They're working hard on creating their own pathways that kind of circumvent the United States.

B (23:15)

Brandon, what opportunities does this bring for a nation like China?

C (23:19)

Yeah, that's, that's exactly kind of the direction I wanted this to go in. Because listening to Maria, I thought of a couple things. First, I thought of Mark Carney's speech at the World Economic Forum. Oh, yeah. And if a listener, if someone on this, you know, who's listening to this show hasn't listened to that speech or read it, please go do so. There's a transcript posted online for the World Economic Forum, but he really outlines what is the kind of shifting economic and geopolitical and industrial perspective of the world, which is moving away from the United States and how that is opening up opportunities for other countries. But all three of us here are located in the U.S. we're very interested in the success of the U.S. in the success of our economy and the citizens of the US and that is a challenge that we have to confront, which is what Maria just outlined is going to drive increased investment in other nations in their domestic capacity, in their sovereign technologies, sovereign businesses, in the growth of their localized economies. So if they, you know, if at any level of analysis, whether it's a, you know, small, you know, microeconomic analysis or market analysis or what have you, you know, those markets are growing. US Market maybe not shrinking, but not growing as quickly. Now, that's good for those other markets, not as good for the US Market. As an individual, you're going to want to get, you know, invested if you can somehow get exposure to those international markets. But what it does for China, and we've seen this again, bringing it back to Mark Carney. Canada signed a big trade relationship and agreement with China now, and now they're importing Chinese electric cars. And so, I mean, that's, that's a huge deal.

B (25:02)

It's a huge deal.

C (25:03)

I mean, I mean, I don't know if anyone's been to Detroit, but Canada's right next door. You could get dinner in Detroit and then go See an after dinner show in Canada right there. Right. So you know, they're no longer going to be importing U.S. electric vehicles. And so imagine the exact same type of thing happening in the space technology industry. Or you, you know, these other types of manufacturing heavy industries of China's going to take advantage of this. They typically do. They're very forward thinking. So not only will the localized markets in Ecuador or other launch nations be growing around these spaceports, but also in cloud technologies as well. But also China is going to be getting deeper and deeper entrenched. Again, both of those situations hurting the American market.

B (25:50)

Before I let you go, Brandon, you have a session at the upcoming RSAC conference in San Francisco. Can you give us a sneak peek of that?

C (25:58)

Yeah. So I mean, everything we talked about today really has to do with risk analysis, risk forecasting. And so I'm hosting a workshop, a learning lab at RSA at the end of March. So RSA is coming up soon. Everyone who's attending, I just encourage you to sign up and register. There's only 56 available seats in my learning lab. The title of it is First Principles Risk Forecasting From Theory to Practice. The number is Lab2T09. And again, 56 seats, you gotta reserve it ahead of time, so look that up. My session will be on Tuesday at 1:15 in the afternoon. Two hour session, hands on practical risk analysis, risk forecasting for your organizations. And I'll actually be co hosting that with Rick Howard, previously of the Cyberwire.

A (26:48)

That's awesome.

B (26:50)

All right, well, Brandon Karf is leader of international public private partnership partnerships at ntt. And Maria Vermazes is host of the T Minus Space daily podcast. Thank you both for joining us.

C (27:02)

Thanks Dave.

A (27:03)

Pleasure as always.

B (27:18)

No, it's not your imagination. Risk and regulation really are ramping up and customers expect proof of security before they'll sign that deal. That's where VANTA comes in. VANTA automates your compliance process and brings compliance, risk and customer Trust together on one AI powered platform. Whether you're preparing for SoC2 or managing an enterprise governance risk and compliance program, VANTA helps keep you secure and keeps your deals moving. Companies like Ramp and RYTR spend 82% less time on audits with Vanta. That's not just faster compliance, that's more time for growth. Take it from me, if you're thinking about compliance, take the time to check out Vanta. Get started@vanta.com cyber. New spring arrivals are at Nordstrom Rack stores. Now get ready to save big with up to 60% off rag and Bone, Marc Jacobs, Free people and more. How did I not know Rack has Adidas? Cause there's always something new. Join the Nordy Club to unlock exclusive discounts. Shop new arrivals first and more. Plus, buy online and pick up at your favorite Rack store for free. Great brands, great prices. That's why you Rack. And finally, a cyber attack at Hazeldean's, a major chicken processor in central Victoria, Australia, has done what few things can it has left pubs and butchers staring into empty fridges. After computer issues escalated last week, the company shut down on site WI Fi, disrupting packaging operations and halting deliveries. Hazeldine says it's working with cybersecurity investigators and authorities to restore systems and determine what happened. The ripple effects were immediate. Wholesalers scrambled for alternate suppliers when the usual 2am deliveries failed to arrive. One local butcher found not a single box of chicken waiting for the town's pubs or supermarkets. The local hotel confirmed the grim reality. No chicken. With limited communication and uncertain timelines, businesses are left improvising. And Victoria has learned that when WI Fi goes down, sometimes dinner does too. All bad news. Unless, of course, you're one of the chickens. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com our CyberWire lead producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cyber security conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly. I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26 I'll see you in San Francisco.