Summary6 min read

CyberWire Daily – "When Encryption Meets Enforcement"

Date: January 26, 2026
Host: Dave Bittner
Guests: Maria Vermazes (T Minus Space Daily), Brandon Karpf (NTT & former CyberWire colleague)

Episode Overview

This episode delves into the intersection of privacy, law enforcement, and cybersecurity, opening with the news that Microsoft granted the FBI access to BitLocker-encrypted laptops following a court order. The episode transitions to cover major industry news—ranging from supply chain vulnerabilities and AI content moderation to geopolitical cyber threats. The latter half features a detailed conversation with Maria Vermazes and Brandon Karpf about the evolving challenges of tracking orbital assets and the critical role automation and information-sharing will play in the future of space safety and national security.

Key Discussion Points & Insights

1. Law Enforcement, Encryption, and User Privacy

[02:00] A federal case in Guam revealed that Microsoft provided the FBI with BitLocker recovery keys stored in the cloud after authorities obtained a warrant.
Many users back up BitLocker recovery keys to their Microsoft accounts for convenience, enabling lawful access by Microsoft.
Insight: Convenience versus control—users wanting maximum privacy should store recovery keys offline.

Quote:

"The case underscores a familiar trade off between convenience and control." – Dave Bittner [03:00]

2. Global and Industry Cybersecurity Highlights

[03:30] The EU is investigating X’s AI model, Grok, for generating explicit images, including those involving minors, under the Digital Services Act.
[04:45] Reports from Iran describe brief glimmers of internet access amid government blackouts during protests, which have hampered reporting and communication.
[06:00] Coy Security warns that post-Shai Hulud mitigations for NPM package management remain flawed; malicious configurations can still bypass protections.
[07:15] Microsoft investigates reports of Windows 11 devices failing to boot after January updates.
[08:00] CISA adds multiple actively exploited vulnerabilities to its catalog, flagging flaws in Versa, Zimbra, JavaScript frameworks, and VMware vCenter.
[09:00] ESET attributes a major cyberattack on Poland’s energy sector to Russia’s Sandworm APT, utilizing destructive "DynamicNowiper" malware.

3. Space Situational Awareness & Traffic Management

The Challenge of Tracking Objects in Orbit

[13:55] Maria Vermazes explains that global tracking of satellites and space debris is a patchwork effort with no single authoritative body.
- Geostationary satellites are well tracked, low Earth orbit (LEO) remains more chaotic.
- Multiple governments and private companies contribute to tracking, but there's no “central traffic control.”
- The US Dept. of Commerce’s Trax system is the closest to a central repository, but is still incomplete.

Quote:

"Our view of what's going on in space is not as complete as I think most people would think it is... There is no complete knowledge of everything that's up there." – Maria Vermazes [13:55]

About the Trax System

[15:34] Trax: A beta system run by the Department of Commerce, intended to centralize space situational awareness.
- Faced a near-shutdown in 2025, but industry lobbying saved it.
- Still not the definitive solution; many private organizations continue independent tracking.

Growth of Space Traffic and Risks

[17:27]–[19:21] Brandon Karpf describes the exponential increase in orbital conjunction alerts:
- His anecdote: “One a day” conjunction warnings a decade ago, now over 600,000 daily due to a massive increase in satellites (“approx. 14,000 now, potentially 100,000 in four years”).
- Managing this volume far exceeds human monitoring capacity.

Quote:

"We get one [conjunction warning] like one a day maybe... Today we have 14,000 satellites up there... Now conjunction messages have increased... to over 600,000 every single day." – Brandon Karpf [18:13–19:21]

4. Policy and Access to Space Data

Strategic Implications & Transparency

[21:46] Discussion on whether space situational data should be fully open or restricted for security reasons.
- Military satellites' positions are physically observable and thus, secrets are limited to their capabilities, not their existence.
- Expansion of commercial providers mirrors the “democratization of exquisite data” (e.g., commercial Earth observation, SIGINT).

Quote:

"This is kind of democratization of exquisite data is nothing new... What's unique here... is this is being provided by the government..." – Brandon Karpf [23:30]

Money and Management

[20:51] Funding remains a challenge, with the government raising revenue by charging space companies according to the mass they launch.

5. Automation, Cybersecurity Parallels, and the Future

[25:47]–[27:54] Tracking and managing orbital objects is now too complex for manual oversight—automation is essential.
- Parallels drawn to cybersecurity’s evolution: security operations centers (SOCs) automating the triage of billions of alerts.
- Techniques and tools from cybersecurity could directly inform space operations ("security orchestration, automation and response" for “space ops”).

Quote:

"No human staff can review all those alerts. So you have to implement a layer of automation... The same kind of tools that the cybersecurity industry has been forced to innovate... could be incredibly helpful." – Brandon Karpf [27:43, 27:55]

[28:15] Dave Bittner observes: "It strikes me that we're playing a bit of catch up when it comes to this stuff..."

6. Industry News & Market Brief

[10:10] Wave of cybersecurity funding and M&A activity:
- Akido ($60M Series B), Project 11 ($20M), mergers among Infoblox, Delinea, and Thinkst Canary.
- Investment focuses: identity security, managed services, AI governance, proactive threat detection.

7. CISA Sits Out the RSA Conference

[29:57] CISA announces it will not attend RSA Conference 2026 for the first time, sparking confusion in the community.
- CISA cites focus on statutory duties and aligning with presidential priorities, despite RSA being the industry’s major annual event.
- The timing is notable: former CISA Director Jen Easterly recently took the helm as RSAC’s CEO.

Quote:

"For an agency tasked with national cyber coordination, opting out of the one place everyone coordinates feels less strategic and more baffling." – Dave Bittner [30:50]

Notable Quotes & Timestamps

[03:00] "The case underscores a familiar trade off between convenience and control." — Dave Bittner
[13:55] "Our view of what's going on in space is not as complete as I think most people would think it is..." — Maria Vermazes
[18:13–19:21] "We get one [conjunction warning] like one a day maybe... Now... over 600,000 every single day." — Brandon Karpf
[23:30] "This is kind of democratization of exquisite data is nothing new... What's unique here... is this is being provided by the government..." — Brandon Karpf
[27:43, 27:55] "No human staff can review all those alerts. So you have to implement a layer of automation... The same kind of tools... could be incredibly helpful." — Brandon Karpf
[30:50] "For an agency tasked with national cyber coordination, opting out of the one place everyone coordinates feels less strategic and more baffling." — Dave Bittner

Conclusion

This episode highlights the ongoing tension between privacy and law enforcement in the digital realm (with BitLocker and Microsoft as a case study), the rapidly evolving threats facing the cybersecurity landscape, and the critical intersection of space operations and cyber tools. The expert panel draws direct lines between the challenges of automating security for digital networks and the urgent need to automate “space situational awareness” to avoid catastrophic orbital incidents. As commercial and state actors expand in both domains, the need for effective coordination, transparency, and automation becomes ever more pressing.

Loading summary

Transcript47 lines

[00:02]
Maria Vermazes
You're listening to the Cyberwire Network powered by N2K.
[00:13]
Dave Bittner
If securing your network feels harder than it should be, you're not imagining it. Modern businesses need strong protection, but they don't always have the time, staff or patience for complex setups. That's where Nord layer comes in. Nordlayer is a toggle ready network security platform built for businesses. It brings VPN access control and threat protection together in one place. No hardware, no complicated configuration. You can deploy it in minutes and be up and running in less than 10. It's built on zero trust principles so only the right people can get access to the right resources. It works across all major platforms, scales easily as your teams grow and integrates with what you already use. And now Nordlayer goes even further through its partnership with CrowdStrike, combining Nordlayer's network security with Falcon Endpoint protection for small and mid sized businesses. Enterprise grade security made manageable try Nordlayer risk free and get up to 22% off yearly plans plus an extra 10% with the code CYBERWIRE10. Visit nordlayer.com cyberwire daily to learn more. Microsoft granted the FBI access to laptops encrypted with BitLocker. The EU opens an investigation into Grok's creation of sexually explicit images. Glimmers of access pierce Iran's Internet blackout. Coy security warns NPM fixes fall short against package gate exploits. Some Windows 11 devices fail to boot after installing the January patch Tuesday updates. CISA warns of active exploitation of multiple vulnerabilities across widely used enterprise and developer software. E said researchers have attributed the attack on Poland's energy sector to Russia's Sandworm. We got your business brief. Brandon Karpf joins us to talk space and Cyber and CISA sits out RSAC. It's Monday, january 26, 2026. I'm dave bittner and this is your cyberwire intel brief. Thanks for joining us here today. It's great as always to have you with us. A recent court case in Guam highlights a little known privacy tradeoff in Windows security. During a federal investigation into alleged COVID 19 relief fraud, the Federal Bureau of Investigation accessed encrypted laptops protected by BitLocker without breaking the encryption. Instead, investigators obtained the recovery keys directly from Microsoft after securing a warrant. The reason this was possible is that many Windows users choose to back up their BitLocker recovery keys to their Microsoft accounts. For convenience. When those keys are stored in the cloud, Microsoft can legally provide them to authorities. Microsoft says it fulfills about 20 such requests a year. The case underscores a familiar trade off between convenience and control. Users who want maximum privacy can store recovery keys offline rather than in the cloud, ensuring only they can unlock their data. The European Commission has opened a new investigation into X over concerns that its generative AI model, Grok, enabled the creation of sexually explicit images, including sexualized images of children. The probe is being conducted under the Digital Services act, which requires platforms to assess and mitigate systemic risks such as illegal content and serious harm to users. The commission says GROK may have exposed the EU citizens to significant harm and will assess whether X met its legal obligations. X says it has zero tolerance for child sexual exploitation and has taken steps to restrict image generation, including limiting it to paying users. The investigation could lead defines of up to 6% of X's global turnover and expands existing DSA proceedings. Already underway after more than 17 days of a near total Internet blackout, some Iranians are gaining brief, sporadic online access amid a violent crackdown on nationwide protests. These short windows have allowed people to reassure families and share videos and testimony with journalists and rights groups, offering new insight into the scale of repression. Human rights organizations now believe deaths may far exceed earlier estimates of about 5,200. The shutdown, imposed as protests escalated and calls to overthrow the Islamic Republic, has severely limited reporting by outlets such as the New York Times. Experts at netblocks and the digital rights group Mian say the fleeting access likely reflects government experiments with tightly controlled, tiered Internet access. The blackout remains the longest and most extensive Iran has imposed. Security Researchers have identified weaknesses in defenses introduced after the Shai Hulud supply chain attacks that allowed attackers to ByPass protections in JavaScript Package managers using Git based dependencies. The issues, dubbed package Gate, were discovered by researchers at Coy Security and affect multiple tools. The findings stem from mitigations added after Shai Hulud compromised hundreds of packages and exposed hundreds of thousands of developer secrets. While measures such as disabling lifecycle scripts with ignore scripts were recommended, Coy found that NPM installs from Git repositories can be abused by via malicious configuration files to achieve full code execution, even when scripts are disabled. The researchers say this technique has already been used in proof of concept attacks. Other package managers patched similar flaws. NPM rejected the report, saying the behavior works as expected. Parent company GitHub said it is scanning for malware and urged stronger supply chain security practices, according to reporting by Bleeping Computer. Microsoft is investigating reports that some Windows 11 devices fail to boot after installing the January 2026 patch. Tuesday updates. The issue triggers an unmountable boot volume stop error during startup. Affected physical devices cannot boot into Windows and require manual recovery, while virtual machines appear unaffected. Microsoft has asked users to submit reports via Feedback Hub and says it is still determining whether the problem is update related. According to reporting first noted by Ask Woody, CISA has warned that attackers are actively exploiting multiple vulnerabilities across widely used enterprise and developer software, adding them to its known exploited vulnerabilities catalog. The flaws affect products from Versa, Zimbra, the Veit JavaScript framework, and the Prettier Code Formatter. Exploitation includes authentication bypasses, improper access controls, and supply chain attacks involving malicious NPM packages. CISA also flagged a separate critical heap overflow vulnerability in VMware VCenter server that enables remote code execution and has no workaround beyond patching. Federal civilian agencies are required to apply fixes or mitigations by mid February. CISA has not disclosed details about the attacks or their connection to ransomware. Researchers at ESET have attributed a major late 2025 cyberattack on Poland's energy sector to the Russia aligned Advanced Persistent Threat Group Sandworm. The incident, described as Poland's largest cyber attack in years, involved data wiping malware that ESED has dubbed DynamicNowiper detected as Win32 KillFiles NMO based on malware analysis and overlapping tactics, techniques and procedures. ESET says it made the attribution with medium confidence, though it found no evidence the attack caused a successful disruption. The timing is notable, coming during the 10th anniversary of Sandworm's 2015 attack on Ukraine's power grid, the first malware induced blackout. ESET says Sandworm continues to regularly target critical infrastructure, particularly in Ukraine, using destructive wiper attacks. Looking at our business brief last week the global cybersecurity sector saw a wave of funding and consolidation with multiple startups raising capital and a surge of mergers and acquisitions across five countries. Belgium based developer security firm Akido led funding with a $60 million Series B, while Post Quantum Security Startup Project 11 raised 20 million. Additional funding rounds supported firms focused on human risk management, cyber intelligence, software security and digital forensics across Europe, the US and India. M and A activity was equally strong with 10 announced deals. Notable transactions include Infoblox acquiring exposure management firm Axor, Delinea buying strong DM and Thinkst Canary acquiring Deceptiq. The deals reflect continued investment in identity security, managed services, AI governance and proactive threat detection as the market matures. Be sure to check out our weekly business briefing on our website. It's all part of Cyberwire Pro. Coming up after the break, Brandon Karp joins us to talk space and cyber and SISA sits out rsac. Stick around. What's your 2am Security worry? Is it do I have the right controls in place? Maybe are my vendors secure or the one that really keeps you up at night? How do I get out from under these old tools and manual processes? That's where Vanta comes in. Vanta automates the manual work so you can stop sweating over spreadsheets, chasing audit evidence and filling out end their trust management platform continuously monitors your systems, centralizes your data and simplifies your security at scale and it fits right into your workflows. Using AI to streamline evidence collection, flag risks and keep your program audit ready all the time. With Vanta, you get everything you need to move faster, scale confidently and finally get back to sleep. Get started@vanta.com cyber that's V A N T A dot com cyber. When it comes to mobile application security, good enough is a risk. A recent Survey shows that 72% of organizations reported at least one mobile application security incident last year and 92% of responders reported threat levels have increased in the past two years. Guard Square delivers the highest level of security for your mobile apps without compromising performance, time to market or user experience. Discover how Guard Square provides industry leading security for your Android and iOS apps at www.guardsquare.com. Brandon Karpf is leader of International Public Private Partnerships at NTT and before that he was one of our colleagues here at the Cyberwire. I recently sat down with him and Maria Vermazes from the T Minus Space Daily Podcast to talk space and cyber. So I want to talk about space safety and who's keeping track of what's where in orbit. Maria, is it fair for me to start with you to give us the little TLDR on how we track things in orbit and where to begin with this?
[13:55]
Maria Vermazes
I'm going to do my best. It is confusing, so I'm sure a listener out there who knows this world inside and out is going to go I got half of this wrong, but I'm going to try Our view of what's going on in space is not as complete as I think most people would think it is. We know very well for the most part what geostationary satellites are in orbit because from our perspective they don't really go very fast. We see them and they're up in the sky and they're like, okay, they're there. Low Earth orbit. We have a somewhat patchwork understanding of what's on orbit and there's a lot that we miss. And essentially there's no one entity that's in charge of tracking all this. I think that's the thing that surprises a lot of people. There's no central traffic control. There are a lot of private companies that are tracking space satellites, space debris of different sizes, things like that. There are several different governments that are tracking satellites. The United States government certainly is doing its bid on that part. And then there's the US Department of Commerce. That is sort of seen as like the best that we have at a central repository for understanding what's on orbit. But again, there is no complete knowledge of everything that's up there. So when people are saying how many satellites are in orbit, it's always an estimate because we can't know at one time. Like, you know, you think of a sci fi movie, oh, we can see all the satellites up there. We know exactly where they are. No, we don't. It's just not that complete. We have a good sense of it and there are different ways to patch this information together, but it's not like a complete accurate picture of our asset management system or our network. We just don't know entirely.
[15:26]
Dave Bittner
So this article talks about a system, do I have it right? Referred to as Trax.
[15:31]
Maria Vermazes
Trax, yeah.
[15:33]
Dave Bittner
And what is that?
[15:35]
Maria Vermazes
Trax is a system that is currently in Beta, that is coming out of Beta, that is headed by the US Department of Commerce, that is supposed to be the. The best that we can get at a central understanding of what's going on in space. And this is a project that's been in the works for some years. And in the middle of 2025 there actually was the White House budget, a thing to kill it entirely, which was very alarming for people in the space industry because a lot of people had been banking on this coming out. So thankfully it sounds like that didn't happen because the industry rallied to save it. But it did start this larger conversation of we seriously do not have a great understanding of all of the assets in space. Tracks was seen as our best bet, but it's still not the best. And again, there's a lot, there's a lot of confusion about. I'm confused just trying to explain it because there really isn't a great clear picture of this. And every time I try to learn more about it, it's like there's a bazillion small companies that are trying to add to this and are they all talking to each other? No, it's not Great. It's not great.
[16:39]
Brandon Karpf
Kind of like a disaggregated air traffic control system, right?
[16:43]
Maria Vermazes
Yeah. And it doesn't exactly engender confidence in this whole thing. We're talking about space debris, you know, collision avoidance, that kind of thing. It's like, do we have that one single pane of glass of knowledge? And the answer is no. And that's terrifying to me, to be honest.
[16:58]
Dave Bittner
So what this article gets to Brandon is we closed out last year with an executive order from President Trump which was titled Ensuring American Space Superiority, which talks about these traffic management services. And there was a subtle shift in the language used here. Can you unpack that for us?
[17:22]
Brandon Karpf
Yeah, I'll start with kind of like a why this is so important right now.
[17:26]
Dave Bittner
Yeah.
[17:27]
Brandon Karpf
Years ago when I was an undergrad in college, I somehow got myself accepted into an internship program at the National Reconnaissance Office. So NRO in Chantilly, Virginia.
[17:39]
Maria Vermazes
Yeah.
[17:40]
Brandon Karpf
And so as an intern at this place, I got to tour their, their wash floor and their operations center and this, this kind of really cool dark room with all of these computer screens and these big screens on the wall with abstractions of orbits and things like that. And there, this massive floor, There was about five people there and there were mostly like 20 year old air Force enlisted airmen. And this was, you know, way before the Space Force, way before, when I was asking this one what he was doing, he was looking at all these conjunction warnings.
[18:14]
Maria Vermazes
Yeah.
[18:14]
Brandon Karpf
And really conjunction warning is when a piece of debris or two satellites get within, you know, 100 miles or something like that of each other, there's a, there's a warning based on what we're actually tracking. And so I was asking, cool, like, how many satellites are there? And he's like, well, probably about a thousand that we're tracking. And cool. How many pieces of debris are we tracking this? Oh, another couple thousand. Awesome. So you know, how many conjunctions are you addressing? And this explains why there was only five people on the swatch floor. He goes, eh, we get one like one a day maybe. So that was a little bit ago with a thousand satellites today.
[18:49]
Maria Vermazes
This was a while ago.
[18:50]
Brandon Karpf
Today we have 14,000 satellites up there.
[18:53]
Maria Vermazes
Approximately.
[18:54]
Brandon Karpf
Approximately.
[18:55]
Dave Bittner
Right.
[18:55]
Brandon Karpf
With plans of growing potentially to like 100,000 in the next four years. Satellites in different orbits. On top of that, all the space debris continues to increase. So now conjunction messages have increased from one a day, a couple a day, maybe a few dozen a day to over 600,000 every single day.
[19:21]
Maria Vermazes
Yeah.
[19:22]
Dave Bittner
Wow.
[19:23]
Maria Vermazes
Right. And who's the central authority for, hey, there's a conjunction event happening. Who do you talk to? Who coordinates with whom on that? How do you, how does that, how does it work?
[19:32]
Brandon Karpf
And, and it's definitely not NRO because they're focused on their, the few exquisite military and intelligence community satellites. It's not NASA, because that's not NASA's mission. It's not really the FAA because the FAA does some stuff with space traffic, but mostly with launch and recovery for some reason. This track system is with the Department of Commerce. So really what we're getting to is, as Maria pointed out, there is no central authority to, as the White House is released, ensure American space supremacy over the coming decade, especially when it comes to traffic management. And so what's interesting here in the change is this policy put out by the White House, I think, I mean, what was it like December 18th? It was right before the holidays, is that the US government is going to make this system available for free, make the data within the traffic management system, this track system, and I assume others, although it's still kind of unclear exactly what data and from where and to whom and how to get access to it, but supposedly making it accessible to the whole industry, which would be a.
[20:45]
Maria Vermazes
Good thing because more information is good. Is there a downside to this?
[20:52]
Brandon Karpf
No. I mean, it's, it's a budget item.
[20:54]
Maria Vermazes
Yeah.
[20:54]
Brandon Karpf
The government funding act, the one big beautiful bill act that was passed over the summer, did increase the FAA's ability to charge commercial space companies in terms of how much payload by mass they're putting into orbit. And so there are increased, you know, revenue lines for the government to potentially fund things like this. But I think it's a, to me right now, especially this being totally new, without a lot of analysis being put forward, it's a little unclear where this data is coming from, how people get access to it, whether tracks is going to be the system of record, if Department of Commerce is going to continue to manage that, which is a little bit odd. It's not like, at least I'm not aware that they do traffic management for shipping, you know, or for air traffic or things like that. So why would they do space traffic? A little bit unclear.
[21:46]
Dave Bittner
So this article points out that space situational awareness is no longer just a safety function, but a strategic one. And so, Brandon, putting on your former military hat, is there a case to be made strategically to limiting the availability of this information?
[22:08]
Maria Vermazes
Hmm?
[22:09]
Brandon Karpf
Oh, interesting question. So good question. You know, certainly within these feeds and, you know, there will probably be information on the location that position the vectors of more Exquisite space capabilities. But then again that stuff is up there. It's not like it's a secret, right? It's what it does is potentially a secret. But it's pretty obvious to see the thing because if you have a clear unobstructed view of the night sky, you can pretty much track anything that's up there with some relatively inexpensive equipment, whether through radio frequency collection or from, you know, actually measuring and doing kind of like radar type telemetry off of, off of satellites. So I think the analogy here is probably similar to Earth observation where all these commercial providers of Earth observation assets now you can go and buy, you know, down to the 10 centimeter level Earth observation data, right. Pictures of Earth down to that level of granularity of anywhere on Earth. You can go and buy this of, of you know, views of war zones like Ukraine and see that data yourself. You know, historically that's just been nation states who have access to that information. But now private companies are providing that similarly, not just with Earth observation, but also signals intelligence. Right. There's some Companies like Hawkeye 360 were providing site surveys and signals around different areas of the world. Again typically an exquisite capability that was reserved to nation states. So this is kind of democratization of exquisite data is nothing new to this industry. I think the more we see the space industry grow and accelerate, the more we're going to see exquisite sources of data being broadly accessible to anyone who wants to write a check to these companies. What's unique here, you know, I think as you pointed out, is this is being provided by the government. And it's not just government data. It's going to, it looks like it's some commercial data as well. Again, who's paying for unknown adding as.
[24:15]
Maria Vermazes
A corollary, the space industry overall, especially in the US is at this very interesting point where a lot of capabilities that have been grandfathered in are like with the doc, owning tracks doesn't, at least to my mind, make a whole, whole lot of sense why it's there. There's this element of maturity that's, that's happening very quickly right now by necessity. And it's going to be very interesting to see if we get any transparency about some of this data. As you said, we don't know where some of the commercial stuff's going to be coming from or going to. And if that's, do we even need to know that? But I mean there are some capabilities that tracks can't do that. The commercial sector is trying to fill in those gaps like for space debris, for example, there are certain sizes of space debris that are so tiny but still extremely dangerous that a lot of people in the private sector are trying to, to make their niche of detecting that space debris. Is that information going to make it into tracks? And if it is, I imagine it's going to come at a very premium price. But it's still extremely important to avoid not just collisions, but eventually even the Kessler effect. God forbid.
[25:15]
Dave Bittner
Yeah. I wonder how quickly does this problem or this challenge becomes hard to manage or impossible to manage. You know, Brandon, you talked about going from one a day to 600,000 alerts, so it doesn't strike me as being linear. Right. The more objects we put up there, the more potential for interactions and debris and collisions and all that kind of stuff. So when does this become unmanageable and who's in the best position to manage it?
[25:48]
Brandon Karpf
Yeah, the rules of the road here are kind of interesting. And pick your analogy. If we looked at the FAA's Air Traffic Control system, the number of flights per day are still pretty limited and regionally so, and controllable with proper staffing. That's a separate issue entirely in terms of the air traffic controllers of the faa. But it's a tractable problem at human speeds and human analysis, especially with, with, you know, airplanes all having their transponders and transcoders and, you know, sending their location information it and moving relatively slowly, whereas in low Earth orbit things moving much faster. Of course the distances are greater, but you're having a lot more and a lot more potential conjunctions. This quickly to your point, grows exponentially to a stage where I don't think human intervention is going to be the proper approach. So now a different analogy would be like the Security Operations center, who's looking at intrusion alerts and things like that, where we're now getting potentially billions of alerts per day at the largest security operations centers and no staff, no human staff can review all those alerts. So you have to implement a layer of automation and automatic analysis on top of that to elevate the most critical alerts or to respond automatically, which is what we're seeing in the security world. Right. The initial response is happening autonomously without human intervention. That's just not a human tractable problem.
[27:21]
Maria Vermazes
It's amazing to me that when you mentioned the Security Operations center, when I was at one of the space conferences, I saw something about alert fatigue and cutting through the noise. And I'm going, oh my gosh, that language is now in the space world. And I was just thinking of all the things about cutting through the noise and you know, use it. How to, how to, you know, make sense of what's in your logs and I'm going this exact same problem.
[27:43]
Brandon Karpf
But talk talk about an opportunity for the folks in the cybersecurity industry potentially kind of diversifying, you know, soar security, orchestration, automation and response can now mean space operations.
[27:54]
Maria Vermazes
There you go.
[27:55]
Dave Bittner
Nice.
[27:56]
Brandon Karpf
I mean the same, the same kind of tools. Yeah that that have the cybersecurity industry has been forced to innovate around and develop over the last decade could be incredibly helpful. And the lessons learned of how to build proper operations floors and teams and manage the human element like alert, fatigue, et cetera.
[28:15]
Dave Bittner
Time will tell. It strikes me that we're playing a bit of catch up when it comes to this stuff, but that's just my sense. All right. Maria Vermazes is host of the T Minus Space Daily Podcast and Brandon Karpf is the leader of International Public Private Partnerships at ntt. Thanks for joining us for thank you.
[28:34]
Maria Vermazes
Thank you.
[28:36]
Dave Bittner
Our thanks to Brandon Karp for joining us. Be sure to check out the T Minus Space Daily Podcast wherever you get your favorite podcasts. The world moves fast. Your workday even faster. Pitching products, drafting reports, analyzing data. Microsoft 365 Copilot is your AI assistant for work built into Word, Excel, PowerPoint and other Microsoft 365 apps you use, helping you quickly write, analyze, create and summarize so you can cut through clutter and clear a path to your best work. Learn more@Microsoft.com M365 Copilot this episode is.
[29:25]
Maria Vermazes
Brought to you by Indeed. Stop waiting around for the perfect candidate. Instead, use Indeed's sponsored jobs to find the right people with the right skills fast. It's a simple way to make sure your listing is the first candidate C According to Indeed data, sponsored jobs have four times more applicants than non sponsored jobs. So go build your dream team today with Indeed. Get a $75 sponsored job credit@ Indeed.com podcast. Terms and conditions apply.
[29:57]
Dave Bittner
And finally, the Cybersecurity and Infrastructure Security Agency has decided it will not attend the RSA conference this March, a move that leaves much of the cybersecurity world blinking in confusion. This is, after all, the industry's largest annual gathering, a week long exercise in talking about threats, resilience and coordination. Exactly the sort of thing a national cyber defense agency might be expected to show up for. CISA says the decision reflects a renewed focus on core statutory duties and alignment with President Donald Trump's security priorities, along with careful use of taxpayer dollars. Fair enough, except RSAC has long been where CISA delivered its message, rallied vendors and talked directly to defenders. The absence lands days after former CISA director Jen Easterly became RSAC's CEO, her latest stop after a politically turbulent exit from government in a rescinded role at the United States Military Academy at West Point. Once CISA officials headlined rsa, now they're skipping it. For an agency tasked with national cyber coordination, opting out of the one place everyone coordinates feels less strategic and more baffling. And that's the Cyber Wire. For links to all of today's stories, check out our daily briefing@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like our show, please share a rating and review in your favorite podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com N2K's senior producer is Alice Carruth. Our Cyberwire producer is Liz Stokes. We're mixed by Trey Hester with original music by Elliot Peltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Dave Bittner. Thanks for listening. We'll see you back here tomorrow. If you only attend one cybersecurity conference this year, make it RSAC 2026. It's happening March 23rd through the 26th in San Francisco, bringing together the global security community for four days of expert insights, hands on learning and real innovation. I'll say this plainly, I never miss this conference. The ideas and conversations stay with me all year. Join thousands of practitioners and leaders tackling today's toughest challenges and shaping what comes next. Register today@rsaconference.com cyberwire26. I'll see you in San Francisco. Attackers don't go through your tools, they go around them. In our interview with Jared Atkinson, CTO at Spectrops, he reveals how attackers look to exploit our identities, steal tokens, and quietly snowball their access across Active Directory, cloud apps and GitHub. We talk through attack paths, why least privilege keeps failing, and how one misconfiguration can hand over the keys to your organization. Want to see risk as attackers do? Then check out the full interview now on TheCyberWire.com Spectrops.