Wired, but not fired. - CyberWire Daily

Summary9 min read

CyberWire Daily Podcast Summary: "Wired, but not Fired" (May 2, 2025)

Introduction

In the "Wired, but not Fired" episode of the CyberWire Daily podcast, host Maria Vermazes, alongside guest Kevin McGee from Microsoft, delves into the latest developments in the cybersecurity landscape as of early May 2025. The episode not only covers significant cyber incidents but also provides in-depth coverage of the RSA Conference 2025, highlighting emerging trends, expert insights, and pivotal discussions shaping the future of cybersecurity.

1. Top Cybersecurity News

The episode begins with a rapid-fire overview of critical cybersecurity incidents and updates that have occurred recently:

Canadian Power Company Hit by Cyberattack

Halifax-based electric utility Nova Scotia Power, along with its parent company Emera, recently suffered a cyberattack that led to the shutdown of parts of their IT networks. According to Security Week, the attack disrupted customer care phone lines and the online portal but left physical operations unharmed. Maria Vermazes notes, "The incident has not impacted the utility's ability to safely and reliably serve customers in Nova Scotia." (01:09)
Ascension Health Discloses Data Breach

US health system Ascension informed patients about a data breach resulting from a compromised third-party vendor in December 2024. The breach exposed personal information, including Social Security numbers and detailed medical records. Dave Bittner emphasizes the severity: "The medical data included inpatient visit information, diagnosis codes, and insurance details." (01:09)
Harrods Faces Attempted Cyberattack

London's luxury department store Harrods experienced an attempted cyberattack, prompting the restriction of internet access at its locations. While the flagship store remained operational, customers are still able to shop online. Dr. Richard Horn from the UK's National Cybersecurity Centre (NCSC) commented, "These incidents should act as a wake-up call to all organizations." (01:09)
Microsoft Resolves Gmail Spam Bug

Microsoft addressed a machine learning issue in Exchange Online that mistakenly flagged legitimate Gmail emails as spam from April 25 to May 1. The problem was traced back to the ML model misclassifying emails due to their similarity to known spam patterns. By reverting to a previous model version, Microsoft mitigated the issue effectively. Dave Bittner reports, "The company reverted to a previous ML model version, effectively mitigating the issue." (01:09)
Unofficial Signal App in Trump Cabinet Meeting

A photograph from a Trump Cabinet meeting revealed that the former National Security Advisor Mike Waltz was using an unofficial version of the Signal app, known as TM Signal. This modified app includes message archiving features that could compromise Signal's standard end-to-end encryption. This raised concerns about the security of sensitive government communications. (01:09)
EU Fines TikTok for GDPR Violations

The European Union fined TikTok €530 million (~US$600 million) for violating the General Data Protection Regulation (GDPR). Ireland's Data Protection Commission found that TikTok inadequately safeguarded European users' data, particularly data accessed by staff in China. TikTok plans to appeal, asserting that the issues predate its data localization efforts under Project Clover. (01:09)
Extradition of Artem Strizhak for Ransomware Activities

Ukrainian national Artem Strizhak was extradited from Spain to the United States to face charges related to the Nephilim ransomware operation. The superseding indictment accuses him of orchestrating ransomware attacks across multiple sectors, including aviation and insurance, resulting in millions of dollars in losses. Strizhak faces up to five years in prison if convicted. (01:09)
US Treasury Designates Huion Group for Money Laundering

The US Treasury's Financial Crimes Enforcement Network (FinCEN) designated Cambodia-based Huion Group as a primary money laundering concern under the USA Patriot Act. Huion is accused of laundering over $4 billion in illicit proceeds linked to North Korean cyber heists and Southeast Asian "pig butchering" scams. This designation aims to sever Huion's access to the US financial system. (01:09)
Microsoft Moves to Passwordless Accounts

In a significant security enhancement, Microsoft announced that all new accounts will be passwordless by default. This shift aims to combat threats like phishing and credential stuffing by utilizing authentication methods such as passkeys, biometric verification (e.g., Windows Hello), security keys, or push notifications instead of traditional passwords. (01:09)

2. Highlights from RSA Conference 2025

As RSAC 2025 concluded, Maria Vermazes and Kevin McGee provided a comprehensive overview of the event's key discussions and themes:

AI Governance Panel

Leaders from OpenAI, Workday, and Uber participated in a panel focused on building trust in AI systems. The discussion emphasized the necessity of robust safety measures and compliance frameworks to ensure AI systems are reliable and secure. Notably, a panelist stated, "Building trust in AI requires a foundation of safety and compliance that cannot be overlooked." (01:09)
US Cybersecurity Policy Overview by Deputy National Security Advisor Anne Neuberger

Anne Neuberger provided an in-depth look into the US cybersecurity policy, covering initiatives related to emerging technologies like AI, 5G, and 6G. She also outlined strategies to combat ransomware and illicit cryptocurrency activities, highlighting the administration's proactive stance on evolving cyber threats. (01:09)
RSAC College Day

RSAC College Day served as a platform for aspiring cybersecurity professionals to connect with industry experts. The event focused on mentorship and career development, fostering the next generation of cybersecurity talent. According to Maria, "RSAC College Day connected aspiring cybersecurity professionals with industry experts, fostering mentorship and career development." (01:09)

3. In-Depth Interviews from RSAC 2025

Kevin McGee, acting as an intern for the CyberWire, conducted several insightful interviews with prominent figures in cybersecurity during RSAC 2025. Below are summaries of these conversations:

Christopher Sim, CTO at Bulletproof

Discussion Highlights:

Christopher expressed his enthusiasm for the advancements in AI, particularly large language models, and their potential to revolutionize cybersecurity defenses. He emphasized the importance of integrating third-party tools to consolidate threat detection and response capabilities. Christopher highlighted, "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer." (12:15)
Dr. Chase Cunningham, Dr. Zero Trust

Discussion Highlights:

Dr. Cunningham shared insights about his upcoming books, including a sequel to his Gabriel novel and "Buy the Breach," which analyzes the stock market impact of cybersecurity breaches. He anticipates that AI, Security Operations Centers (SOCs), and Managed Service Providers (MSPs) will be dominant themes at the conference. Additionally, he is hosting sessions on zero trust and 5G technologies. (13:41)
Helen Patton, Cybersecurity Advisor at Cisco

Discussion Highlights:

Helen discussed the Cybersecurity Canon project, aimed at sharing cyber wisdom through curated book recommendations. She is co-authoring a book to help mid-career professionals transition into cybersecurity roles. Helen emphasized the importance of bridging the gap between academic training and professional operational needs, stating, "I've spent my career trying to help academics understand how professional operators think." (14:49)
Jeremy Vaughn, CEO and Co-Founder of Startleft Security

Discussion Highlights:

Jeremy, a non-technical founder, highlighted Startleft Security's focus on empowering developers and advancing the "shift left" movement in cybersecurity. He anticipates that AI will be a major theme at RSAC, exploring both leveraging AI for security and securing AI systems themselves. Jeremy is excited about partnerships, especially with Microsoft, and looks forward to showcasing Startleft's value proposition. (17:35)
Vika Schneider, CEO and Co-Founder of Pint

Discussion Highlights:

Vika discussed Pint's expertise in application security and the dual themes of leveraging AI for security purposes and securing AI technologies. Despite the challenges of constant travel, she remains enthusiastic about the innovative discussions at RSAC. Vika underscored the importance of operational reality and tactical implementation in transitioning AI concepts into practical security solutions. (20:09)

4. Reflections and Closing Thoughts

Kevin McGee concluded his segment with reflective insights on the RSA Conference experience:

Community and Innovation Amidst Chaos

Kevin described RSAC as a bustling hub where cybersecurity professionals congregate, fostering a sense of community and shared purpose. He noted, "For all the noise, all the chaos and all the goats, there's something here that reminds me why I love this industry. It's the people, the purpose, the defenders who show up." (23:28)
Evolving Conversations on AI

Initially overwhelmed by the plethora of AI-related discussions and buzzwords, Kevin observed a shift towards more substantive conversations about the operational and tactical implementation of AI in cybersecurity. He highlighted debates on the roles AI should play, governance of AI decisions, and the necessity of keeping humans in the loop for critical security functions. (23:28)
Support for Startups

Emphasizing the challenges faced by startups at large conferences, Kevin encouraged attendees to engage with emerging companies exhibiting at RSAC. He advocated for supporting innovation and creativity, noting that numerous startups are poised to become significant players in the cybersecurity landscape. (23:28)
Final Takeaway

Despite the demanding environment and the overwhelming scale of RSAC, Kevin reaffirmed the value of attending, citing the inspiration drawn from the collective expertise and dedication of the cybersecurity community. "It's nice to see the community come together. Not just to learn, network, collect swag and meet Dave Bittner, but also have some fun." (23:28)

5. Additional Content and Resources

Microsoft for Startups Spotlight

The episode also highlights additional content available through the Microsoft for Startups Spotlight series. This includes interviews with startup veterans and members discussing their journeys from hackers to entrepreneurs and showcasing innovative cybersecurity solutions.
Research Saturday Preview

Listeners are teased with an upcoming episode featuring Shaked Reiner, Principal Security Researcher at CyberArk, discussing research on "Agents Under Attack: Threat Modeling Agentic AI." This segment promises to delve into the vulnerabilities and threat models associated with autonomous AI agents in cybersecurity. (22:59)
Call to Action

The podcast encourages listeners to engage with their content by sharing ratings, reviews, and feedback to ensure the delivery of relevant insights. Additionally, they promote N2K Networks' services, emphasizing their role in optimizing team performance and enhancing cybersecurity investments. (22:59)

Conclusion

The "Wired, but not Fired" episode of CyberWire Daily offers a comprehensive overview of the current cybersecurity landscape, blending timely news updates with in-depth analysis from one of the industry's premier conferences. From significant cyber incidents impacting major organizations to forward-looking discussions on AI governance and the evolving roles of cybersecurity professionals, the episode serves as an invaluable resource for staying informed and prepared in the ever-changing world of cybersecurity.

Notable Quotes:

Maria Vermazes: "Happy Friday everybody. Thanks for joining us today." (01:09)
Dr. Richard Horn, NCSC: "These incidents should act as a wake-up call to all organizations." (01:09)
Christopher Sim: "Advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer for me." (12:39)
Chase Cunningham: "I've done 10 years worth of data research and sure enough, there's a very clear trend." (14:26)
Helen Patton: "The Cyber Security Canon project has actually been around for about 10 years and the goal of the project is to share cyber wisdom with the community." (15:02)
Jeremy Vaughn: "In security we always forget about people. I think we've been doing cybersecurity wrong for 25 years." (18:08)
Vika Schneider: "We're not just talking about AI agents doing security tasks. We started to dive into conversations like what they should be doing, what they should be trusted with." (21:07)
Kevin McGee: "It's the people, the purpose, the defenders who show up. All of you have big responsibilities, important missions and difficult jobs." (23:28)

Additional Resources:

Show Notes and Links: For a deeper dive into the topics covered and to connect with the guests featured in this episode, listeners can refer to the show notes available at thecyberwire.com.
Research Saturday: Tuned to air with Shaked Reiner discussing "Agents Under Attack: Threat Modeling Agentic AI."

Stay Connected:

To stay updated with the latest in cybersecurity news and analysis, subscribe to the CyberWire Daily podcast and follow N2K Networks for more insightful content.

Loading summary

Transcript66 lines

[00:02]
Maria Vermazes
You're listening to the Cyberwire network, powered by N2K.
[00:12]
Dave Bittner
And now a word from our sponsor. Spy Cloud Identity is the new battleground and attackers are exploiting stolen identities to infiltrate your organization. Traditional defenses can't keep up. Spy Cloud's holistic Identity Threat protection helps security teams uncover and automatically remediate hidden exposures across your users from breaches, malware and phishing to neutralize identity based threats like account takeover, fraud and ransomware. Don't let invisible threats compromise your business. Get your free corporate Darknet exposure report@spycloud.com cyberwire and see what attackers already know. That's spycloud.com cyberwire.
[01:10]
Maria Vermazes
RSAC 2025 comes to an end Canadian power company hit by a cyber attack Ascension Health discloses another breach UK luxury department store Harrods discloses attempted cyber attack Microsoft fixes a bug flagging Gmail as spam, an unofficial version of the signal app shared in photo EU finds T TikTok for violating GDPR with China data transfer US treasury to cut off Southeast Asian cybercrime Key player Passwordless by default coming your way and our guest is Kevin McGee from Microsoft, sharing a medley of interviews that he gathered on the show floor of RSAC 2025. Today is May 2, 2025. I'm Maria Vermazes, host of T Minus Space Daily podcast in for Dave Bittner today and this is your Cyberwire Intel Briefing. Happy Friday everybody. Thanks for joining us today. On the final day of RSA Conference 2025, the cybersecurity community discussed emerging challenges and innovations. The AI Governance panel featured leaders from OpenAI, Workday and Uber who explored strategies for building trust in AI systems, emphasizing the need for robust safety measures and compliance frameworks. Legal eagles and CISOs highlighted the critical need for collaboration between legal teams and cybersecurity leaders to navigate regulatory landscapes and bolster organizational resilience. Deputy National Security Advisor Anne Neuberger offered a comprehensive overview of US cybersecurity policy, discussing initiatives related to AI 5G 6G technologies and strategies to combat ransomware and illicit cryptocurrency activities and RSAC College Day connected aspiring cybersecurity professionals with industry experts, fostering mentorship and career development. Be sure to stay tuned for a final installment from intern Kevin from the RSAC 2025 floor. Halifax based electric utility Nova Scotia Power and its parent company Emera have shut down parts of their IT networks while responding to a cyberattack. According to a report from Security Week. The attack disrupted the utility's customer care phone line and online portal but did not affect physical operations. The company stated that there remains no disruption to any of our Canadian physical operations, including at Nova Scotia Powers generation, transmission and distribution facilities, the Maritime Link or the Brunswick pipeline, and the incident has not impacted the utility's ability to safely and reliably serve customers in Nova Scotia. There has been no impact to Amera's US or Caribbean utilities. CBC News reports that the utility is only responding to emergencies and outages, leaving some new customers unable to get their power turned on. US Health system Ascension is informing some patients that their medical data was breached after hackers compromised a third party vendor and in December 2024, according to a report from the Register. The breached data involved personal information including Social Security numbers as well as medical information. The medical data included information related to inpatient visits such as the place of service, physician name, admission and discharge dates, diagnosis and billing codes, medical record number and insurance company name. Ascension sustained a separate breach in May 2024 after it was hit by the Black Bosta ransomware gang. London luxury department store Harrods has restricted Internet access at its locations following an attempted cyber attack, according to the BBC. The company says its flagship store remains open and customers can still shop online. Two other major UK retailers, Marks and Spencer and Co Op, are currently recovering from disruptive cyber attacks. The UK's National Cybersecurity center, or NCSC, chief executive Dr. Richard Horn said in a statement that the disruption caused by the recent incidents impacting the retail sector are naturally a cause for concern to those businesses affected, their customers and the public. The NCSC continues to work closely with organizations that have reported incidents to us to fully understand the nature of these attacks and to provide expert advice to the wider sector based on the threat picture, horn added. These incidents should act as a wake up call to all organizations. I urge leaders to follow the advice on the NCSC website to ensure that they have appropriate measures in place to help prevent attacks and respond and recover effectively. Microsoft has resolved a machine learning issue and Exchange Online that incorrectly flagged legitimate Gmail emails as spam. The problem, tracked as EX 1064 599, began on April 25, causing affected messages to be diverted to users junk folders. Microsoft attributed the false positives to the ML model, misclassifying emails due to similarities with known spam patterns. By May 1, the company reverted to a previous ML model version, effectively mitigating the issue. A photograph taken during a Trump Cabinet meeting revealed that the now former National Security Advisor Mike Waltz was using an unofficial version of the signal messaging app known as TM Signal. Developed by Telemessage, this modified app adds message archiving capabilities potentially compromising signal standard end to end encryption. The image showed Walt communicating with Top officials including J.D. vance, Tulsi Gabbard and Marco Rubio, raising concerns about the security of sensitive government communications. The European Union has fined TikTok 530 million euros, or approximately US$600 million for violating the General Data Protection Regulation, or GDPR, by inadequately safeguarding European users data accessed by staff in China. Ireland's Data Protection Commission found that TikTok failed to ensure EU equivalent protections and lacked transparency about data transfers. The investigation also revealed that TikTok provided inaccurate information, initially denying storage of EU user data on Chinese servers, only to later admit some data had indeed been stored there. TikTok plans to appeal, asserting that the issues predate its Project Clover, which aims to localize data within Europe through new data centers. Ukrainian national artem Strizhak, age 35, has been extradited from Spain to the United States to face charges related to his alleged role in the Nephilim ransomware operation. According to a superseding indictment unsealed in the Eastern District of New York, Strzhak is accused of conspiring to commit fraud and extortion by deploying Nephilim ransomware against high revenue companies across the United States, Canada, Europe and Australia between 2018 and 2021. He reportedly entered into an agreement with Nephilim administrators receiving access to the ransomware in exchange for 20% of the ransom proceeds. The attacks targeted sectors including aviation, chemicals, construction and insurance, resulting in millions of dollars in losses. Strizhak is scheduled for arraignment and if convicted faces up to five years in prison. The US Treasury's Financial Crimes Enforcement Network has designated Cambodia based Huion Group as a primary money laundering concern under section 311 of the USA Patriot Act. This action aims to sever Huion's access to the US financial system, citing its role in laundering over $4 billion in illicit proceeds between August 2021 and January 2025. The funds are linked to North Korean cyber heists and Southeast Asian pig butchering scams, which are fraudulent investment schemes that exploit victims through social engineering tactics. Microsoft has announced that all new Microsoft accounts will be passwordless by default to enhance security against threats like phishing and credential stuffing. So instead of traditional passwords, new users will authenticate using methods such as passkeys, biometric verification like Windows, hello security keys or push notifications. Stay tuned after the break. Evan McGee is closing out RSAC 2025 with a high energy medley of interviews straight from the show floor, packed with sharp insights and bold ideas from some of cyber security's standout voice.
[10:10]
Kevin McGee
Foreign.
[10:22]
Dave Bittner
Testing is resource intensive, slow and expensive, providing only a point in time snapshot of your application's security, leaving it vulnerable between development cycles. Automated scanners alone are unreliable in detecting faults within application logic and critical vulnerabilities. Outpost 24's continuous pen testing as a service solution offers year round protection with recurring manual penetration testing conducted by Crest certified pen testers, allowing you to stay ahead of threats and ensure your web applications are always secure. And now a word from our sponsor Black Kite. If third party risk is keeping keeping you up at night, you're not alone. It's a constant battle. Black Kite's third party cyber risk platform is built on real world threat intelligence straight from their research team's ongoing breach analysis, dark web monitoring and attacker tactics. That means you get a hacker's eye view of your supply chain to proactively spot risks. And speaking of research, they just dropped their 2025 third party breach report breaking down last year's biggest trends and what's coming next. Grab the report now at www.blackkite.com.
[12:00]
Maria Vermazes
Kevin McGee was at the RSA conference this past week as our intern gathering Kevin on the street interviews and today he's closing out RSAC 2025 with a high energy medley of interviews straight from the show floor from some of cybersecurity standout voices. Here are his conversations.
[12:16]
Christopher Sim
Christopher Sim and I'm the CTO at Bulletproof, so we are in the managed security services provider space. So looking after customers for all their services need pretty much your full IT shop, helping them from their implementation, incident response monitoring and detection of their cybersecurity needs.
[12:33]
Kevin McGee
So what are you hoping to see at RSA as the new products, new technologies make connections. What's, what's your goal here?
[12:39]
Christopher Sim
I would say a bit of networking and seeing all the new AI advancements and that's a huge buzzword that's going around the industry over the past few years. But the advancements on large language models and how that can actually help cybersecurity and us as defenders in the space is going to be a game changer for me.
[12:55]
Kevin McGee
So you're the CTO of an mssp, so your job is not just to build the technology for your company but also help other customers. It's a big responsibility. What do you think you're going to see here at the show that'll help you do your job better and serve your customers better.
[13:09]
Christopher Sim
I'm looking for a lot of the integration pieces. How can we solve the pain points for us as a service provider as well as our customers to bring to be able to consolidate all of the threats that are happening, be able to make our tools work better together. Because believe it or not, there's a lot of third party tools that are not talking together. And if we, if that can start to change, whether it's through agents in some way or form, depending which providers is making them, then that could help our customers and us be able to resolve all of our challenges.
[13:41]
Chase Cunningham
Dr. Chase Cunningham title is Dr. Zero Trust and company is Dr. Zero Trust. And that's me.
[13:47]
Kevin McGee
Awesome. We're sitting at the Cybersecurity Canon Breakfast and you've got a book coming out at rsa.
[13:53]
Chase Cunningham
Yeah, I've got two of them that just dropped this month. One is the sequel to my Gabriel novel called Variable and the other one is a book about the stock market impact of breaches called Buy the Breach.
[14:02]
Kevin McGee
That's pretty fascinating. Where did you come up with that title or where did you come up with that concept from?
[14:08]
Chase Cunningham
I was just looking at the data and seeing that there was a trend and how things were affecting company stock values when a breach did occur. And to me, I was just as a former analyst or current analyst, I guess I was just like, there's got to be something to this. And I did 10 years worth of data research and sure enough, there's a very clear trend.
[14:26]
Kevin McGee
So what's the big themes you think will be at the show this year?
[14:30]
Chase Cunningham
Well, I'm pretty sure we're going to see a lot of AI. I'm pretty sure we're going to see a lot of SOC sort of stuff. And then I think we're also going to see a lot of MSP work.
[14:39]
Kevin McGee
Awesome. And you've got a session?
[14:41]
Chase Cunningham
Yeah, I'm doing zero trust and 5G and then I also have two book signings as well, so it's going to be busy.
[14:47]
Kevin McGee
Fantastic. Thanks, Philip.
[14:49]
Helen Patton
Hey, I'm Helen Patton. I'm a cybersecurity advisor currently with Cisco.
[14:53]
Kevin McGee
We're at the Cybersecurity Canon Breakfast. It's a great show at 7am on day one. So tell me about the Cybersecurity Canon and what you're doing at rsa.
[15:02]
Maria Vermazes
Sure.
[15:03]
Helen Patton
So the Cyber Security Cannon project has actually been around for about 10 years and the goal of the project is to share cyber wisdom with the community. So we have a whole bunch of people who are security OGs who read books and write reviews and then hopefully the rest of the community can learn from them and know what to read and what they can avoid. So that's what we do. So while I'm here at the conference this year, I'm interested to know what wisdom looks like. I want to know what wisdom looks like around AI. I want to know what it looks like around geopolitical things. And I'm just interested in hearing what people are thinking thinking and how they're approaching that for their security programs.
[15:44]
Kevin McGee
So many of the committee members have books at the bookstore and the cyber security canon will have volunteers at the concierge at the bookstore. So tell me about that.
[15:52]
Helen Patton
Yeah, for sure. So the cyber canon has a bookshelf at the bookstore that gives you everyone who's made it into the hall of fame. So if you really quickly want to go in there and know that you're getting a good book that's worth reading, you just go straight to that bookstore store, that bookshelf. And we have committee members who are there to help you think about what you might want to read. So that happens as well. So we're super excited to be here. The bookstore has been a great partner for us.
[16:17]
Kevin McGee
And you've got a book in the works. Can you tell me about that?
[16:20]
Helen Patton
Yeah, I do. So Josiah Dykstra and I are co writing a book and it's for people who want to get into cyber security who are already mid career in some other security in some other non security profession. So we know there's a lot of people making it through college and right at the bottom of the funnel. But there's not a lot of resources out there for people who just want to switch. So career switches and it will come out later this year. So excited about that.
[16:48]
Kevin McGee
That's an area bringing new people into the profession and young people and diversity to our profession has been a real hallmark of your career. Can you tell me more about that?
[16:56]
Helen Patton
Yeah, sure. So I was lucky enough to be the CISO at the Ohio State University for eight years. And when you work at a university, you spend a lot of time thinking about what are we training our young people and what does that mean for their future career. And really when I started my career, we didn't have any sort of structured way of training people to come into cybersecurity. So I've spent my career trying to help academics understand how professional operators think and also help professional operators think how academics think and try and translate that. And it's been rewarding and frustrating all at the same time.
[17:33]
Kevin McGee
Wonderful. Thank you very much.
[17:35]
Jeremy Vaughn
Jeremy Vaughn with Startleft Security and I am the CEO and co founder.
[17:42]
Kevin McGee
So how was your trip here?
[17:45]
Jeremy Vaughn
Man? I am exhausted. But it is Sunday. Even though I'm exhausted, I'm fired up.
[17:51]
Kevin McGee
What you been doing here since you got here?
[17:53]
Jeremy Vaughn
I have been mingling. I've already been to two meetings before this and then I had a another event with the investment management group and then I'm here at the Microsoft event.
[18:05]
Kevin McGee
Start Left. Coolest name. Tell me what it is. What do you do?
[18:08]
Jeremy Vaughn
Star Left it is. You cannot get any further left than people. So in security we always forget about people. I think we've been doing cybersecurity for wrong for 25 years. That's what we're solving is we're solving the challenges at the core, empowering developers and helping this shift left movement actually succeed.
[18:32]
Kevin McGee
Awesome. So what do you think the big themes of the show are going to be?
[18:35]
Jeremy Vaughn
Well, I'd be remiss if I didn't say AI. I mean I'm on an AI panel but no AI. How do you secure AI? How AI is going to impact business in the future and just a lot of what happens with security when AI is introduced into an organization I think is going to be super huge topics.
[18:59]
Kevin McGee
Any sessions you're looking forward to?
[19:01]
Jeremy Vaughn
I am looking forward to learning about AI and what all cybersecurity actually hackers, what hackers are saying how they're looking at AI, how they're going to manipulate how businesses are using AI.
[19:19]
Kevin McGee
Now you are a non technical founder. Do I get it right?
[19:23]
Jeremy Vaughn
I am non technical. That has kind of become technical because I've sat with a super engineers for the last 20 years.
[19:35]
Kevin McGee
How many RSAs have you done?
[19:37]
Jeremy Vaughn
How many what?
[19:38]
Kevin McGee
How many RSAs have you done, oh this is.
[19:40]
Jeremy Vaughn
This is my third RSI. Yeah, maybe fourth. They all blend together.
[19:47]
Kevin McGee
Anything else you want to leave for last thoughts?
[19:50]
Jeremy Vaughn
I'm here. I'm really excited about the Microsoft partnership and what we're doing with Microsoft. But on the other side of that just really looking forward to meeting other partners and talking about Star Left and showing people our value.
[20:07]
Kevin McGee
Awesome. Thank you sir.
[20:09]
Jeremy Vaughn
Thank you.
[20:09]
Vika Schneider
Hey.
[20:10]
Kevin McGee
Hi everyone. My name is Vika Schneider. I'm the CEO of the and co founder of Pint. Pint is an expert in application security and I'm excited to be here in RSA and talking to you.
[20:21]
Awesome. Do you have a long trip to get here?
[20:23]
Very long to be honest. I came from Israel usually as startup you Spend your life between us and Israel, especially in cyber security startup. Yeah, long trip. Long trip. Like 24 hours.
[20:33]
Well, you're jet lag. You just got here. What do you think the theme for this week is going to be?
[20:37]
So, you know, I'm always energized. I'm not that jet lag. I think the theme of RSA will be this year, probably sticking stones. No, I'm joking. It will be an AI. AI. I think it's very, I think it's, it's like twofold AI. One, you know, how you leverage AI for security and how you're doing security for AI. So I think we'll see a bunch of those all over rsa and I'm excited to be part of it and appreciate you, Kevin, of, you know, taking that small note here.
[21:07]
Awesome. Great to see you. We'll see you around this week. Thank you.
[21:11]
Maria Vermazes
That was Kevin McGee reporting from the RSA conference show floor where he caught up with some of the industry's leading voices. Want to dive deeper into those conversations? Well, you can find all his guests linked in the show notes for you.
[21:37]
Dave Bittner
Let's be real. Navigating security compliance can feel like assembling IKEA furniture without the instructions. You know you need it, but it takes forever and you're never quite sure if you've done it right. That's where Vanta comes in. Vanta is a trust management platform that automates up to 90% of the work for frameworks like SoC2, ISO 27001 and HIPAA, getting you audit ready in weeks, not months, whether you're a founder, an engineer, or managing IT and security. For the first time, Vanta helps you prove your security posture without taking over your Life. More than 10,000 companies, including names like Atlassian and Quora Trust Vanta to monitor compliance, streamline risk, and speed up security reviews by up to five times. And the roi? A recent IDC report found Vanta saves businesses over half a million dollars a year and pays for itself in just three months. For a limited time, you can get $1,000 off vanta@vanta.com cyber that's v a n t a dot com.
[22:59]
Maria Vermazes
This past week we were joined on the RSAC floor in San Francisco by our partner, Kevin McGee, and he's the Global Director of Cybersecurity Startups at Microsoft for Startups. And he was stepping into the role of our honorary intern. And Kevin hit up the show floor to gather insights and interviews with industry leaders. And all of them have been featured right here as RSAC wraps up, Kevin shares his reflections on the conversations that stood out and the key themes that he observed throughout the week. Here's Kevin.
[23:29]
Vika Schneider
Kevin McGee here. Normally, I'm the Global Director of Cybersecurity for Microsoft for Startups, but this week I'm just Kevin, the intern for the Cyber Wire, bringing you another update from the always loud, always packed halls, expo floors, and trying to social engineer my way into the after parties of RSAC 2025. Let's start with the obvious. Yes, RSA is big. It's loud, it's gaudy, it's obnoxious, it's, let's just say, vendor heavy. But everything is so expensive. Just attending should come with massive stock options, grants. But someone said something to me this week that really stuck. What is RSA? It's like 40,000 of us, defenders, colleagues and cyber friends all just happen to show up in San Francisco at the same time. And honestly, that's what it feels like. You bump into friends you haven't seen in years, on sidewalks, in the coffee shop, in a hallway. You run into folks you only know from their much younger and filtered looking social media profiles. Yeah, you all do it. We're onto you. You get to meet the people behind the newsletters, the podcasts, the blogs, the news stories. And maybe, if you're lucky, you get to grab a selfie with someone like super famous, maybe Dave Bibonary. This year the themes were loud and clear. It's goats. More on that later. And of course, agentic AI. But what does agentic AI mean? Well, ask 40,000 people like I did and you'll get 40,000 different answers like I did. But as we shift into the final days of rsa, the conversations are starting to move beyond the hype and are starting to get real. Yes, there are a ton of abstract buzzwords, architecture, future gazing, and just plain bizarre ideas pulsing through this conference. But as the week goes on, I'm starting to have a really different approach to the conversations that I'm having. It's more operational reality and tactical implementation, moving from concept to context. We're not just talking about AI agents doing security tasks. We started to dive into conversations like what they should be doing, what they should be trusted with, how to govern their decisions, where humans must stay in the loop. It's not quite just hype anymore, but we've got a lot of homework to do in this area now. I like to spend as much of my RSA time as I can with startups, and I can tell you it's tough out there. For them at these big shows, they've poured their heart and soul into their products, they've maxed out their travel budgets to be here and now they've got a tiny booth at the back of the expo while a company with a goat petting zoo. Yes, it really happened. If you're there and you know, you know is giving away drones two aisles over. If you're here and something catches your eye, stop and talk to the founder. Ask them what they're building and why it matters, and you'll also get a look into the future and see what's coming down the pipeline. This year. There's a lot of talk about consolidation, but I don't think innovation's going anywhere. In fact, I think we're seeing more creativity and innovation than ever. Along with all the AI hype, I'm seeing thousands of new startups launch, many that will be occupying the big booth real estate in the years to come. So wrapping up every year, RSA comes up and I wonder, do I really want to go? All that travel, the meetings I'll miss, the emails that'll pile up, but every time I come, I leave with the same feeling. I'm so glad I did, because for all the noise, all the chaos and all the goats, there's something here that reminds me why I love this industry. It's the people, the purpose, the defenders who show up. All of you have big responsibilities, important missions and difficult jobs. It's nice to see the community come together. Not just to learn, network, collect swag and meet Dave Buettner, but also have some fun. So that's a wrap. I'm Kevin McGee, Kevin the intern, turning in my highly sophisticated and expensive voice capture equipment with the tape over the buttons I'm not allowed to press, and headed home for another successful rsac. See y'all next year. Anyone want a share ride to the airport? This search pricing is ridiculous.
[27:24]
Maria Vermazes
You can also catch Kevin on our Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft, where we shine a light on innovation, ambition and the tech trailblazers building the future right from the startup trenches. Kevin and Dave talk with startup veteran and Sygenta Co Founder FC about making the leap from hacker to entrepreneur. Then speak with three Microsoft for Startups members, Matthew Chiodi of Serby, Travis Howerton of Reg Scale and Carl Mattson of Endor Labs. Whether you're building your own startup or just love a good innovation story, be sure to listen in. And that's the Cyber Wire for links to all of today's stories, check out our daily briefing@thecyberwire.com be sure to check out our research Saturday Tomorrow this week, Dave sits down with Shaked Reiner, principal security researcher at Cyberark, who is discussing their research on agents under attack. Threat Modeling Agentic AI That's Research Saturday. Check it out. We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Please also fill out the survey in the show notes or send an email to cyberwire2k.com we're privileged that N2K Cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector. N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your teams smarter. Learn how@n2k.com N2K Senior Producer is Alice Carruth. Our Cyber Wire producer is Liz Stokes. We are mixed by Trey Hester with original music and sound design by Elliot Piltzman. Our executive producer is Jennifer Ibin. Peter Kilpe is our publisher and I'm Maria Vermazes in for Dave Buettner. Thanks for listening. Have a fantastic weekend.
[30:03]
Dave Bittner
What's the common denominator in security incidents, escalations and lateral movement. When a privileged account is compromised, attackers can seize control of critical assets with bad directory hygiene and years of technical debt. Identity attack paths are easy targets for threat actors to exploit, but hard for defenders to detect. This poses risk in active directory, entra, ID and hybrid configurations. Identity leaders are reducing such risks with attack path management. You can learn how attack path management is connecting identity and security teams while reducing risk with Bloodhound Enterprise powered by Spectrops. Head to SpectorOps IO today to learn more. Spectrops see your attack paths the way adversaries do.