Data Security Decoded

Episode: The Geopolitical Security Playbook: When Nations Clash in Cyberspace
Date: July 31, 2025
Host: Caleb Tolan (B)
Guest: Dustin Drouillard (A), Threat Intelligence & Geopolitics Expert

Main Theme & Purpose

This episode explores how geopolitical tensions spill over into the world of cybersecurity, examining how nation-state conflicts increasingly manifest through cyber operations. Dustin Drouillard shares his first-hand experiences, breaks down how cyber operations overlap with kinetic warfare, and provides practical advice for organizations and aspiring cyber defenders navigating these turbulent times.

Key Discussion Points & Insights

1. Dustin’s Unconventional Path to Cybersecurity

Origin Story: Dustin began as an intelligence analyst in the army, where he was exposed to diverse data types and analysis scenarios before moving into cyber operations.
- Quote: "I started out as an intelligence analyst in the army, and I didn't know it at the time, but it kind of provided solid background for when I later pivoted into cyber operations." – Drouillard [01:27]
Key Learning: Skills from intelligence analysis, including human, signals, and imagery intelligence, transferred well to the emerging cyber domain.

2. Geopolitical Conflict & Cyber Operations

2.1 Types of Cyber Operations in Geopolitical Context

Espionage vs. Effects:
- Espionage: Quiet, aimed at information gathering; actors avoid detection.
- Effects: Noisier, e.g., ransomware, DDoS, often used for direct impact or clear signaling.
- Quote: "When it comes to cyber conflict, you kind of have two different methods. You have espionage and you have effects." – Drouillard [03:17]
Examples:
- Recent Iran-Israel conflicts: cyberattacks on Iranian banks, targeting Israeli technology research both digitally and with physical missiles.
- North Korea: Primarily financially motivated cyber actions to fund nuclear development.
- "Volt Typhoon": A Chinese APT operation, identified as long-term espionage and preparation for potential future effects.

2.2 Influence Operations in Modern Cyber Conflict

Influence campaigns are rampant in times of geopolitical friction, leveraging technical means to:
- Confuse the public and sow division.
- Target high-profile events (e.g. international sports) for symbolic impact.
- Draw non-aligned organizations or industries into conflicts.
- Quote: "There's a heavy flux of influence operations from all sides... a lot of times it's just for the sake of making noise, to be honest." – Drouillard [06:49]

3. Impact on Civilian and Commercial Organizations

3.1 How “Neutral” Companies Get Drawn In

Even companies without political ties can become targets if they operate in, or provide support to, countries in conflict.
- Quote: "If your company can very easily get tied in, and if you're not prepared and understand the implications of getting pulled into these scenarios, then it's going to be so much harder to up your defensive once you’ve already been targeted." – Drouillard [00:00], [09:49]
Geopolitical threat landscape awareness is essential; physical neutrality doesn’t equate to cyber immunity.

3.2 Defense Strategies for Organizations

Proactive Steps:
- Map geographic and digital “footprints” – know which regions and institutions your business and clients interact with.
- Invest in cyber threat intelligence (CTI); doesn’t need to be expensive, can leverage in-house analysts, vendors, or sector-specific feeds.
- Share threat information within industry sectors – collaboration, even among competitors, helps raise collective resilience.
- Quote: "Sharing threat information is not going to hurt anybody. If you can both bolster your defenses, that's...everybody wins there." – Drouillard [12:38]
Resources for Smaller Organizations:
- U.S. DHS’s CISA, NSA, DOD Cybercrime Center: provide free/low-cost security resources.
- Sector ISACs (e.g. Health ISAC): affordable, actionable industry-specific threat feeds.

4. The Human Element: Anthropology, Culture, and Threat Analysis

4.1 Applying An Anthropological Lens

Understanding human culture and behavior is invaluable to cyber defense:
- Helps decode threat actors' motives, tactics, and operational details.
- Cultural and linguistic knowledge can reveal clues about threat origins in malware, infrastructure, and online personas.
- Quote: “All tech is human. Technology is made by humans for humans. So there's always going to be that human factor in tech and cyber.” – Drouillard [14:08]
Recognizes that “cyber” means different things in different contexts; analytic bias can hinder accurate threat assessment.

4.2 Translating Anthropology into Practice

Cultural indicators in code and technical infrastructure can inform attribution.
Human-centric design in security tools: Security has to be usable by real people, not just technically robust.

5. Education & The Next Generation of Cyber Defenders

5.1 Beyond Tech: Diverse Academic Backgrounds

Broad-based critical thinking (from literature, history, sociology, etc.) is highly relevant—and often underrated in cyber.
- Quote: "Whatever gets you excited and helps drive the creative thinking that you can leverage within cybersecurity. You layer that on top of good technical foundation and you're set up for success." – Drouillard [18:50]
Business education is vital for future cyber leaders; understanding business operations increases cyber’s organizational value.

5.2 Modernizing Cyber Curriculum

Dustin observes most academic programs remain status quo, but hopes for greater interdisciplinarity:
- Integrate technical and non-technical (policy/business) training.
- Emphasize deep technical foundations, then allow for specialization (SOC Analyst, Pen Tester, Threat Hunter, etc.).
- Critical thinking and adaptability are essential—cyberspace is never static.
Quote: “If it has the word cyber in the program, it needs to have some baseline technical foundation...But also, like I mentioned, adding business education is very helpful. I think every program should at least touch on that. How does cyber drive business?” – Drouillard [21:14]

5.3 Teaching Trends

Programs should teach students to collaborate across disciplines—cyber, physical, supply chain, geopolitical, etc.
Real-world success requires the ability to operate in uncertainty, synthesize information, and pivot.

Notable Quotes & Memorable Moments

On inevitability of involvement:
- "It's just a matter of time that just about any company, they're going to get caught up into some kind of geopolitical affairs, even if they have no intention to." – Drouillard [00:00]
On sharing information among competitors:
- "Sharing threat information is not going to hurt anybody. If you can both bolster your defenses, that's — everybody wins there." – Drouillard [12:38]
Applying anthropology to security:
- “All tech is human. Technology is made by humans for humans. So there's always going to be that human factor in tech and cyber.” – Drouillard [14:08]
Caleb’s recommendation:
- “There's so much you can learn from history, from culture, through these different books, and learn more about what's happening with different nation states...that I think could really open your mind in a technical role within cybersecurity to kind of think outside the box a little bit.” – Tolan [17:00]
On education philosophy:
- "Whatever subject that you can leverage to develop your critical thinking...you layer that on top of a good technical foundation and you're set up for success." – Drouillard [18:50]

Timestamps for Key Segments

[01:25] – Dustin’s entry to cyber via Army intelligence
[03:17] – Espionage vs. effects in cyber conflict
[06:49] – Influence operations and their cyber dimension
[09:41] – Why every company should prepare for geopolitical entanglement
[11:45] – Resources and collaboration for smaller orgs
[13:54] – The surprising role of anthropology in cyber
[17:45] – Academic backgrounds beyond cybersecurity and technical degrees
[19:49] – Update on trends in cyber education and needed curriculum shifts

Conclusion

This episode delivers a pragmatic and often-overlooked perspective on how the collision of nation-state conflicts and cyberspace affects organizations and individuals at every level. Dustin’s advice is forward-looking—emphasizing awareness, foundational security, cross-disciplinary thinking, and the necessity for collaboration. Preparing for geopolitical cyber risks isn’t just about technology, but about understanding people, purpose, and the broader world we operate in.

Data Security Decoded

Main Theme & Purpose

Key Discussion Points & Insights

1. Dustin’s Unconventional Path to Cybersecurity

Origin Story: Dustin began as an intelligence analyst in the army, where he was exposed to diverse data types and analysis scenarios before moving into cyber operations.
- Quote: "I started out as an intelligence analyst in the army, and I didn't know it at the time, but it kind of provided solid background for when I later pivoted into cyber operations." – Drouillard [01:27]
Key Learning: Skills from intelligence analysis, including human, signals, and imagery intelligence, transferred well to the emerging cyber domain.

2. Geopolitical Conflict & Cyber Operations

2.1 Types of Cyber Operations in Geopolitical Context

Espionage vs. Effects:
- Espionage: Quiet, aimed at information gathering; actors avoid detection.
- Effects: Noisier, e.g., ransomware, DDoS, often used for direct impact or clear signaling.
- Quote: "When it comes to cyber conflict, you kind of have two different methods. You have espionage and you have effects." – Drouillard [03:17]
Examples:
- Recent Iran-Israel conflicts: cyberattacks on Iranian banks, targeting Israeli technology research both digitally and with physical missiles.
- North Korea: Primarily financially motivated cyber actions to fund nuclear development.
- "Volt Typhoon": A Chinese APT operation, identified as long-term espionage and preparation for potential future effects.

2.2 Influence Operations in Modern Cyber Conflict

Influence campaigns are rampant in times of geopolitical friction, leveraging technical means to:
- Confuse the public and sow division.
- Target high-profile events (e.g. international sports) for symbolic impact.
- Draw non-aligned organizations or industries into conflicts.
- Quote: "There's a heavy flux of influence operations from all sides... a lot of times it's just for the sake of making noise, to be honest." – Drouillard [06:49]

3. Impact on Civilian and Commercial Organizations

3.1 How “Neutral” Companies Get Drawn In

Even companies without political ties can become targets if they operate in, or provide support to, countries in conflict.
- Quote: "If your company can very easily get tied in, and if you're not prepared and understand the implications of getting pulled into these scenarios, then it's going to be so much harder to up your defensive once you’ve already been targeted." – Drouillard [00:00], [09:49]
Geopolitical threat landscape awareness is essential; physical neutrality doesn’t equate to cyber immunity.

3.2 Defense Strategies for Organizations

Proactive Steps:
- Map geographic and digital “footprints” – know which regions and institutions your business and clients interact with.
- Invest in cyber threat intelligence (CTI); doesn’t need to be expensive, can leverage in-house analysts, vendors, or sector-specific feeds.
- Share threat information within industry sectors – collaboration, even among competitors, helps raise collective resilience.
- Quote: "Sharing threat information is not going to hurt anybody. If you can both bolster your defenses, that's...everybody wins there." – Drouillard [12:38]
Resources for Smaller Organizations:
- U.S. DHS’s CISA, NSA, DOD Cybercrime Center: provide free/low-cost security resources.
- Sector ISACs (e.g. Health ISAC): affordable, actionable industry-specific threat feeds.

4. The Human Element: Anthropology, Culture, and Threat Analysis

4.1 Applying An Anthropological Lens

Understanding human culture and behavior is invaluable to cyber defense:
- Helps decode threat actors' motives, tactics, and operational details.
- Cultural and linguistic knowledge can reveal clues about threat origins in malware, infrastructure, and online personas.
- Quote: “All tech is human. Technology is made by humans for humans. So there's always going to be that human factor in tech and cyber.” – Drouillard [14:08]
Recognizes that “cyber” means different things in different contexts; analytic bias can hinder accurate threat assessment.

4.2 Translating Anthropology into Practice

Cultural indicators in code and technical infrastructure can inform attribution.
Human-centric design in security tools: Security has to be usable by real people, not just technically robust.

5. Education & The Next Generation of Cyber Defenders

5.1 Beyond Tech: Diverse Academic Backgrounds

Broad-based critical thinking (from literature, history, sociology, etc.) is highly relevant—and often underrated in cyber.
- Quote: "Whatever gets you excited and helps drive the creative thinking that you can leverage within cybersecurity. You layer that on top of good technical foundation and you're set up for success." – Drouillard [18:50]
Business education is vital for future cyber leaders; understanding business operations increases cyber’s organizational value.

5.2 Modernizing Cyber Curriculum

Dustin observes most academic programs remain status quo, but hopes for greater interdisciplinarity:
- Integrate technical and non-technical (policy/business) training.
- Emphasize deep technical foundations, then allow for specialization (SOC Analyst, Pen Tester, Threat Hunter, etc.).
- Critical thinking and adaptability are essential—cyberspace is never static.
Quote: “If it has the word cyber in the program, it needs to have some baseline technical foundation...But also, like I mentioned, adding business education is very helpful. I think every program should at least touch on that. How does cyber drive business?” – Drouillard [21:14]

5.3 Teaching Trends

Programs should teach students to collaborate across disciplines—cyber, physical, supply chain, geopolitical, etc.
Real-world success requires the ability to operate in uncertainty, synthesize information, and pivot.

Notable Quotes & Memorable Moments

On inevitability of involvement:
- "It's just a matter of time that just about any company, they're going to get caught up into some kind of geopolitical affairs, even if they have no intention to." – Drouillard [00:00]
On sharing information among competitors:
- "Sharing threat information is not going to hurt anybody. If you can both bolster your defenses, that's — everybody wins there." – Drouillard [12:38]
Applying anthropology to security:
- “All tech is human. Technology is made by humans for humans. So there's always going to be that human factor in tech and cyber.” – Drouillard [14:08]
Caleb’s recommendation:
- “There's so much you can learn from history, from culture, through these different books, and learn more about what's happening with different nation states...that I think could really open your mind in a technical role within cybersecurity to kind of think outside the box a little bit.” – Tolan [17:00]
On education philosophy:
- "Whatever subject that you can leverage to develop your critical thinking...you layer that on top of a good technical foundation and you're set up for success." – Drouillard [18:50]

Timestamps for Key Segments

[01:25] – Dustin’s entry to cyber via Army intelligence
[03:17] – Espionage vs. effects in cyber conflict
[06:49] – Influence operations and their cyber dimension
[09:41] – Why every company should prepare for geopolitical entanglement
[11:45] – Resources and collaboration for smaller orgs
[13:54] – The surprising role of anthropology in cyber
[17:45] – Academic backgrounds beyond cybersecurity and technical degrees
[19:49] – Update on trends in cyber education and needed curriculum shifts

The Geopolitical Security Playbook: When Nations Clash in Cyberspace

Powered by Wave AI

Summary

Data Security Decoded

Main Theme & Purpose

Key Discussion Points & Insights

1. Dustin’s Unconventional Path to Cybersecurity

2. Geopolitical Conflict & Cyber Operations

2.1 Types of Cyber Operations in Geopolitical Context

2.2 Influence Operations in Modern Cyber Conflict

3. Impact on Civilian and Commercial Organizations

3.1 How “Neutral” Companies Get Drawn In

3.2 Defense Strategies for Organizations

4. The Human Element: Anthropology, Culture, and Threat Analysis

4.1 Applying An Anthropological Lens

4.2 Translating Anthropology into Practice

5. Education & The Next Generation of Cyber Defenders

5.1 Beyond Tech: Diverse Academic Backgrounds

5.2 Modernizing Cyber Curriculum

5.3 Teaching Trends

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Conclusion

Summary

Data Security Decoded

Main Theme & Purpose

Key Discussion Points & Insights

1. Dustin’s Unconventional Path to Cybersecurity

2. Geopolitical Conflict & Cyber Operations

2.1 Types of Cyber Operations in Geopolitical Context

2.2 Influence Operations in Modern Cyber Conflict

3. Impact on Civilian and Commercial Organizations

3.1 How “Neutral” Companies Get Drawn In

3.2 Defense Strategies for Organizations

4. The Human Element: Anthropology, Culture, and Threat Analysis

4.1 Applying An Anthropological Lens

4.2 Translating Anthropology into Practice

5. Education & The Next Generation of Cyber Defenders

5.1 Beyond Tech: Diverse Academic Backgrounds

5.2 Modernizing Cyber Curriculum

5.3 Teaching Trends

Notable Quotes & Memorable Moments

Timestamps for Key Segments

Conclusion