What does industry think of the White House's cybersecurity strategy?

Safe Mode Podcast: “What does industry think of the White House's cybersecurity strategy?”
Date: April 10, 2026
Host: Greg Otto (Editor in Chief, CyberScoop)
Guests: Tim Starks (Cybersecurity Reporter), Bob Ackerman (Founder, Alegia Cyber; Managing Partner, DataTribe)

Episode Overview

This episode of Safe Mode Podcast explores industry reactions to the recently released White House National Cybersecurity Strategy. Host Greg Otto discusses federal budget cuts and the evolving threat landscape in Washington with reporter Tim Starks, before delving into an in-depth interview with Bob Ackerman at the RSA Conference, focusing on how industry is responding to the national strategy’s call for more active disruption, government collaboration, and the impact of AI-driven threats.

Key Discussion Points & Insights

1. CISA Budget Cuts and Federal Cybersecurity (00:30–12:42)

Massive Cuts and Industry Concerns

Proposed 2026 budget for CISA (Cybersecurity and Infrastructure Security Agency) signals deeper cuts, on top of already significant reductions in both funding and personnel.
- Tim Starks: “They've already cut the budget significantly … in the order of 900, 1000 people.” (01:42)
- Exact figures hard to pin down, but the agency may drop from a $3 billion budget to around $2 billion.
- Cuts may affect “election security, vulnerability scanning, and regional personnel — critical for local response.” (02:16)

Political Messaging & Document Repetition

The budget’s language appears “copy-pasted” from previous years, interpreted as symbolic of CISA’s deprioritization by the current administration.
- Greg Otto: “It just almost seems like … borderline negligent … literally just, you know, control C, control V, send out…” (04:50)
- Starks: “Negligence is a fair word … This is an agency that they've deprioritized.” (05:36)
- “The easiest way to reinforce that message is just to say what you said last year.” (06:53)

Core Mission Under Threat

CISA’s traditional roles—safeguarding federal networks and critical infrastructure—may suffer even if these aren’t the explicit budget line items being cut.
- Starks: “If you have a thousand fewer people, how can you possibly do the same … quality of job?” (07:25)
- Cuts threaten the agency’s ability to respond to AI-driven threats and escalating attacks on critical infrastructure.

Impact on Regional Response

Loss of regional personnel is widely seen as undermining effective incident response.
- Otto: “The outreach on the regional factor is really a big deal … that’s going to be a really big blow to … their core mission.” (03:00)

2. Geopolitics and the Persistent Threat Landscape (08:57–12:42)

Iranian Cyber Attacks on Critical Infrastructure

Recent government warnings highlight Iranian hackers targeting operational technology in water and energy sectors.
- Starks: “They were targeting the water sectors, they were targeting the energy sectors, and there have been new victims.” (09:23)
- The threat isn’t new, but the intensity and impact (financial losses and tangible disruptions) have escalated since March 2026, possibly linked to ongoing Middle East conflicts.

Ceasefire ≠ End to Cyber Tensions

The cybersecurity threat landscape remains highly active regardless of diplomatic or kinetic ceasefires.
- Otto: “The cyber realm in this has really never calmed down … while there may be a more kinetic ceasefire, that automatically translates to the cyber.” (11:18)
- Starks: “These groups are ostensibly Iranian government connected … supposedly semi-independent … I don't think the ceasefire is going to have any kind of dramatic impact.” (11:50)

3. Industry’s Response to the National Cybersecurity Strategy (13:26–30:10)

Industry-Government Collaboration on Active Disruption

The White House National Cybersecurity Strategy urges industry to go on the offensive with government, particularly on “active disruption” of adversaries.
- Bob Ackerman: “The collaboration is absolutely essential. … The disruption, … where are the lines is really … the still out there question.” (15:00)
Industry generally supports tighter partnership, but there is widespread confusion over rules of engagement, liability, and the definition of “disruption.”
- Ackerman: “Everybody I'm talking to is just looking for direction in terms of what can we do, what can't we do?” (15:00)
- Some professionals are reluctant to engage beyond a defensive posture; others, with backgrounds in national security or offense, are more ready to act if clear boundaries are set.

The Strategy’s Impact Compared to Past Approaches

Increased political will for disruption distinguishes this strategy from the prior administration, though tools and authorities (“letters of marque,” law enforcement takedowns) have existed before.
- Ackerman: “It’s a matter of political will. … Our technical capabilities are very, very good … if we can find a way to engage industry, kind of a collective or communal defensive action, that is part of leveling the field.” (18:30)

4. The Looming AI-Driven Security Threat (19:33–30:10)

Experts Warn of an "Unprecedented" Wave

The next 2–3 years are expected to present a “sea change” in cyberthreats due to AI, radically increasing the speed and scale of exploits.
- Otto: “The next two to three years are going to be a sea change when it comes to the way that we look at AI … the exploits are just going to come at such a rapid pace…” (19:33)
- Ackerman: “The description of [AI-driven threats] as a little spicy was, was front and center. … The offense always has the advantage. … If you want to build cutting edge cyber defense, you get as close to the offense as you can.” (20:28)

Offense Outpaces Defense (AI Edition)

AI will allow adversaries to utilize the entire universe of known vulnerabilities (CVEs), not just a small subset.
- Ackerman: “Expect them to prosecute the entire library of CVE. So what you look at is potentially a tsunami of activity coming at you powered by AI … but on our heels a bit.” (21:58)
Defensive organizations, constrained by caution, regulation, and the need for robust testing, will be at a disadvantage compared to agile, risk-tolerant attackers.

Fundamental Cyber Hygiene Still Key—But Not Enough

Despite advances, basic security hygiene and fundamentals remain neglected; adversaries continue to exploit these gaps.
- Ackerman: “All too often we seem to be focused on the shiny new objects and not going back to the basic hygiene. And that's on us.” (24:39)
- Training and improvements seen in phishing are exceptions; most other fundamental areas need attention.

Insider Threats and New Vectors (Digital Agents)

Human insider threat is already a major factor, but soon digital/AI agents will become an equally serious internal risk.
- Ackerman: “Now we're in a situation where insider threat is not going to just be the human element. It's going to … be the agent, it's going to be the digital human.” (24:39)

Signal-to-Noise Crisis for CISOs

The sheer volume of cybersecurity tools and solutions is overwhelming for CISOs, making it difficult to identify the most actionable or urgent issues.
- Ackerman: “CISO needs signal … the noise … does not make the job easier, makes it a lot harder.” (27:43)

Agentic AI: Uncharted Territory for Leaders

Even leading CISOs are openly admitting they are “trying to figure it out” when it comes to agentic (autonomous) AI security.
- Otto: “He was like, I'll give you a little secret. I'm not, I don't have anything to talk about just because I'm trying to figure it out.” (27:43)

Market in “Reconnaissance” Mode—Treading Carefully

Most CISOs are pausing, experimenting, and learning as much as they can, unwilling to commit to full-scale AI deployment due to unresolved safety and governance questions.
- Ackerman: “I call it … reconnaissance in force. … But until … fundamental questions … are addressed, … are you going to see scale deployment? No, you're not.” (28:39)
- Offense, unconstrained by regulation or risk aversion, is expected to take advantage in the interim.

Notable Quotes & Memorable Moments

“Negligence is a fair word to use here… This speaks to that there is less rigor about things that there have historically been rigor in the federal government under Trump.”
— Tim Starks (05:36)
“If you have a thousand fewer people, how can you possibly do the same good, the same quality of job?”
— Tim Starks (07:25)
“The disruption, you know, in terms of where are the lines is really kind of the still out there question ... what exactly do you mean?”
— Bob Ackerman (15:00)
“The offense always has the advantage. ... If you want to build cutting edge cyber defense, you get as close to the offense as you can.”
— Bob Ackerman (20:28)
“Expect them to prosecute the entire library of CVE. So what you look at is potentially a tsunami of activity coming at you powered by AI...”
— Bob Ackerman (21:58)
“All too often we seem to be focused on the shiny new objects and not going back to the basic hygiene. And that's on us.”
— Bob Ackerman (24:39)
“CISO needs signal ... and trying to find that signal in all of this noise ... does not make the job easier.”
— Bob Ackerman (27:43)

Timestamps for Important Segments

00:30–04:18: CISA budget cuts, numbers debate, implications
04:50–06:53: Political messaging in budget language
07:25–08:57: Impact of cuts on CISA's core mission (federal networks, critical infrastructure)
08:57–12:42: Iranian cyber threats amidst conflict, distinction between kinetic and cyber ceasefire
13:26–19:33: Bob Ackerman on National Strategy collaboration, industry needs for clearer government guidance
19:33–21:58: AI-driven future threats, offense/defense innovation cycle
24:39–28:39: Blocking and tackling, insider threat, the noise problem, agentic AI uncertainty
28:39–30:01: CISO market-wide pause on AI, long-term outlook, closing thoughts

Takeaways for Industry and Leaders

The White House's cybersecurity strategy is welcomed for its emphasis on collaboration but criticized for lacking operational clarity and actionable guidance.
Budget cuts threaten federal capacity at a time of record-breaking threat volumes, especially as AI rapidly shifts the offense-defense dynamic.
The next two to three years will be especially challenging, with AI-powered attacks likely to outpace defensive adaptation—fundamental cyber hygiene is necessary, but not sufficient.
CISOs and cybersecurity leaders should double down on fundamentals, push for clarity from government, and accept that some uncertainty—especially around AI and agentic systems—will persist in the near future.

Episode hosted by Greg Otto, Safe Mode Podcast, April 10, 2026.

Episode Overview

Key Discussion Points & Insights

1. CISA Budget Cuts and Federal Cybersecurity (00:30–12:42)

Massive Cuts and Industry Concerns

Proposed 2026 budget for CISA (Cybersecurity and Infrastructure Security Agency) signals deeper cuts, on top of already significant reductions in both funding and personnel.
- Tim Starks: “They've already cut the budget significantly … in the order of 900, 1000 people.” (01:42)
- Exact figures hard to pin down, but the agency may drop from a $3 billion budget to around $2 billion.
- Cuts may affect “election security, vulnerability scanning, and regional personnel — critical for local response.” (02:16)

Political Messaging & Document Repetition

The budget’s language appears “copy-pasted” from previous years, interpreted as symbolic of CISA’s deprioritization by the current administration.
- Greg Otto: “It just almost seems like … borderline negligent … literally just, you know, control C, control V, send out…” (04:50)
- Starks: “Negligence is a fair word … This is an agency that they've deprioritized.” (05:36)
- “The easiest way to reinforce that message is just to say what you said last year.” (06:53)

Core Mission Under Threat

CISA’s traditional roles—safeguarding federal networks and critical infrastructure—may suffer even if these aren’t the explicit budget line items being cut.
- Starks: “If you have a thousand fewer people, how can you possibly do the same … quality of job?” (07:25)
- Cuts threaten the agency’s ability to respond to AI-driven threats and escalating attacks on critical infrastructure.

Impact on Regional Response

Loss of regional personnel is widely seen as undermining effective incident response.
- Otto: “The outreach on the regional factor is really a big deal … that’s going to be a really big blow to … their core mission.” (03:00)

2. Geopolitics and the Persistent Threat Landscape (08:57–12:42)

Iranian Cyber Attacks on Critical Infrastructure

Recent government warnings highlight Iranian hackers targeting operational technology in water and energy sectors.
- Starks: “They were targeting the water sectors, they were targeting the energy sectors, and there have been new victims.” (09:23)
- The threat isn’t new, but the intensity and impact (financial losses and tangible disruptions) have escalated since March 2026, possibly linked to ongoing Middle East conflicts.

Ceasefire ≠ End to Cyber Tensions

The cybersecurity threat landscape remains highly active regardless of diplomatic or kinetic ceasefires.
- Otto: “The cyber realm in this has really never calmed down … while there may be a more kinetic ceasefire, that automatically translates to the cyber.” (11:18)
- Starks: “These groups are ostensibly Iranian government connected … supposedly semi-independent … I don't think the ceasefire is going to have any kind of dramatic impact.” (11:50)

3. Industry’s Response to the National Cybersecurity Strategy (13:26–30:10)

Industry-Government Collaboration on Active Disruption

The White House National Cybersecurity Strategy urges industry to go on the offensive with government, particularly on “active disruption” of adversaries.
- Bob Ackerman: “The collaboration is absolutely essential. … The disruption, … where are the lines is really … the still out there question.” (15:00)
Industry generally supports tighter partnership, but there is widespread confusion over rules of engagement, liability, and the definition of “disruption.”
- Ackerman: “Everybody I'm talking to is just looking for direction in terms of what can we do, what can't we do?” (15:00)
- Some professionals are reluctant to engage beyond a defensive posture; others, with backgrounds in national security or offense, are more ready to act if clear boundaries are set.

The Strategy’s Impact Compared to Past Approaches

Increased political will for disruption distinguishes this strategy from the prior administration, though tools and authorities (“letters of marque,” law enforcement takedowns) have existed before.
- Ackerman: “It’s a matter of political will. … Our technical capabilities are very, very good … if we can find a way to engage industry, kind of a collective or communal defensive action, that is part of leveling the field.” (18:30)

4. The Looming AI-Driven Security Threat (19:33–30:10)

Experts Warn of an "Unprecedented" Wave

The next 2–3 years are expected to present a “sea change” in cyberthreats due to AI, radically increasing the speed and scale of exploits.
- Otto: “The next two to three years are going to be a sea change when it comes to the way that we look at AI … the exploits are just going to come at such a rapid pace…” (19:33)
- Ackerman: “The description of [AI-driven threats] as a little spicy was, was front and center. … The offense always has the advantage. … If you want to build cutting edge cyber defense, you get as close to the offense as you can.” (20:28)

Offense Outpaces Defense (AI Edition)

AI will allow adversaries to utilize the entire universe of known vulnerabilities (CVEs), not just a small subset.
- Ackerman: “Expect them to prosecute the entire library of CVE. So what you look at is potentially a tsunami of activity coming at you powered by AI … but on our heels a bit.” (21:58)
Defensive organizations, constrained by caution, regulation, and the need for robust testing, will be at a disadvantage compared to agile, risk-tolerant attackers.

Fundamental Cyber Hygiene Still Key—But Not Enough

Despite advances, basic security hygiene and fundamentals remain neglected; adversaries continue to exploit these gaps.
- Ackerman: “All too often we seem to be focused on the shiny new objects and not going back to the basic hygiene. And that's on us.” (24:39)
- Training and improvements seen in phishing are exceptions; most other fundamental areas need attention.

Insider Threats and New Vectors (Digital Agents)

Human insider threat is already a major factor, but soon digital/AI agents will become an equally serious internal risk.
- Ackerman: “Now we're in a situation where insider threat is not going to just be the human element. It's going to … be the agent, it's going to be the digital human.” (24:39)

Signal-to-Noise Crisis for CISOs

The sheer volume of cybersecurity tools and solutions is overwhelming for CISOs, making it difficult to identify the most actionable or urgent issues.
- Ackerman: “CISO needs signal … the noise … does not make the job easier, makes it a lot harder.” (27:43)

Agentic AI: Uncharted Territory for Leaders

Even leading CISOs are openly admitting they are “trying to figure it out” when it comes to agentic (autonomous) AI security.
- Otto: “He was like, I'll give you a little secret. I'm not, I don't have anything to talk about just because I'm trying to figure it out.” (27:43)

Market in “Reconnaissance” Mode—Treading Carefully

Most CISOs are pausing, experimenting, and learning as much as they can, unwilling to commit to full-scale AI deployment due to unresolved safety and governance questions.
- Ackerman: “I call it … reconnaissance in force. … But until … fundamental questions … are addressed, … are you going to see scale deployment? No, you're not.” (28:39)
- Offense, unconstrained by regulation or risk aversion, is expected to take advantage in the interim.

Notable Quotes & Memorable Moments

“Negligence is a fair word to use here… This speaks to that there is less rigor about things that there have historically been rigor in the federal government under Trump.”
— Tim Starks (05:36)
“If you have a thousand fewer people, how can you possibly do the same good, the same quality of job?”
— Tim Starks (07:25)
“The disruption, you know, in terms of where are the lines is really kind of the still out there question ... what exactly do you mean?”
— Bob Ackerman (15:00)
“The offense always has the advantage. ... If you want to build cutting edge cyber defense, you get as close to the offense as you can.”
— Bob Ackerman (20:28)
“Expect them to prosecute the entire library of CVE. So what you look at is potentially a tsunami of activity coming at you powered by AI...”
— Bob Ackerman (21:58)
“All too often we seem to be focused on the shiny new objects and not going back to the basic hygiene. And that's on us.”
— Bob Ackerman (24:39)
“CISO needs signal ... and trying to find that signal in all of this noise ... does not make the job easier.”
— Bob Ackerman (27:43)

Timestamps for Important Segments

00:30–04:18: CISA budget cuts, numbers debate, implications
04:50–06:53: Political messaging in budget language
07:25–08:57: Impact of cuts on CISA's core mission (federal networks, critical infrastructure)
08:57–12:42: Iranian cyber threats amidst conflict, distinction between kinetic and cyber ceasefire
13:26–19:33: Bob Ackerman on National Strategy collaboration, industry needs for clearer government guidance
19:33–21:58: AI-driven future threats, offense/defense innovation cycle
24:39–28:39: Blocking and tackling, insider threat, the noise problem, agentic AI uncertainty
28:39–30:01: CISO market-wide pause on AI, long-term outlook, closing thoughts

Takeaways for Industry and Leaders

The White House's cybersecurity strategy is welcomed for its emphasis on collaboration but criticized for lacking operational clarity and actionable guidance.
Budget cuts threaten federal capacity at a time of record-breaking threat volumes, especially as AI rapidly shifts the offense-defense dynamic.
The next two to three years will be especially challenging, with AI-powered attacks likely to outpace defensive adaptation—fundamental cyber hygiene is necessary, but not sufficient.
CISOs and cybersecurity leaders should double down on fundamentals, push for clarity from government, and accept that some uncertainty—especially around AI and agentic systems—will persist in the near future.

Episode hosted by Greg Otto, Safe Mode Podcast, April 10, 2026.

Summary

Episode Overview

Key Discussion Points & Insights

1. CISA Budget Cuts and Federal Cybersecurity (00:30–12:42)

Massive Cuts and Industry Concerns

Political Messaging & Document Repetition

Core Mission Under Threat

Impact on Regional Response

2. Geopolitics and the Persistent Threat Landscape (08:57–12:42)

Iranian Cyber Attacks on Critical Infrastructure

Ceasefire ≠ End to Cyber Tensions

3. Industry’s Response to the National Cybersecurity Strategy (13:26–30:10)

Industry-Government Collaboration on Active Disruption

The Strategy’s Impact Compared to Past Approaches

4. The Looming AI-Driven Security Threat (19:33–30:10)

Experts Warn of an "Unprecedented" Wave

Offense Outpaces Defense (AI Edition)

Fundamental Cyber Hygiene Still Key—But Not Enough

Insider Threats and New Vectors (Digital Agents)

Signal-to-Noise Crisis for CISOs

Agentic AI: Uncharted Territory for Leaders

Market in “Reconnaissance” Mode—Treading Carefully

Notable Quotes & Memorable Moments

Timestamps for Important Segments

Takeaways for Industry and Leaders

Summary

Episode Overview

Key Discussion Points & Insights

1. CISA Budget Cuts and Federal Cybersecurity (00:30–12:42)

Massive Cuts and Industry Concerns

Political Messaging & Document Repetition

Core Mission Under Threat

Impact on Regional Response

2. Geopolitics and the Persistent Threat Landscape (08:57–12:42)

Iranian Cyber Attacks on Critical Infrastructure

Ceasefire ≠ End to Cyber Tensions

3. Industry’s Response to the National Cybersecurity Strategy (13:26–30:10)

Industry-Government Collaboration on Active Disruption

The Strategy’s Impact Compared to Past Approaches

4. The Looming AI-Driven Security Threat (19:33–30:10)

Experts Warn of an "Unprecedented" Wave

Offense Outpaces Defense (AI Edition)

Fundamental Cyber Hygiene Still Key—But Not Enough

Insider Threats and New Vectors (Digital Agents)

Signal-to-Noise Crisis for CISOs

Agentic AI: Uncharted Territory for Leaders

Market in “Reconnaissance” Mode—Treading Carefully

Notable Quotes & Memorable Moments

Timestamps for Important Segments

Takeaways for Industry and Leaders