Caveat

On this episode, host Kim Jones is joined by Ethan Cook, N2K’s lead analyst and editor, for a deeper, more reflective conversation on cybersecurity regulation, privacy, and the future of policy. This episode steps back from the news cycle to connect the dots and explore where the regulatory landscape is heading — and why it matters. Ethan, who will join the show regularly this season to provide big-picture analysis after major policy conversations, shares his perspective on the evolving balance between government oversight, innovation, and individual responsibility. This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about Meter. Learn more about your ad choices. Visit megaphone.fm/adchoices

Regulation is a double-edged sword. While it helps create structure, establish accountability, and set standards, it also creates unnecessary hurdles, slower response times, and overly rigid systems. With every administration, policy goals and subsequently regulatory stances change, which can have major impacts on business operations. In this episode of CISO Perspectives, host ⁠Kim Jones⁠ sits down with Ben Yelin, from the University of Maryland Center for Cyber Health and Hazard Strategies, to discuss the current state of regulation. Throughout the conversation, Ben and Kim discuss how the current administration views regulations and the future role of the federal government. This episode of N2K Pro's CISO Perspectives podcast is brought to you by our sponsor, Meter. Meter provides a full-stack, enterprise-grade networking solution—wired, wireless, and cellular—designed, deployed, and managed end-to-end. From hardware to software, ISP to security, Meter delivers seamless, secure, and scalable connectivity for modern business environments. Learn more about ⁠Meter⁠. Want more CISO Perspectives? Check out a companion ⁠⁠⁠blog post⁠⁠⁠ by our very own Ethan Cook, where he breaks down key insights, shares behind-the-scenes context, and highlights research that complements this episode. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, Dmitri Alperovitch discusses his book World on the Brink: How America Can Beat China in the Race for the Twenty-First Century with host Ben Yelin. Alperovitch highlights the rising tensions between the U.S. and China, focusing on Taiwan as a critical flashpoint that could ignite a new Cold War. He shares insights on the strategies America must adopt to maintain its status as the world’s leading superpower while addressing the challenges posed by China. By examining both strengths and weaknesses, as well as providing a timely blueprint for navigating the complexities of global relations in the 21st century. Learn more about your ad choices. Visit megaphone.fm/adchoices

Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships. We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House. Links to resources: Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog National Cybersecurity Strategy 2023 Learn more about your ad choices. Visit megaphone.fm/adchoices

Next week, California will hold a major election on Tuesday, November 4, amid heightened cyber risk and increased exposure to potential attacks. With the ongoing government shutdown and reduced grant funding for local counties overseeing the elections, vulnerabilities are growing. Sanny Liao, Co-Founder and CTO of Fable Security, joins to discuss the biggest cyber threats to this election, how attackers could exploit phishing or other tactics to gain access, and where counties should focus training to detect and prevent malicious activity. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week’s ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers the U.S. Department of Energy’s $1 billion partnership with AMD to build two supercomputers, Lux and Discovery, aimed at fusion energy, cancer research, and national security. Lux, using AMD’s MI355X AI chips, will come online in six months and deliver three times the AI capacity of current supercomputers. Discovery, built with AMD’s MI430 chips, is expected to be operational by 2029, highlighting a major DOE-private industry collaboration to accelerate scientific breakthroughs. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week on Caveat, Dave and Ben welcome back N2K’s own ⁠⁠⁠⁠⁠Ethan Cook⁠⁠⁠⁠⁠ for our latest policy deep dive segment. As our lead analyst, Ethan shares his knowledge of law, privacy, and surveillance on the latest policy developments shaping the cybersecurity and legal landscape. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Policy Deep Dive In this Caveat Policy Deep Dive, our conversation and analysis revolve around North Korean hacking. Throughout this conversation, we break down how North Korea has transformed itself into one of the largest nation-state hackers today. We dive into what types of attacks they perform, how they have evolved these attacks over time, and how they use their ill-gotten gains to support their economy and evade sanctions. Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week’s ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers major developments in cybersecurity and digital policy, including a US court permanently barring NSO Group from targeting WhatsApp while reducing damages from $167.3 million to $4 million, highlighting growing oversight against spyware abuse. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, while Dave is on vacation, Ben Yelin, and Ethan Cook, N2K's Lead Analyst and editor of the Caveat newsletter, take the lead and share their stories. Ben's story is on the legal and ethical issues surrounding Sora, the tool being used to make AI-powered videos of deceased celebrities. Ethan covers the story about Taiwan’s security bureau releasing a new report detailing recent Chinese hacking efforts and how they compare to the past years. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ⁠⁠⁠⁠⁠⁠⁠⁠⁠AI videos of dead celebrities are horrifying many of their families Taiwan flags rise in Chinese cyberattacks, warns of 'online troll army' ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ covers California's Governor, Gavin Newsom vetoing and signing different AI-related bills, including AI chatbot restrictions for kids. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Will Daugherty, US Head of Norton Rose Fulbright's Cybersecurity practice, discussing the upcoming expiration of CISA 2015. Ben discusses Apple’s decision to remove the ICEBlock app after pressure from the White House. Dave's got the story of the Secretary of Defense dialing back cyber training fro troops. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ⁠⁠⁠⁠Apple removes ICE tracking apps after Trump administration says they threaten officers US Department of War reduces cybersecurity training, tells soldiers to focus on their mission ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ covers ⁠⁠⁠⁠⁠⁠⁠China’s covert influence campaign in the Philippines, where a Beijing-funded marketing firm used fake social media accounts to amplify pro-China narratives, attack U.S. alliances, and spread disinformation. The operation aimed to sway public opinion, undermine democratic discourse, and shape the country’s political landscape ahead of future elections. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Sarah Graham from the Atlantic Council’s Cyber Statecraft Initiative (CSI) discussing their work and findings on "Mythical Beasts: Diving into the depths of the global spyware market." Ben has the story of law enforcement agencies increasingly relying on AI to synthesize digital evidence. Dave's got the story of the Secretary of Commerce pressuring Taiwan over ship manufacturing.   While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ⁠Law enforcement is using AI to synthesize evidence. Is the justice system ready for it? Taiwan pressured to move 50% of chip production to US or lose protection Mythical Beasts: Diving into the depths of the global spyware market ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ covers ⁠⁠⁠⁠⁠how all EU member states have joined a Dutch-led "Semicon Coalition" calling for a revamped "Chips Act 2.0" focused on securing critical semiconductor technologies, speeding approvals, and expanding skills and funding. Backed by over 50 major companies, the group argues the EU must shift beyond its 20% market-share goal—now seen as unattainable—to strengthen its position in a global chip sector where Europe is projected to hold just 11.7% by 2030. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Michele Kellerman, Cybersecurity Engineer for Air and Missile Defense at Johns Hopkins University Applied Physics Lab discussing Women's health apps and the legal grey zone that they create with HIPAA. Ben has the story of the potential sale of TikTok to U.S. investors. Dave's got the story of a looming deadline on renewal of a key cybersecurity information sharing bill. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: Trump turns Biden’s TikTok law into a big win Cyber threat information law hurtles toward expiration, with poor prospects for renewal ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠ covers ⁠⁠⁠the Trump administration’s approval of a long-awaited deal for ByteDance to divest from TikTok, transferring majority ownership — and control of its recommendation algorithm — to a U.S.-led group including Oracle, Silver Lake, and Andreessen Horowitz. The Department of Justice also kicked off its major antitrust case against Google’s ad tech business, seeking a forced divestiture of its AdX exchange and potential structural changes to restore competition in the online advertising market. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we are joined by ⁠Rebecca Krauthamer, Stanford Quantum Computing Researcher and CEO of QuSecure, to discuss the National Quantum Cybersecurity Migration Strategy Act. Ben has the story of a new California bill regulating AI. Dave's got the story of the controversial technology transfer from the US to the UAE. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ⁠California lawmakers pass landmark bill that will test Gavin Newsom on AI Anatomy of Two Giant Deals: The U.A.E. Got Chips. The Trump Team Got Crypto Riches. ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠ covers ⁠how the EU resolved its antitrust investigation into Microsoft by requiring the company to unbundle Teams from Microsoft 365 and Office 365, aiming to boost competition and give customers more choice, though the long-term market impact remains uncertain. Meanwhile, California lawmakers passed a new AI safety bill, SB53, which would mandate transparency and safety reporting from AI developers, potentially setting a precedent for broader state and federal regulation if signed by Governor Newsom. ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week on Caveat, Dave and Ben welcome back N2K’s own ⁠⁠⁠⁠Ethan Cook⁠⁠⁠⁠ for our latest policy deep dive segment. As our lead analyst, Ethan shares his knowledge of law, privacy, and surveillance on the latest policy developments shaping the cybersecurity and legal landscape. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Policy Deep Dive In this month's Caveat Policy Deep Dive, our conversation and analysis revolve around the One Big Beautiful Bill, or HR1. Throughout this conversation, we break down this bill and how its new initiatives are supporting the Trump administration's efforts. Some key aspects focused on during this conversation include breaking down the billions invested in improving technological capabilities, supply chain security, and defensive resiliency. Each of these efforts is reflective of President Trump's agenda to secure technological dominance for years to come. Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week’s ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers how Anthropic has agreed to a $1.5 billion settlement with authors and publishers, marking the largest payout in U.S. copyright history after a judge ruled the company illegally downloaded millions of pirated books. While the court found that using legally obtained books to train AI models was fair use, Anthropic was held liable for acquiring works from shadow libraries like Library Genesis. The deal underscores growing legal pressure on AI companies and could push others toward licensing agreements or costly settlements to resolve copyright disputes. Curious about the details? Head over to the ⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

Today we are joined by Elad Schindler, Product Manager of AU10TIX, sharing some details about their free assessment tool and readiness guide to help organizations navigate child safety age assurance compliance. Ben discusses some unintended consequences of age verification laws. Dave's got a look at the government’s recent acquisition of a stake in Intel. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Links to today's stories: ‘Scan your face’ laws for the web are having unexpected consequences The Legal Bases for Government Stakes in Private Firms AU10TIX Launches Free Assessment Tool and Readiness Guide to Help Organizations Navigate Child Safety Age Assurance Compliance ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠ covers Google facing a modest EU antitrust fine after a four-year investigation into whether it unfairly favored its own adtech services over rivals. Unlike past record-breaking penalties, the new EU antitrust chief Teresa Ribera is shifting focus from large fines to ending anti-competitive practices, with no plans to force a Google business divestment. ⁠⁠⁠⁠⁠⁠⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, Ben speaks with John Anthony Smith, Founder and CSO at Fenix24, about why law firms are falling behind on recovery readiness as human-operated attacks continue to rise. Ben also shares insights on a hack impacting the federal court system, while Dave takes a look at a Michigan Supreme Court ruling on digital device fishing. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠⁠⁠⁠audience survey⁠⁠⁠⁠⁠ before August 31. Links to today's stories: ⁠50% of Law Firms are Inadequately Prepared for a Ransomware Incident. Senator castigates federal judiciary for ignoring “basic cybersecurity” Fourth Amendment Victory: Michigan Supreme Court Reins in Digital Device Fishing Expeditions ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠ covers how a whistleblower report is alleging DOGE copied millions of social security numbers to an unprotected cloud server. ⁠⁠⁠⁠⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

On today’s show we are joined by Ron Zayas, CEO of Ironwall by Incogni, to discuss the massive data sharing and privacy risks in the leading Buy Now Pay Later apps. Ben’s got the story of Illinois banning the use of AI in mental health therapy, joining Nevada and Utah in restricting chatbots amid growing concerns about their safety and effectiveness.  Dave's got the story of former President Trump threatening an executive order to ban mail-in voting and voting machines—claims experts say are unconstitutional, since election authority lies with states and Congress, not the White House. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠⁠⁠audience survey⁠⁠⁠⁠ before August 31. Links to today's stories: The Overlooked Risks of Buy Now, Pay Later Apps: A Data-Privacy Perspective Illinois bans AI therapy as some states begin to scrutinize chatbots ⁠Trump threatens executive order on elections, claims states must obey ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠ covers he Supreme Court’s decision not to block a Mississippi law requiring all users to verify their ages before accessing social media platforms like Facebook, Instagram, and YouTube. The law, broader than a recent Texas ruling on explicit content sites, is being challenged by NetChoice as unconstitutional, but for now it will remain in effect while the case continues. ⁠⁠⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week on Caveat, Dave and Ben welcome back N2K’s own ⁠⁠⁠Ethan Cook⁠⁠⁠ for our latest policy deep dive segment. As our lead analyst, Ethan shares his knowledge of law, privacy, and surveillance on the latest policy developments shaping the cybersecurity and legal landscape. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠audience survey⁠⁠ before August 31. Policy Deep Dive In this Caveat Policy Deep Dive, our conversation and analysis revolves around cyber operations policy. Throughout this conversation, we break down the global shift where governments are taking a more offensive-oriented cyber mindset. While this trend has been developing over several years, the Trump administration has been looking to dramatically accelerate these efforts since taking office. Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠ members on ⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week’s ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers President Trump’s suggestion to allow Nvidia to sell a scaled-down version of its next-generation Blackwell AI chip in China, along with a rare agreement requiring Nvidia and AMD to give the U.S. government 15% of revenue from certain chip sales to the country. While the administration insists the move won’t compromise national security, critics warn it could still give Beijing enough computing power to accelerate its AI capabilities and close the technology gap with the U.S. Curious about the details? Head over to the ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

On today’s show Ben’s got the story of how the UK’s new Online Safety Act, billed as a way to protect children, may actually end up doing more harm than good—with mandatory age checks, privacy concerns, and a growing backlash from users. Dave’s got the story of how Flock Safety is expanding its controversial license plate surveillance network into schools—raising serious concerns from privacy advocates about student monitoring, data use, and the growing reach of law enforcement tech on campus. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠⁠audience survey⁠⁠⁠ before August 31. Links to today's stories: No, the UK’s Online Safety Act Doesn’t Make Children Safer Online Schools are next for Flock Safety’s automatic license place reader cameras ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers a call from Senate Democrats for an investigation into the Department of Justice’s settlement allowing Hewlett Packard Enterprise’s $14 billion acquisition of Juniper Networks, raising concerns about political interference and the firing of key antitrust officials. The senators allege that HPE’s use of lobbyists with ties to the Trump administration, along with reported pressure from intelligence officials to approve the deal, signals potential politicization and improper influence over the DOJ’s merger enforcement process. ⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

While Ben is on vacation this week, Dave welcomes back Ethan Cook to the show. On today’s episode, Ethan breaks down former President Trump’s recently released AI action plan, highlighting key priorities and what it could mean for the future of U.S. tech policy. Dave takes a closer look at the growing bipartisan support for AI regulation in Congress, exploring how lawmakers from both parties are approaching concerns around transparency, accountability, and national security as AI capabilities continue to evolve. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠⁠audience survey⁠⁠⁠ before August 31. Links to today's stories: ⁠AIGOV president donald j. trump Trump administration to supercharge AI sales to allies, loosen environmental rules Poll finds bipartisan agreement on a key issue: Regulating AI ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠ covers the Trump administration’s newly released AI blueprint, which aims to supercharge U.S. AI exports to allies, fast-track data center construction by loosening environmental rules, and establish a single federal regulatory standard. The plan, which replaces Biden-era restrictions, is designed to maintain America’s edge over China in the AI arms race and includes executive orders targeting export controls, environmental regulations, and perceived political bias in AI systems.Ask ChatGPT ⁠⁠⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, Ben's story is on the looming expiration of the Cybersecurity Information Sharing Act (CISA 2015), a widely supported but currently stalled law that enables cyber threat data sharing between the private sector and government, now at risk of lapsing by September 30 due to congressional inaction and conflicting priorities. Dave’s got the story of how a Georgia court's AI-fueled legal blunder has sparked growing concern that overworked judges nationwide could increasingly miss fake citations generated by AI, prompting urgent calls for better tech training, oversight, and ethical guidance to safeguard the integrity of the U.S. justice system. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠⁠audience survey⁠⁠ before August 31. Links to today's stories: Time’s running out on a key cyber info-sharing law It’s “frighteningly likely” many US courts will overlook AI errors, expert says ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠⁠Caveat Briefing⁠⁠⁠ covers a major cyber espionage campaign exploiting a zero-day flaw in Microsoft’s SharePoint server software, compromising about 100 organizations—mostly in the U.S. and Germany—including government entities. Researchers warn that thousands more servers could be at risk, and while Microsoft has issued patches, experts stress that full remediation requires more than just updating software, as a China-linked threat actor may be behind the ongoing intrusions. ⁠Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are joined by Gary Barlet, former Federal CIO and Air Force Cyber Operations Officer and current Public Sector CTO at Illumio, to discuss how this approach to cybersecurity leaves some states much more at risk than others. Ben has the story of a Virginia case relating to reverse key word searches. Dave's got a highly unusual move by the DOJ against Maryland’s district courts. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney.  Complete our annual ⁠audience survey⁠ before August 31. Links to today's stories: ⁠EFF Tells Virginia Court That Constitutional Privacy Protections Forbid Cops from Finding out Everyone Who Searched for a Keyword DOJ launches unusual lawsuit against entire federal district court in Maryland ⁠Get the weekly Caveat Briefing delivered to your inbox. Like what you heard? Be sure to check out and subscribe to our ⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠, a weekly newsletter available exclusively to ⁠⁠⁠⁠⁠⁠⁠N2K Pro⁠⁠⁠⁠⁠⁠⁠ members on ⁠⁠⁠⁠⁠⁠⁠N2K CyberWire's⁠⁠⁠⁠⁠⁠⁠ website. N2K Pro members receive our Thursday wrap-up covering the latest in privacy, policy, and research news, including incidents, techniques, compliance, trends, and more. This week's ⁠⁠Caveat Briefing⁠⁠ covers BNPL apps and the privacy issues they found associated with them. Curious about the details? Head over to the ⁠⁠⁠⁠⁠⁠⁠Caveat Briefing⁠⁠⁠⁠⁠⁠⁠ for the full scoop and additional compelling stories. Got a question you'd like us to answer on our show? You can send your audio file to ⁠⁠⁠⁠⁠⁠⁠caveat@thecyberwire.com⁠⁠⁠⁠⁠⁠⁠. Hope to hear from you. Learn more about your ad choices. Visit megaphone.fm/adchoices