The Cybersecurity Podcast

Paul Vann is the 14-year-old CEO of VannTechCyber LLC, a new cybersecurity company based out of his bedroom in Fredericksburg, Virginia. A rising star in the field, Paul has presented his research on cyberthreats conferences such as BSides Charm in Baltimore and Thotcon in Chicago. He joins Cybersecurity Podcast cohosts Peter W. Singer from New America and Sara Sorcher from The Christian Science Monitor's Passcode to discuss what it's like to be a kid hacker, learn about ethics, build a company and get taken seriously by other cybersecurity pros at such a young age. His father, the technical director of international programs at Raytheon Foreground Security also named Paul Vann, chats about how to encourage kids' interest in cybersecurity and still make sure they're being safe online.    Related reading: 15 under 15 hacker kids, which can be found at projects.csmonitor.com/hackerkids    This episode is sponsored by HackerOne

On this extra episode of The Cybersecurity Podcast, reporter Jack Detsch brings you the highlights from Beat the Breach, an event cohosted by Passcode and Invincea during the RSA Conference in San Francisco. The live discussion focused on how the Trump administration will confront the nation’s biggest cybersecurity challenges. You'll hear from former White House Homeland Security Adviser Lisa Monaco, former US Chief Information Security Officer Greg Touhill, General Motors’ Jeffrey Massimilla, and US Deputy Assistant Attorney General Adam Hickey. This bonus episode is sponsored by Forcepoint, NSS Labs, and Vectra Networks.

Last summer, more than 1,500 hackers targeted Pentagon websites – but it wasn't a massive cyberattack. These were vetted hackers invited to participate in the US government’s first ever bug bounty program. Chris Lynch, the director of the Defense Digital Service, and Lisa Wiswell, the group’s digital security lead, explain in this episode of The Cybersecurity Podcast why letting researchers find security flaws in exchange for money or prizes is a big part of the Pentagon’s push to solve complex IT problems. This episode is sponsored by HackerOne. 

The election may be over but Washington isn’t moving on from the election hacking story just yet. With the intelligence community blaming Russian President Vladimir Putin for organizing hacks on Democratic political organizations to influence the American election to help Donald Trump, Capitol Hill is abuzz with talks of more hearings and new legislation. Cochairman of the Congressional Cybersecurity Caucus, Congressman Jim Langevin joins this episode to talk about the challenges ahead. Also on this episode, cohost Peter Singer of New America discusses the president-elect's reticence to condemn Russia for the cyberattacks and cohost Sara Sorcher of the Christian Science Monitor's Passcode discusses Germany's plan to fight fake news.   

The breach at the Office of Personnel Management was one of the most significant cyberattacks in history, and now serves as a cautionary tale for many in Washington and beyond. But what do we know about it a year later? How did it happen? What are some of the lessons the federal government needs to learn to prevent such major breach from happening again? To answer that question and more, The Cybersecurity Podcast crew interviews one of the authors of the US House Oversight and Government Reform Committee, John Costello, who spent last year on Capitol Hill as a Science and Technology fellow through TechCongress.    Also on this episode, podcast cohost Peter W Singer from New America discusses local cybersecurity challenges and Passcode's Sara Sorcher talks about a new report from George Washington University about active defense.    Show notes: Into the Gray Zone,  George Washington University's Center for Cyber and Homeland Security   https://cchs.gwu.edu/gray-zone-active-defense-private-sector-against-cyber-threats

With a diverse array of threats facing companies and governments around the world, what ideas will resonate with investors? On this episode of The Cybersecurity Podcast, we interviewed Sunil James, a Silicon Valley venture capitalist investing in information security for Bessemer Venture Partners. Also on this episode, podcast cohost Sara Sorcher from Passcode discusses her latest feature on 15 kids under 15 years old who are rising stars in cybersecurity and cohost Peter W. Singer from New America discusses his latest piece on the Atlantic, about how social media is changing modern warfare. Show notes: 15 under 15: Rising stars in cybersecurity, Passcode War goes viral: How social media is changing modern warfare, The Atlantic

Asia is increasingly the global center of gravity in everything from politics and economics – and, increasingly, in cybersecurity. The region has seen the build up of offensive digital capacity in nearly every state, and at the business level, companies based there are roughly 80 percent more likely to be breached than the global average. On this episode of the Cybersecurity Podcast, Toby Feakin, Director of the International Cyber Policy Centre at the Australian Strategic Policy Institute, discusses his program's new assessment of the state of cybersecurity in Asia, how it compares to the US, and what comes next. Also speaking to recent hacks targeting the US political system, Feakin was emphatic about steps the US should take towards restoring cyber deterrence and what would happen to global norms if it doesn't. Link to report: https://www.aspi.org.au/publications/cyber-maturity-2016

On this extra episode of The Cybersecurity Podcast, Passcode reporter Jack Detsch examines ideas for securing the Internet of Things in light of the recent cyberattack that took advantage of hacked web-connected gadgets. We hear from experts who spoke at the recent Security of Things Forum in Boston including Robert Silvers, assistant secretary of Homeland Security; Julian Goldman of Partners Healthcare; independent hacker Travis Goodspeed; Kevin Fu of Virta Labs; and Rajesh Krishnan, chief marketing officer at HackerOne. 

Thomas Rid, professor in the department of War Studies at King's College London, joins the Cybersecurity Podcast to talk about his new book, "Rise of the Machines," a sweeping history of mankind's growing dependence on technology. He also discusses the challenges of attributing cyberattacks and ways to deter Russian information warfare as hackers target American political interests.    Also on this episode, podcast cohost Sara Sorcher, deputy editor of Passcode at the Christian Science Monitor, discusses the emerging private etiquette questions as more people bring personal assistant technology such as Amazon's Alexa into their homes. Podcast cohost Peter Singer, strategist and senior fellow at New America, discusses his recent trip to Sweden, where officials are viewing cybersecurity threats in military terms. 

It sounds like a dystopian sci-fi novel, but all around the world, governments are increasingly breaking into personal computers and smartphones to carry out spy operations. Amie Stepanovich, who specializes in cybersecurity and privacy law at digital rights group Access Now, joins the Cybersecurity Podcast to discuss her new report that looks at government hacking from a human rights perspective. She describes some of the digital methods governments use to surveil targets and whether some hacks are better or worse from a human rights standpoint.   Also on this episode, podcast cohosts Peter Singer from New America and Sara Sorcher from The Christian Science Monitor's Passcode discuss the role hacking has played in the American elections so far – and the challenges this kind of information warfare might pose well into the future. (Note: Amie's full report can be found at https://www.accessnow.org/GovernmentHackingDoc) 

Heather Lawrence is the president of Hack@UCF, the team of college students from the University of Central Florida that won this summer's National Collegiate Cyber Defense Competition. She and her teammate, Alex Davis, are part of a 180-student club that has taken three consecutive championships in the country’s largest cyberdefense competition of its kind. On this episode of the Cybersecurity Podcast, these student champions discuss what it's like to be part of such a high-stakes competition, what young people can do to make sure they remain ethical hackers, and how they plan to adapt to the quick-changing nature of technology.    Also on this episode, podcast cohost Passcode's Sara Sorcher discusses the hacker community's reticence to adapt to politics infiltrating the traditionally hardcore DEF CON hacker conference. New America's Peter Singer shares some stories from an unusual Mad Scientist conference meant to help shape the way the Army fights wars in the future.   

On this extra episode of The Cybersecurity Podcast, reporter Jack Detsch brings you the highlights of a live discussion Passcode hosted in Washington on cybersecurity and the US power grid, featuring Elizabeth Sherwood-Randall, deputy secretary of Energy; Thomas Fanning, chief executive officer of Southern Company; Congressman Will Hurd of Texas; and Robert Lee, cofounder of the cybersecurity firm Dragos Security. This bonus episode is sponsored by the Edison Electric Institute.

Filmmaker Alex Gibney is known for his awardwinning documenteries on topics that range from Enron to Wikileaks, but now he's taken on a tough challenge: Making a movie about a secret program that few people will publicly acknowledge. "Zero Days" focuses on the Stuxnet computer virus that's believed to be the world’s first digital weapon. News outlets had reported that both the US and Israel were behind the virus designed to slow down Iran's nuclear program – but even now, years after the attack on Natanz uranium enrichment plant, and long since researchers discovered Stuxnet on computers in other countries, the making of Stuxnet is still shrouded in secrecy.    As “Zero Days” premieres in the US, The Cybersecurity Podcast team talks with Gibney about the making of the film, the often frustrating secrecy of official Washington, and his surprise when he found out that Stuxnet was just a small part of a much broader US plan targeting Iran. Also on this episode, hosts Peter Singer of New America gives the inside story of what it's like to testify on Capitol Hill and Passcode deputy editor Sara Sorcher talks about the 18-year-old who hacked the Pentagon.

A massive power outage in December left more than 200,000 people in the dark in Western Ukraine. It was the first time a cyberattack successfully took down a portion of a country’s power grid. Rob Lee, cofounder of cybersecurity company Dragos Security and a former US Air Force Cyberoperations Officer, personally investigated the Ukraine hack. He joins the Cybersecurity Podcast to discuss how hackers took out Ukraine's electricity, what more can the US government and companies do to safeguard the American power grid, and the challenges researchers face when trying to test threats to critical infrastructure.    Also in this episode: Podcast host Peter Singer, senior strategist at New America, discusses innovative ways to get more kids involved in cybersecurity – and not just at university level. And his cohost Sara Sorcher, deputy editor of the Christian Science Monitor’s Passcode, explains the surprising findings in her recent article about what the US government really thinks about encryption.

What will be the state of digital security in five and 10 years? That's the question Steve Weber, director of the University of California - Berkeley's Center for Long-Term Cybersecurity, and his team tried to tackle in a major research project. Weber joins The Cybersecurity Podcast to talk about the maybe not-so-far out possibilities that people may soon start to see insecurity as the status quo on the Web – and that with the spread of the Internet of Things even their emotions could soon be hacked. Podcast cohosts Peter Singer from New America and Sara Sorcher from Passcode, The Christian Science Monitor's section on digital security and privacy, discuss the cybersecurity highlight from their own work this past month. Singer explores the relatively unknown threats to the country's ports and ships – while Sorcher explains the sometimes-controversial process of deciding exactly how much a security flaw is worth in cash. 

Jack Harrington, vice president for cybersecurity and special missions at Raytheon, joins The Cybersecurity Podcast to discuss the role the private sector can play in helping government improve its security, the Defense Department’s cyber strategy, and innovative technical solutions to bridge the vast talent gap in this field. Also joining New America's Peter Singer and Passcode's Sara Sorcher is Niloofar Razi Howe, senior vice President and Chief Strategy Officer at RSA, a leading computer and networking security company. They discuss the state of the cybersecurity market, what products and services to expect in the coming years, and how to change the public perception of cybersecurity to recruit a broader range of professionals to the field.

New America's Peter Singer and Passcode's Sara Sorcher interview Walter Parkes, the noted screenwriter-turned-film producer who’s behind many of your all time favorite cybersecurity movies: Sneakers and WarGames. They talk about the hacker archetypes depicted in pop culture, why these movies resonate with this community, how fiction sometimes inspires real policy change in this field – and whose cybersecurity work he finds most fascinating. Ben Heyes, chief information security & trust officer at Commonwealth Bank of Australia, also joins the podcast this episode to discuss how the changing landscape of cyberthreats; comparisons between the way US financial institutions and Commonwealth – the largest bank in the entire Southern Hemisphere – approach cybersecurity; and how to navigate cultural differences when operating in many countries.  This episode sponsored by Dell.

Former NSA and CIA director Michael Hayden joins The Cybersecurity Podcast to talk about his new book, "Playing to the Edge: American Intelligence in the Age of Terror." Hayden – now a principal at The Chertoff Group – discusses the need to balance national security secrets and the public's right to government transparency, his reaction after Edward Snowden revealed details from mass surveillance programs he started, and why he's siding in favor of strong encryption for consumers.  Also joining New America's Peter Singer and Passcode's Sara Sorcher this episode is Federal Trade Commissioner Julie Brill. They talk about "Privacy Shield," the new agreement governing transatlantic data flow agreement between the US and the EU. They also discuss why Europeans think America is the "Wild West" when it comes to privacy policies, what more companies can do to ensure they are respecting consumers' rights, and what's at stake for privacy with the burgeoning Internet of Things.

Chris Wysopal a.k.a Weld Pond, chief technology officer of application security firm Veracode, joins The Cybersecurity Podcast to discuss the suspected cyberattack on the Ukrainian power grid, ways to increase transparency about cybersecurity expertise at publicly-traded companies, and why the L0pht hacking collective he once belonged to didn't want to shut down the Internet back in the 1990s just to prove to senators it could. Also joining New America’s Peter Singer and Passcode’s Sara Sorcher is Chris Young, general manager of Intel Security. They talk about the unconventional cyberthreats emerging from the booming Internet of Things, the challenges posed by ransomware, and his ideas for a future Cyber National Guard.

Angela McKay, who runs Microsoft's public policy work on cybersecurity, joins The Cybersecurity Podcast to talk about the importance of developing international norms for cyberspace, European privacy concerns, why she's disappointed women comprise only 10 percent of the cybersecurity workforce, and how Microsoft's own attitude – and reputation – for security has evolved over the years. New America's Peter Singer and Passcode's Sara Sorcher also chat with Elana Broitman, a shareholder in Greenbert Traurig, LLP.’s Government Law & Policy Practice and a former Defense Department official. They discuss the benefits of having cyber insurance, how the Pentagon should think about buying cybersecurity products and services, and bridging the trust gap between Washington and Silicon Valley.