The Lawfare Podcast Lawfare Daily: The Offensive Cyber Industry and U.S.-China Relations with Winnona Bernsen
Jul 7, 2025
Winnona Bernsen, a nonresident fellow at the Atlantic Council’s Cyber Statecraft Initiative and founder of DistrictCon, dives into the complex world of the offensive cyber industry. She discusses the staggering billion-dollar market for zero-day vulnerabilities and the procurement challenges faced by contractors. The conversation also highlights the contrasting cybersecurity strategies of the U.S. and China, revealing how national values impact hacking culture. With an eye towards the future, Winnona emphasizes the need for international collaboration and talent recognition in cybersecurity.
AI Snips
Chapters
Transcript
Episode notes
US Cyber Supply Chain Gap
- The U.S. lacks a supply chain capable of matching China's scale in offensive cyber capabilities.
- Current U.S. processes are insufficiently scaled for robust cyber offense against China.
Zero Day Vulnerabilities Explained
- Zero-day vulnerabilities are unknown bugs exploitable before vendors find them.
- Exploiting zero days enables breaking into modern, highly secure systems valuable to nations.
Complex Zero-Day Market
- The zero-day market is commercialized, involving private firms, contractors, middlemen, and individual hackers.
- This ecosystem is complex, with many state-linked and private entities buying and selling exploits.