Greg Otto talks with Exabeam’s Gabrielle Hempel about the complex terrain of AI regulation at both the federal and state levels, offering a deep dive into the legislative challenges, and the balancing act of fostering innovation while protecting public interests. They also reflect on how public interaction with AI systems is shaping legislative efforts, aiming to provide a comprehensive exploration of the regulatory landscape and its implications for businesses. In our reporter chat, Greg talks to Tim Starks about a Congressional hearing that examined DHS’s elimination of the entire Cyber Safety Review Board’s roster. LINK: https://cyberscoop.com/removal-cyber-safety-review-board-members/

As we head into 2025, Greg talks with Jason Baker, a ransomware negotiator for Guidepoint Security, on how ransomware has shifted and evolved, and the challenges it poses for businesses and governments alike. Jason also sheds light on the top threat actors, the future of international regulations and where they might fall concerning the contentious issue of paying ransoms, and what businesses can do to limit the damage if they are ever attacked. In our reporter chat, Greg talks to Tim Starks about the conversations happening in Washington, D.C. regarding enhanced offensive cybersecurity operations. LINK: https://cyberscoop.com/aggressive-cyber-offense-trump-administration-us-strategy-debate/

In the first episode of 2025, Greg Otto dives into a conversation with Phil Venables, the Chief Information Security Officer of Google Cloud, who shares insights from his expansive career in cybersecurity. From his beginnings as Goldman Sachs' first CISO to his current role leading risk and security at Google, Phil discusses the evolving challenges CISOs face, including the impact of AI-powered cyber threats and strategies to prevent burnout. Discover Phil's perspectives on fostering a supportive organizational culture and the importance of proactive planning in strengthening cybersecurity resilience. In our reporter chat, Greg talks with Derek Johnson about a hacker scheme that abuses the guardrails in generative AI.

In the latest episode of Safe Mode, Greg Otto talks with Vik Phatak, Chairman and CEO of CyberRatings.org. Cyber Ratings recently released a report assessing the native firewalls provided by major cloud service providers like Microsoft, Google, and AWS. These cloud-native firewalls, included with their instances, were put to the test by Cyber Ratings to evaluate their effectiveness. The findings reveal significant shortcomings in relying solely on these built-in security measures. In our reporter chat, Greg Otto talks with Tim Starks about two interesting stories that chronicle the latest in the shady world of spyware. LINK: https://cyberscoop.com/russian-surveillance-spyware-threat-citizen-lab/ https://cyberscoop.com/amnesty-international-exposes-serbian-polices-use-of-spyware-on-journalists-activists/

In the latest episode of Safe Mode, Greg Otto talks with Emily Crose about her new book “Hack to The Future: How World Governments Relentlessly Pursue and Domesticate Hackers.” Emily explains how the US government managed to weaponize a subculture widely seen as misanthropic and awkward into a lever of power that now has far-reaching geopolitical implications In our reporter chat, Greg Otto talks with Tim Starks about the continued investigation and fallout of the Salt Typhoon hacks. Also in this episode: ThreatLocker CEO and Co-Founder Danny Jenkins joins SNG host Wyatt Kash in a sponsored podcast discussion on how implementing a layered approach to network security better protects government data. This segment was sponsored by ThreatLocker. LINK: https://cyberscoop.com/senators-witnesses-3b-for-rip-and-replace-a-good-start-to-preventing-salt-typhoon-style-breaches/

In the latest episode of Safe Mode, Greg Otto talks with Andrew Morris, founder and chief architect of GreyNoise. Greg and Andrew talk about some recent work GreyNoise has released including one of the first instances where threat detection has been augmented by AI to discover zero-day vulnerabilities. In our reporter chat, Greg talks with Tim Starks about his interview with the president of Dakota State University, and how she sees the state’s politicians impacting cybersecurity in a Trump administration. LINK: https://cyberscoop.com/south-dakota-cybersecurity-leadership-2025/

In the latest episode of Safe Mode, we talk to Peter Anaman, principal investigator in Microsoft’s Digital Crimes Unit. Peter takes us on a deep dive on how the Digital Crimes Unit (DCU) has morphed since its inception in 2008. We'll explore how investigative approaches have evolved over the years and discuss how cybercriminals are adapting in response to disruptive actions. In our reporter chat, Greg Otto talks with Christian Vasquez about Cape, a new mobile phone company looking to change the privacy game with a hardened phone that doesn’t keep metadata, while also adhering to the strict U.S. criminal and national security laws. LINK: https://cyberscoop.com/cape-phone-privacy-calea-tracking/

In this episode, Greg Otto chats with David Brumley, an offensive cybersecurity professor at Carnegie Mellon and CEO of Mayhem Security, as he is collaborating with the FAA and airplane manufacturers to tackle critical software security challenges in the aerospace industry. David delves into the most pressing cybersecurity threats facing aircraft today, examines the types of software currently in use on airplanes, and highlights areas of concern within the broader aerospace sector. He also discusses potential strategies the FAA could employ to strengthen cybersecurity in aviation. Also in this episode: ThreatLocker co-founder and CEO Danny Jenkins joins SNG host Wyatt Kash in a sponsored podcast discussion on why zero trust and least privilege access are foundational to how critical infrastructure enterprises should secure their operations today. This segment was sponsored by ThreatLocker. Greg also chats with Tim Starks about the latest cybersecurity news related to the incoming Trump administration. LINK: https://cyberscoop.com/dhs-nominee-kristi-noem-cyber-grants-trump-admin/

In this conversation, Casey Bleeker, CEO of SurePath AI, a leader in generative AI security, delves into the evolving landscape of AI regulation in the U.S. He discusses the potential for varying regulations across states, akin to current data privacy laws. The challenges of creating a cohesive national strategy are highlighted, along with the need for robust governance frameworks for generative AI. Further, Casey emphasizes the importance of transparency and consumer protection, addressing how companies can balance innovation with compliance.

In case you didn't have the chance to attend CyberTalks, we have the keynote address from the event: National Cyber Director Harry Coker highlighted the White House's focus on strategy and policy to address internet routing vulnerabilities, particularly with the Border Gateway Protocol (BGP). Coker emphasized the importance of Resource Public Key Infrastructure (RPKI) for authenticating BGP routing information, acknowledging its slow adoption and implementation challenges, but reported progress with expectations for significant federal coverage by year's end. In our reporter chat, Greg Otto talks with Tim Starks about his story examining the legal barriers anti-spyware advocates are dealing with in a number of high-profile court cases aimed at bringing victims justice. LINK: https://cyberscoop.com/spyware-court-cases-nso-group-meta-whatsapp-apple/