How can small nonprofits and civic organizations defend themselves against some of the most insidious malware on the planet? By reaching out to Elijah Baucom. The director of Citizen Clinic at UC Berkeley, Baucom runs a public-interest cybersecurity program that trains students to support organizations in defending against cyber threats. A digital security expert and educator, Baucom talks with Greg Otto about making cybersecurity resources accessible to all students and vulnerable groups, drawing on his extensive background in management consulting and network engineering. In our reporter chat, Greg talks with Derek Johnson about the work OpenAI is doing to prevent malicious actors from user generative AI in their schemes. LINK: https://cyberscoop.com/openai-threat-report-foreign-influence-generative-ai/

Since 2022, Mandiant has tracked North Korean IT workers who, posing as non-North Koreans, secure employment in various industries to fund DPRK's weapons programs, often engaging in cyber intrusions with the help of foreign facilitators. In this episode, CyberScoop Editor-in-Chief Greg Otto talks with Mandiant’s Michael Barnhart on what is going on in terms of North Korea’s goals, and how organizations can take precautions to prevent remote worker fraud. Greg also talks to CyberScoop reporter AJ Vicens on the latest LockBit takedown, which was conducted by a host of different countries. LINK: https://cyberscoop.com/russian-cybercrime-raids-cryptex-uaps/

In a captivating discussion, John Fokker, Head of Threat Intelligence at Trellix and a leading expert on ransomware-as-a-service, shares insights on the evolving cybercrime landscape. AJ Vicens, a cybersecurity reporter, dives into the Snowflake breach, exploring how a notorious cybercriminal is facing increasing pressure from law enforcement. The conversation also highlights how AI is reshaping threat tactics, with criminals experimenting with new tools while law enforcement struggles to keep up. A must-listen for anyone interested in the future of cybersecurity!

AI is transforming how companies secure their IT infrastructure, especially in industries like airlines, health care, retail, and telecommunications, which rely on applications and APIs for seamless digital experiences. However, there's a risk of companies improperly deploying AI tools or using insecure vendors, potentially leading to widespread data breaches and operational outages. CyberScoop Editor-in-Chief Greg Otto talks with F5 Networks CTO Kunal Anand about the increasing challenges in IT security and complexity as more AI applications are adopted and what companies should focus on to safeguard their systems as policies and regulations evolve. CyberScoop reporter Derek B. Johnson also sits down with Greg to talk about a congressional hearing that heavily focused on cybersecurity issues for election officials ahead of November.

Secure-by-design transforms secure code from an afterthought to an inherent feature, weaving a resilient shield directly into the fabric of every application and device from the ground up. But while everyone’s mind gravitates toward the ocean of software we all use, how does secure-by-design translate to the Internet of Things? In this episode, CyberScoop Editor-in-Chief Greg Otto talks with RunSafe CEO Joe Saunders on how to incentivize manufacturers to create secure IoT devices. CyberScoop reporter Christian Vasquez also sits down with Greg to talk about two projects launched at this year’s DEF CON aimed at using volunteers to respond to localized cyber incidents.

If you want to understand cybersecurity policy, it’s not enough to focus on Washington D.C. — you have to also grok the American tech industry. Few people have bridged that divide more effectively than Ted Schlein, the legendary venture capitalist who is currently at Ballistic Ventures. On this episode of Safe Mode, he sits down with host Elias Groll to discuss Washington D.C., Silicon Valley and the relationship between the two. CyberScoop senior reporter AJ Vicens also joins the show to discuss the latest developments regarding Iran’s efforts to hack Donald Trump’s presidential campaign.

With Election Day rapidly approaching in the United States, the Trump campaign claims that the first major hack-and-leak operation has arrived. After a handful of U.S. media outlets received leaked material on vice presidential candidate JD Vance, the Trump campaign said it had been the victim of an Iranian hacking operation. On this episode of Safe Mode, CyberScoop senior reporter Tim Starks sits down with host Elias Groll to discuss what we know about the operation and its significance. Also on this episode, John Hammond of Huntress provides a technical deep dive on how an errant CrowdStrike software update managed to break large parts of the internet.

An epidemic of ransomware, cyberattacks on gas pipelines, Chinese infiltration of American critical infrastructure — these are just some of the cybersecurity issues the Biden administration has tackled during the president’s first term in office. With President Joe Biden’s time in office winding down, it’s worth taking stock: Has his administration managed to move the needle on cybersecurity? On this episode of Safe Mode, CyberScoop Senior Reporter Tim Starks sits down with host Elias Groll to discuss the administration’s numerous cybersecurity initiatives and to consider their impact.

AI governance regimes the world over have seized on compute thresholds as a mechanism for implementing various controls on artificial intelligence systems. The basic idea is that if an AI model relies on a sufficiently large amount of computing power, then various controls kick in. As AI models get larger, the thinking goes, they also get riskier, and this means that AI governance regimes should focus on the largest models, as measured by computing power. But does this idea make any sense as a governing tool for the models of today and tomorrow? Sara Hooker leads Cohere’s research operation, and she’s looked hard at whether compute thresholds can be applied to AI systems to mitigate risks. On this episode of Safe Mode, she sits down with host Elias Groll to discuss her research on compute thresholds. CyberScoop’s newly minted editor in chief, Greg Otto, also joins the show to discuss how an errant CrowdStrike software update took down a huge number of critical services across the internet. Links: On the Limits of Compute Thresholds as a Governance Strategy | arXiv CrowdStrike Falcon flaw sends Windows computers into chaos worldwide | CyberScoop

Around the world policymakers seem to be grappling with the same question: How best to govern artificial intelligence? The Center for Security and Emerging Technology, a Washington-based think tank, has emerged as a key and influential player in that conversation. And on this episode of Safe Mode, its executive director, Dewey Murdick, sits down with host Elias Groll to describe what he sees as the enabling principles of AI governance. Also on the show this week, CyberScoop reporter AJ Vicens discusses a landmark breach affecting AT&T that saw call and text records of nearly all the company’s customers be stolen.