CyberWire Daily

Tim Starks, a Senior Reporter at CyberScoop, joins to dissect the latest in cybersecurity legislation and national security. He examines the recent Defense Authorization Bill and its implications for cyber provisions, including new phone security mandates. The conversation dives into funding increases for Cyber Command and NSA amidst a turbulent cybersecurity landscape. Starks also reflects on the challenges of rebuilding talent and programs in the face of growing cyber threats and the unsettling state of federal policy as we look towards 2025.

In this chat, John Funge, venture partner at DataTribe and a seasoned software engineer, sheds light on the intriguing world of cybersecurity investments. He dives into how VCs assess startups, highlighting team dynamics and market fit. John also discusses the tension between CISO needs and VC incentives, suggesting ways for better alignment. He emphasizes the importance of utilizing practitioner feedback for informed investment decisions and urges CISOs to actively engage with investors to foster meaningful security innovation.

Eric Woodruff, Chief Identity Architect at Semperis and expert on identity risks, dives deep into the world of NoAuth abuse and full account takeovers. He reveals how certain apps' reliance on emails as identifiers creates significant vulnerabilities. Eric outlines the alarming findings, showing that 5–9% of tested applications are susceptible to attacks. He provides insights into how attackers exploit this trust to access accounts unnoticed, highlighting the crucial need for improved detection methods and better accountability among SaaS vendors.

In this chat, Eric Escobar, a principal consultant and penetration tester at SecureWorks with a civil engineering background, shares his fascinating journey into cybersecurity. He reveals how his childhood tinkering with Legos led him to break into networks and discover his passion for offensive security. Emphasizing the importance of curiosity and collaboration, Eric discusses how teams with diverse backgrounds tackle complex challenges. He also offers valuable advice for aspiring cybersecurity professionals: just start learning through podcasts, courses, and competitions.

Darren Meyer, a Security Research Advocate at Checkmarx, dives into the alarming world of AI vulnerabilities. He introduces 'lies-in-the-loop,' a technique that tricks developers into approving risky AI actions masked as harmless. Using examples with AI code assistants like Claude Code, he explains how prompt injection can lead to catastrophic consequences like remote code execution. With rising AI adoption, he stresses the critical need for better security awareness and protective measures in developer workflows.

Nitay Milner, CEO of Orion Security, shares insights into data loss prevention in the AI era. He highlights the dangers of corporate data leaks into AI tools and discusses the importance of prioritizing DLP for CISOs. Milner addresses the limitations of legacy DLP methods, emphasizing the role of LLMs in improving detection accuracy and reducing false positives. He points out the dual nature of AI as a risk and a resource for enhanced data security, while anticipating new challenges in this rapidly evolving landscape.

Larry Zorio, CISO at Mark43, specializes in public safety cybersecurity. He highlights the pressing insider cyber risks facing first responders and the challenges with legacy systems. Zorio shares insights on how 98% of law enforcement view cybersecurity as critical to tech decisions. He discusses the importance of access controls and concerns about shadow AI. Additionally, he emphasizes funding disparities between large and small agencies and advocates for adopting NIST/ISO/CIS frameworks to enhance security and secure grants.

Doron Davidson, the General Manager and Managing Director of Security Operations at CyberProof Israel, discusses the evolution of security operation capabilities. He highlights the concept of agentic SOCs, emphasizing their potential by 2027 for autonomous alert management. Doron also shares insights on which SOC functions stand to benefit the most from automation and how analysts' roles will transform into consultative and management positions. With a focus on safeguards and practical implementations, he offers valuable advice for organizations starting their agentic transformation.

In this discussion, Christiaan Beek, Senior Director of Threat Intelligence & Analytics at Rapid7, shares his expertise on the rapidly changing landscape of cyber threats. He highlights the alarming surge in ransomware incidents, revealing how attackers are now exploiting vulnerabilities more swiftly than ever. Beek emphasizes the evolving tactics that target critical sectors like healthcare and construction. Additionally, he explores how nation-state actors are enhancing their stealth and persistence methods, while AI-driven strategies bolster their attack capabilities.

Michael Sottile, CISO at a quantum computing firm, shares his extensive cybersecurity experience spanning fintech, healthcare, and defense. He explains why CISOs must prepare for quantum computing now, discussing the risks of data longevity and the looming 'harvest now, decrypt later' threat. Michael demystifies qubits and superposition, outlines how quantum can bolster fraud detection while jeopardizing encryption, and stresses the importance of phased migration plans. He also highlights the challenges posed by legacy devices and emphasizes precise asset inventorying to mitigate risks.