In this episode of Cyber Focus, host Frank Cilluffo sits down with Phil Venables, Chief Information Security Officer for Google Cloud. They discuss Venables' work co-leading the President's Council of Advisors on Science and Technology's report on cyber-physical resilience, and its key recommendations including creating a national critical infrastructure observatory. The conversation also covers Google's focus on secure-by-design and secure-by-default, the implications of AI/generative AI for cybersecurity, and the evolving role of the CISO as more of a chief risk officer.Main Topics CoveredPresident’s Council of Advisors on Science and Technology Report to the President on Strategy for Cyber-Physical ResilienceCreating a national critical infrastructure observatorySecure by design and secure by default at GoogleImplications of AI/generative AI for cybersecurity defendersEvolution of the CISO role to be more like a chief risk officerCurrent cyber threat landscape and basic defenses still neededPublic-private partnership between tech companies and governmentQuotes"It's not just about security, privacy, or compliance. It's about trust and safety… The bold but responsible use of AI." - Venables on ethical AI concerns"We have much more heavily engaged with our government partners, not just here in the US, but around the world, because we recognize our position in supporting critical infrastructures." - Venables on Google's public-private partnerships."[Executives] also need to make sure that there's the resources in the ranks in their organizations to get security done." - Venables on executive support for security"...implementing strong phishing resistant multi-factor authentication, keeping systems up to date, segmenting and all the basic hygiene...when you do it, you mitigate a whole bunch of risks." - Venables on basic cyber hygiene defensesResources President’s Council of Advisors on Science and Technology report on cyber-physical systems - Press Release, Executive Summary, Full ReportGoogle's Secure AI Framework (SAIF)Secure By DesignSecure By DefaultBioPhil Venables is the Chief Information Security Officer for Google Cloud. Prior to Google, he spent 20 years at Goldman Sachs as CISO and Chief Operational Risk Officer, establishing the firm as a cybersecurity leader. Venables co-led the President's Council report on enhancing cyber-physical resilience of critical infrastructure, recommending a national infrastructure observatory. He has co-founded multiple financial sector cybersecurity initiatives and served on boards for NIST, NYU, NSA, and others. Widely recognized for his leadership, Venables has received the RSA Conference Award, FS-ISAC Critical Infrastructure Award, and other top honors. With over 25 years of cross-disciplinary experience across finance, technology and risk management, he brings a unique perspective to Google Cloud's security efforts.

In this episode of Cyber Focus Frank Cilluffo and Matt Hayden discuss the intricate challenges posed by cyber threats and the role of organizations like CISA in coordinating defense efforts. They discuss the influence of emerging technologies such as AI and quantum computing, the impact of emerging technologies on defenses, and the zero trust security model to enhance resilience.Main Topics CoveredCritical infrastructure threats and vulnerabilitiesLiving off the land techniques used by attackersDeterrence strategies and creating playbooks for different threat actorsRole of innovation and emerging technologies like AI, quantum, 5G/6GConvergence of physical and cyber securityZero trust security modelImportance of resilience in critical infrastructureQuotes"You come after a critical infrastructure within our domestic space, it points back to you. We're going to have a conversation you're not going to like." - Matt Hayden on deterring attacks on critical infrastructure."Resilience means you have the ability to re-stand up infrastructure service to really work with your network and your users to where you still have the ability to operate." - Matt Hayden defining resilience."We would have the traditional sanctions methods...but it wasn't something that really imposed cost. And so looking at that model now, there is the need for playbooks that are strategic for each bad actor." - Matt Hayden on needing tailored deterrence strategies.“You're saying I'll let you get away with X? Yeah, but not Y…  And as [the bad actors] get worse, the deterrent gets stronger. You have to gradient [deterrence].” - Matt Hayden on deterrence gradient.“The strength of America is that people want to be here for all the challenges you have. People would rather live here than anywhere else.” - Matt Hayden on American innovation being a strength.Resources MentionedNational Security Memorandum 22BioMatt Hayden is a cybersecurity executive with over 20 years of experience spanning both the public and private sectors. He currently serves as VP for Cyber and emerging technology at CyIQ, fostering industry partnerships and driving growth strategies. Previously, Hayden held senior leadership roles at DHS, including serving as the Assistant Secretary for Cyber, Infrastructure, Risk, and Resilience Policy. In this position, he led policy development efforts focused on reducing national risks to critical infrastructure cybersecurity, federal networks, and comparing cybercrime. Hayden also served as a senior advisor with DHS’s Cybersecurity and Infrastructure Security Agency and its Office of Partnership and Engagement. He is a Senior Fellow at the McCrary Institute.

Flashpoint CEO Josh Lefkowitz joins us for a fascinating talk about how 9/11 changed the trajectory of his career, the impact of Telegram worldwide and how A.I. is making human analysts better.

On location at the RSA Conference 2024, we talk to Alison King and Elisa Costante about the National Security Memorandum on Critical Infrastructure Security and Resilience, the 2024 Report on Cybersecurity Posture of the United States, and creating opportunities for women in cyber.

In this episode Frank Cilluffo sits down with Anjana Rajan, the assistant national cyber director for technology security at the Office of the National Cyber Director in the White House. Their discussion sheds light on the challenges and complexities of reshaping the cybersecurity landscape with better buildings blocks.  Together, they the White House's call for broader use of memory safe programming languages, and how her office is working with the private sector to find ways to eliminate entire categories of cyber vulnerabilities. ONCD Report - Back to the Building Blocks: A Path Toward Secure and Measurable Software

Gavin Wilde helped create  the formal U.S. assessment of Russia's foreign influence campaigns in 2016 and 2020. Now a Senior Fellow at the Carnegie Endowment for International Peace, he's asking whether the drive to thwart those efforts in damaging our democracy. In today's episode, Gavin shares with Frank Cilluffo why he is pushing back on assumptions about those campaigns, and the real dangers of believing they are effective. https://tnsr.org/2024/03/from-panic-to-policy-the-limits-of-foreign-propaganda-and-the-foundations-of-an-effective-response/https://carnegieendowment.org/experts/2183

The National Institute of Standards and Technology (NIST) recently updated its widely used Cybersecurity Framework. Cheri Pascoe, Director of the National Cybersecurity Center of Excellence (NCCoE), joins us for this episode to talk about the new 2.0 edition of the framework, and why it's better equipped to respond to the current challenges cybersecurity professionals face. Find the CSF 2.0 here.

As an investigative cyber reporter for Reuters, Chris Bing spends his days uncovering the facts behind the world's biggest cyber stories. In this episode he shares with Frank what it's like to break news on cyber criminal activities, including the ransomware attack on Change Healthcare wrecking havoc on the industry's payment processes. Chris also shares insights into how governments are cracking down. https://www.reuters.com/authors/christopher-bing/

On this week's Cyber focus, Frank Cilluffo interviews Mark Montgomery, the Executive Director of the Cyberspace Solarium Commission. They address the commission's history and role in shaping U.S. cybersecurity policies. They also outline unfinished business in the field, and explore the challenges posed by China and TikTok.

As Director General of the Israeli National Cyber Directorate, Yigal Unna oversaw every aspect of Israel's cyber defenses. In this episode he shares with Frank what he thinks of the international threat landscape, the growth of private cyber defense start-ups, and his advice for a restructured approach to U.S. cyber organizations.

As the former Director of the National Counterintelligence and Security Center (NCSC) Bill Evanina led the U.S. efforts to block and disrupt foreign espionage from advisories like China. On this week’s episode, he shares insights into the shape of those operations, and what should be happening now to stay ahead of the actions China is taking now.

On this week's episode, Chris Krebs shares insights into the current highs and lows of the cybersecurity world. He looks back on his years of public service, the performance of those that followed him after his departure from CISA in 2020, and gives advice to those managing risks inside the private sector.

George Barnes worked inside the National Security Agency for 35 years. Before retiring last year, he served as the agency's Deputy Director and most senior civilian leader. In this week's episode, George shares what led the NSA to leave behind the complete secrecy of the past, and embrace a more open posture with the American people. He also lays out his vision for improving the country's cyber security.

Dmitri Alperovitch, co-founder of CrowdStrike and Silverado Policy Accelerator, and the Washington Post's Ellen Nakashima join Frank Cilluffo for an engaging discussion of how to keep cyber threats in the proper global perspective. They both share insights into the current conflicts in Ukraine and Gaza, and the potential for future conflict over Taiwan.

In this episode, host Frank Cilluffo talks with Mike D'Ambrosio of the unexpected ways the Secret Service shapes how the U.S. fights against cybercrime.

Cyber Focus is where we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo speaks with Tom Fanning, the now retired CEO of The Southern Company. The two discuss the best ways private businesses need to approve their digital security, and why company leaders are too often missing the mark.

In this episode Frank Cilluffo speaks with Politico's Maggie Miller, about her recent reporting on China, and Iran. Maggie's recent reporting: On Chinese threats to Guam: https://subscriber.politicopro.com/article/2024/02/guam-facing-continuous-cyber-threats-from-china-delegate-says-00140433On threats to US critical water utilities: https://www.politico.com/news/2023/11/28/federal-government-investigating-multiple-hacks-of-us-water-utilities-00128977  On telecom connectivity in Gaza: https://www.politico.com/news/2024/01/17/biden-israel-gaza-internet-blackout-00136194On breaches at the State Department: https://www.politico.com/news/2023/09/15/digital-tripwire-helped-state-uncover-chinese-hack-00115973

Cyber Focus is where we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo talks with Melissa Hathaway, a former presidential advisor, and leading voice on US cyber policy. She shares the ways she believes the country has lost ground in its pursuit of cybersecurity, and what steps need to be taken to get back on track.

On Cyber Focus we explore the people and ideas shaping and protecting our digital world. In this episode host Frank Cilluffo talks with CNN reporter Sean Lyngaas about how he started covering cybersecurity, what those experiences have taught him, and what group has become one of the most underestimated threats in the world.Sean's recent work:https://www.cnn.com/2024/02/02/politics/illicit-iranian-programs-targeted-us-measures/index.htmlhttps://www.cnn.com/2024/01/31/politics/china-hacking-infrascture-fbi-director-christopher-wray/index.htmlhttps://www.cnn.com/2024/01/30/politics/xi-biden-china-us-2024-election/index.html

Host Frank Cilluffo speaks with Chris Inglis, who just finished serving as the country's first National Cyber Director. They discuss the current challenges confronting the US in today's cybersecurity landscape and explore new obstacles emerging with the rise of AI.Show Notes: https://www.washingtonpost.com/politi... https://www.barrons.com/articles/ai-r... https://thehill.com/opinion/cybersecu...https://mccrary.auburn.edu/events/sol...