Safe Mode Podcast

The General Services Administration has tapped the U.S. Army Corps of Engineers’ chief information officer and chief data officer to serve as its new deputy CIO, the agency confirmed Thursday. Dovarius Peoples will join GSA on Oct. 6, an agency spokesperson told FedScoop. Peoples also has held leadership positions at the Office of Personnel Management and the National Security Agency.

Also: The Department of Health and Human Services would be required to implement a pandemic preparedness and response program that leverages artificial intelligence under new bipartisan Senate legislation. That bill, which was introduced Wednesday and announced Thursday, would call on the secretary of HHS to establish a new program called “MedShield” that would protect against future pandemics by aiding collaboration between government and the private sector and use AI in several areas, including detecting pathogens and developing vaccines.

The Daily Scoop Podcast is available every Monday-Friday afternoon.

If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on on Apple Podcasts, Soundcloud, Spotify and YouTube.

CyberScoop Editor-in-Chief Greg Otto was out at Mandiant's mWISE conference last week, and talked with Trellix’s head of threat intelligence, John Fokker, about a host of different subjects. In the first portion of the interview, Greg and John discuss how the Ransomware-as-a-Service landscape has changed in the past year, and how threat actors have adjusted to the changes the industry has made in order to stop their schemes. In the second half, Greg and John talk about threat actors’ use of AI, which is in its experimentation phrase (like everyone else). In the reporter chat, Greg talks with AJ Vicens about research that shows how the walls are closing in on a suspect responsible for breaches tied to Snowflake.

LINK: https://cyberscoop.com/snowflake-hacker-judische-labscon-2024/

AI is transforming how companies secure their IT infrastructure, especially in industries like airlines, health care, retail, and telecommunications, which rely on applications and APIs for seamless digital experiences. However, there's a risk of companies improperly deploying AI tools or using insecure vendors, potentially leading to widespread data breaches and operational outages. CyberScoop Editor-in-Chief Greg Otto talks with F5 Networks CTO Kunal Anand about the increasing challenges in IT security and complexity as more AI applications are adopted and what companies should focus on to safeguard their systems as policies and regulations evolve. CyberScoop reporter Derek B. Johnson also sits down with Greg to talk about a congressional hearing that heavily focused on cybersecurity issues for election officials ahead of November.

Secure-by-design transforms secure code from an afterthought to an inherent feature, weaving a resilient shield directly into the fabric of every application and device from the ground up. But while everyone’s mind gravitates toward the ocean of software we all use, how does secure-by-design translate to the Internet of Things? In this episode, CyberScoop Editor-in-Chief Greg Otto talks with RunSafe CEO Joe Saunders on how to incentivize manufacturers to create secure IoT devices. CyberScoop reporter Christian Vasquez also sits down with Greg to talk about two projects launched at this year’s DEF CON aimed at using volunteers to respond to localized cyber incidents.

If you want to understand cybersecurity policy, it’s not enough to focus on Washington D.C. — you have to also grok the American tech industry. Few people have bridged that divide more effectively than Ted Schlein, the legendary venture capitalist who is currently at Ballistic Ventures. On this episode of Safe Mode, he sits down with host Elias Groll to discuss Washington D.C., Silicon Valley and the relationship between the two. CyberScoop senior reporter AJ Vicens also joins the show to discuss the latest developments regarding Iran’s efforts to hack Donald Trump’s presidential campaign.

With Election Day rapidly approaching in the United States, the Trump campaign claims that the first major hack-and-leak operation has arrived. After a handful of U.S. media outlets received leaked material on vice presidential candidate JD Vance, the Trump campaign said it had been the victim of an Iranian hacking operation. On this episode of Safe Mode, CyberScoop senior reporter Tim Starks sits down with host Elias Groll to discuss what we know about the operation and its significance. Also on this episode, John Hammond of Huntress provides a technical deep dive on how an errant CrowdStrike software update managed to break large parts of the internet.

An epidemic of ransomware, cyberattacks on gas pipelines, Chinese infiltration of American critical infrastructure — these are just some of the cybersecurity issues the Biden administration has tackled during the president’s first term in office. With President Joe Biden’s time in office winding down, it’s worth taking stock: Has his administration managed to move the needle on cybersecurity? On this episode of Safe Mode, CyberScoop Senior Reporter Tim Starks sits down with host Elias Groll to discuss the administration’s numerous cybersecurity initiatives and to consider their impact.

AI governance regimes the world over have seized on compute thresholds as a mechanism for implementing various controls on artificial intelligence systems. The basic idea is that if an AI model relies on a sufficiently large amount of computing power, then various controls kick in. As AI models get larger, the thinking goes, they also get riskier, and this means that AI governance regimes should focus on the largest models, as measured by computing power. But does this idea make any sense as a governing tool for the models of today and tomorrow? Sara Hooker leads Cohere’s research operation, and she’s looked hard at whether compute thresholds can be applied to AI systems to mitigate risks. On this episode of Safe Mode, she sits down with host Elias Groll to discuss her research on compute thresholds. CyberScoop’s newly minted editor in chief, Greg Otto, also joins the show to discuss how an errant CrowdStrike software update took down a huge number of critical services across the internet.

Links:

On the Limits of Compute Thresholds as a Governance Strategy | arXiv

CrowdStrike Falcon flaw sends Windows computers into chaos worldwide | CyberScoop

Around the world policymakers seem to be grappling with the same question: How best to govern artificial intelligence? The Center for Security and Emerging Technology, a Washington-based think tank, has emerged as a key and influential player in that conversation. And on this episode of Safe Mode, its executive director, Dewey Murdick, sits down with host Elias Groll to describe what he sees as the enabling principles of AI governance. Also on the show this week, CyberScoop reporter AJ Vicens discusses a landmark breach affecting AT&T that saw call and text records of nearly all the company’s customers be stolen.

We are living through an epidemic of ransomware. Last year alone, the amount paid to ransomware operators exceeded $1 billion, and the entities getting hit and seeing their operations disrupted by ransomware included hospitals, schools and libraries. Ransomware is both a public-health and national-security crisis, yet efforts to address the problem are not making a dent. Allan Liska is a senior intelligence analyst at Recorded Future and a leading analyst of the ransomware phenomenon, and on this episode of Safe Mode he sits down with host Elias Groll to discuss why it’s long past time to ban ransomware payments. CyberScoop reporter Derek Johnson also joins the show to discuss the U.S. intelligence community’s observations of information operations targeting the 2024 election.