Sign up to save your podcasts
Or
Share Ukraine, Private Sector Power, and Cyber Defense with Greg Rattray
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Ukraine, Private Sector Power, and Cyber Defense with Greg Rattray
Ukraine's cyber defense has become one of the clearest real-world tests of what resilience actually looks like under sustained attack. In this episode of Cyber Focus, Greg Rattray explains why Ukrainian defenders held up better than many expected, and what their experience reveals about the limits of prevention, the value of shared visibility, and the growing operational role of the private sector.
Drawing on his work leading the Cyber Defense Assistance Collaborative, Rattray argues that exposing adversary activity across a more "brightly illuminated cyberspace" helped blunt Russia's offensive advantage. But the larger lesson is not just about threat visibility. It is about recovery, adaptability, and trust: teams under pressure need tools they already know how to use, leaders need to plan for bad days, and governments need to make room for industry to do more than simply wait for direction.
Main Topics Covered
- The "bright room" concept in cyber defense
- Why resilience matters more than perfect prevention
- Familiar tools vs. cutting-edge tech in crisis
- The private sector's front-line role
- How cyber, EW, and drones are converging
Key Quotes:
"It's pretty hard to do cyber offense in a bright room, in a dark room, it's a lot easier. But like what we've done here is give the Ukrainians the position that the Russian attacks are trying to occur in a pretty brightly illuminated cyberspace." — Greg Rattray
"Kyivstar, [Ukraine's] major telecommunications provider, got leveled in December of 2023. I thought they would be out for weeks. Two days later they were back up and running." — Greg Rattray
"The speed at which drones have to change in order to stay survivable and effective; these innovation cycles are weeks, not years." — Greg Rattray
"While the NIST cybersecurity framework talks about respond and recover, the amount of energy that goes into resilience is still to my mind, under thought, under exercised, [and] under invested in." — Greg Rattray
"The notion that you're going to be targeted has to be part of your risk calculus. And therefore you even with a good team... you cannot guarantee you won't have a bad day." — Greg Rattray
Links/Resources
Cyber Defense Assistance Collaborative: https://crdfglobal-cdac.org
Guest Bio:
Dr. Greg Rattray is Chief Strategy and Risk Officer at Andesite and Executive Director of the Cyber Defense Assistance Collaborative (CDAC), which has facilitated more than $30 million in voluntary cyber defense support to Ukraine. He previously served as J.P. Morgan Chase's Global CISO and Head of Global Cyber Partnerships, and spent 23 years in the U.S. Air Force, including as the National Security Council's Director for Cybersecurity.
View all episodes
By Frank Cilluffo / McCrary Institute
5
1818 ratings
Ukraine's cyber defense has become one of the clearest real-world tests of what resilience actually looks like under sustained attack. In this episode of Cyber Focus, Greg Rattray explains why Ukrainian defenders held up better than many expected, and what their experience reveals about the limits of prevention, the value of shared visibility, and the growing operational role of the private sector.
Drawing on his work leading the Cyber Defense Assistance Collaborative, Rattray argues that exposing adversary activity across a more "brightly illuminated cyberspace" helped blunt Russia's offensive advantage. But the larger lesson is not just about threat visibility. It is about recovery, adaptability, and trust: teams under pressure need tools they already know how to use, leaders need to plan for bad days, and governments need to make room for industry to do more than simply wait for direction.
Main Topics Covered
- The "bright room" concept in cyber defense
- Why resilience matters more than perfect prevention
- Familiar tools vs. cutting-edge tech in crisis
- The private sector's front-line role
- How cyber, EW, and drones are converging
Key Quotes:
"It's pretty hard to do cyber offense in a bright room, in a dark room, it's a lot easier. But like what we've done here is give the Ukrainians the position that the Russian attacks are trying to occur in a pretty brightly illuminated cyberspace." — Greg Rattray
"Kyivstar, [Ukraine's] major telecommunications provider, got leveled in December of 2023. I thought they would be out for weeks. Two days later they were back up and running." — Greg Rattray
"The speed at which drones have to change in order to stay survivable and effective; these innovation cycles are weeks, not years." — Greg Rattray
"While the NIST cybersecurity framework talks about respond and recover, the amount of energy that goes into resilience is still to my mind, under thought, under exercised, [and] under invested in." — Greg Rattray
"The notion that you're going to be targeted has to be part of your risk calculus. And therefore you even with a good team... you cannot guarantee you won't have a bad day." — Greg Rattray
Links/Resources
Cyber Defense Assistance Collaborative: https://crdfglobal-cdac.org
Guest Bio:
Dr. Greg Rattray is Chief Strategy and Risk Officer at Andesite and Executive Director of the Cyber Defense Assistance Collaborative (CDAC), which has facilitated more than $30 million in voluntary cyber defense support to Ukraine. He previously served as J.P. Morgan Chase's Global CISO and Head of Global Cyber Partnerships, and spent 23 years in the U.S. Air Force, including as the National Security Council's Director for Cybersecurity.
More shows like Cyber Focus: Cybersecurity, National Security, and Critical Infrastructure
View all
Fareed Zakaria GPS
3,447 Listeners
CyberWire Daily
1,028 Listeners
Azeem Azhar's Exponential View
616 Listeners