In this bonus episode, Blake, Sharon Mandell and Mark Kuhr have a discussion about the impact of agentic AI in cybersecurity, focusing on both threats and opportunities. They touch on the rise of AI-enabled cyberattacks and how adversarial and generative AI are being leveraged by attackers, as well as the dual-use nature of AI. How can it can be both a threat and a tool for defenders?

Jim Langevin, former chair of the Congressional Cyber Caucus and Democratic Congressman from Rhode Island, reflects on his belief that cybersecurity remains a bipartisan issue. He emphasizes the importance of collaboration between government and the private sector, and the potential of artificial intelligence in enhancing cybersecurity.

Timestamps:

• 01:05 - About Rep. Langevin
• 04:08 - Building a hacker-friendly congress
• 09:53 - Cybersecurity as a bipartisan issue
• 15:39 - Trying to predict the future
• 19:44 - AI and cyber defense

Find Blake on LinkedIn

Find Rep Langevin on LinkedIn 

Paul Mote, Vice President, Solutions Architects at Synack, discusses if we're ready to embrace AI in a world of ever-evolving threats. Who will AI help more, attackers or defenders?

TIMESTAMPS:

• 00:35 - What is a solutions architect?
• 02:56 - Advancing threats
• 13:32 - Are we ready to embrace AI? 
• 20:58 - What’s real, what’s not?
• 25:03 - Find Paul Mote on LinkedIn

 Lea Kissner, CISO of LinkedIn, describes the dangers of perverse metrics, the importance of phishing-resistant technologies, and the ongoing challenge of recruiting and retaining top talent in the field. Lea also explains how  they deal with complex privacy issues at scale every day. Lea and Blake also touch on LinkedIn's efforts to balance security with user privacy preferences, and the evolving threat landscape posed by AI.

Find Lea on LinkedIn

Find Blake on LinkedIn

Follow WE'RE IN!

Mike Witt, NASA's Senior Agency Information Security Officer and Chief Information Security Officer for Cybersecurity and Privacy, has a long history of public service. In addition to serving 10 years in the U.S. Army, Mike was the director of the United States Computer Emergency Readiness Team (US-CERT) at the Department of Homeland Security and a key cybersecurity official at the IRS. Now, he’s leading NASA’s efforts to secure spaceflight centers nationwide and their missions to the final frontier.

Tune in to the latest episode of WE’RE IN! to hear more about how NASA balances its out-of-this-world mission with real-world concerns about cybersecurity resulting from increased activity from other space agencies and commercial interests alike.

Listen to learn more about: 

• How NASA responded to the Log4j vulnerabilities revealed in 2021
• Why the SAISO position was created 
• How NASA’s stellar reputation helps it address the cybersecurity talent shortage

Lieutenant General Lori Reynolds' (Ret., USMC) career journey from a Naval Academy graduate to a key figure in cybersecurity and information warfare illustrates the progression of military communications and cyber operations. Initially commissioned as a Marine Corps communications officer in 1986, Lori’s career took her from managing traditional radio communications to leading the Marine Corps Cyberspace Command. 

Tune in to hear how she played an important part in integrating cyber operations into the Marine Corps' combined arms approach and later spearheaded efforts to create a comprehensive information warfighting function.

Listen to learn more about: 

How China's cyber operations have become more sophisticated, quiet and focused on long-term strategic positioning

Why the threat now extends beyond cyberattacks to include technological exports and influence operations 

How Russia and other state actors are also engaged in hybrid warfare, operating below the threshold of conventional conflict

The Department of Defense Cyber Crime Center (DC3) operates a Vulnerability Disclosure Program (VDP) that handles critical cybersecurity issues reported by the public, including using an actual red phone for urgent matters. In the latest episode of WE’RE IN!, Melissa Vice, director of DC3’s VDP, describes how they respond to cyberthreats and collaborate with other groups within the center, such as the Operation Enablement Directorate and cyber forensics laboratory. 

Tune in to hear how the program, which began in 2016 following a successful bug bounty event, has processed over 53,000 reports, 56% of which were actionable, and resulted in nearly 30,000 remediated vulnerabilities.

Listen to learn more about:

Why VDP has been recognized by the government as a reliable and economical cybersecurity strategy 

How Melissa and her team handled the notorious Log4j vulnerability

How DC3 has explored the use of AI and machine learning to enhance capabilities and scale operations 

Hear from this season’s guests for their thoughts and predictions on AI and cybersecurity. We took sound bites from a range of WE’RE IN! interviewees, whose opinions on AI vary from thinking it’s overblown to being cautiously curious. Tune into this episode to better understand AI’s seismic effects on the infosec industry.

Bill Dunnion, chief information security officer at global telecommunications company Mitel, is well-versed in the critical nature of telecom infrastructure and the devices that support it. He’s also keenly aware of how his role as CISO is under increasing scrutiny from regulators around the world and in Canada, where Mitel is based. 

In this episode of WE’RE IN!, Bill expresses skepticism about AI, preferring the term "machine learning" for most current applications, but he acknowledges its potential benefits, such as improving threat detection.

Listen to hear more about: 

• How Bill's diverse background in telecom, IT, and security has provided him with a well-rounded perspective to approach his CISO role
• Why the integration of voice, data, and collaboration tools in enterprise communications presents new cybersecurity challenges
• Why security awareness is crucial for both professional and personal life 

Jen, a former military professional turned hacker, shares her journey into cybersecurity and her experiences with the Synack Red Team in the latest episode of WE’RE IN! She transitioned from fixing security issues to actively seeking vulnerabilities, inspired by her brother and motivated by her experiences at the storied hacker conference, DEF CON. Jen emphasizes the importance of skill development and preparation for women entering the male-dominated cybersecurity field, and discusses her preferred hacking tools and techniques.

In this episode of WE’RE IN!, Jennifer gives her take on AI in penetration testing, suggesting it should be used as a tool for initial reconnaissance but not for exploiting vulnerabilities. 
 

Listen to hear more about: 

• Why all of Jennifer’s smart home devices’ warranties are voided
• How anyone can be a hacker by following the Open Source Intelligence methodology to find vulnerabilities
• The importance of producing high-quality work and going above and beyond to gain trust in the pentesting industry