In this episode of Cyber Focus, host Frank Cilluffo sits down with Harry Krejsa, Director of Studies at Carnegie Mellon University's Institute for Strategy and Technology. Krejsa, a former Pentagon and White House cyber strategist, discusses his latest report, Sunshield, which highlights the intersection of cybersecurity, U.S.-China competition, and grid security. The conversation explores how China's cyber operations exploit technical debt in U.S. critical infrastructure, the cybersecurity risks and opportunities in the energy transition, and how the rapid buildout of AI-driven power demand presents both new challenges and unique opportunities. Krejsa outlines strategic actions the U.S. must take to secure its energy future and broader critical infrastructure against Chinese cyber threats.

Main Topics Covered

• China's cyber threat to U.S. critical infrastructure, including Volt Typhoon's activities
• The risks of integrating old and new technology in the energy sector
• How the energy transition presents a unique chance to embed cybersecurity from the start
• The role of AI data centers in reshaping U.S. energy infrastructure and security
• Key policy actions needed to reduce U.S. dependency on Chinese-dominated supply chains
• Lessons from the financial sector in managing systemic cybersecurity risks

Key Quotes

"The People's Republic of China, we now know, are working to place disruptive and destructive cyber capabilities on various kinds of American infrastructure... to stymie our ability to mobilize a military response to a crisis... [and] induced societal panic." — Harry Krejsa

"No critical infrastructure sector in the country has the amount of capital necessary to undergo that [security] transformation, except for one... the electricity sector." — Harry Krejsa

"I think we need to put modern energy at the center of our competition with China." — Harry Krejsa

"We need to get the glowering national security hawks like myself, and the affirmative vision granola crunching energy communities sitting down and talking to each other." — Harry Krejsa

"The IT-OT convergence has been a theme we come back to over and over because it is very real. Yet if you look at our defenders, we still don't look at it through the same lens." — Frank Cilluffo

Relevant Links

SUN SHIELD: How Clean Tech & America's Energy Expansion Can Stop Chinese Cyber Threats

Guest Bio

Harry Krejsa is the Director of Studies at Carnegie Mellon University's Institute for Strategy and Technology. A former White House and Pentagon cyber strategist, he played a key role in shaping the National Cyber Strategy and served on the Cyberspace Solarium Commission. His expertise spans China's cyber operations, critical infrastructure security, and the intersection of emerging technology with national defense.

In this episode of Cyber Focus, host Frank Cilluffo speaks with Cynthia Brumfield, a prolific cybersecurity journalist and analyst. Brumfield discusses her reporting on the human toll of cybersecurity incidents, including mental health challenges and burnout among cyber professionals. She also explores the evolving role of deception technology in cyber defense and highlights key cybersecurity provisions in the latest National Defense Authorization Act (NDAA). The conversation covers the growing threats posed by foreign adversaries, including China, and the importance of resilience in cybersecurity operations.

Main Topics Covered:

• The mental health impact of cybersecurity incidents and the need for better support systems
• Deception technology and its role in cyber defense beyond traditional honeypots
• Cybersecurity funding and policy changes in the NDAA, including a $30 billion investment in military cyber operations
• The rise of ransomware and its classification as a national security threat
• The establishment of the NSA's AI Security Center and its implications for national security
• Supply chain security concerns, including Chinese technology risks in ports and telecommunications

Key Quotes:

"I don't think I realized until I wrote it and having talked to all the folks who have gone through this... I don't think I realized how traumatic it is to be in the middle of a cybersecurity incident. In fact, it's very much like any other emergency situation." – Cynthia Brumfield

"You need to lay the baseline of an appropriate emotional and psychological response to these incidents before they occur, so that you don't have the burnout, that you don't have the PTSD." – Cynthia Brumfield

"[Deception technology] is basically this term of coming up with a very broad strategic goal of tricking the enemy and getting them lured into dead ends on your network." – Cynthia Brumfield

"I think [the Cyber Force discussion] has legs this time... There's some momentum on this. I'm getting asked more and more and more questions, including from skeptics." – Frank Cilluffo

"It's important when we're talking about Chinese supply chain threats and espionage threats to sort of separate the wheat from the chaff. There are some serious concerns... but we have to have a much more sophisticated grasp on what are the true threats and what are not really true." – Cynthia Brumfield

Relevant Links and Resources:

https://www.metacurity.com/

Managing the emotional toll cybersecurity incidents can take on your team

Increasing the response level to ransomware

Tricking the bad guys

Guest Bio:
Cynthia Brumfield is a leading cybersecurity journalist and analyst, writing for publications such as CSO Online. She runs Metacurity.com, a cybersecurity news site, and has been covering the field for over a decade. Her work focuses on cyber policy, national security, and emerging threats, with an emphasis on making complex issues accessible to a broad audience.

In this episode of Cyber Focus, host Frank Cilluffo speaks with Sai Molige, the leader of the threat hunting team at Forescout. They discuss the key findings from Forescout's 2024 Global Threat Roundup, including the growing role of bulletproof hosting services, increasing attacker dwell time, and targeted cyber intrusions on critical infrastructure. Molige explains how state-sponsored actors and cybercriminals are increasingly collaborating, and how the convergence of IT and OT security is reshaping the cybersecurity landscape. He also shares insights into new malware targeting industrial control systems, emerging attack techniques, and the importance of intelligence-led defense strategies.

Main Topics Covered:

• Key findings from the 2024 Global Threat Roundup: bulletproof hosting, increased attacker dwell time, and rising attacks on cybersecurity infrastructure.
• Threats to critical infrastructure: espionage and tracking of key personnel, VPN exploitation, and borrowing of attack tools between cyber groups.
• State-sponsored and criminal cyber collaboration: the blurred lines between nation-state actors and cybercriminal groups.
• Operational Technology (OT) security risks: increased targeting of specialized industrial protocols and legacy system vulnerabilities.
• Threat hunting frameworks and cyber resilience: the importance of intelligence-led defense, strategic visibility, and response planning.

Key Quotes:

"[Bulletproofing services become] breeding grounds for cyber attacks, or at least the building blocks for it. —Sai Molige

"Attackers are spending an increased amount of time inside the network to better understand the environment they are in." —Sai Molige

"Cyber criminals...are finding opportunities, and partnering with either nation state groups or state-sponsored groups." —Sai Molige

"Trust is the coin of the realm for the good guys, but also for the bad guys. So maybe we need to be spending a little more time eroding trust and confidence between and among some of these cyber criminals." —Frank Cilluffo

"[Threat hunting] is a iterative and proactive process, to uncover hidden risks and enhance resilience." —Sai Molige

Relevant Links and Resources:

• Forescout's 2024 Global Threat Roundup
• CISA Cybersecurity Advisories on Industrial Control Systems

Guest Bio:

Sai Molige is the head of Threat Hunting at Forescout, where he leads efforts in adversary engagement, cyber intelligence, and advanced threat detection. He has previously worked at Comcast and Snapchat, bringing deep expertise in network security, offensive cybersecurity strategies, and cyber threat intelligence. His work focuses on understanding attack patterns, improving cyber resilience, and bridging gaps between IT and OT security.

In this episode of Cyber Focus, host Frank Cilluffo visits Birmingham to speak with Alabama State Senator Arthur Orr and Matt Massey, President of the Alabama School of Cyber Technology and Engineering (ASCTE). They discuss the origins of ASCTE, its rigorous curriculum, and its dual mission to educate top-tier students while expanding cyber education across the state. The conversation explores the school's national security significance, its unique hands-on learning model, public-private partnerships, and future growth plans. Senator Orr and Massey highlight the importance of workforce development and how ASCTE is preparing students for careers in cybersecurity and engineering.

Main Topics Covered:

• The legislative origins of ASCTE and its role as a statewide magnet school
• ASCTE's rigorous academic curriculum and hands-on cyber education approach
• The school's impact on national security and workforce development
• The role of public-private partnerships in ASCTE's success
• Future expansion plans, including new facilities and a research center

Key Quotes:

"We have got to get young people trained and conversant in the cyber world to be able to defend and protect our country from all the cyber threats that we see increasing." —Arthur Orr

"We don't win that numbers game [against China]. We got to ensure that we are always more innovative, more advanced, from a technology and educational standpoint. —Frank Cilluffo

"We actually have the toughest graduation requirements of any school in the nation." —Matt Massey

"We've got students at Georgetown, at Tufts, at Harvard... but also we got some that are going straight to a career now and then some are doing the hybrid role." —Matt Massey

"We wanted cyber education to be very hands on, and we embed cyber concepts in all of our classes" —Matt Massey

Relevant Links and Resources:

https://www.ascte.org/

Guest Bios:

Senator Arthur Orr has served in the Alabama State Senate since 2006, where he has championed numerous education initiatives, including the legislation that established ASCTE in 2018. He previously worked with the Peace Corps and has a background in public service and economic development.

Matt Massey is the President of ASCTE, a pioneering public residential magnet school dedicated to cyber technology and engineering. Prior to leading ASCTE, he served as Superintendent of Madison County Schools. Under his leadership, ASCTE has grown into a national model for cybersecurity education.

In this week's episode Frank Cilluffo speaks with Martin Matishak, a seasoned cybersecurity journalist currently with The Record and formerly with Politico and National Journal. They discuss China's cyber threats, particularly the Volt Typhoon and Soft Typhoon campaigns, and their implications for critical infrastructure security and espionage tactics. Matishak also unpacks supply chain vulnerabilities, U.S. cyber policy challenges, and the evolving debate over Cyber Command 2.0, a U.S. Cyber Force, and the NSA-Cyber Command dual hat structure. The conversation extends to cyber diplomacy, examining U.S. efforts like the FALCON rapid response program and State Department initiatives to counter China's growing digital influence.

Main Topics Covered

• Volt Typhoon and Salt Typhoon cyber threats—China's infiltration of telecom and critical infrastructure networks.
• Cyber Command 2.0 and military cyber readiness—Congressional debates on U.S. cyber capabilities and a potential independent Cyber Force.
• NSA-Cyber Command Dual Hat debate—Should the leadership of U.S. Cyber Command and NSA be separated?
• Cyber supply chain vulnerabilities—The FCC's "Rip and Replace" initiative and the challenge of securing U.S. networks.
• State Department's cyber diplomacy—The FALCON program's role in global cybersecurity response and countering China's digital influence.

Key Quotes:

[China] will do what they want to do when they want to do it. And they are not scared by anything [the U.S. has] done to them so far.—Martin Matishak

A few years ago, [my source said] if the [military] services were at the same readiness levels as the cyber mission force planes would not fly, boats would not sail, soldiers would not march, Marines would not deploy. It was that bad.—Martin Matishak

There are very large swaths of Congress that are just fed up with the lack of readiness of our cyber forces." —Martin Matishak

The 'dual hat' as we know it might be over." —Martin Matishak

At the end of the day, bringing something unique to the table to help others will pay dividends in other diplomatic areas." —Frank Cilluffo

Relevant Links and Resources

• The Record – Martin Matishak's latest reporting
• FCC "Rip and Replace" program
• U.S. Cyber Command

Guest Bio

Martin Matishak is a cybersecurity journalist with The Record, covering national security, cyber threats, and government policy. Previously, he wrote for Politico and National Journal, focusing on cyber warfare, espionage, and defense strategy. His reporting has shaped policy discussions on Chinese cyber operations, U.S. cyber readiness, and emerging cyber defense strategies.

Cyber Focus is the new podcast from The McCrary Institute for Cyber and Infrastructure Security. The institute seeks practical solutions to real-world problems, underpinned by research and scholarship. Led by host Frank Cillufo, each week Cyber Focus will be the place to hear from the leading voices in cybersecurity, and discover what challenges they believe the country must address to ensure a safe and secure future.

Subcribe now, and join us again for our first episode on January 31st.