How Apple's iPhone Supply Chain Built China into a Manufacturing Superpower with Patrick McGee
Cyber Focus
Supply chains are essential infrastructure—and the iPhone’s supply chain sits at the center of U.S.–China competition. As Washington reassesses economic security, this episode explores what it looks like when market incentives collide with geopolitical reality. Frank Cilluffo speaks with Patrick McGee, author of Apple in China, about his reporting on Apple’s deep manufacturing reliance on China—and what that reveals about leverage, resilience, and risk. They explore how industrial capacity is built through repetition, why diversification is harder than headlines suggest, and how...
info_outline
AI, Critical Infrastructure, and Cascading Failures with Madison Horn
Cyber Focus
Madison Horn joins host Frank Cilluffo to explain why AI-driven cyber risk may be quieter, faster, and harder to spot in 2026. She breaks down “cascading failures” in critical infrastructure—and how a disruption in one sector can quickly ripple into others. The conversation zeroes in on AI agents, especially their ability to create new user accounts, get access to systems, and hide inside everyday routine activity. Horn also warns that AI supply chain weaknesses could spread faster than traditional zero-days. Main Topics Covered Why AI-enabled attacks may look like...
info_outline
Cyber Leadership, Workforce Morale, and the House Email Breach with Nextgov's David DiMolfetta
Cyber Focus
CISA leadership, NSA/Cyber Command staffing, and offensive cyber operations are colliding early in 2026. Frank Cilluffo and reporter David DiMolfetta unpack Sean Plankey’s renomination for CISA Director, and what a prolonged leadership vacuum can mean for agency direction and momentum. They then turn to Lt. Gen. Rudd’s confirmation hearing and the evolving debate over the Title 10/Title 50 “dual hat.” The conversation also examines morale and workforce pressures inside NSA, including reported staffing reductions. It closes with “Absolute Resolve,” what public discussion of cyber...
info_outline
The Hammer and the Anvil: Offensive Cyber Strategy with Chris Inglis
Cyber Focus
Chris Inglis joins Frank Cilluffo to break down what offensive cyber strategy should look like in an era of strategic competition. Drawing from the McCrary Institute’s new report on U.S. cyber policy, Inglis argues that resilience and consequences are not competing theories—they have to work together. He explains why “defend forward” and persistent engagement reshaped authorities and expectations after 2018, including how NSPM-13 changed delegation for operations. The conversation also tackles the messy seam between Title 10 and Title 50 in cyberspace, and why integration—not...
info_outline
Are We Ready for 2026? Top Cyber Predictions on Policy, Tech, and Threats
Cyber Focus
Cyber Focus kicks off 2026 (and its 100th new episode) with rapid-fire predictions from McCrary Institute senior fellows. They flag big policy inflection points—especially whether Congress can reauthorize “CISA 2015,” sustain information-sharing protections, and keep state and local cybersecurity funding on track. Tech-wise, the group focuses on AI’s accelerating integration, the “speed” divide between defenders and adversaries, and emerging pressures across connectivity and infrastructure. On threats, they warn about deepfake-driven social engineering, ransomware that’s getting...
info_outline
AI-Orchestrated Cyber Espionage and the Future of Cyber Defense with CISA’s Nick Andersen
Cyber Focus
AI is speeding up cyber operations and shrinking the window for defenders to respond. Nick Andersen, who leads CISA’s Cybersecurity Division, explains why Anthropic’s recent report caught attention: it described what Anthropic called the first publicly reported AI-orchestrated cyber espionage campaign, in which threat actors misused its Claude models to automate and scale parts of an intrusion. Andersen and Frank Cilluffo unpack what that signal means for resilience, from model safeguards to the infrastructure and people surrounding them. They apply secure-by-design thinking to frontier...
info_outline
Revisiting Offensive Cyber Discussion with Adm. Mike Rogers (Ret.)
Cyber Focus
In this re-releases episode of Cyber Focus, host Frank Cilluffo sits down with Admiral Mike Rogers (Ret.), former Commander of U.S. Cyber Command and Director of the National Security Agency. Rogers shares insights from his leadership across two administrations, discussing offensive cyber operations, the evolution of Cyber Command, and pressing national security challenges. The conversation spans from undersea cable vulnerabilities to public-private integration, the future of quantum and AI, and the enduring need for clarity in cyber policy. A decorated Auburn alum, Rogers reflects on...
info_outline
The Hidden Backbone of the Internet: Subsea Cable Security with Alex Botting
Cyber Focus
Undersea cables quietly carry almost all global internet traffic yet rarely feature in security debates. This episode explains how subsea infrastructure underpins the global economy, data flows, and modern military operations while facing frequent “accidental” disruptions and growing geopolitical risk. Listeners hear why chokepoints, island dependencies, and hotspots from the Red Sea to the Taiwan Strait keep national security officials up at night. The conversation also explores how redundancy, smarter investigations, and faster permitting can harden this hidden backbone against both...
info_outline
The Army’s “No Fail” Cyber Mission with Brandon Pugh
Cyber Focus
Army Principal Cyber Advisor Brandon Pugh joins Frank Cilluffo to address a stark reality: if critical infrastructure fails, the Army cannot mobilize. To meet this “no fail” mission, Pugh explains how the service is aggressively merging cyber with electronic warfare and cutting red tape to field new technology in days rather than years. They also discuss the Army’s unique edge in this digital fight—Reservists who bring high-level private sector expertise directly to the battlefield. The conversation also explores how AI and operational technology are reshaping the Army’s cyber...
info_outline
Inside State Cyber Defense: Whole-of-State Security with Alabama's Daniel Urquhart and Chad Smith
Cyber Focus
State and local governments are stepping up to defend critical services against fast-evolving cyber threats. In this episode of Cyber Focus, Alabama’s top IT leaders show how they’re staying ahead of the curve. They explain how a hybrid, highly decentralized environment forces them to lean on shared standards, SLCGP funding, and whole-of-state partnerships. Along the way, they unpack a recent incident that came dangerously close to crisis and what it revealed about tools, visibility, and trust. They also look ahead to AI-enabled attacks, deepfakes, and “distortion,” and why automation...
info_outlineCybersecurity veteran Nick Leiserson joins Cyber Focus this week to break down critical governance gaps in the Common Vulnerabilities and Exposures (CVE) system and what’s at stake if they’re not fixed. He and host Frank Cilluffo explore the risks of global fragmentation, the lingering fallout from the F5 breach, and why policy tools like Executive Order 14028 remain stalled. Leiserson warns that the U.S. court system faces an under-the-radar cyber crisis, and shares specific, actionable funding priorities Congress should tackle now. From software supply chain failures to operational coordination gaps, the episode provides a sharp look at what’s missing in the federal cybersecurity response—and what can still be done to fix it.
Main Topics Covered
· Why CVE is the global “lingua franca” for vulnerabilities—and what happens if it fails
· How a near-shutdown exposed CVE’s fragile funding and governance model
· The F5 breach and what it reveals about persistent risks in the software supply chain
· Missed opportunities in EO 14028 and regulatory inertia in implementation
· Why the U.S. court system breach is a cybersecurity crisis hiding in plain sight
· Urgent spending needs: water system grants, K-12 cybersecurity, and court system defense
Key Quotes
“CVE... It’s the universal language that we can all look at and understand what we’re talking about. And today in 2025, we totally take that for granted.”
“The worst case is fragmentation. The second worst is [when] government comes in and says, we're going to supplant the expertise that's been built up over 25 years” —Nick Leiserson
“[Some ask] ‘Didn’t we put a bunch of policy in place to stop SolarWinds?’ The answer is we did. If you look at Executive Order 14028… it came out in the immediate aftermath of SolarWinds, and it has not been implemented.” —Nick Leiserson
“This is just one of those things that’s vaguely terrifying, and it takes a lot to terrify me after 15 years in this space. But as best we can tell from public reporting, either there’s been one continuous breach since 2020, or at least similar types of actors are continually being able to get into the federal court system.” —Nick Leiserson
“[F5 is] one of these bits of technologies that most people would not immediately wake up and say that's essential to our economy, our national security, our public safety. But it is.” —Frank Cilluffo
Relevant Links and Resources
Institute for Security + Technology report on CVE reform
Executive Order 14028 – Improving the Nation’s Cybersecurity
CISA’s Known Exploited Vulnerabilities (KEV) Catalog
FCC K–12 Cybersecurity Pilot Program
Guest Bio
Nick Leiserson is Senior Vice President for Policy at the Institute for Security and Technology. He was a founding member of the Office of the National Cyber Director, where he led national cyber policy development and helped launch the National Cybersecurity Strategy Implementation Plan. Previously, he served as Chief of Staff to Rep. Jim Langevin and helped enact dozens of recommendations from the Cyberspace Solarium Commission. A longtime strategist on Capitol Hill and in the White House, Leiserson is known for translating complex tech policy into action on issues ranging from regulatory harmonization to software liability.