Cyber Focus

Cyber Focus, from the McCrary Institute, explores the people and ideas that shape and protect our digital world. Each week our host, Frank Cilluffo, speaks with the leading voices in cybersecurity, and brings to light what steps public and private organizations need to be taking to keep our country secure.

Cyber Focus Presents: To the Point - Episode 1 - with Chris Inglis and George Barnes 04/25/2025

How Storytelling Shapes Strategy: Peter W. Singer on China, Cyber, and the Future of Conflict 04/22/2025

How Storytelling Shapes Strategy: Peter W. Singer on China, Cyber, and the Future of Conflict In this episode of Cyber Focus, host Frank Cilluffo speaks with Peter W. Singer, strategist at New America, professor at Arizona State, and founder of Useful Fiction. They revisit Singer’s influential book Ghost Fleet and examine how the strategic landscape—particularly U.S.-China competition—has shifted over the past decade. Singer discusses China’s military reorganization and the lessons it's drawing from the war in Ukraine. He also explores how AI is reshaping the nature of cyber threats. The conversation highlights the growing intersection of cyber, physical, and cognitive warfare. Singer explains how storytelling can make complex strategies easier to understand and more likely to drive change. He emphasizes the need for cross-domain thinking and a more dynamic approach to building the cybersecurity workforce. Main Topics Covered: China's military reorganization and the emergence of the Information Support Force Lessons from the Russia-Ukraine war and implications for China The role of narrative and “useful fiction” in cybersecurity policy and strategy Hybrid threats: cyber attacks, cognitive warfare, and disinformation Emerging risks tied to AI, automation, and operational technology Breaking down silos and redefining the cybersecurity workforce Key Quotes: "If you are telling yourself that there is not a state of intense cooperation alliance between Russia and China, you are telling yourself fiction." – Peter W. Singer "[In 2015's Ghost Fleet] we portrayed a world where there was China catching up to us in technology capability... we're not as ahead in the race as we were back then." – Peter W. Singer "If we were to see such a kind of scenario [a conflict with China or Russia], the private sector would be touched by it and therefore it needs to start scenario building for it." – Peter W. Singer "[China] didn't enter into a [U.S.] water system because it wanted the intellectual property... No, it was setting up a beachhead in case there was a conflict." – Peter W. Singer "If you read a white paper, one part of your brain lights up. If you read it as told in a scenario—and it can be a true story or it can be a fictionalized story—four parts of your brain light up." – Peter W. Singer Relevant Links and Resources Useful Fiction A storytelling consultancy founded by Peter Singer that helps organizations use narrative to drive strategic thinking and communication. Ghost Fleet: A Novel of the Next World War Singer’s bestselling speculative novel that explores how future warfare might unfold, blending real-world research with fiction. Peter W. Singer – Personal Website Singer’s official website, featuring his books, articles, media appearances, and professional background. Peter W. Singer at New America Singer’s profile at New America, where he serves as a strategist focused on defense policy, cybersecurity, and emerging technologies. China Intelligence – Defense One & BluePath Labs A collaborative project analyzing Chinese military and strategic developments using open-source intelligence. Guest Bio: Peter Warren Singer is a strategist at New America, professor of practice at Arizona State University, and founder of Useful Fiction—a company that helps organizations communicate strategy through storytelling. He’s the bestselling author of books like LikeWar, Wired for War, and Ghost Fleet, and has advised everyone from military leaders to Hollywood producers. Described by The Wall Street Journal as “the premier futurist in the national-security environment,” he’s spoken everywhere from the White House to the Sydney Opera House. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/36267935

Rethinking Offensive Cyber: Strategy, Deterrence, and Real-World Impact with Adm. Mike Rogers (Ret.) 04/15/2025

Rethinking Offensive Cyber: Strategy, Deterrence, and Real-World Impact with Adm. Mike Rogers (Ret.) Overview: In this episode of Cyber Focus, host Frank Cilluffo sits down with Admiral Mike Rogers (Ret.), former Commander of U.S. Cyber Command and Director of the National Security Agency. Rogers shares insights from his leadership across two administrations, discussing offensive cyber operations, the evolution of Cyber Command, and pressing national security challenges. The conversation spans from undersea cable vulnerabilities to public-private integration, the future of quantum and AI, and the enduring need for clarity in cyber policy. A decorated Auburn alum, Rogers reflects on lessons learned, historical inflection points, and what must change for the U.S. to stay ahead in the cyber domain. Main Topics Covered: Shifting to a proactive cyber posture: persistent engagement and defend forward The evolving role of Cyber Command and comparisons to SOCOM Vulnerabilities in undersea cable infrastructure and space-like situational awareness Lessons from Ukraine on real-time public-private integration Strategic implications of AI and quantum technologies Key Quotes: “I believe that what [offensive cyber actions] we ought to authorize is not just going after infrastructure but directly going after capability within those nations that are generating these effects against us.” — Adm. Mike Rogers “If you're going to deter an entity, they have to have some level of awareness of both [your] capability and intent.” — Adm. Mike Rogers “If you had asked me five years ago when I left Cyber Command, would a foreign entity, in this case a nation-state, upload destructive malware into critical U.S. infrastructure in a time of peace?... I would have said to you… there's a low probability. Boy, I got that wrong.” — Adm. Mike Rogers “I think it requires a little precision in how we discuss these matters. Because not all hacks are the same, not all hackers are the same, not all intentions are the same, not all capabilities are the same. [Not] everything is an ‘attack’.” — Frank Cilluffo “I'm not interested in collaboration; I'm interested in integration. I'm interested in a real-time situational awareness between government and the private sector.” — Adm. Mike Rogers Relevant Links and Resources: U.S. Cyber Command – Mission and Vision NSA – About the Agency Cyberspace Solarium Commission Final Report Guest Bio: Adm. Mike Rogers (Ret.) served as the Director of the National Security Agency and Commander of U.S. Cyber Command from 2014 to 2018. A four-star admiral with a distinguished 37-year career in the U.S. Navy, he helped shape modern cyber strategy at the highest levels of government. Since retiring from active duty, he has advised Fortune 500 companies, startups, and global institutions on cyber, intelligence, and national security issues. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/36074480

Cyber, Space, and the Future of Warfare with Rep. Mike Rogers 04/08/2025

Cyber, Space, and the Future of Warfare with Rep. Mike Rogers In this episode of Cyber Focus, host Frank Cilluffo speaks with Congressman Mike Rogers, Chairman of the House Armed Services Committee. Representing Alabama’s 3rd District, Rogers outlines his top defense priorities, including boosting defense spending, acquisition reform, and preparing for cyber and space warfare. He also shares insights on missile defense, the strategic role of Huntsville, the future of the national cyber workforce, and the growing energy demands of AI. Rogers offers a candid look at how Congress is adapting to emerging threats and why he believes space and cyber will define the future of national security. Main Topics Covered: The National Defense Authorization Act (NDAA) process and bipartisan cooperation Calls to raise defense spending to 5% of GDP and enforce acquisition reform Evolving threats in space, cyber, and unmanned warfare domains The future cyber workforce and talent exchange between government and industry Strategic importance of Huntsville, including missile defense and Space Command Grid security, EMP threats, and energy challenges posed by AI infrastructure Key Quotes: We are at the lowest level of defense spending as a percentage of GDP since before World War II. It is dangerously low, 2.9% of GDP. We really should be closer to 5%. – Rep. Mike Rogers You can put a multi-million warehouse stockpile of drones together and we can upgrade them every week or every month without touching them. And those are the kind of changes that we need to make sure that we can move with the speed of relevance. – Rep. Mike Rogers Guam has a big target on it. Number one target by China. If we get into a conflict... it will be target number one. – Rep. Mike Rogers We're going to be doing swarms [of underwater drones] just like we're doing swarms in the air. You're going to find the use of unmanned fighter jets is going to be very commonplace. We're already doing some of that now, but it's going to be a lot. – Rep. Mike Rogers "There will be a lot of battles fought where there's not a gun fired. It's going to be through cyber and through space." – Rep. Mike Rogers Relevant Links and Resources: Guest Bio: Mike Rogers is the U.S. Representative for Alabama’s 3rd Congressional District and Chairman of the House Armed Services Committee. A leading voice on national defense and space policy, Rogers has served in Congress since 2003 and was instrumental in the creation of the U.S. Space Force. He is a strong advocate for strengthening the defense industrial base, modernizing military capabilities, and advancing cybersecurity and national security interests at home and abroad. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/35934690

Can America’s Travel System Handle What’s Coming? U.S. Travel's Ryan Propis on the Road Ahead 04/01/2025

Can America’s Travel System Handle What’s Coming? U.S. Travel's Ryan Propis on the Road Ahead In this episode of Cyber Focus, host Frank Cilluffo speaks with Ryan Propis, Vice President for Security and Facilitation at the U.S. Travel Association. With the U.S. preparing to host the World Cup in 2026 and the Olympics in 2028, Propis outlines how these massive international events will test the limits of our country’s travel infrastructure and security systems. Drawing on his experience as Chief of Staff at TSA and a senior staffer on Capitol Hill, he discusses the urgent need to modernize how we screen, move, and protect travelers—especially as daily passenger volumes are set to surge. The conversation highlights the role of technology, data-sharing, and public-private coordination in ensuring secure and efficient travel to and within the United States. Main Topics Covered: Anticipating record-breaking travel volumes in 2026 (World Cup) and 2028 (Olympics) The TSA’s role in balancing efficiency and security at scale How Propis’s experience at TSA and in Congress shaped his approach to modernizing U.S. travel security through both policy and operations Public-private collaboration on travel facilitation and security innovation The importance of interoperability and data-sharing across agencies How travel security fits into broader national security strategy Top Quotes: "We call [it] the mega decade of events coming up here. You've got this summer, the Ryder Cup and the Club World Cup. Next summer, you've got America's 250th anniversary with the FIFA World Cup—the largest they've ever had. More teams than they've ever had. It's across the U.S., Canada, and Mexico—11 cities in the U.S., which is absolutely massive. The Olympics in ’28, Olympics in L.A., we have Olympics in [2034] in Salt Lake. So it just continues to grow and grow." – Ryan Propis "Last year, TSA screened 3 million travelers on two different days. In 2026, when we host the World Cup, we're gonna have 3 million travelers a day on 50 days… and then in 2028, when we have the Olympics, it's going to be on 100 days. The system is just not there. We're not ready yet in terms of efficiency [and] security." – Ryan Propis "Travel is absolutely essential to the economy, to our national security, and really the American way of life." – Ryan Propis "[The commercial facilities sector is] naturally open. You know, there's not natural barriers or hardened security across the space. You know, it's almost not tenable to do that in terms of the economic impact and for the processes and for these operations to take place as they normally would." – Ryan Propis "The cybersecurity risk from American companies operating in China having to report and share certain information just to operate opens up a whole other can of worms that obviously I know we're all concerned about." – Ryan Propis Relevant Links and Resources: Guest Bio: Ryan Propis is the Vice President for Security and Facilitation at the U.S. Travel Association, where he leads efforts to modernize and secure the travel experience across the country. Prior to this role, he served as Chief of Staff at the Transportation Security Administration (TSA) and spent over a decade on Capitol Hill, including as General Counsel and Deputy Staff Director of the House Homeland Security Committee. His expertise spans policy, regulatory coordination, and risk management across transportation and commercial facilities sectors, particularly in preparation for major global events like the World Cup and the Olympics. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/35887540

Threat Intelligence and AI's role in Cyber Defense with Palo Alto's Andy Piazza and Daniel Kroese 03/25/2025

Threat Intelligence and AI's role in Cyber Defense with Palo Alto's Andy Piazza and Daniel Kroese In this episode of Cyber Focus, host Frank Cilluffo sits down with Andy Piazza, a senior threat intelligence leader at Unit 42, and Daniel Kroese, a cybersecurity policy expert, both from Palo Alto Networks. They discuss key findings from Palo Alto Networks’ 2025 Global Incident Response Report, highlighting the accelerating speed of cyberattacks, the growing use of AI in both offense and defense, and the increasing sophistication of nation-state and cybercriminal operations. The conversation explores the intersection of cybersecurity technology, policy, and defense strategies, including the importance of behavioral analysis, public-private partnerships, and the evolving role of zero trust in securing networks. Main Topics Covered: Findings from Palo Alto Networks’ 2025 Global Incident Response Report The accelerating speed of cyberattacks and data exfiltration How AI is shaping both cyber threats and defensive capabilities The role of initial access brokers in modern attacks Nation-state involvement in cybercrime and adversarial collaboration The importance of zero trust and behavioral analysis in defense strategies Policy recommendations for the next U.S. administration’s cybersecurity priorities The growing complexity of securing multi-cloud environments Challenges in asset visibility and managing cyber risk Key Quotes: “So, for example, in 25% of the cases, we saw attackers exfiltrating data within five hours of initial compromise. That's really, really fast.” – Andy Piazza “Better cyber defense is a data problem, which means it's solvable. And what is the best way to solve a thorny large scale data problem? AI.” – Daniel Kroese “We always talk about nation states or even cybercriminals stealing data. They don't steal data, they copy it. If they stole data, we would have taken that seriously a long time ago.” – Andy Piazza “Organizations on average take 6 days to respond to a cyber incident. When adversaries are now exfiltrating data in hours, we can actually have real time statistics around mean Time to detect and mean time to respond.” – Daniel Kroese “40% of cloud incidents were because there was unmanaged cloud assets that were out there... From a defense standpoint, you can't secure what you can't see.” – Daniel Kroese Relevant Links and Resources: Guest Bios: Andy Piazza is a senior threat intelligence leader at Unit 42, Palo Alto Networks, and a veteran of both the cybersecurity industry and the U.S. Army. His work focuses on tracking threat actors, understanding cybercriminal tactics, and helping organizations defend against emerging threats. Daniel Kroese is a cybersecurity policy expert at Palo Alto Networks with experience in both government and the private sector. He previously served as staff director for the House Homeland Security Committee and as Chief of Staff to former CIA Director John Ratcliffe. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/35777065

Legacy Systems and the Future of Manufacturing Security with Bill Rucker 03/19/2025

Legacy Systems and the Future of Manufacturing Security with Bill Rucker In this episode of Cyber Focus, host Frank Cilluffo sits down with Bill Rucker, a seasoned veteran in IT and cybersecurity, currently leading Trustwave Government Solutions. They explore the insights from Trustwave's recent report on cybersecurity challenges facing the manufacturing sector. Rucker highlights the rapidly rising costs of breaches, now averaging $5.8 million, emphasizing vulnerabilities stemming from legacy operational technology (OT) and the complexities of integrating OT with modern IT systems. The conversation also covers the increased sophistication of cyber threats, the critical need for visibility in cybersecurity, and practical steps manufacturers can take to bolster their defenses. Main Topics Covered: Rising cybersecurity threats in manufacturing Increasing costs and impacts of cybersecurity breaches in manufacturing Challenges with legacy OT devices and integration with IT infrastructure Recommendations for strengthening cybersecurity resilience in manufacturing Importance of collaboration between private sector companies and government cybersecurity efforts Key Quotes: "The average cost of breach in 2023 for the manufacturing sector was about 4.6, 4.7 million dollars. That's closer to 5.8 now." – Bill Rucker "The biggest issue too in manufacturing is the legacy devices and the fact that there's now such a push to take OT devices and put them into IoT." – Bill Rucker "Dwell time—how long an adversary remains undetected—used to be 177 days on average. Now it’s sub-10 days in the last two years, thanks to the explosion of EDR technology." – Bill Rucker “Human nature remains consistent for good or bad, and it's going to take people to have trust and actually work together to get things done." – Frank Cilluffo "Bad news doesn't get better with time. So let's talk about what the challenges are." – Bill Rucker Relevant Links and Resources: Guest Bio: Bill Rucker is the President of Trustwave Government Solutions, with nearly 25 years of experience in cybersecurity and IT. His leadership has been instrumental in securing critical sectors, including government and manufacturing, through strategic cybersecurity initiatives. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/35733260

China, Clean Energy and the Future of U.S. Energy Security with Harry Krejsa 03/12/2025

China, Clean Energy and the Future of U.S. Energy Security with Harry Krejsa In this episode of Cyber Focus, host Frank Cilluffo sits down with Harry Krejsa, Director of Studies at Carnegie Mellon University's Institute for Strategy and Technology. Krejsa, a former Pentagon and White House cyber strategist, discusses his latest report, Sunshield, which highlights the intersection of cybersecurity, U.S.-China competition, and grid security. The conversation explores how China's cyber operations exploit technical debt in U.S. critical infrastructure, the cybersecurity risks and opportunities in the energy transition, and how the rapid buildout of AI-driven power demand presents both new challenges and unique opportunities. Krejsa outlines strategic actions the U.S. must take to secure its energy future and broader critical infrastructure against Chinese cyber threats. Main Topics Covered China's cyber threat to U.S. critical infrastructure, including Volt Typhoon's activities The risks of integrating old and new technology in the energy sector How the energy transition presents a unique chance to embed cybersecurity from the start The role of AI data centers in reshaping U.S. energy infrastructure and security Key policy actions needed to reduce U.S. dependency on Chinese-dominated supply chains Lessons from the financial sector in managing systemic cybersecurity risks Key Quotes "The People's Republic of China, we now know, are working to place disruptive and destructive cyber capabilities on various kinds of American infrastructure... to stymie our ability to mobilize a military response to a crisis... [and] induced societal panic." — Harry Krejsa "No critical infrastructure sector in the country has the amount of capital necessary to undergo that [security] transformation, except for one... the electricity sector." — Harry Krejsa “I think we need to put modern energy at the center of our competition with China.” — Harry Krejsa “We need to get the glowering national security hawks like myself, and the affirmative vision granola crunching energy communities sitting down and talking to each other.” — Harry Krejsa "The IT-OT convergence has been a theme we come back to over and over because it is very real. Yet if you look at our defenders, we still don't look at it through the same lens.” — Frank Cilluffo Relevant Links Guest Bio Harry Krejsa is the Director of Studies at Carnegie Mellon University's Institute for Strategy and Technology. A former White House and Pentagon cyber strategist, he played a key role in shaping the National Cyber Strategy and served on the Cyberspace Solarium Commission. His expertise spans China's cyber operations, critical infrastructure security, and the intersection of emerging technology with national defense. /episode/index/show/259c9a54-bf3b-46b9-84e1-e114ffa39095/id/35642315