The Cybersecurity Podcast
Passcode and New America have a podcast featuring the leaders and thinkers of cybersecurity.
Cover photo by Christian Cadena used under Creative Commons license.
Cybersecurity is not just about computers and digital processes. The most important, and most interesting, part of the story is the people behind the keyboard.
Whether you’re an IT wonk or simply curious about this key issue now all over the news, we hope you’ll listen to the Cybersecurity Podcast, a regular program featuring key leaders and thinkers in this space. Hosted by Peter W. Singer, senior strategist at New America, and Sara Sorcher, deputy editor of Passcode, our half-hour podcast goes beyond the headlines to discuss some of the most pressing issues and newest ideas in cybersecurity.
You can find The Cybersecurity Podcast on New America’s Soundcloud page and for download on iTunes or Stitcher. We’ll also be updating this page with each episode.
Episode 24: Life as a Teenage Hacker
Paul Vann is the 14-year-old CEO of VannTechCyber LLC, a new cybersecurity company based out of his bedroom in Fredericksburg, Virginia. A rising star in the field, Paul has presented his research on cyberthreats conferences such as BSides Charm in Baltimore and Thotcon in Chicago. He joins Cybersecurity Podcast to discuss what it's like to be a kid hacker, learn about ethics, build a company and get taken seriously by other cybersecurity pros at such a young age. His father, the technical director of international programs at Raytheon Foreground Security also named Paul Vann, chats about how to encourage kids' interest in cybersecurity and still make sure they're being safe online. Related reading: 15 under 15 hacker kids.
This episode is sponsored by HackerOne.
Episode 23: How to Hack the Pentagon
Last summer, more than 1,500 hackers targeted Pentagon websites – but it wasn’t a massive cyberattack. These were vetted hackers invited to participate in the US government’s first ever bug bounty program. Chris Lynch, the director of the Defense Digital Service, and Lisa Wiswell, the group’s digital security lead, explain in this episode of The Cybersecurity Podcast why letting researchers find security flaws in exchange for money or prizes is a big part of the Pentagon’s push to solve complex IT problems.
This episode is sponsored by HackerOne.
Episode 22: What Congress can do to fight hackers
The election may be over but Washington isn’t moving on from the election hacking story just yet. With the intelligence community blaming Russian President Vladimir Putin for organizing hacks on Democratic political organizations to influence the American election to help Donald Trump, Capitol Hill is abuzz with talks of more hearings and new legislation. Cochairman of the Congressional Cybersecurity Caucus, Congressman Jim Langevin joins this episode to talk about the challenges ahead.
Also on this episode, cohost Peter Singer of New America discusses the president-elect’s reticence to condemn Russia for the cyberattacks and cohost Sara Sorcher of the Christian Science Monitor’s Passcode discusses Germany’s plan to fight fake news.
Episode 21: Life After the OPM Hack
The breach at the Office of Personnel Management was one of the most significant cyberattacks in history, and now serves as a cautionary tale for many in Washington and beyond. But what do we know about it a year later? How did it happen? What are some of the lessons the federal government needs to learn to prevent such major breach from happening again? To answer that question and more, The Cybersecurity Podcast crew interviews one of the authors of the US House Oversight and Government Reform Committee, John Costello, who spent last year on Capitol Hill as a Science and Technology fellow through TechCongress.
Also on this episode, podcast cohost Peter W. Singer from New America discusses local cybersecurity challenges and Passcode’s Sara Sorcher talks about a new report from George Washington University about active defense.
Episode 20: Cybersecurity Business is Booming
With a diverse array of threats facing companies and governments around the world, what ideas will resonate with investors? On this episode of The Cybersecurity Podcast, we interviewed Sunil James, a Silicon Valley venture capitalist investing in information security for Bessemer Venture Partners.
Also on this episode, podcast cohost Sara Sorcher from Passcode discusses her latest feature on 15 kids under 15 years old who are rising stars in cybersecurity and cohost Peter W. Singer from New America discusses his latest piece on the Atlantic, about how social media is changing modern warfare.
Episode 19: Rise of the Machines and Deterring Russian Infowarfare
Thomas Rid, professor in the department of War Studies at King’s College London, joins the Cybersecurity Podcast to talk about his new book, “Rise of the Machines,” a sweeping history of mankind’s growing dependence on technology. He also discusses the challenges of attributing cyberattacks and ways to deter Russian information warfare as hackers target American political interests.
Also on this episode, podcast cohost Sara Sorcher, deputy editor of Passcode at the Christian Science Monitor, discusses the emerging private etiquette questions as more people bring personal assistant technology such as Amazon’s Alexa into their homes. Podcast cohost Peter Singer, strategist and senior fellow at New America, discusses his recent trip to Sweden, where officials are viewing cybersecurity threats in military terms.
Episode 18: Government Hacking vs. Human Rights
It sounds like a dystopian sci-fi novel, but all around the world, governments are increasingly breaking into personal computers and smartphones to carry out spy operations. Amie Stepanovich, who specializes in cybersecurity and privacy law at digital rights group Access Now, joins the Cybersecurity Podcast to discuss her new report that looks at government hacking from a human rights perspective. She describes some of the digital methods governments use to surveil targets and whether some hacks are better or worse from a human rights standpoint.
Also on this episode, podcast cohosts Peter Singer from New America and Sara Sorcher from The Christian Science Monitor’s Passcode discuss the role hacking has played in the American elections so far – and the challenges this kind of information warfare might pose well into the future. (Note: Amie’s full report can be found at www.accessnow.org/GovernmentHackingDoc)
Episode 17: All Hail the College Cyberdefense Champions
Heather Lawrence is the president of Hack@UCF, the team of college students from the University of Central Florida that won this summer’s National Collegiate Cyber Defense Competition. She and her teammate, Alex Davis, are part of a student club that has taken three consecutive championships in the country’s largest cyberdefense competition of its kind. On this episode of the Cybersecurity Podcast, these student champions discuss what it’s like to be part of such a high-stakes competition, what young people can do to make sure they remain ethical hackers, and how they plan to adapt to the quick-changing nature of technology.
Also on this episode, podcast cohost Passcode’s Sara Sorcher discusses the hacker community’s reticence to adapt to politics infiltrating the traditionally hardcore DEF CON hacker conference. New America’s Peter Singer shares some stories from an unusual Mad Scientist conference meant to help shape the way the Army fights wars in the future.
Bonus episode: How should the US respond to Ukraine’s power grid hack?
On this extra episode of The Cybersecurity Podcast, reporter Jack Detsch brings you the highlights of a live discussion Passcode hosted in Washington on cybersecurity and the US power grid, featuring Elizabeth Sherwood-Randall, deputy secretary of Energy; Thomas Fanning, chief executive officer of Southern Company; Congressman Will Hurd of Texas; and Robert Lee, cofounder of the cybersecurity firm Dragos Security.
This bonus episode is sponsored by the Edison Electric Institute.
Episode 16: 'Zero Days' Director Alex Gibney on Making Stuxnet a Movie Star
Filmmaker Alex Gibney is known for his awardwinning documenteries on topics that range from Enron to Wikileaks, but now he’s taken on a tough challenge: Making a movie about a secret program that few people will publicly acknowledge. “Zero Days” focuses on the Stuxnet computer virus that’s believed to be the world’s first digital weapon. News outlets had reported that both the US and Israel were behind the virus designed to slow down Iran’s nuclear program – but even now, years after the attack on Natanz uranium enrichment plant, and long since researchers discovered Stuxnet on computers in other countries, the making of Stuxnet is still shrouded in secrecy.
As “Zero Days” premieres in the US, The Cybersecurity Podcast team talks with Gibney about the making of the film, the often frustrating secrecy of official Washington, and his surprise when he found out that Stuxnet was just a small part of a much broader US plan targeting Iran. Also on this episode, hosts Peter Singer of New America gives the inside story of what it’s like to testify on Capitol Hill and Passcode deputy editor Sara Sorcher talks about the 18-year-old who hacked the Pentagon.
Episode 15: Hackers Infiltrated Ukraine's Power Grid. What's Next?
A massive power outage in December left more than 200,000 people in the dark in Western Ukraine. It was the first time a cyberattack successfully took down a portion of a country’s power grid. Rob Lee, cofounder of cybersecurity company Dragos Security and a former US Air Force Cyberoperations Officer, personally investigated the Ukraine hack. He joins the Cybersecurity Podcast to discuss how hackers took out Ukraine's electricity, what more can the US government and companies do to safeguard the American power grid, and the challenges researchers face when trying to test threats to critical infrastructure.
Also in this episode: Podcast host Peter Singer, senior strategist at New America, discusses innovative ways to get more kids involved in cybersecurity – and not just at university level. And his cohost Sara Sorcher, deputy editor of the Christian Science Monitor’s Passcode, explains the surprising findings in her recent article about what the US government really thinks about encryption.
Episode 14: Cybersecurity in 2020, Hacking Ships, and the Price of Bugs
What will be the state of digital security in five and 10 years? That’s the question Steve Weber, director of the University of California - Berkeley’s Center for Long-Term Cybersecurity, and his team tried to tackle in a major research project. Weber joins The Cybersecurity Podcast to talk about the maybe not-so-far out possibilities that people may soon start to see insecurity as the status quo on the Web – and that with the spread of the Internet of Things even their emotions could soon be hacked.
Podcast cohosts Peter Singer from New America and Sara Sorcher from Passcode, The Christian Science Monitor’s section on digital security and privacy, discuss the cybersecurity highlight from their own work this past month. Singer explores the relatively unknown threats to the country’s ports and ships – while Sorcher explains the sometimes-controversial process of deciding exactly how much a security flaw is worth in cash.
Episode 13: The Coming 'Bloodbath' in Cybersecurity Business, Defending US Networks, and Bad Hacker Stereotypes
Jack Harrington, vice president for cybersecurity and special missions at Raytheon, joins The Cybersecurity Podcast to discuss the role the private sector can play in helping government improve its security, the Defense Department’s cyber strategy, and innovative technical solutions to bridge the vast talent gap in this field.
Also joining New America’s Peter Singer and Passcode’s Sara Sorcher is Niloofar Razi Howe, senior vice President and Chief Strategy Officer at RSA, a leading computer and networking security company. They discuss the state of the cybersecurity market, what products and services to expect in the coming years, and how to change the public perception of cybersecurity to recruit a broader range of professionals to the field.
Episode 12: Your Favorite Movies and Cyber from Down Under
New America’s Peter Singer and Passcode’s Sara Sorcher interview Walter Parkes, the noted screenwriter-turned-film producer who’s behind many of your all time favorite cybersecurity movies: Sneakers and WarGames. They talk about the hacker archetypes depicted in pop culture, why these movies resonate with this community, how fiction sometimes inspires real policy change in this field – and whose cybersecurity work he finds most fascinating.
Ben Heyes, chief information security & trust officer at Commonwealth Bank of Australia, also joins the podcast this episode to discuss how the changing landscape of cyberthreats; comparisons between the way US financial institutions and Commonwealth – the largest bank in the entire Southern Hemisphere – approach cybersecurity; and how to navigate cultural differences when operating in many countries.
This episode is sponsored by Dell.
Episode 11: The Encryption Wars and Privacy Shield
Former NSA and CIA director Michael Hayden joins The Cybersecurity Podcast to talk about his new book, “Playing to the Edge: American Intelligence in the Age of Terror.” Hayden – now a principal at The Chertoff Group – discusses the need to balance national security secrets and the public’s right to government transparency, his reaction after Edward Snowden revealed details from mass surveillance programs he started, and why he’s siding in favor of strong encryption for consumers.
Also joining New America’s Peter Singer and Passcode’s Sara Sorcher this episode is Federal Trade Commissioner Julie Brill. They talk about “Privacy Shield,” the new agreement governing transatlantic data flow agreement between the US and the EU. They also discuss why Europeans think America is the “Wild West” when it comes to privacy policies, what more companies can do to ensure they are respecting consumers’ rights, and what’s at stake for privacy with the burgeoning Internet of Things.
This episode is sponsored by Gemalto. Read the full 2015 Breach Level Index here.
Episode 10: Hack the Toaster, Cyber National Guard & Why L0pht Didn't Shutter the Internet
Chris Wysopal a.k.a Weld Pond, chief technology officer of application security firm Veracode, joins The Cybersecurity Podcast to discuss the suspected cyberattack on the Ukrainian power grid, ways to increase transparency about cybersecurity expertise at publicly-traded companies, and why the L0pht hacking collective he once belonged to didn’t want to shut down the Internet back in the 1990s just to prove to senators it could.
Also joining New America’s Peter Singer and Passcode’s Sara Sorcher is Chris Young, general manager of Intel Security. They talk about the unconventional cyberthreats emerging from the booming Internet of Things, the challenges posed by ransomware, and his ideas for a future Cyber National Guard.
Episode 9: Cyber Insurance, Safe Harbor 2.0, and the Human Capital Crisis
Angela McKay, who runs Microsoft’s public policy work on cybersecurity, joins The Cybersecurity Podcast to talk about the importance of developing international norms for cyberspace, European privacy concerns, why she’s disappointed women comprise only 10 percent of the cybersecurity workforce, and how Microsoft’s own attitude – and reputation – for security has evolved over the years.
New America’s Peter Singer and Passcode’s Sara Sorcher also chat with Elana Broitman, a shareholder in Greenbert Traurig, LLP.’s Government Law & Policy Practice and a former Defense Department official. They discuss the benefits of having cyber insurance, how the Pentagon should think about buying cybersecurity products and services, and bridging the trust gap between Washington and Silicon Valley.
Episode 8: A ‘Cyber Party’ with John McAfee and the White House Cybersecurity Czar
For October’s National Cybersecurity Awareness Month, The Cybersecurity Podcast team is bringing you an hour-long special episode featuring White House Cybersecurity Coordinator Michael Daniel, and John McAfee, the security pioneer who just founded his own political party – the Cyber Party – and is running for President of the United States.
New America’s Peter Singer and Passcode’s Sara Sorcher chat with Mr. Daniel about the Obama administration’s plans for sanctions to prevent online attacks, whether he’s optimistic about the recent agreement between Washington and China to thwart cyberespionage, how the White House reacted to the massive Office of Personnel Management hack, and his push to increase the sharing of information between the government and private sector.
Mr. McAfee, the founder of the world’s first commercial antivirus program, shares why he’s running for President and some of his goals for the Oval Office, why he thinks we’re at cyberwar with China, how cyberthreats have evolved since the time he started McAfee, why people’s digital privacy is under attack, and who he thinks is the biggest badass in cybersecurity.
This episode is sponsored by Arizona State University.
Episode 7: Hurd on the Hill, Hacking Jeeps & the Wall of Sheep
Cybersecurity pro and undercover CIA officer-turned-Republican Rep. Will Hurd joins New America’s Peter Singer and Passcode’s Sara Sorcher to talk about what it’s like to be the rare cybersecurity expert in Congress; why he went to DEF CON this summer; and why he’s disappointed the Office of Personnel Management never apologized for allowing his personal information to fall into the hands of hackers. Hurd, a freshman, is chairman of the IT subcommittee on the House Committee on Oversight and Government Reform.
Next up: Chris Valasek. He made headlines this summer by demonstrating a live hack of a Jeep Cherokee with a Wired reporter in it – work that forced a recall of some 1.4 million Chrysler vehicles. Now a security lead at Uber’s advanced technologies center, Valasek joins the podcast to talk about the line between drawing needed attention to cybersecurity issues and a dangerous stunt; how companies can make themselves available for “free quality assurance” hackers can provide; and security concerns within the Internet of Things.
This podcast is sponsored by Arizona State University.
Episode 6: The Half-life of Secrets, A Golden Age of Surveillance, and the US Military's Starship Enterprise
Leading privacy and cyberlaw scholar Peter Swire joins New America’s Peter Singer and Passcode’s Sara Sorcher to talk about the difficulty of keeping secrets in the Digital Age, the differences between the East and West Coast’s views on the Edward Snowden leaks, and what’s still needed to reform US surveillance practices. Swire, a professor at Georgia Institute of Technology who also served on President Obama’s Review Group on Intelligence and Communications Technology, says we’re living in a Golden Age of Surveillance – and that law enforcement is not actually “going dark” in its pursuit of criminals and terrorists but actually has more available data than ever before.
Rick Howard, chief security officer for Palo Alto Networks and Army veteran, weighs in on the line between spying for economic advantage and state secrets; whether companies should be able to strike back when they’re under cyberattack; and if proposed threat information sharing plans will be effective. He also shares stories about how the military, in the early days of cybersecurity, took a stab at recreating science fiction.
Episode 5: Bug Bounties, Stunt Hacks, and the Golden Rules of Breach Disclosure
Katie Moussouris, chief policy officer for HackerOne, joins New America’s Peter Singer and Passcode’s Sara Sorcher to talk about bug bounty programs and how to incentivize hackers to help the private sector solve cybersecurity problems. They also chat about controversial proposed changes to the Wassenaar Arrangement, an arms export agreement, which have incensed major cybersecurity companies, researchers, and digital rights groups.
Siobhan Gorman from global communications consultancy company Brunswick Group joins the panel discussion about how cyberattacks could hurt businesses’ reputations, the “golden rule” for companies to disclose when they’ve been breached, and how government agencies might improve their cybersecurity in the wake of the Office of Personnel Management breach.
This podcast is sponsored by Arizona State University.
Episode 4: Science Fiction, The Surveillance State and World War III
Cory Doctorow – science fiction author, journalist and co-editor of the blog Boing Boing – joins New America's Peter Singer and Passcode's Sara Sorcher to talk about society's "peak indifference" to the Surveillance State, what policies could stand in the way of a future Internet utopia, whether young people actually care about their privacy online, and what a future world war might look like in the 2020s.
Dan Kaufman, director of DARPA's Information Innovation Office, chats about funding "moonshot" projects to help the military beef up its digital defenses, the risks that come with the burgeoning Internet of Things, and what it's like to work in an office with robots in the lobby. This podcast is sponsored by Arizona State University.
032017-podcast2-passcode
Episode 3: Stuxnet, Sexism, CEOs and Surveillance
New America's Peter Singer and Passcode's Sara Sorcher chat with Bruce Schneier, prolific author and chief technology officer at Resilient Systems, about the challenges of publicly blaming countries for cyberattacks – and whose job it should be to defend private companies against sophisticated nation-state attacks. They also hear from Nate Fick, the CEO of Endgame, a venture-backed security intelligence software company, about how he's leveraging cybersecurity solutions once produced just for the government into the private sector.
Wired's Kim Zetter, author of "Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon," joins the panel discussion to talk about how the cyber operation on Iran's nuclear facilities launched a new era of warfare; the vulnerability of US critical infrastructure to Stuxnet-like weapons; and the gender diversity issues bedeviling the cybersecurity industry.
Episode 2: Encryption, Innovation, and the Cyber Gold Rush
New America's Peter Singer and Passcode's Sara Sorcher interview Alex Stamos, Yahoo's chief information security officer and world renownedcybersecurity expert, about his company's new end-to-end e-mail encryption rollout, what it’s like to lead a team of “Paranoids” and why people who have his job are so stressed out.
On the panel discussion, Heather West of Internet performance and security company CloudFlare talks about why startups need good security solutions – and why hackers want to target some of the world's newest companies. The panel also discusses Sorcher's latest feature about the states and regions vying to become the Silicon Valley of cybersecurity in a nationwide cyber gold rush.
This episode is sponsored by The University of Texas at Austin's Center for Identity.
Episode 1: Readying the Cyber Troops
New America's Peter Singer and Passcode's Sara Sorcher interview Lt. Gen. Edward Cardon, the Army's top cyber commander, about how the Army is beefing up its cyberforces, competition for talent with the private sector, and what role the military should play when a nation-state attacks a private company.
Shane Harris, reporter at The Daily Beast and author of '@War, The Rise of the Military-Internet Complex' talks about tensions between the East and West Coasts in a post-Snowden era.
This episode is sponsored by Mach37.
// Cover photo by Christian Cadena used under Creative Commons license.