EP266 Resetting the SOC for Code War: Allie Mellen on Detecting State Actors vs. Doing the Basics

Описание: Guest:


• Allie Mellen (  / hackerxbella  ) , Principal Analyst @ Forrester (https://www.forrester.com/analyst-bio...) , author of "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield" (https://www.amazon.com/Code-War-Natio...)


Topics:


• Your book focuses on the US, China, and Russia. When you were planning the book did you also want to cover players like Israel, Iran, and North Korea?

• Most of our listeners are migrating to or operating heavily in the cloud. As nations refine their "digital battlefield" strategies, does the "shared responsibility model" actually hold up against a nation-state actor?

• How does a company's detection strategy need to change when the adversary isn't a teenager looking for a ransom, but a state-funded group whose goal might be long-term persistence or subtle data manipulation? How should people allocate their resources to defending against both of these threats?

• How afraid are you of a "bad guy with AI" scenarios? Mild anxiety or apocalyptic fears?

• Do you see AI primarily helping "Tier 2" nations close the capability gap with the "Big Three," or does it just further cement the dominance of the nations that own the underlying compute and models?

• You've spent a lot of time as an analyst looking at how enterprises buy and run security tech. For a CISO at (say) mid-tier logistics company, should 'nation-state cyberattacks' even be on their threat model? Or is worrying about the spies just a form of security theater when they haven't even solved basic credential theft yet?


Resource:


• Video version (   • EP266 Resetting the SOC for Code War: Alli...  )

• "Code War: How Nations Hack, Spy, and Shape the Digital Battlefield" (https://www.amazon.com/Code-War-Natio...) by Allie Mellen

• Allie Mellen substack (https://substack.com/@hackerxbella)

• The source for the original "air defense on the roof" (https://taosecurity.blogspot.com/2008...) argument (2008)

• EP255 Separating Hype from Hazard: The Truth About Autonomous AI Hacking (https://cloud.withgoogle.com/cloudsec...)

• EP256 Rewiring Democracy & Hacking Trust: Bruce Schneier on the AI Offense-Defense Balance (https://cloud.withgoogle.com/cloudsec...)

• EP156 Living Off the Land and Attacking Critical Infrastructure: Mandiant Incident Deep Dive (https://cloud.withgoogle.com/cloudsec...)

• "Disrupting the first reported AI-orchestrated cyber espionage campaign" (https://www.anthropic.com/news/disrup...) report