RSAC talked AI while Iran talked targets. (Source: The CyberWire Daily Podcast)
Published on
1-minute read · 270 words
On The CyberWire Daily Podcast, I joined Dave Bittner to break down a dissonance that’s been bothering me since RSAC 2026: the US is 30 days into a war with Iran, Iranian APT groups Cyber Av3ngers and Handala are publicly threatening US water infrastructure, and the conference barely mentioned it. I traced the gap between the industry’s appetite for exquisite new capabilities and its neglect of the basics, specifically the under-resourced critical infrastructure that Iranian threat actors have already proven they can hit, from the Aliquippa, PA water authority to the recent Stryker manufacturing breach.
I laid out the compounding problem: CISA has lost 30 percent of its total staff, with 60 percent of remaining personnel suspended or furloughed and another thousand vacancies unfilled. With the federal coordinating authority running on critical functions only, the burden shifts to the community. I called for political pressure to fund CISA, pro bono cybersecurity service modeled on the CLTC’s cyber clinics program, and MSSP organizations donating capacity to local water, energy, and grid operators. When an adversary tells you they’re going to target something, believe them.
Key topics
- Critical Infrastructure Gap: Iranian APTs have demonstrated capability and intent against US water and manufacturing systems, while defenders remain under-resourced at the local level.
- CISA Workforce Collapse: A 30 percent staff reduction, 60 percent furlough rate, and a thousand vacancies leave the nation’s cyber coordinating authority operating at minimum capacity during active conflict.
- Community Call to Action: Pro bono cybersecurity service, cyber clinic expansion, and MSSP community give-back as the near-term mechanism to harden soft targets the federal government cannot currently reach.
More writing
Related writing
Three pieces tagged the same.
12-minute read
The National Reflex
The internet has no borders. Our defense of it has nothing but.
1-minute read
GPS has no backup, and the jamming just moved to orbit. (Source: T-Minus Space-Cyber Briefing)
Brandon joins T-Minus to break down new evidence that GPS jamming has moved from cheap ground devices into space, and to argue that position, navigation, and timing is critical infrastructure with no resilient fallback.
11-minute read
Which One Is Right?
Part 3 of 3. Nine states on the board, seven trades, and the two clean-looking calls fall apart. Tokyo is choosing this quarter.