September 12, 2025 • 4 mins
This is your Tech Shield: US vs China Updates podcast.
Hey listeners, it’s Ting coming at you with your Tech Shield: US vs China Updates, and wow, this week in cyber has been juicier than a zero-day exploit in a spam filter! Let’s jack right in and see what’s been zipping down the cyber pipeline.
First, straight from the Pentagon’s neon-lit war room: the Department of Defense just hammered down the final Cybersecurity Maturity Model Certification procurement rule on September 10. This is seriously leveling up the defense supply chain. Now, every DoD contractor and subcontractor that even sneezes near Federal Contract Information or Controlled Unclassified Information has to prove they can lock down their systems tighter than a VPN on a Beijing hacker’s laptop. They’re also forcing these protections way down the supply chain, so no weak links—think of it as cyber Fortnite, where every wall is double reinforced. The entire system goes live November 10, 2025. The DoD says this will zap holes in the old system where Chinese actors loved to sneak in and gobble up IP and secrets. My take: it closes a decades-old loophole, but expect a short-term scramble, especially for those small subcontractors still running Windows XP and prayer.
Meanwhile, in a twist worthy of a sci-fi flick, the Pentagon wants AI everywhere in its security processes. According to Dave McKeown, the goal is to overload the old, human-labor-intensive risk frameworks with machine intelligence: AI vetting, AI monitoring, AI hunting down persistence. And he’s right: if we don’t jump on the AI train, China’s cyber-industrial complex—think Salt Typhoon, Volt Typhoon, you name it—could outpace us before you can say sandbox. But, and it’s a big but, no one’s quite cracked hyper-reliable AI-driven defense yet. We need to ensure all this machine vigilance doesn’t accidentally lock out the good guys—or, worse, miss a subtle, human-engineered exploit.
Speaking of exploits, CISA dropped fourteen new industrial control systems advisories this week and posted a joint alert about Chinese APT actors burrowing into the backbone of our critical infrastructure. These aren’t your average keyboard warriors. They’re hacking at the firmware level on telecom routers—the kind of kit that’s supposed to connect the country, not act as a backdoor. CISA urges everyone from transportation to defense orgs to get proactive, monitor configs, and slap on the latest patches immediately. Here’s the catch: a lot of this gear was never designed for high-stakes security, so patching only gets you so far. We need innovation, not just Band-aids.
Then, the Justice Department’s new Data Security Program just ramped up enforcement after its 90-day grace period ended in July. The DSP is crystal clear: If you handle sensitive American or government data, and you so much as wave at a company tied to China, Iran, North Korea, or Russia—expect scrutiny, audits, and, if you mess up, penalties you’ll feel in your firewall. Compliance for annual audits starts October, so time is tick-tick-ticking.
Quick detour: NASA just barred Chinese nationals on US visas from network and facility access. A small chess move, but it signals just how much trust has vaporized.
Oh! And if you’re driving past a roadside weather station powered by solar panels, you might have more than a sunny disposition to worry about. The Federal Highway Administration’s new alert warns of hidden radios in Chinese-made power inverters—they could serve as comms nodes for mystery meat hackers, so transportation operators are being told to tear down boxes and secure those connections, stat.
Expert verdict this week: The US government’s turning on security like it’s their new favorite app, but there are gaps, especially in legacy infrastructure and patch lag. AI could be the game-changer, but only if it’s trained with both paranoia and precision, not just lines of code. Oh, and keep those legislative gears turning—if info-sharing laws like CISA 2015 expire this month without something like the WIMWIG Act, we’ll be in the cyber dark ages just as China’s offense is getting dangerously creative.
Thanks for tuning in to Tech Shield: US vs China! Don’t forget to subscribe to stay one step ahead of the bots and the bad guys. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Hey listeners, it’s Ting coming at you with your Tech Shield: US vs China Updates, and wow, this week in cyber has been juicier than a zero-day exploit in a spam filter! Let’s jack right in and see what’s been zipping down the cyber pipeline.
First, straight from the Pentagon’s neon-lit war room: the Department of Defense just hammered down the final Cybersecurity Maturity Model Certification procurement rule on September 10. This is seriously leveling up the defense supply chain. Now, every DoD contractor and subcontractor that even sneezes near Federal Contract Information or Controlled Unclassified Information has to prove they can lock down their systems tighter than a VPN on a Beijing hacker’s laptop. They’re also forcing these protections way down the supply chain, so no weak links—think of it as cyber Fortnite, where every wall is double reinforced. The entire system goes live November 10, 2025. The DoD says this will zap holes in the old system where Chinese actors loved to sneak in and gobble up IP and secrets. My take: it closes a decades-old loophole, but expect a short-term scramble, especially for those small subcontractors still running Windows XP and prayer.
Meanwhile, in a twist worthy of a sci-fi flick, the Pentagon wants AI everywhere in its security processes. According to Dave McKeown, the goal is to overload the old, human-labor-intensive risk frameworks with machine intelligence: AI vetting, AI monitoring, AI hunting down persistence. And he’s right: if we don’t jump on the AI train, China’s cyber-industrial complex—think Salt Typhoon, Volt Typhoon, you name it—could outpace us before you can say sandbox. But, and it’s a big but, no one’s quite cracked hyper-reliable AI-driven defense yet. We need to ensure all this machine vigilance doesn’t accidentally lock out the good guys—or, worse, miss a subtle, human-engineered exploit.
Speaking of exploits, CISA dropped fourteen new industrial control systems advisories this week and posted a joint alert about Chinese APT actors burrowing into the backbone of our critical infrastructure. These aren’t your average keyboard warriors. They’re hacking at the firmware level on telecom routers—the kind of kit that’s supposed to connect the country, not act as a backdoor. CISA urges everyone from transportation to defense orgs to get proactive, monitor configs, and slap on the latest patches immediately. Here’s the catch: a lot of this gear was never designed for high-stakes security, so patching only gets you so far. We need innovation, not just Band-aids.
Then, the Justice Department’s new Data Security Program just ramped up enforcement after its 90-day grace period ended in July. The DSP is crystal clear: If you handle sensitive American or government data, and you so much as wave at a company tied to China, Iran, North Korea, or Russia—expect scrutiny, audits, and, if you mess up, penalties you’ll feel in your firewall. Compliance for annual audits starts October, so time is tick-tick-ticking.
Quick detour: NASA just barred Chinese nationals on US visas from network and facility access. A small chess move, but it signals just how much trust has vaporized.
Oh! And if you’re driving past a roadside weather station powered by solar panels, you might have more than a sunny disposition to worry about. The Federal Highway Administration’s new alert warns of hidden radios in Chinese-made power inverters—they could serve as comms nodes for mystery meat hackers, so transportation operators are being told to tear down boxes and secure those connections, stat.
Expert verdict this week: The US government’s turning on security like it’s their new favorite app, but there are gaps, especially in legacy infrastructure and patch lag. AI could be the game-changer, but only if it’s trained with both paranoia and precision, not just lines of code. Oh, and keep those legislative gears turning—if info-sharing laws like CISA 2015 expire this month without something like the WIMWIG Act, we’ll be in the cyber dark ages just as China’s offense is getting dangerously creative.
Thanks for tuning in to Tech Shield: US vs China! Don’t forget to subscribe to stay one step ahead of the bots and the bad guys. This has been a quiet please production, for more check out quiet please dot ai.
For more http://www.quietplease.ai
Get the best deals https://amzn.to/3ODvOta
This content was created in partnership and with the help of Artificial Intelligence AI
Mark as Played
Transcript
Episode Transcript
Available transcripts are automatically generated. Complete accuracy is not guaranteed.
Speaker 1 (00:00):
Hey listeners, it's ding coming at you with your tex
shield US versus China updates and Wow, this week in
cyber has been juicier than a zero day exploit in
a spam filter. Let's jack ride in and see what's
been zipping down the cyber pipeline. First, straight from the
Pentagon's mion lit war room, the Department of Defense just
hammered down the final Cybersecurity Maturity Model Certification Procurement Rule
(00:23):
on September tenth. This is seriously leveling up the defense
supply chain. Now, every DoD contractor and subcontractor that even
sneezes near federal contract information or controlled unclassified information has
to prove they can lock down their systems tighter than
a VPN on a Beijing hacker's laptop. They're also forcing
(00:44):
these protections weigh down the supply chain, so no weak links.
Think of it as cyber Fortnite, where every wall is
double reinforced. The entire system goes live November tenth, twenty
twenty five. The DoD says this will zep hole in
the old system where Chinese actors love to sneak in
and gobble up ip in secrets. My take it closes
(01:07):
a decade's old loophole, but expect a short term scramble,
especially for those small subcontractors still running Windows XPE and Prayer. Meanwhile,
in a twist worthy of a sci Fi flick, the
Pentagon wants AI everywhere in its security processes. According to
Dave McEwan, the goal is to overload the old human
(01:30):
labor intensive risk frameworks with machine intelligence AI vetting, AI monitoring,
AI hunting down persistence. And he's right. If we don't
jump on the AI train China's cyber industrial complex, think
salt typhoon, vault typhoon, you name it, put out pace
(01:50):
us before you can say sandbox. But and it's a
big butt. No one's quite cracked hyper reliable AI driven defense.
Yet we need to ensure all this machine vigilance doesn't
accidentally lot out the good guys or worse, missus subtle
human engineered exploits. Speaking of exploits, CISA dropped fourteen new
(02:11):
industrial control systems advisories this week and posted a joint
alert about Chinese APT actors borrowing into the backbone of
our critical infrastructure. These aren't your average keyboard warriors. They're
hacking at the firmware level on telecom routers, the kind
of kit that's supposed to connect the country, not act
as a back door. SEISSA urges everyone from transportation to
(02:34):
defense orgs to get proactive, monitor can figs and slap
on the latest patches immediately. Here's the catch. A lot
of this gear was never designed for high stake security,
so patching only gets you so far. We need innovation,
not just band aids. Then, the Justice Department's new Data
Security Program just ramped up enforcement after its ninety day
(02:56):
grace period ended in July. The DPA is crystal clear.
If you handle sensitive American or government data and use
so much as wavered a company tied to China, Iran,
North Korea, or Russia, expect scrutiny, audits, and if you
mess up penalties you'll feel in your firewall. Compliance for
(03:17):
annual audits starts October, so time is tick tick ticking
quick detol. NASA just barred Chinese nationals on US visas
from network and facility access. A small chess move, but
it signals just how much trust has vaporized. Oh and
if you're driving past a roadside weather station powered by
solar panels, you might have more than a sunny disposition
(03:39):
to worry about. The Federal Highway Administration's new alert warns
of hidden radios in Chinese made power inverters. They could
serve as comms nodes for mystery meat haackers, So transportation
operators are being told to tear down boxes and secure
those connections. Stet expert verdict. This week, the US government's
(04:01):
turning on security like its their new favorite app, but
there are gaps, especially in legacy infrastructure and patch. Lag
Ai could be the game changer, but only if it's
trained with both paranoia and precision, not just lines of code.
Oh and keep those legislative gears turning. If info sharing
laws like Scisser two thousand fifteen expired this month without
(04:23):
something like the Whimwig Act, we'll be in the cyber
dark ages, just as China's or fence is getting dangerously creative.
Thanks for tuning into tech Shield US versus China. Don't
forget to subscribe to stay one step ahead of the
bots and the bad guys. This has been a quiet
please production. For more check out Quiet Please dot ai
Hey listeners, it's ding coming at you with your tex
shield US versus China updates and Wow, this week in
cyber has been juicier than a zero day exploit in
a spam filter. Let's jack ride in and see what's
been zipping down the cyber pipeline. First, straight from the
Pentagon's mion lit war room, the Department of Defense just
hammered down the final Cybersecurity Maturity Model Certification Procurement Rule
(00:23):
on September tenth. This is seriously leveling up the defense
supply chain. Now, every DoD contractor and subcontractor that even
sneezes near federal contract information or controlled unclassified information has
to prove they can lock down their systems tighter than
a VPN on a Beijing hacker's laptop. They're also forcing
(00:44):
these protections weigh down the supply chain, so no weak links.
Think of it as cyber Fortnite, where every wall is
double reinforced. The entire system goes live November tenth, twenty
twenty five. The DoD says this will zep hole in
the old system where Chinese actors love to sneak in
and gobble up ip in secrets. My take it closes
(01:07):
a decade's old loophole, but expect a short term scramble,
especially for those small subcontractors still running Windows XPE and Prayer. Meanwhile,
in a twist worthy of a sci Fi flick, the
Pentagon wants AI everywhere in its security processes. According to
Dave McEwan, the goal is to overload the old human
(01:30):
labor intensive risk frameworks with machine intelligence AI vetting, AI monitoring,
AI hunting down persistence. And he's right. If we don't
jump on the AI train China's cyber industrial complex, think
salt typhoon, vault typhoon, you name it, put out pace
(01:50):
us before you can say sandbox. But and it's a
big butt. No one's quite cracked hyper reliable AI driven defense.
Yet we need to ensure all this machine vigilance doesn't
accidentally lot out the good guys or worse, missus subtle
human engineered exploits. Speaking of exploits, CISA dropped fourteen new
(02:11):
industrial control systems advisories this week and posted a joint
alert about Chinese APT actors borrowing into the backbone of
our critical infrastructure. These aren't your average keyboard warriors. They're
hacking at the firmware level on telecom routers, the kind
of kit that's supposed to connect the country, not act
as a back door. SEISSA urges everyone from transportation to
(02:34):
defense orgs to get proactive, monitor can figs and slap
on the latest patches immediately. Here's the catch. A lot
of this gear was never designed for high stake security,
so patching only gets you so far. We need innovation,
not just band aids. Then, the Justice Department's new Data
Security Program just ramped up enforcement after its ninety day
(02:56):
grace period ended in July. The DPA is crystal clear.
If you handle sensitive American or government data and use
so much as wavered a company tied to China, Iran,
North Korea, or Russia, expect scrutiny, audits, and if you
mess up penalties you'll feel in your firewall. Compliance for
(03:17):
annual audits starts October, so time is tick tick ticking
quick detol. NASA just barred Chinese nationals on US visas
from network and facility access. A small chess move, but
it signals just how much trust has vaporized. Oh and
if you're driving past a roadside weather station powered by
solar panels, you might have more than a sunny disposition
(03:39):
to worry about. The Federal Highway Administration's new alert warns
of hidden radios in Chinese made power inverters. They could
serve as comms nodes for mystery meat haackers, So transportation
operators are being told to tear down boxes and secure
those connections. Stet expert verdict. This week, the US government's
(04:01):
turning on security like its their new favorite app, but
there are gaps, especially in legacy infrastructure and patch. Lag
Ai could be the game changer, but only if it's
trained with both paranoia and precision, not just lines of code.
Oh and keep those legislative gears turning. If info sharing
laws like Scisser two thousand fifteen expired this month without
(04:23):
something like the Whimwig Act, we'll be in the cyber
dark ages, just as China's or fence is getting dangerously creative.
Thanks for tuning into tech Shield US versus China. Don't
forget to subscribe to stay one step ahead of the
bots and the bad guys. This has been a quiet
please production. For more check out Quiet Please dot ai
Popular Podcasts
On Purpose with Jay Shetty
I’m Jay Shetty host of On Purpose the worlds #1 Mental Health podcast and I’m so grateful you found us. I started this podcast 5 years ago to invite you into conversations and workshops that are designed to help make you happier, healthier and more healed. I believe that when you (yes you) feel seen, heard and understood you’re able to deal with relationship struggles, work challenges and life’s ups and downs with more ease and grace. I interview experts, celebrities, thought leaders and athletes so that we can grow our mindset, build better habits and uncover a side of them we’ve never seen before. New episodes every Monday and Friday. Your support means the world to me and I don’t take it for granted — click the follow button and leave a review to help us spread the love with On Purpose. I can’t wait for you to listen to your first or 500th episode!
Stuff You Should Know
If you've ever wanted to know about champagne, satanism, the Stonewall Uprising, chaos theory, LSD, El Nino, true crime and Rosa Parks, then look no further. Josh and Chuck have you covered.
The Joe Rogan Experience
The official podcast of comedian Joe Rogan.