Skip to content
Don't miss

Get the daily Cyber Briefing in your inbox

SIGN UP
Podcast

Why State and Local Cyber Grants Matter with New Jersey’s Michael Geraghty and Arizona’s Ryan Murray

Season 2 Episode 36 •

Show Notes

Congress faces a looming deadline to renew the State and Local Cybersecurity Grant Program (SLCGP), a federal initiative that helps states and municipalities defend against cyberattacks. In this episode, Frank Cilluffo speaks with New Jersey CISO Michael Geraghty and Arizona CISO Ryan Murray about how these grants are making a measurable difference on the ground. They detail how investments are protecting communities from ransomware, building out shared services, and training the next generation of cyber talent. The conversation underscores the urgency of continued funding to sustain trust, prevent losses, and strengthen the interconnected fabric of U.S. cyber defense.

Main Topics Covered

  • Explain why renewing the State and Local Cybersecurity Grant Program (SLCGP) is urgent.
  • Show how federal grants reduce ransomware risk and generate measurable ROI.
  • Use Arizona’s student-led SOCs to highlight workforce development and shared services.
  • Describe New Jersey’s statewide approach to defending municipalities.
  • Weigh the stakes of eroding trust and services if funding lapses.
  • Explore the broader “one team, one fight” vision linking local, state, and federal defense.

Key Quotes:

“In the last year, that [endpoint detection] program stopped 179 ransomware attacks…for a $5 million investment, potential loss avoidance is about $45 million.” – Michael Geraghty

“We’re using some of those funds to hire interns as part of our workforce development effort. So we’re deploying student-led regional security operations centers in partnership with our community colleges across the entire state [of Arizona].” – Ryan Murray

“We’re all interconnected, right. Our cities connect to our county governments, connect to our state governments, and we connect to our federal partners. But unfortunately, our defenses have these seams, they have these gaps where we’re not so integrated in our defenses and our information sharing.” – Ryan Murray

“There is no one organization that is going to be able to defend themselves against nation state actors, cyber terrorist organizations, transnational criminal groups, and even the hacktivists or low level hackers. But when we team up together through a strategy that again maximizes our resources, that’s when we become that much stronger.” – Michael Geraghty

“One team, one fight, easier said than done. I think we all know that, but it’s challenging.”  – Frank Cilluffo

 

Relevant Links and Resources

 

Guest Bios:

Ryan Murray serves as Chief Information Security Officer for the State of Arizona. He previously served as CISO for the Arizona Department of Revenue and has nearly 20 years of IT and security experience.

Michael Geraghty is New Jersey’s State Chief Information Security Officer and Director of the NJ Cybersecurity and Communications Integration Cell (NJCCIC). He has held senior cybersecurity roles in both the public and private sectors, including the New Jersey State Police and Prudential Financial

Transcript

1
00:00:00,000 –> 00:00:01,000
Ryan Murray [00:00:00]: We’re all interconnected, right? Our, our cities connect to our county governments, connect to our state governments, and we connect to our federal partners. But unfortunately, our defenses have these seams. They have these gaps where we’re not so integrated in our defenses and our information sharing.

2
00:00:01,000 –> 00:00:02,000
Frank Cilluffo [00:00:15]: Welcome to Cyber Focus from the McCrary Institute, where we explore the people and ideas shaping and defending our digital world. I’m your host, Frank Cilluffo, and this week we have the privilege to sit down with two state leaders on the front lines of our cyber challenges. The chief information security officers for the state of Arizona, Ryan Murray, and the chief information security for the great state of New Jersey, Mike Geraghty. Gentlemen, thank you for joining us today.

3
00:00:02,000 –> 00:00:03,000
Ryan Murray [00:00:42]: Yeah, thanks, Frank.

4
00:00:03,000 –> 00:00:04,000
Frank Cilluffo [00:00:43]: Ryan, I thought we’d start with you and maybe paint a picture. So what does a day in the life of a CISO in a big state like Arizona, what’s your op tempo? What’s your battle rhythm? What’s your cadence? And what do you worry about when you get up every morning?

5
00:00:04,000 –> 00:00:05,000
Ryan Murray [00:01:00]: Oh, geez. Yeah, that’s, that’s a big question. So thanks again for having us here, Frank, and bringing the state’s perspective to this conversation. For me, personally, I don’t sleep, so there’s, that’s a good start. And I worry about everything. So we’re a bit unique in the state of Arizona in that the state CISO’s office is under the Department of Homeland Security within the state of Arizona.

6
00:00:05,000 –> 00:00:06,000
Ryan Murray [00:01:20]: And because of that, we’ve expanded this mission out to really focus on really everything in protecting the state. So that’s critical infrastructure, that’s working with our private sector. Historically, the state CISO has been sort of inwardly focused on the executive branch agencies, on the state agencies that they’re protecting and defending. We’ve really expanded that mission out to look holistically across the entire state. So my day starts usually trying to figure out what’s going on across every government entity within the state of Arizona. Have we had any incidents in the past couple of hours? Are we sharing information appropriately with our partners? What’s going on across sort of broadly the scope of everything that we’re paying attention to?

7
00:00:06,000 –> 00:00:07,000
Frank Cilluffo [00:02:01]: Awesome. And, and Michael?

8
00:00:07,000 –> 00:00:08,000
Michael Geraghty [00:02:03]: Really the same thing. So, Arizona and New Jersey are the only two states in the country where cyber is organized under our Office of Homeland Security and Preparedness. So Ryan doesn’t sleep. I get up about 4am and that’s when the day starts, because there’s no emails coming in then, and that’s the time that you can really develop what’s going to happen the rest of the day and then it’s just the fire drill. The rest of the day is you’re reacting to different things and addressing different things, whether it’s at a water sector utility or whether it’s within state government or municipal organization. So like Arizona, ours is a holistic and whole of state approach to cybersecurity rather than just focusing on state government.

9
00:00:08,000 –> 00:00:09,000
Frank Cilluffo [00:02:48]: And it’s more than simply ensuring that everyone in the state systems are up and running. It’s really getting to all the partners, and, and, whether, at a local or community level or critical infrastructure owner level. I’d be curious, sort of, what threats, as far as I see it, you’re facing the same threats that the United States government is facing and don’t necessarily have the same level of resources or capacities. I’m not suggesting you don’t have capacities, you do, but you have to do more with less. And I’d be curious how, firstly to give a little bit of a sense of the threat snapshot that you’re seeing every day and then how do you maximize those resources? And I think looking at it through a homeland lens is actually constructive. Ryan, why don’t we start with you again?

10
00:00:09,000 –> 00:00:10,000
Ryan Murray [00:03:40]: Yeah, for sure. I mean, yes, you’re spot on, right, we’re dealing with all the same threats that we are really nationally and globally. Right? All of the adversaries that we’re seeing everywhere are attacking us. We’re targets and victims of those same sorts of things. And I think it’s something that several of the powers that be maybe forget that state and local government are on the front lines of this stuff.

11
00:00:10,000 –> 00:00:11,000
Ryan Murray [00:04:00]: We’re seeing those same attacks all day, every day.

12
00:00:11,000 –> 00:00:12,000
Frank Cilluffo [00:04:02]: First to respond, last to leave, right?

13
00:00:12,000 –> 00:00:13,000
Ryan Murray [00:04:04]: Yeah, exactly right. And you’re exactly right that we are also less resourced. And especially now it feels like we’re even more challenged to get the assistance that we need from those organizations we used to be able to rely on a little bit more heavily. So trying to figure out creative solutions because we’re all sort of facing the same fight and we’re all interconnected, right? Our cities connect to our county governments connect to our state governments and we connect to our federal partners. So seeing that interconnectedness of sort of the digital world. But unfortunately our defenses have these seams, they have these gaps where we’re not so integrated in our defenses and our information sharing. So figuring out ways that we can better sort of stitch that stuff together.

14
00:00:13,000 –> 00:00:14,000
Frank Cilluffo [00:04:43]: And one team, one fight. Easier said than done. I think we all know that. But it, it, it’s challenging. Mike, any differences from your perspective?

15
00:00:14,000 –> 00:00:15,000
Michael Geraghty [00:04:51]: Really all the same, but we’ve got to figure out a way to maximize the resources that we do have. And the way that cyber’s always been done in the past is really tactical. But having a strategy where we’re working, that collective defense strategy where we’re all working together at the local, the county, state level, private sector partners working with the federal government, I mean, there is no one organization that is going to be able to defend themselves against nation state actors, cyber terrorist organizations, transnational criminal groups, and even the hacktivists or low level hackers and stuff like that. But when we team up together through a strategy that again maximizes our resources, that’s when we become that much stronger.

16
00:00:15,000 –> 00:00:16,000
Frank Cilluffo [00:05:38]: Can I ask, sort of the, physical cyber convergence is a huge set of issues. And the fact that you guys are both nestled in a broader security framework, does that yield special opportunities and fruit?

17
00:00:16,000 –> 00:00:17,000
Ryan Murray [00:05:54]: Yeah, absolutely. So we work really closely with our Public Utilities Commission to understand the regulated utilities that they’re supporting and pushing regulations on is what are the threats to those utilities that exist within Arizona? And for those that don’t know, we have a large nuclear power plant in Arizona that is a bit unique for us. Frankly speaking, they’re probably doing okay, you know, better than most of the smaller utilities. But you start talking about the rural communities that we’re working with, the cities and towns, the counties, they’ve got their own municipal water supplies. Maybe it’s two or three wells and a pump. And those resources are significantly less than say, the larger cities like Phoenix or Tucson. So understanding how do we better interconnect all of those small rural communities to what we’re doing, to what the states and the counties are doing so we can share with them the same threat intelligence that we’re getting from our federal partners or from our other state partners.

18
00:00:17,000 –> 00:00:18,000
Frank Cilluffo [00:06:45]: And I would imagine, Ryan, you would also have some very unique data that the feds don’t necessarily see every day, especially dealing with transnational criminal organizations and the like. How, how would that look?

19
00:00:18,000 –> 00:00:19,000
Ryan Murray [00:06:57]: Yeah, I mean, it’s a great point, right? So as you’re probably aware, Arizona is a border state. So we’ve got some interesting stuff happening and there’s been some open source reporting that’s talked about the cartels that are doing more trying to get information out of DOJ and some of the other information that’s, that’s being collected on FBI informants. Right, that’s, that’s sort of unique for us, trying to figure out how do we connect some of those dots where we’re seeing these, these criminal organizations now designated as terrorist organizations that are starting to branch out into cyber attacks and cyber intrusions to further their criminal enterprises.

20
00:00:19,000 –> 00:00:20,000
Frank Cilluffo [00:07:30]: And collection. I mean they can buy whatever capability they need. Mike, anything sort of unique from New Jersey, also the physical cyber convergence?

21
00:00:20,000 –> 00:00:21,000
Michael Geraghty [00:07:37]: Yeah, I think it is pretty unique. And go back to 2011. Our board of public utilities that regulates the utility sector, the energy and water and stuff, they required those utilities to report any attacks against their SCADA systems to Homeland Security. That’s going back to 2011. 2017, the legislature passed and the governor signed into law what’s called the Water Quality Accountability Act. And again, that’s not just the regulated utilities, it’s also the small municipal utilities that have to join the NJCIC. We’re an information sharing and analysis organization. We share threat intelligence, best practices, those types of things, but also to report incidents into us. And then we provide all sorts of other services through grant programs like the SLCGP, the state local cybersecurity grant program.

22
00:00:21,000 –> 00:00:22,000
Frank Cilluffo [00:08:24]: And we’re definitely going to go to that.

23
00:00:22,000 –> 00:00:23,000
Michael Geraghty [00:08:27]: And we have the state Safe Drinking Water Cybersecurity Grant as well where we’re providing services to them on a monthly basis. We have a call with all the CISOs of those regulated utilities both in the energy and telecom and water sectors and stuff like that. So the relationship is great. Building that trust so that they’re sharing information with us and we’re sharing information with them. It can’t be a one way street.

24
00:00:23,000 –> 00:00:24,000
Frank Cilluffo [00:08:56]: That’s great. And given you have a law enforcement background, where do you see LE or the law enforcement enterprise fitting into this picture?

25
00:00:24,000 –> 00:00:25,000
Michael Geraghty [00:09:04]: We’ve got a great relationship. So in Homeland Security, obviously counterterrorism, terrorism and counterintel, they have law enforcement. We’ve got law enforcement officials there. But also with the state police, cyber crimes, with the FBI and DHS, we’ve got a relationship with them in New Jersey that’s never been better before. And having that law enforcement background going back into the 80s and 90s, that wasn’t always the case. Today I speak with the FBI more Supervisory Special Agent on Cyber than I do my wife.

26
00:00:25,000 –> 00:00:26,000
Frank Cilluffo [00:09:39]: You know, and it reminds me, especially as we’re just past the anniversary of the worst day in our country’s history, 9/11, but the importance of not exchanging business cards when the bomb goes off, when something bad happens, this stuff is sometimes hard to codify, but it’s more important than anything else because it really comes down to trust. Right? And I would imagine in Arizona, you’ve got similar situations, and how do you, and the fusion center in particular, I remember, had some unique capabilities that none of the other fusion centers. And not to be trite, you saw one, you saw one was the old saying, but Arizona’s was really good from intel, from a perspective of understanding some of the threat actors. Anything unique there?

27
00:00:26,000 –> 00:00:27,000
Ryan Murray [00:10:33]: Yeah, I’m glad you brought that up because that’s something, again, unique for both New Jersey and Arizona, where our cyber office, our security operations center for cyber in Arizona sits within our fusion center. So we’re literally down the hall from our law enforcement partners, from our DHS, INA partners, from CISA, from FBI, coming in and looking at it from that perspective of public safety, but also now adding in the sort of all threats, all hazard assessment to make sure that we’re sharing that information appropriately. And then they have the tendrils that go out into our local government. So we, the, the DPS, the Department of Public Safety that essentially runs the fusion center for Arizona runs a threat liaison officer program. So they have tendrils in all counties, all cities. They’re putting officers out there and going and training with them.

28
00:00:27,000 –> 00:00:28,000
Ryan Murray [00:11:16]: They’re not DPS employees, but they’re bringing in these local law enforcement officers to teach and train them what these threats look like, how to respond to them, and then ensuring that information comes back to the fusion center.

29
00:00:28,000 –> 00:00:29,000
Frank Cilluffo [00:11:28]: And how are you serving underserved communities? Because Arizona is a big state, very diverse, you have all sorts of different entities, you’re there to serve. How do you go about doing that?

30
00:00:29,000 –> 00:00:30,000
Ryan Murray [00:11:40]: Yeah, and I appreciate you bringing it up because it’s something that’s really near and dear to my heart. So I was born and raised in Arizona. I grew up in a little southwestern town called Yuma, and my mom was a school teacher.

31
00:00:30,000 –> 00:00:31,000
Frank Cilluffo [00:11:50]: I’ve been there.

32
00:00:31,000 –> 00:00:32,000
Ryan Murray [00:11:51]: Yeah, right, yeah. My mom was a schoolteacher. My dad was in law enforcement. So this understanding of, like, look, we’ve got these communities that just don’t have the resources they need. So I’ve made a very concerted effort.

33
00:00:32,000 –> 00:00:33,000
Ryan Murray [00:12:02]: We’re supporting about 325 local government entities through what we’ve called our statewide cyber readiness program. So utilizing some state funds and some combined federal funds to push services out to these local governments and especially focused on the rural underserved population.

34
00:00:33,000 –> 00:00:34,000
Frank Cilluffo [00:12:17]: And a combined services approach?

35
00:00:34,000 –> 00:00:35,000
Ryan Murray [00:12:20]: Yep. And a shared services approach.

36
00:00:35,000 –> 00:00:36,000
Frank Cilluffo [00:12:21]: Shared, yeah, yeah. Mike, any thoughts?

37
00:00:36,000 –> 00:00:37,000
Michael Geraghty [00:12:24]: Pretty much the same thing. New Jersey is a lot more densely populated, but we do have, every, just about every town is under 50,000, so it’s considered a rural community.

38
00:00:37,000 –> 00:00:38,000
Frank Cilluffo [00:12:34]: And lots of critical infrastructure and lots of farming, right?

39
00:00:38,000 –> 00:00:39,000
Michael Geraghty [00:12:38]: So lots of critical infrastructure. You just think of that card up the New Jersey Turnpike and all the critical infrastructure there. But we do work really closely with those under resourced towns, providing them services. They don’t have the personnel, they don’t have the expertise in a lot of cases, they don’t have the resources. So how do we actually provide those? And that’s something again, we talk about the SLCGP, we focus on that, making sure that they have the resources that they need.

40
00:00:39,000 –> 00:00:40,000
Frank Cilluffo [00:13:09]: And we’re going to go there because SLCGP, the clock is ticking on that to be reauthorized, and I would love to sort of get both of your thoughts on how you’ve utilized the funding thus far and is it as essential to you as it is to at least what I think it is to me to ensure that that funding continues? Ryan, we’ll start with you.

41
00:00:40,000 –> 00:00:41,000
Ryan Murray [00:13:33]: Yeah, so absolutely, 100%. It’s something that we’ve, we need the resources, all the funding and resources that we can get. So how we’ve been using SLCGP in Arizona and a big part of this is because there wasn’t any certainty that it was going to be reauthorized after the four years. So not knowing for sure whether there was going to be ongoing sustained funding, we took a purposeful look and said how can we augment the stuff that we’re already doing? How can we hypercharge this and turn it up to 11 to make sure that we’re best supporting the programs that the state’s already funding? So we said we’re going to hire a bunch of contractors, we’re going to build in some project management, we’re going to further push out the shared services that we’re already providing and make sure that they’re getting deployed effectively, that they’re maturing the use of those services, that they’re configured appropriately because just deploying cyber tools out there is only increasing our attack surface if we just do it without any thought. So we said we’re going to take a concerted effort here and say we’re not going to buy more tools with this money, but we’re going to help augment our staff and our resources. The other thing that I’m really, really proud of is we’re using some of those funds to hire interns as part of our workforce development effort. So we’re deploying student-led regional security operations centers in partnership with our community colleges across the entire state. And this allows us to pay them as paid interns as the Department of Homeland Security. We’re giving an opportunity for them to learn in a real world environment.

42
00:00:41,000 –> 00:00:42,000
Frank Cilluffo [00:14:56]: Yeah, on the world, real world experience. Yeah.

43
00:00:42,000 –> 00:00:43,000
Ryan Murray [00:14:58]: 100%. And it’s solving the challenge for our small local governments where they can’t hire talent either. So we’ve got this win, win situation where we’re protecting and defending our communities with these student led efforts and we’re also teaching and training those students to be the workforce of the future.

44
00:00:43,000 –> 00:00:44,000
Frank Cilluffo [00:15:12]: And these are at the community college level?

45
00:00:44,000 –> 00:00:45,000
Ryan Murray [00:15:14]: At the community college level.

46
00:00:45,000 –> 00:00:46,000
Frank Cilluffo [00:15:15]: And are you able to recruit and retain some of these folks to join the workforce afterwards?

47
00:00:46,000 –> 00:00:47,000
Ryan Murray [00:15:20]: Yeah. I mean that’s the definite benefit, right, is I get the first pick of these amazing talent that we’re helping to create. But we’re also partnering with our higher education organizations like ASU, NAU and U of A to make sure that if these students want to continue on into a bachelor’s degree or higher ed past that, that we can help them to get there, right? We have the connections, we know the people. I work very closely with the CISOs and the cyber teams at all of those universities. How do we help them get there? We’re also working with our private sector partners to say, look, most of these people aren’t necessarily going to want to stay in government for a long term, but if we can get them two to four years of experience helping to protect and defend their own communities using best in breed technology, they can go directly to work for some of these companies or some of the other private industry within Arizona.

48
00:00:47,000 –> 00:00:48,000
Frank Cilluffo [00:16:02]: And they may come back for public service. I think the, the time of you’re going to spend 40 years in one role is over.

49
00:00:48,000 –> 00:00:49,000
Ryan Murray [00:16:10]: It’s not a thing anymore.

50
00:00:49,000 –> 00:00:50,000
Frank Cilluffo [00:16:11]: Exactly. Mike, anything in terms of SLCGP and how you’ve utilized those? And I want you both to make a declarative do we need it going forward?

51
00:00:50,000 –> 00:00:51,000
Michael Geraghty [00:16:20]: Absolutely. It has really met the purpose. Okay? And the purpose was to make state and local more resilient and manage risk better, reduce risk within those. But we talk about strategy and we talk about maximizing resources. And what we tried to do is look at what does CISA provide to local governments and critical infrastructure. We’re not going to do those same things. In New Jersey, just about every municipality and school system has cyber insurance.

52
00:00:51,000 –> 00:00:52,000
Michael Geraghty [00:16:51]: They require each municipality have, you know, security awareness training, things of that nature. That’s not something we’re going to pay for with the money that we get. It’s a finite amount of money, so how do we maximize that? And what we’ve been doing is putting, you know, EDR and MDR, endpoint detection response and managed detection response services across the board. We’ve got 153 local government entities signed up, 83,000 or so endpoints doing risk assessment services for another 400 or so local government entities. And I was just doing some math this morning. In the last year that EDR MDR program stopped 179 ransomware attacks. At the low end of what a ransomware attack might cost, and I’m using $250,000.

53
00:00:52,000 –> 00:00:53,000
Michael Geraghty [00:17:44]: So for a $5 million investment, potential loss avoidance is about $45 million. So yeah, it’s…

54
00:00:53,000 –> 00:00:54,000
Frank Cilluffo [00:17:51]: I’m not a mathematician, but that’s good math. The numbers add up.

55
00:00:54,000 –> 00:00:55,000
Michael Geraghty [00:17:56]: So yeah, it’s money well spent and something that, it’s tangible. You know, through a grant program we should be able to show the fruits of our labor and what that’s providing. And I think we have a good story to tell as far as how we reduced risk in the state of New Jersey.

56
00:00:55,000 –> 00:00:56,000
Frank Cilluffo [00:18:14]: And you know, more is being expected of our frontline partners in state, local, tribal, territorial as well as industry. I think there’s been a focus on all of that, but it can’t be done without the, no one, including US government would have a hard time defeating nation state actors when they’re dealing with this every day. Right?

57
00:00:56,000 –> 00:00:57,000
Michael Geraghty [00:18:36]: Ryan talked about providing tools, not providing tools, but providing shared services. And I think that’s really the way to go. If you provided me with a compound miter saw tomorrow, it doesn’t make me a carpenter, it just gives me more work to do. And it’s the same thing of providing an under resourced organization, some advanced technologies to do cybersecurity. It’s more work for them and they don’t have the resources to do the work that they’re expected to do right now, so…

58
00:00:57,000 –> 00:00:58,000
Frank Cilluffo [00:19:03]: Well said. Ryan, anything you want to add to that?

59
00:00:58,000 –> 00:00:59,000
Ryan Murray [00:19:05]: Yeah. So just to make the declarative statement. Absolutely, yes, SLCGP is important for the states.

60
00:00:59,000 –> 00:01:00,000
Frank Cilluffo [00:19:10]: Has been and continuing it arguably even more so.

61
00:01:00,000 –> 00:01:01,000
Ryan Murray [00:19:14]: Has been and definitely needs to continue into the future, right, because one thing that we absolutely can’t do, you mentioned that trust is going to be the backbone, especially for information sharing and providing these shared services. If that trust goes away, and a big way to break that trust is for us to take away the services that we’ve been providing to our local governments or to diminish them in some way. Right? A lot of these organizations that we’ve talked about and we’re really proud of the fact that we can currently provide these shared services at no cost to our local governments, if we start charging the money. And frankly speaking, most of these organizations don’t have any money to give back.

62
00:01:01,000 –> 00:01:02,000
Frank Cilluffo [00:19:46]: Exactly.

63
00:01:02,000 –> 00:01:03,000
Ryan Murray [00:19:47]: And I’m going to have to staff and accounts payable and receivable department that, it just doesn’t make sense. So the more that we can continue to provide these things and give that sustainability, to give that understanding that this will exist into the foreseeable future. Obviously everything is potentially temporary in government, but for as long as we can at least provide that, we want to make sure that trust level exists.

64
00:01:03,000 –> 00:01:04,000
Frank Cilluffo [00:20:07]: And I think coming up with innovative and unique ways to expand the workforce is essential because it’s hard enough between the three lettered agencies, National Security Agency, FBI, CISA, to recruit and retain that talent. It’s exacerbated at the state level. Right? So how, how do we get our arms around that? And I, I love the idea in terms of especially bringing in the community colleges because we always jump to, to higher ed, which Auburn, of course, we have a lot to offer, but in addition to the, the SEAL teams and the special forces teams, you need all the blocking and tackling that ultimately wins football games and arguably wins wars, so…

65
00:01:04,000 –> 00:01:05,000
Ryan Murray [00:20:46]: Yeah, 100%. And, and I’ll say something that we’re really focused on is, is doing that sort of quote unquote, entry level work. Right? We continue to hear both from our higher ed partners and students as they’re graduating with undergraduate degrees is they’re getting out in there and saying no one wants to hire them. And we’re telling these myths, right? CyberSeek puts out these numbers of 600,000 cyber vacancies across the U.S. We’ve got 13,000 in Arizona alone. But the myth is that those are all mid to senior level positions. No one is looking to take on the risk of entry level cyber talent, right?

66
00:01:05,000 –> 00:01:06,000
Ryan Murray [00:21:16]: What happens if you’re Raytheon and you miss a cyber incident and now you’re potentially dealing with a massive problem? So we’re trying to find ways to fill that, that entry level cyber talent gap. The other thing that’s really exacerbating this, of course, this is a cyber and technology podcast, so we have to talk about AI.

67
00:01:06,000 –> 00:01:07,000
Frank Cilluffo [00:21:33]: Oh, yeah. You can’t escape.

68
00:01:07,000 –> 00:01:08,000
Ryan Murray [00:21:35]: Right. The other thing that’s exasperating (sic) this challenge is people are looking to automate away from entry level talent. And we’re going to have this gap in the future where our mid and senior level are going to retire and there’s no one to backfill them and we just have no talent. So we’re trying to figure out how do we solve this entry level, quote unquote, entry level talent issue, put people directly to work now so when they do graduate with those degrees, because I do think there is still value in going into higher education and getting that degree, round you out as a person, but we need that real world, hands on experience. That’s truly what’s critical.

69
00:01:08,000 –> 00:01:09,000
Frank Cilluffo [00:22:05]: And that’s what I was going to say. I didn’t want to answer your own question, but, but it is the experience day in, day out in the foxhole, seeing what you have to do every day, that’s worth more than any, I mean any curricula is going to be OBE by the time anyone jumps into the workforce, right?

70
00:01:09,000 –> 00:01:10,000
Ryan Murray [00:22:25]: Especially with how quickly technology is moving now, and especially with AI that’s, you know, exponentially growing every six months.

71
00:01:10,000 –> 00:01:11,000
Frank Cilluffo [00:22:31]: You opened the door on AI, I’m not going to let you escape. What are you guys doing on the AI front? Mike, you want to start?

72
00:01:11,000 –> 00:01:12,000
Michael Geraghty [00:22:37]: A lot of things. In fact, so we talk about hiring and stuff. And our last five hires have been machine learning data science majors, not cybersecurity. Because we can teach cybersecurity, we can’t teach machine learning and we can’t teach computer science necessarily in cyber, but we can teach cyber. So we’ve been doing a lot, especially machine learning. One of the things, I’m a logaholic, as they say, and so every piece…

73
00:01:12,000 –> 00:01:13,000
Frank Cilluffo [00:23:09]: I’ve never heard that.

74
00:01:13,000 –> 00:01:14,000
Michael Geraghty [00:23:11]: Not, recovering, I am, and so we take in about 26 billion security indicators daily. Okay, daily.

75
00:01:14,000 –> 00:01:15,000
Michael Geraghty [00:23:21]: And we can’t process that without machine learning and AI tools. And so the team that we’ve been building is our, we call it our data operations, analysis and intelligence do AI basically. And they’re building AI tools for us, machine learning tools to look at things that some of these technologies are not catching. So augmenting our email security tools and augmenting some of our web security tools and things of that nature, looking for algorithmically generated domains that bad actors use for malware propagation, looking for signal, Fourier transforms in the noise of what network traffic is going on throughout the state. So lots of stuff, especially on the machine learning side. We’re also taking gen AI. You can do a lot of automation without AI.

76
00:01:15,000 –> 00:01:16,000
Frank Cilluffo [00:24:19]: Absolutely.

77
00:01:16,000 –> 00:01:17,000
Michael Geraghty [00:24:20]: And we should focus on doing that. But where it makes sense to use generative AI, that’s what we’re trying to do. So writing reports for risk assessment is really time and labor intensive for an individual. Can we have gen AI? And so we’ve got a pilot that we’re actually doing that so that we can actually write a report, provide it to the organization that we did the risk assessment for. And we’re still just working on some of the bugs, some of the gotchas, because you can’t give them a report that is inaccurate. And that’s really the scary part.

78
00:01:17,000 –> 00:01:18,000
Frank Cilluffo [00:24:56]: But you also can’t wait for it to be perfect. You have to learn, right? That’s, that’s part of it. And if you’re gonna drop a ball, drop it quickly. Ryan, anything?

79
00:01:18,000 –> 00:01:19,000
Ryan Murray [00:25:05]: Yeah. So a lot going on in Arizona. So someone I was talking to earlier this week sort of bucketized these three things. And I love this. I’ve internalized it, but I’m gonna start using it now. So we’re. We’re figuring out how do we defend from AI because we know threat actors are utilizing it to be better, faster and stronger. How do we defend with AI? So all the things Mike talked about, right, where security is basically anomaly detection and AI does this really well and generating reports kind of sucks.

80
00:01:19,000 –> 00:01:20,000
Ryan Murray [00:25:31]: So how do we take that off our plate and give it to something that can do it? And then defending our own AI, right? So understanding that we are using AI in state government, not just for cyber, but for all of the collective things that we do for government business functions. And we know people are going to continue to want to do more with that. So how do we make sure that that data is being protected? How do we make sure that we’re maintaining privacy and data sovereignty? How do we make sure that these models aren’t being poisoned to be used against us? So collectively, all of those things. And I’ll say our governor’s been sort of on the forefront of this, fortunately, stood up an AI steering committee, bringing in public sector and private sector partners, bringing in higher education to talk about how do we make sure that we’re doing AI securely in government, that we’re protecting the data that we have that’s been entrusted to us by our citizens? How do we make sure that we’re building the workforce of tomorrow to understand that AI is going to be a big part of this? And of course, how do we make sure that we’re doing all this stuff with a security mindset?

81
00:01:20,000 –> 00:01:21,000
Frank Cilluffo [00:26:26]: So I’m really glad you touched on that because most people look at AI for security. How does it help Blue? Or they look at it through the adversarial, how does it help A? But securing the AI itself, the governance challenges around that are mind boggling. And quite honestly, I think we’re just starting to recognize what some of those challenges are. But, but if we’re not doing it, we’re overtaken by events. So we don’t want to look through rear view mirrors and see what we coulda, shoulda, woulda. I’m glad that you’re taking that on. On the governance side, New Jersey?

82
00:01:21,000 –> 00:01:22,000
Michael Geraghty [00:27:02]: Oh, absolutely. So I’m on the steering committee for AI in government. Just like Arizona, New Jersey, leading the way if you will. We’ve got a partnership with Princeton University on our AI efforts. We have a chief AI officer, so there’s lots going on as far as the governance is concerned. But also the use cases of it within the Department of Labor and elsewhere where citizens are interacting and they want to get answers. So whether it be chatbots or some other forms of AI to make those services that we provide to the residents of New Jersey that more beneficial, that’s going to help.

83
00:01:22,000 –> 00:01:23,000
Frank Cilluffo [00:27:45]: And you know, again, both of your offices being nestled within a security organization, because at the end of the day, technology changes, but human nature remains pretty consistent. So you have to sort of look at it through that lens as well. And I think that bodes well for groups that are looking at it through a more holistic kind of way. What more do you expect of the feds right now? And obviously we’ve had all of the Alphabet soup on our podcast and everyone’s doing yeoman’s work, but sometimes it feels like they’re doing it in their own lanes and we got to bring it all together. What more would you like to see from whether it’s CISA, FBI, NSA, you name it?

84
00:01:23,000 –> 00:01:24,000
Ryan Murray [00:28:30]: So I’ll just start out and say, I want to preface this by saying our federal partners are an integral part in everything that we do in Arizona. And part of the challenge that we’ve had is that we’ve relied on them for a long time as critical partners and now we’re seeing some of that diminished, right, intentionally or otherwise. A great example is I don’t have any CISA CSAs, I don’t have any CISA field staff in Arizona that’s focused on cybersecurity right now. We had two, which was critically under resourced to begin with and they both left the organization. And because of hiring freezes, because the end of the fiscal year, because of just trying to figure out what the workforce looks like, we’re still stuck without those field staff. And for sure CISA is providing some additional resources temporarily assigned from the region, but we’ve also got a bunch of acting people in the region as well. And if I don’t know who to call and if I can’t get an answer when I do call them in the middle of a major cyber incident that’s potentially impacting…

85
00:01:24,000 –> 00:01:25,000
Frank Cilluffo [00:29:26]: Shouldn’t be meeting them for the first time. Right?

86
00:01:25,000 –> 00:01:26,000
Ryan Murray [00:29:28]: 100% right. And, and, you know, it’s a major problem that if that’s not a response, a collective response from federal, state, and local, and I’m having to deal with it on my own, our response is going to be diminished. The services that we’re providing are going to be diminished. The citizens that we’re serving, their services are going to be diminished. And it just, it goes back to Mike’s point of this collective defense mentality. So I will always need more from our federal government partners.

87
00:01:26,000 –> 00:01:27,000
Ryan Murray [00:29:55]: And that’s direct services being provided. That’s guidance and strategy. That’s intelligence being shared. Because the intelligence community at the federal level obviously is what it is. I have what I’m seeing. But having that additional context of, is there another state that’s potentially seeing this? Is there another private industry that’s seeing this? And I feel like we do a really good job with, amongst the state CISOs sharing this information. We’ve got some secret side chats that we share intelligence with each other, but that’s not necessarily the case, especially at sort of the substate level level with our counties and our cities. And we’ve done a great job sort of bringing the communities together.

88
00:01:27,000 –> 00:01:28,000
Ryan Murray [00:30:33]: I know New Jersey is doing an amazing job with this, too, but again, that’s sort of unique to our state is having that perspective.

89
00:01:28,000 –> 00:01:29,000
Frank Cilluffo [00:30:40]: Mike, anything?

90
00:01:29,000 –> 00:01:30,000
Michael Geraghty [00:30:42]: So, as Ryan said, they’re integral to everything that we do. And I talked about strategy before. We’re kind of up in the air about what the strategy is and what the direction is for CISA and cyber and everything like that. And we pivot off of that. So that’s what we’re really looking for, is some direction from up high to make sure that we can, you know, leverage whatever resources they’re providing to the maximum effect that we can.

91
00:01:30,000 –> 00:01:31,000
Frank Cilluffo [00:31:11]: Let me just say we need Sean Planky in that job because, yes, I think that is essential. And then we also need to make sure that all the state reps are there, because that is, but it’s more than just CISA, right? It’s also FBI and the IC to a lesser extent in one way or another. And CBP, I would imagine, in Arizona and maybe DEA and Coast Guard.

92
00:01:31,000 –> 00:01:32,000
Ryan Murray [00:31:34]: Coast Guard, Secret Service, all of our friends have a part to play in this. And To Mike’s point, I think the big thing that we need is just what is the strategy? Right? And I think that’s something that surely there is, but how is that getting communicated down to the state and local partners that also play an integral part in this sort of collective defense and of the nation?

93
00:01:32,000 –> 00:01:33,000
Frank Cilluffo [00:31:53]: Well said, well said. What about critical infrastructure owner operators? How do you engage? Because at the end of the day, they own a vast, vast percentage of the infrastructure that is essential to our economies, our public safety, and obviously our national security. How are you engaging with critical infrastructure owner operators?

94
00:01:33,000 –> 00:01:34,000
Michael Geraghty [00:32:16]: So we have our monthly meetings that I talked about with all the CISOs of those. This week seems to be Critical Infrastructure Week in New Jersey.

95
00:01:34,000 –> 00:01:35,000
Frank Cilluffo [00:32:24]: Technically, it’s in October, right?

96
00:01:35,000 –> 00:01:36,000
Michael Geraghty [00:32:26]: It is. But we met with them yesterday in the FBI on some of the threats and some of the other things that we’re seeing. We’ve got a class going on on ICS and OT security for the whole week that we’re providing to water and energy companies in New Jersey. It’s more than just meeting and talking and telling them what you’re going to do. It’s actually delivering on what you say you’re going to do. So not just talk the talk, but walk the walk. And that’s how you build trust. And we’ve got a great relationship in New Jersey with them, continues to grow as supported by the governor’s office and the entire administration because they realize how important that is.

97
00:01:36,000 –> 00:01:37,000
Michael Geraghty [00:33:09]: New Jersey is the most digitally dense state in the nation as well. And so working with…

98
00:01:37,000 –> 00:01:38,000
Frank Cilluffo [00:33:16]: I didn’t know that.

99
00:01:38,000 –> 00:01:39,000
Michael Geraghty [00:33:17]: Yeah. It’s interesting when you think of all…

100
00:01:39,000 –> 00:01:40,000
Frank Cilluffo [00:33:19]: That goes back to Ma Bell?

101
00:01:40,000 –> 00:01:41,000
Michael Geraghty [00:33:23]: The cable landings and all of those different things, it’s really important. We’ve got the World Cup Final coming up in 2026. We’ve got Sail 250. All of those things require that coordination not only with the federal government, but the private sector as well, critical infrastructure. Who runs water for the stadiums, who does power for the stadiums, what hospitals are in the area in the event there is an issue that, you know, mass casualty or anything like that. So working with all those critical infrastructure entities is really important.

102
00:01:41,000 –> 00:01:42,000
Michael Geraghty [00:33:58]: We’ve been engaged with them for quite some time and just want to continue to build that relationship.

103
00:01:42,000 –> 00:01:43,000
Frank Cilluffo [00:34:03]: Awesome. Ryan, anything particular there?

104
00:01:43,000 –> 00:01:44,000
Ryan Murray [00:34:06]: Yeah, so I’ll just touch on, we don’t have specific statutory authority, especially over the private utilities. Right? And as you mentioned a couple of times now, a lot of that critical infrastructure is in the hands of private industry. So we’ve been trying to work, again, building that trust level, going out and building the relationships, working with our Department of Public Safety, who does have some, some authorities to go out and provide assessments to our critical infrastructure partners and working in partnership with them. So as they’re doing their physical assessments, we’re doing cybersecurity assessments. And again, this is all voluntary, so it has to be trust, it has to be relationship based. And maybe not to put too fine a point on it, but CISA is our critical infrastructure partner. Right?

105
00:01:44,000 –> 00:01:45,000
Ryan Murray [00:34:47]: And when we don’t have cybersecurity advisors, when we don’t have physical advisors, when we don’t have our chemical inspectors, because that was another program that wasn’t pre authorized. Right.

106
00:01:45,000 –> 00:01:46,000
Frank Cilluffo [00:34:57]: That touched New Jersey too, I think.

107
00:01:46,000 –> 00:01:47,000
Michael Geraghty [00:34:59]: Just a little bit.

108
00:01:47,000 –> 00:01:48,000
Ryan Murray [00:35:00]: Yeah, yeah. So when those partners aren’t there, aren’t there, we’re having to try to figure out these creative solutions where how do we continue to protect our critical infrastructure. And as you’re probably aware, water is kind of important in the desert. So making sure that our water utilities, both public and private, are well protected. The letters that came out from EPA and NSC last year, working very closely saying governors, figure out how you’re protecting water in your states. So we’re working very closely with all of our water utilities to make sure that’s happening.

109
00:01:48,000 –> 00:01:49,000
Frank Cilluffo [00:35:26]: Are either of you building that out internationally as well? Because there are other countries like Israel and others who face daily cyber incidents in that sector. Anything there that…

110
00:01:49,000 –> 00:01:50,000
Michael Geraghty [00:35:38]: Yeah. So we, NJCIC, New Jersey Cybersecurity and Communications Integration Cell, is what it stands for. I didn’t make that name up. So the NJCIC has a membership and it’s free for any resident of New Jersey, but anybody else. We’ve got all 50 states signed up, but we also have other countries that are members of the NJCIC where we’re sharing intelligence as best as we can and they share things with us. So learn that early on.

111
00:01:50,000 –> 00:01:51,000
Frank Cilluffo [00:36:08]: Because those are all movies coming to a theater near you. Right?

112
00:01:51,000 –> 00:01:52,000
Michael Geraghty [00:36:10]: Cyber is borderless. There is no New Jersey or Arizona. We’re all just one attack surface for anybody in the world at any time of day and night. There are no borders or anything like that. So having those partnerships over in the UK, in Australia, New Zealand, up in Canada and places like that is really important.

113
00:01:52,000 –> 00:01:53,000
Frank Cilluffo [00:36:31]: And I’m glad you both touched on and foot stomped the significance of water. If you put it in the Maslow’s hierarchy in terms of needs, it’s very much at the top of the list, but arguably not at the top of the list in terms of how far along they are vis a vis some of the other utilities or defense industrial base or financial services. So doubling down on that I think is essential. And we’ve seen this isn’t coulda, this is happened. So hopefully there’s, there’s more energy around that.

114
00:01:53,000 –> 00:01:54,000
Michael Geraghty [00:37:07]: Yeah, the biggest water company in, is in New Jersey and the second biggest one is in New Jersey and they both got hit with ransomware recently. But it’s really those small municipalities that, they have licensed water operators that are really under resourced. So if we’re going to say water is a national security issue, we need to start providing them resources because putting the onus on a licensed water operator, that has to do five different towns and stuff like that, it’s not fair to them.

115
00:01:54,000 –> 00:01:55,000
Frank Cilluffo [00:37:42]: And some are corporate, some are municipal, some are county, some are state. They’re all structured a little differently too. So just getting your arms around that’s hard.

116
00:01:55,000 –> 00:01:56,000
Ryan Murray [00:37:52]: Well, and obviously water feeds into a lot of other things, right? It drives energy, it drives, you know, all the other critical infrastructures can’t function without water. And especially that’s, you know, primary in the desert, people die. There’s not just water sources where you can go figure this out. And I’m, I don’t know how many of your listeners understand how big Arizona is, but you’ve got a lot of these rural water cooperatives where maybe they manage three or four wells and it’s a few hundred miles that these operators have to drive between them to make sure the pumps are functioning. So they’re trying to find creative solutions where that pump operator can sit on his couch and manage that pump. So he’s just putting it on the Internet. And he doesn’t understand cybersecurity, he doesn’t understand the threat. So he’s just trying to make his job easier.

117
00:01:56,000 –> 00:01:57,000
Ryan Murray [00:38:34]: And we need to go out there and make sure that we’re talking to those guys or those organizations to say look, let’s provide you the same resources that city of Phoenix or city of Tucson have the largest counties that are also doing this thing. Something else that we’ve had a lot of conversations…

118
00:01:57,000 –> 00:01:58,000
Frank Cilluffo [00:38:47]: And that’s where machine learning, AI, UAS [Unmanned Aircraft Systems] and other means can play a big role. Right?

119
00:01:58,000 –> 00:01:59,000
Ryan Murray [00:38:53]: Yeah, we need to find those creative technology solutions that will help make it better instead of make it worse.

120
00:01:59,000 –> 00:02:00,000
Frank Cilluffo [00:38:59]: What, so just because I brought it up, counter UAS, is that a priority for both of you?

121
00:02:00,000 –> 00:02:01,000
Michael Geraghty [00:39:04]: Absolutely. So, again…

122
00:02:01,000 –> 00:02:02,000
Frank Cilluffo [00:39:05]: And the cyber nexus?

123
00:02:02,000 –> 00:02:03,000
Michael Geraghty [00:39:09]: We had some issues with drones back last October in New Jersey.

124
00:02:03,000 –> 00:02:04,000
Ryan Murray [00:39:13]: I remember that.

125
00:02:04,000 –> 00:02:05,000
Michael Geraghty [00:39:15]: And we’ve got the World cup coming up and obviously drones flying over critical infrastructure, electrical substations, water sector. So that’s been a big issue. That’s something I’m not directly involved in.

126
00:02:05,000 –> 00:02:06,000
Frank Cilluffo [00:39:29]: Are there any DJI drones still?

127
00:02:06,000 –> 00:02:07,000
Michael Geraghty [00:39:31]: There are DJI drones all over and they’ve got components in there that allow them not to talk to China anymore. But there are DJI drones all over the place. But counter UAS is something at the state level. We don’t have the authority for mitigation efforts yet. That’s something that we are working with the federal government on.

128
00:02:07,000 –> 00:02:08,000
Frank Cilluffo [00:39:52]: And there are challenges within the federal government. Is it Secret Service, is it in an NSSE event? Depending upon circumstances, different actors have different roles to play.

129
00:02:08,000 –> 00:02:09,000
Michael Geraghty [00:40:02]: So yeah, it’s a big issue for us.

130
00:02:09,000 –> 00:02:10,000
Frank Cilluffo [00:40:04]: Ryan, anything there on that?

131
00:02:10,000 –> 00:02:11,000
Ryan Murray [00:40:05]: Yeah, very similar to what Mike said. So bucketing this again into sort of two buckets is how do we defend against adversarial drones and how are we protecting our own? And unfortunately for us, yes, we still have DJI in our environments because frankly speaking, talking to our law enforcement partners, they’re cheaper and they’re better technology, right? They, they have the, the functions and capabilities on those flight systems that the American made ones just don’t have yet. So we’ve tried to push that, yes, yet. We’ve tried to push them to make sure that they understand that there is a potential risk here and how do we build some security controls around it and understanding that these things, if you’re plugging them into the Internet, if you’re putting them on your state networks, that there is a potential concern that we need to protect against. The other piece is again as he mentioned, the authorities are limited at state and local government on how you can respond to adversarial drones in your airspace. Working with our federal partners, FBI and DHS and making sure that they’re understanding that when we do see these things, we’re helping them to get to where they need to go to get it done.

132
00:02:11,000 –> 00:02:12,000
Frank Cilluffo [00:41:03]: And I would imagine there’s some unique, given a border state that entail with UAS and the like. Gentlemen, what questions didn’t I ask that I should have?

133
00:02:12,000 –> 00:02:13,000
Michael Geraghty [00:41:15]: I would say how do we sustain what we’re doing going forward? I know Ryan touched on the workforce development, the community colleges. I’ll say this, this past summer we actually had what we call an internship, cyber patrol for third to fifth graders.

134
00:02:13,000 –> 00:02:14,000
Frank Cilluffo [00:41:32]: Awesome. Third to fifth graders?

135
00:02:14,000 –> 00:02:15,000
Michael Geraghty [00:41:32]: Third to fifth graders, to introduce them to cybersecurity, and what the profession is. And same thing, we did middle schoolers, sixth to eighth. We have a high school internship program, the college internship, the externship programs. We’ve got to build that workforce. We can’t just expect those 600,000 jobs to be filled that CyberSeek says. We’ve got to build the workforce that we need. And you talked about the experience, the hands on and that’s really the way to do it is getting that hands on experience. Ryan also mentioned that and you, you said it as well.

136
00:02:15,000 –> 00:02:16,000
Michael Geraghty [00:42:12]: Nobody’s staying in their jobs for 30 years. So we’ve got to take that talent, train them up, move them into the critical infrastructure sector or the businesses in New Jersey. It keeps New Jersey cybersecure.

137
00:02:16,000 –> 00:02:17,000
Frank Cilluffo [00:42:24]: You know, and not to add a footnote here, but the old Goldwater Nichols concept in terms of having to sit in different services, we need that with industry and government. And when I look at the public private partnership, I’m sort of where you, a lot of nouns, not always a lot of verbs. But the only way you get that working is through operational collaboration, going through crises together, that’s just the only way you really learn. But I’m sorry to put words in your mouth, but I’m passionate about that. Ryan, what questions didn’t I ask that I should have?

138
00:02:17,000 –> 00:02:18,000
Ryan Murray [00:42:59]: So it’s almost like you read my mind because I was going to say I often get accused of talking through these things in sort of like the high level philosophical big problem perspective. So the question is what can we actively do to provide the help that you need? And that’s a question for you collectively and also our federal partners, right? So I think talking directly about what can we do? What are the services that you need, whether that’s directly providing services from CISA. There’s a lot of stuff that CISA provides that people still, still don’t know exist. And especially as, as other partners that we’ve relied on in the past are potentially shifting models to different ways. What are the things that are out there? And I think just telling the states and telling the locals, these are the services you can take advantage of. Help us to do better with those things, help us to message that, help us to collectively bring this together, to see us as a true partner.

139
00:02:18,000 –> 00:02:19,000
Ryan Murray [00:43:51]: Right? Especially for our federal partners. See us as a true partner, not just as like, we got to deal with those state guys, right? Work with us as if we are an extension of the US Government, because we are. So I would say the question is what are the concrete actions that we can take to actually help make that happen.

140
00:02:19,000 –> 00:02:20,000
Frank Cilluffo [00:44:07]: Gentlemen, thank you for your commitment to public service where it matters most in our communities. Thank you for fighting the good fight and keep fighting. So thank you both.

141
00:02:20,000 –> 00:02:21,000
Michael Geraghty [00:44:17]: Thank you for having us.

142
00:02:21,000 –> 00:02:22,000
Frank Cilluffo [00:44:18]: Thank you for joining us today.

143
00:02:22,000 –> 00:02:23,000
Ryan Murray [00:44:19]: Thanks, Frank. Appreciate it.

144
00:02:23,000 –> 00:02:24,000
Frank Cilluffo [00:44:20]: Thank you for joining us for this episode of Cyber Focus. If you liked what you heard, please consider subscribing. Your ratings and reviews help us reach more listeners. Drop us a line if you have any ideas in terms of topics, themes, or individuals you’d like for us to host. Until next time, stay safe, stay informed, and stay curious.

Related Content