Pentagon Gives New Details on Cyber Command Personnel Reform For the private sector, the cyber talent gap is an HR issue. But for the U.S. military, it's a looming strategic crisis, the Pentagon's top cyber official said this

@deptofwar.bsky.social senior-most cyber official, Katie Sutton, gave new details at last week's #CyberWorkforceSummit about the "force generation" and personnel reforms being enacted under CyberCom 2.0, including skills based hiring & incentive pay.
www.govinfosecurity.com/pentagon-giv...

NIST Urged to Go Deep in OT Security Guidance Now is the moment for U.S. federal guidance on securing OT to plunge deeper into the practicalities of securing systems, an extension into actionable advise that

Three major OT security vendors, Dragos, Armis and
@claroty.bsky.social, shared the comments they sent to NIST & explained what they wanted from the rewrite. Details in my latest story for OT Today
www.ot.today/nist-urged-t...
h/t @w2communications.bsky.social @teamlewisglobal.bsky.social

🧵3/3

So I don't envy the NIST team as they embark on a rewrite of Special Publication 800-82, Guide to Operational Technology (OT) Security. Because it's not a rulemaking (the guidance isn't mandatory) the comments NIST asked for from stakeholders, experts and others aren't published.
🧵2/3

NIST Urged to Go Deep in OT Security Guidance Now is the moment for U.S. federal guidance on securing OT to plunge deeper into the practicalities of securing systems, an extension into actionable advise that

I imagine revising one of the @nist.bsky.social canonical #cybersecurity guides must be like writing a new version of the bible. Every change, no matter how small, will be endlessly debated. And whatever the outcome, some people are likely to be deeply pissed.
🧵1/3
www.ot.today/nist-urged-t...

Errrrrm, no, I did not. In fact, you could stop that sentence after the word "religion," and it would still be true. Do such conjunctions happen often, then?
And yes, I probably do need to get out more 😅

Is it just me, or does #Lent, #Ramadan and the #LunarNewYear all starting on the same day sound like the start of a @cstross.bsky.social Laundry Files story?

Attributive Questions in High Profile Incidents On 30 January 2026, CERT.PL published findings concerning an electric sector attack on Poland in December 2025. This report, presumably the most complete on the incident covering multiple sources a…

My story is abt the relationship btw technical attribution and geo-political context. The presence of differing attribution narratives makes it harder for the Poles to respond. The invaluable @pylos.co has a very detailed and comprehensive analysis of the attribution issue
pylos.co/2026/01/31/a...

Russia Hacked the Polish Electricity Grid. Now What? Poland's online defenses stopped a Russian cyberattack against the energy grid, but now the Warsaw government is in a bind about how to respond to a digital assault

ICYMI: One of the advantages of #HybridWarfare is that it puts the victim in a bind: How to respond without escalating?
I wrote for OT Today about how this dynamic played out in the recent foiled #CyberAttack on the Polish energy grid, blamed on Russian intel agencies.
www.ot.today/russia-hacke...

Musk's corrupt merger of xAI and SpaceX He's stealing from investors to bail out his other investments

@robertgrahamprod.bsky.social
lays out, in convincing detail, why the best adjective to describe Elon Musk's merger of his electric car company Tesla and his AI company xAI is "corrupt."
open.substack.com/pub/scytalep...

Space Force likely to double in personnel within a decade, vice chief says

After less than seven years, the Space Force has finally decided key issues like how many buttons it should have on its dress jackets (six, apparently, because it's the sixth service.)

aerospaceamerica.aiaa.org/space-force-...

Why Starlink Couldn’t Break the Iranian Internet Blackout Communications still dark over Iran

@secevangelism.substack.com explains why #Starlink wasnt able to alleviate the Iranian internet cutoff.
TL;DR Iranian authorities appear to be jamming GPS, which is needed by the Starlink system to provide timing and location data to recievers ajd satellites
#Iran
open.substack.com/pub/secevang...

My friend Scotty used to say "I love my country, but I think we should start seeing other people."

These Apps Let You Bet on Deportations and Famine. Mainstream Media Is Eating It Up. “The long-term vision is to financialize everything and create a tradable asset out of any difference in opinion.”

My fmr @compiler.news colleague @tekendra-parmar.bsky.social reveals the broken reasoning behind the prediction markets like @kalshiofficial.bsky.social trying to monetize bettors' best guesses about future events. And the probs it creates when used in elections.
theintercept.com/2025/12/29/p...

US Bets on On-Orbit Satellite Servicing with 4 Missions in 2026 Four satellite missions will launch in the coming year to demonstrate on-orbit refueling, servicing, and repair capabilities to extend the lives of military satellites. Funded by different Department ...

The US military is outsourcing on-orbit refuelling & servicing capabilities to commercial providers, leaving it reliant on vendors for a strategic capability — 2026 will be a critical year
@darpa.mil @northropgrumman.bsky.social
@aerospacecorp.bsky.social

www.airandspaceforces.com/us-on-obit-s...

Air Force IT Leaders Adopt Commercial-First Strategy The Department of the Air Force is embracing the new commercial-first approach to IT ordered by Defense Secretary Pete Hegseth.

The @usairforce.bsky.social has been talking abt using commercial IT products for years, but often that meant buying them and then customizing beyond recognition, so it did exactly what the service wanted. This time will be different, department leaders say
www.airandspaceforces.com/air-force-it...

Monitoring the Electric Grid Is Easier Said Than Done A new reliability standard for U.S. and Canadian electric grid tells major power companies to monitor and log traffic on their operational technology and industrial

New reliability rules tell major electric power co's that they must monitor traffic inside OT and ICS networks, but that's going to be a heavy lift, experts from @tenablesecurity.bsky.social Armis Security and Dragos Dragos Inc tell me in my latest story for OT Today.

www.ot.today/monitoring-e...

Incredible story. Made more interesting and positive by the fact that he didn't have a perfectly clean record. We're all imperfect and flawed. We've all made mistakes. Even the heroes.

NASA lost contact with MAVEN, which is orbiting Mars, on Dec 6, but now have recovered a fragment of tracking data suggesting it was rotating in an unexpected manner and its orbital trajectory may have changed after emerging from behind Mars. 1/2

Former CYBERCOM Bosses Urge Caution on New Cyber Service The last two heads of U.S. Cyber Command argued that reforms to CYBERCOM need time before the Pentagon establishes a new military service.

There's a growing head of steam behind the idea of a new military service to recruit/train/equip a force for war fighting in the #cyber domain. It's an intuitive ask: The Air Force fights in the air, who fights in cyber? But it's not as simple as that

www.airandspaceforces.com/former-cyber...

Can the Latest Plan for CYBERCOM Stave Off Calls for a New Service? Defense Secretary Pete Hegseth has a new Cyber Force Generation plan, meant to give U.S. Cyber Command (CYBERCOM) more authority.

Fmr officials say @deptofwar.bsky.social plans for US Cyber Command create tension b/w the push to normalize cyber operations, and efforts to give CyberCom unique authorities. My story featuring the @csis.org & CSC 2.0 Commission on Cyber Force Generation.
www.airandspaceforces.com/cybercom-for...

I Work For an Evil Company, but Outside Work, I’m Actually a Really Good Person I love my job. I make a great salary, there’s a clear path to promotion, and a never-ending supply of cold brew in the office. And even though my j...

I Work For an Evil Company, but Outside Work, I'm Actually a Really Good Person www.mcsweeneys.net/articles/i-w...

DeepSeek researcher pessimistic over AI's impact in startup's first public appearance since success Chinese artificial intelligence (AI) developer DeepSeek made its first public appearance in almost a year after it became a global sensation, fielding a senior researcher who told a government-organised internet conference that he was pessimistic about AI's future impact on humanity.

www.reuters.com/world/asia-p...
If the guy from DeepSeek, speaking at a PRC government conference, says he is "pessimistic" about the impact of AI, how terrified should the rest of us be?

Not Just Spies: Satellite Operators Say Cybercrime Is Major Threat The Space Force and commercial providers are concerned about Chinese and Russian cyberattacks, but low-level cybercrime is a concern too.

When Space Force leaders discuss cyber threats against the commercial satellite providers they use, they talk abt attacks from nation state adversaries.
But for cyber defenders in the commercial space sector the daily reality can be rather different.
www.airandspaceforces.com/satellite-op...

I should add that I hope to be writing regularly about OT security, and I'm open (gulp) to input abt un- or under-covered stories, and to convos w security practitioners about their experiences. You can find my email on LinkedIn or @muckrack.com But no product or corporate news pitches, please.

Weak and Exposed: US Water Utilities a Chinese Hacker Target Rural America is a long way from Taiwan. But cyber power is no respecter of geography. Should China make good on its repeated threats to reunify the island by

My 1st story for ISMG, where I'm covering OT cybersecurity takes off from @60minutes.bsky.social report on Chinese hacking of US power and water utilities. I look at @istorg.bsky.social Josh Corman's efforts to help shore up security in the water sector.
www.bankinfosecurity.com/weak-exposed...

Did Air Force's Canceled $1.4B Cloud One Contract Save Money? Defense Secretary Pete Hegseth canceled the Air Force's Cloud One contract, declaring $1.4 billion in savings. But the move might cost more.

Defense Secretary Pete Hegseth claimed $1.4B savings from cancelling the Air Force's Cloud One contract. But my reporting shows it's not that simple. Cloud services will still be needed, still have to be paid for. In fact, they may cost more.
My story:
www.airandspaceforces.com/dod-canceled...

Space Force Building Tools to Detect Cyberattacks on Satellites U.S. Space Force contractors are building an AI-powered tool to detect cyberattacks on satellites by monitoring their behavior and telemetry.

ICYMI: @spaceforcedod.bsky.social Sapce Force Building Tools to Detect #Cyberattacks on Satellites www.airandspaceforces.com/space-force-...

Industry Execs: Test Long Range Kill Chains to the Point of Failure The Air Force should place more emphasis on exercising and training for long range kill chains right now, a panel of industry experts said.

USAF training doesn't test kill chains to failure, sez Jon
Rhone, fmr cmdr of the 505th Test & Eval “If the first time that we fail at [closing long-range kill chains] is when the blood is flowing, I think we’ve prob done the country a disservice."
#asc2025 www.airandspaceforces.com/industry-exp...

Space Force’s Front Door For Industry Is Opening a Little Wider Space Systems Command’s Front Door, the contact point for private industry to introduce themselves to the Space Force, is expanding.

Space Systems Command’s Front Door - the one-stop shop for vendors, is getting a rebrand and a leg-up. It will now be called Space Force Front Door and will be a single touchpoint for the whole Space Force. My story for @airandspaceforces.com.web.brid.gy
www.airandspaceforces.com/space-system...

Pentagon Needs Digital Command for New Approach to Key Tech The Pentagon needs a Digital Command, a Digital Warfare Corps, and other changes to take advantage of new technologies like AI and autonomy.

U.S. Cyber Command should be replaced by a U.S. Digital Command, which would have CyberCom's cyber role and lead infowar and electromagnetic war ops as well. DoD should also stand up a new military service, the U.S. Digital Corps, argues @scsp.bsky.social
www.airandspaceforces.com/pentagon-nee...