Cybersecurity Headlines Department of Know: OpenAI vulnerability scanner, US new cyber strategy, VPN SEO poisoning
9 snips
Mar 16, 2026 Chris Ray, Field CTO at GigaOm, offers technical and strategic takes on cyber threats. Jonathan Waldrop, CISO at Acoustic, brings enterprise security and incident-response perspective. They debate AI-driven vulnerability scanning, Meta scam alerts, telecom breach apathy, SEO poisoning that delivers fake VPNs, wiper attacks and availability risks, and the new U.S. national cybersecurity strategy.
AI Snips
Chapters
Transcript
Episode notes
AI Scanners Reveal Debt Not Fixes
- AI vulnerability scanning uncovers large volumes of technical debt rapidly but doesn't solve remediation capacity.
- Jonathan Waldrop and Chris Ray warn it increases visibility of thousands of high-severity issues (OpenAI/Anthropic tests) without built-in fix workflows.
Scam Warnings Are Helpful But Limited
- User-facing scam warnings help individuals but don't replace systemic identity and platform fixes.
- Chris Ray compared them to 'contents are hot' labels and encouraged improving identity protocols rather than louder alerts.
Stop Googling For Corporate Software
- Treat SEO poisoned search results as an immediate threat and discourage 'just Google it' on corporate devices.
- Chris Ray and Jonathan Waldrop advise routing employees to IT, restricting local admin, and using secure web gateways to block fake VPN installers.