Ep. 299 Wipers, Rogue AI, and Resilience: How Federal Agencies Can Respond and Recover from Attacks in 2026

Everyone reading this has had minor delays at the airport. It is remarkable that more problems have not developed. Look at Chicago O'Hare International Airport—it has 857,392 takeoffs and landings in a year. Each one has passengers, and most have luggage.

The opportunities for problems are overwhelming. Now add an increasing number of sensors and interlaced networks, and you have an attack surface of biblical proportions.

All an adversary needs is one single point of vulnerability to attack a system. Think what could happen if an airport network were disabled by a ransomware attack.

During today's interview, Lou Karu makes suggestions for defense that include a multi-layered strategy emphasizing zero trust and network segmentation.

However, Karu reminds us that a cybersecurity strategy is not complete without a robust recovery plan. For example, if a basic recovery plan was deployed, it is possible that a system can have compromised code locked into a backup. An airport suffers an attack, pays the ransom, and the recovered data has more attacks built in.

Best practice here is to have a backup system that is rapid and accurate, and that restores the code without it being hot-infected with additional malicious code. Systems like this from Rubrik call these backups "immutable."

The next time you go to the airport, try to imagine the numerous attack points that an airport must contend with. Even the most robust cyber defense must include plans for safe, secure recovery.

Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/

Want to listen to other episodes? www.Federaltechpodcast.com