On this episode of Cyber Focus, host Frank Cilluffo sits down with Rob Joyce, former NSA Cybersecurity Director and longtime leader in national cyber operations, to unpack some of the most pressing cybersecurity threats facing the United States today. Recorded live at RSA, the discussion ranges from Chinese pre-positioning in critical infrastructure to the blurred lines between espionage and cyber warfare. Joyce lays out a three-pronged framework for national cyber strategy, reflects on lessons from the counterterrorism playbook, and warns about the shifting attack surface—from endpoints to network infrastructure and cloud identity. The conversation closes with a call for better coordination, clearer definitions, and a whole-of-nation approach to impose real cost on adversaries.

Main Topics Covered

• AI’s emergence as both opportunity and attack surface
• China’s Volt Typhoon campaign and the need for deterrence
• Offensive cyber operations, NSPM-13, and defining “defend forward”
• Counterterrorism lessons applied to cyber strategy
• Supply chain risks and the influence of foreign-controlled software
• The shift in attack surface toward identity, cloud, and network infrastructure

Key Quotes

“If China were running around and strapping Semtex to bridges, we wouldn't tolerate that. But they're strapping digital Semtex to our energy grid, to our pipelines, to our airlines. And we've got to stop that.” — Rob Joyce

"Those who use AI will outperform those who don’t. Period." — Rob Joyce

"The attackers are now moving to the network devices and into the cloud, taking identity and just going up into your authenticated cloud." — Rob Joyce

“This isn't just a cyber issue, it's a China issue, it's a Russia issue, it's a Iran issue, it's a DPRK issue. So you can't just look at cyber means in itself.” — Rob Joyce

“If [Chinese spies] had broken into an office and stolen papers, we would have done diplomatic expulsions from their embassy… Why don’t we…reduce the footprint of their embassy and consulate in the US because they're not behaving in a normative fashion. Those are the tools that are outside the cyber toolbox that we're not using. — Rob Joyce

Relevant Links and Resources:

NSA Cybersecurity Directorate https://www.nsa.gov/what-we-do/cybersecurity/​

Cybersecurity and Infrastructure Security Agency (CISA) https://www.cisa.gov/

Volt Typhoon Advisory (NSA/FBI/CISA) https://www.cisa.gov/news-events/cybersecurity-advisories/aa23-144a

Guest Bio:

Rob Joyce is a longtime national security and cybersecurity leader with more than 34 years of federal service. He served as Director of the NSA’s Cybersecurity Directorate, Special Assistant to the President and Cybersecurity Coordinator at the White House, and Chief of Tailored Access Operations, the NSA’s elite offensive cyber unit. Throughout his career, he helped shape U.S. cybersecurity strategy, led efforts to counter nation-state threats, and forged deep partnerships across government and industry.