In this episode of Cyber Focus, host Frank Cilluffo sits down with Andy Piazza, a senior threat intelligence leader at Unit 42, and Daniel Kroese, a cybersecurity policy expert, both from Palo Alto Networks. They discuss key findings from Palo Alto Networks’ 2025 Global Incident Response Report, highlighting the accelerating speed of cyberattacks, the growing use of AI in both offense and defense, and the increasing sophistication of nation-state and cybercriminal operations. The conversation explores the intersection of cybersecurity technology, policy, and defense strategies, including the importance of behavioral analysis, public-private partnerships, and the evolving role of zero trust in securing networks.

• Findings from Palo Alto Networks’ 2025 Global Incident Response Report
• The accelerating speed of cyberattacks and data exfiltration
• How AI is shaping both cyber threats and defensive capabilities
• The role of initial access brokers in modern attacks
• Nation-state involvement in cybercrime and adversarial collaboration
• The importance of zero trust and behavioral analysis in defense strategies
• Policy recommendations for the next U.S. administration’s cybersecurity priorities
• The growing complexity of securing multi-cloud environments
• Challenges in asset visibility and managing cyber risk

“So, for example, in 25% of the cases, we saw attackers exfiltrating data within five hours of initial compromise. That's really, really fast.” – Andy Piazza

“Better cyber defense is a data problem, which means it's solvable. And what is the best way to solve a thorny large scale data problem? AI.” – Daniel Kroese

“We always talk about nation states or even cybercriminals stealing data. They don't steal data, they copy it. If they stole data, we would have taken that seriously a long time ago.” – Andy Piazza

“Organizations on average take 6 days to respond to a cyber incident. When adversaries are now exfiltrating data in hours, we can actually have real time statistics around mean Time to detect and mean time to respond.” – Daniel Kroese

“40% of cloud incidents were because there was unmanaged cloud assets that were out there... From a defense standpoint, you can't secure what you can't see.” – Daniel Kroese

• Palo Alto Networks Unit 42 Threat Intelligence
• Palo Alto Networks Global Incident Response Report 2025
• U.S. Government Zero Trust Strategy

Andy Piazza is a senior threat intelligence leader at Unit 42, Palo Alto Networks, and a veteran of both the cybersecurity industry and the U.S. Army. His work focuses on tracking threat actors, understanding cybercriminal tactics, and helping organizations defend against emerging threats.

Daniel Kroese is a cybersecurity policy expert at Palo Alto Networks with experience in both government and the private sector. He previously served as staff director for the House Homeland Security Committee and as Chief of Staff to former CIA Director John Ratcliffe.