Hackers Are Winning

Cyberattacks aren’t just about hackers in hoodies anymore. Today, we’re up against professionalized, well-funded organizations that run like businesses. They use AI to crack defenses, run labs that simulate the tools we rely on, and rake in trillions while defenders struggle to keep pace. The scary part? Even the strongest companies and governments can fall behind when the threat landscape moves this fast. My guest, Evan Powell, has spent nearly 30 years in the cybersecurity world. He’s the founder and CEO of Deep Tempo, and a serial entrepreneur who’s helped industries from cloud data to resilience engineering make big transitions. Evan knows what it looks like when attackers have the upper hand, and he’s seen firsthand how enterprises try to shift the balance. In this conversation, Evan explains why compliance checkboxes aren’t enough, why raising the cost of an attack is often more realistic than stopping one outright, and how AI is reshaping both sides of the fight. He also shares the creative ways defenders are adapting, from honeypots to sock puppets, and the simple steps every one of us can take to make life harder for attackers. Show Notes: [00:57] Evan Powell introduces himself as founder and CEO of Deep Tempo, with nearly 30 years in cybersecurity and tech innovation. [02:39] He recalls a high-profile spearphishing case where the CIA director’s AOL email and home router were compromised. [03:51] Attackers are professionalizing, running AI-powered labs, and making trillions while defenders spend billions and still fall behind. [07:06] Evan contrasts compliance-driven “checkbox security” with threat-informed defense that anticipates attacker behavior. [09:40] Enterprises deploy creative tactics like honeypots and sock puppet employees to study attackers in action. [12:22] Raising the cost of attack through stronger habits, better routers, and multi-factor authentication can make attacks less profitable. [15:01] Attackers are using AI to morph and simulate defenses, while defenders experiment with anomaly detection and adaptive models. [20:56] Evan explains why security vendors themselves can become attack vectors and why data should sometimes stay inside customer environments. [24:50] He draws parallels between fraud rings and cybercrime, where different groups handle exploits, ransomware, and money laundering. [26:29] The debate over “hacking back” raises legal and policy questions about whether enterprises should strike attackers directly. [30:18] Network providers struggle with whether they should act as firewalls to protect compromised consumer devices. [34:59] Data silos across 50+ vendors per enterprise create “Franken-stacks,” slowing real-time defense and collaboration. [37:28] AI agents may help unify security systems by querying across silos and tightening the OODA loop for faster response. [39:10] MITRE’s ATT&CK framework and open-source collaboration are pushing the industry toward more shared knowledge. [41:05] Evan acknowledges burnout in cybersecurity roles but sees automation and better tools improving day-to-day work. [42:59] Final advice: corporations should rethink from first principles with data-centric solutions, and consumers must build protective habits like MFA and secret family phrases. Thanks for joining us