How government and Industry can raise the cost of cybercrime

Sophos CEO Joe Levy and Director of Government Partnerships Alex Rose join Safe Mode from Washington, D.C. to discuss what meaningful public-private cybersecurity partnership looks like right now—moving beyond “window dressing” to real operational collaboration with agencies like CISA and the FBI. They break down the shift from Secure by Design to Secure by Demand, arguing that procurement and market forces must pressure software vendors to ship safer defaults, while AI simultaneously accelerates both vulnerability discovery and attacker capability. The conversation also spotlights why small and midsize businesses are disproportionately exposed yet often underserved, and previews Sophos’s upcoming CISO Advantage concept to help close the massive cybersecurity leadership gap. Finally, they examine rising open-source software risk—including maintainers being overwhelmed by low-quality AI-generated vulnerability reports—and why addressing OSS security will require coordinated action across government and industry. In our reporter chat, Greg talks with Tim Starks about the oral arguments held at the Supreme Court in relation to a case that deals with the future of geofence warrants.