Ollie Whitehouse, CTO of the UK’s National Cyber Security Centre (NCSC), joins Code and Country to unpack what it really takes to secure a nation in the age of AI, ransomware, and quantum threats. Drawing from three decades of experience across public and private sectors, Whitehouse offers a candid assessment of the broken cybersecurity market, why the incentives are misaligned, and what meaningful defense should look like. He explores how governments and enterprises can better collaborate, the urgent need to catalog cryptographic dependencies, and why resilience must be built into business, not bolted on. Essential listening for CISOs, IT leaders, and architects navigating the new frontier of national-scale cyber defense.

Katie Moussouris, founder and CEO of Luta Security, joins Code and Country to trace her path from MIT to pioneering vulnerability disclosure and launching “Hack the Pentagon.” She dives deep into the economics of the exploit market, the dangers of vulnerability disclosure laws, and how AI is shifting the dynamics of cybersecurity offense and defense. Katie also shares first-hand stories from her time shaping Microsoft's bug bounty program and working with the Pentagon. A must-listen for CISOs, IT leaders, and architects navigating the geopolitics of cyber risk.

In this episode of Code and Country, host Ian Paterson is joined by Robert Young Pelton, renowned war correspondent and author of Licensed to Kill and The World's Most Dangerous Places. Pelton shares firsthand accounts from his time embedded with the Taliban, Special Forces in Afghanistan, and rebel groups in Chechnya. He discusses the evolution of cyber warfare, the dark intersections of state and non-state actors in financial fraud, and how cyber tactics mirror battlefield strategy.

Pelton also explores the chilling implications of compromised digital hygiene, from sat phone targeting to political hacks. A must-listen for CISOs, IT leaders, and architects concerned about the global cyber threat landscape.

What do spies, skateboarders, and startups have in common? Security.

In this episode of Code and Country, former CSIS technical ops lead Andrew Amaro shares how his background in physical infiltration and cyber operations shaped his approach to enterprise security.

We cover why insider threats remain the most overlooked risk, how physical access is still a cyber problem, and why org charts are failing security leaders.

Andrew also explains how intelligence tactics can improve security posture, and why collaboration between cyber, physical, and executive teams isn’t optional anymore.

If you’re thinking about supply chain risk, insider threats, or how to align security with business growth, this episode is for you.

In this special episode of Code and Country, we bring together insights from some of the world’s foremost experts in cybersecurity, intelligence, law, and defense.

Built around the theme of geopolitics and digital conflict, this compilation traces how nation-state tensions, ransomware groups, and AI threats are converging to reshape the cyber battlefield. Civilian infrastructure is now a target. Compliance is no longer enough. The frontline has shifted from borders to networks.

Some of the world’s foremost cyber experts from the RCMP, NSA, NATO, and the private sector reveal what it takes to stay ahead of persistent, coordinated attacks. The episode covers real-time disruption campaigns, threat attribution, legal blind spots, and the rising pressure on CISOs and IT leaders to build true resilience.

Whether you’re defending critical infrastructure or leading cyber strategy in a global enterprise, this is a sharp, tactical briefing for those operating at the intersection of cybersecurity and geopolitics. Listen now to understand the new frontline.

Nation-states don’t steal data, they wage war.

In this episode of Code and Country, former US Intelligence Community CIO, CISO at Bank of America, and Chief Security Officer at Bridgewater Associates, Patrick Gorman exposes how cyber warfare threatens North America’s federal systems, higher education, BFSI, healthcare, and manufacturing sectors.

Gorman reveals:

• How nation-state intent flips overnight, leaving CISOs and IT leaders scrambling
• Why compliance frameworks fail to defend against ransomware, fraud, and insider threats
• How fragmented cyber defenses open the door to influence operations and disinformation campaigns

If you defend federal agencies, university networks, financial systems, hospitals, or supply chains, this episode delivers the preventative cybersecurity strategies you need.

Listen now and fortify your critical infrastructure before the next attack hits.

What does it take to defend 32 nations across five domains in an era of AI, quantum, and nation-state threats?

In this episode of Code and Country, we sit down with NATO’s first-ever CIO and CISO, Manfred Boudreaux-Dehmer, for an inside look at the alliance’s approach to cybersecurity, digital transformation, and geopolitical defense.

We explore why NATO consensus creates stronger decisions, how multi-domain operations integrate land, sea, air, cyber, and space defense, and what cyber leaders can learn from NATO’s approach to AI-powered protection and zero trust architecture.

Manfred shares how Russia, China, and North Korea use disinformation, stealth, and ransomware to pursue their national agendas. He also explains how Q-Day is coming and what leaders must do now to prepare for post-quantum cryptography.

If you are thinking about cyber threats at a nation-state scale, emerging quantum risks, or the impact of AI on defense strategies, this conversation will keep you ahead of the curve.

Listen to learn how NATO is modernizing cyber defense in support of democratic institutions.

When a ransomware attack hits, the headlines focus on the ransom. But what happens after the payment clears?

In this episode of Code and Country, we bring in Partner and Data Breach Coach Brent Arnold of Gowling WLG (Canada) LLP to uncover the truth about data breach response, the limits of cyber insurance, and the legal frontlines of cybersecurity litigation.

We take you inside why even “successful” ransomware payments often fail to recover your data, how insurers are rewriting the rules on cybersecurity compliance and policy exclusions, what CISOs need to know about the supply chain risk, class action defense, and recoup litigation.

Brent also shares his firsthand experience navigating Web3 cybersecurity, data protection in crisis, and the realities of incident response at scale.

Listen in and prepare your team to confront the real costs of cyber warfare—before you’re the next target.