Lawfare Daily: The Military’s Operational Technology Cyber Vulnerabilities
The Lawfare Podcast
The Lawfare Institute
4.7 • 6.4K Ratings
🗓️ 27 January 2026
⏱️ 49 minutes
🧾️ Download transcript
Summary
Andy Grotto, William J. Perry International Security Fellow and the founder and co-director of the Program on Geopolitics, Technology, and Governance at Stanford University’s Center for International Security and Cooperation (CISAC), and Jim Dempsey, a senior policy adviser to that program and a Lecturer at the UC Berkeley Law School, join Lawfare’s Justin Sherman to discuss their recent study on the U.S. military’s domestic operational technology (OT) cybersecurity vulnerabilities, domestic installations’ dependencies on critical infrastructure both “inside the fence” and “outside the fence,” and how U.S. adversaries could exploit the flaws. They also discuss the myth of the air gap; the Pentagon's Energy Resilience Program; the role that standards, regulations, and procurement could play in strengthening the cybersecurity of OT systems on which the military depends; and what the threat landscape will look like in the coming years.
Resources:
- James X. Dempsey and Andrew J. Grotto, “Ensuring the Cyber Resilience of Critical Infrastructure Serving Domestic Military Installations: Questions for Senior Leadership,” The Cyber Defense Review 10, no. 2 (2025): 115-138
- Jim Dempsey and Andrew J. Grotto, “The Pentagon’s Operational Technology Problem,” Lawfare, December 15, 2025
To receive ad-free podcasts, become a Lawfare Material Supporter at www.patreon.com/lawfare. You can also support Lawfare by making a one-time donation at https://givebutter.com/lawfare-institute.
Support this show http://supporter.acast.com/lawfare.
Hosted on Acast. See acast.com/privacy for more information.
Transcript
Click on a timestamp to play from that location
| 0:00.0 | We're talking dependency on private sector contractors, who themselves then, in their products and services, are dependent upon these industrial control devices and these operational technology systems, which are vulnerable. |
| 0:19.0 | It's the Lawfare podcast. |
| 0:26.2 | I'm Justin Sherman, contributing editor at Lawfare and CEO of Global Cyber Strategies, |
| 0:32.4 | with Andy Grotto, founding director of the Stanford Program on Geopolitics, Technology, and governance, and Jim Dempsey, a senior policy advisor to that program and a lecturer at the UC Berkeley Law School. |
| 0:40.1 | If we want the utility to provide an extra level of resilience beyond what its business interests would support, |
| 0:49.8 | to meet a national policy need involving a higher degree of resilience for military installations |
| 0:57.7 | because they need to potentially project power overseas, well, that's a gap, right? |
| 1:02.3 | And that gap's not going to fill itself. |
| 1:05.5 | Today, we're talking about the U.S. military's domestic cyber security vulnerabilities |
| 1:10.5 | and operational |
| 1:11.5 | technology, how adversaries could exploit them, and what the future of this landscape holds. |
| 1:17.7 | We're going to speak today, as we heard in the introduction, about your excellent recent study, |
| 1:23.5 | which was published at the end of 2025 in the Cyber Defense Review, linked as always below this |
| 1:31.6 | episode, which is titled Ensuring the Cyber Resilience of Critical Infrastructure, Serving Domestic |
| 1:37.4 | Military Installations, Questions for Senior Leadership. |
| 1:41.1 | Since, of course, this is the Lawfare podcast. |
| 1:43.2 | I will also note that listeners can |
| 1:45.0 | find an excellent summary piece of said study published on Lawfare as well. So to jump right in, |
| 1:52.3 | start by framing for us, A, what motivated you to write this study in the first place, and then |
| 1:58.8 | B, some of the high-level questions you were seeking to address |
| 2:02.6 | by doing so. Thanks, Justin. It's really good to be here and looking forward to talking about a |
| 2:09.3 | topic that has certainly bothered me for well over a decade now. When I came to Stanford in 2017, I'd spent the previous several years |
... |
Please login to see the full transcript.
Disclaimer: The podcast and artwork embedded on this page are from The Lawfare Institute, and are the property of its owner and not affiliated with or endorsed by Tapesearch.
Generated transcripts are the property of The Lawfare Institute and are distributed freely under the Fair Use doctrine. Transcripts generated by Tapesearch are not guaranteed to be accurate.
Copyright © Tapesearch 2026.