In today’s cyber landscape, firewalls and antivirus software are no longer enough. According to acclaimed journalist and cybersecurity expert Nicole Perlroth, the conversation has shifted—from prevention to resilience, from “how do we keep them out?” to “how do we recover when they’re already in?”
On a recent episode on the Identity Radicals Podcast, Mike Towers (Chief Security & Trust Officer, Veza) and Nicole—author of This Is How They Tell Me the World Ends—unpacked the shadowy underworld of zero-day exploits, the moral hazards of government stockpiling vulnerabilities, and why enterprises now sit on the frontlines of national security.
Zero-Days: From Underground Markets to Global Threats
Nicole has spent years investigating the zero-day vulnerability market—a world where software flaws are sold to the highest bidder before developers even know they exist. Once dominated by criminal hackers, the space is now rife with state actors. “Governments are hoarding zero-days,” she explained, “not to fix them—but to use them for espionage, surveillance, and disruption.”
The risks? Monumental. Nicole recounted that even the NSA wasn’t immune when discussing how their own cache of zero-days was leaked by the mysterious “Shadow Brokers” and weaponized by Russia, North Korea, and cybercriminals in attacks that spiraled globally.
China’s New Playbook: Sophisticated, Stealthy, and Strategic
Nicole and Mike took a deep dive into Chinese cyber operations, highlighting a dramatic shift—from overt phishing to covert infiltration of critical infrastructure. No longer relying on smash-and-grab tactics, today’s attackers blend in with legitimate admin activity, often going undetected for months.
“They’re not hacking in anymore,” she says. “They’re logging in.”
This change underscores a chilling reality: modern cyberattacks are surgical, patient, and often designed to pre-position for future geopolitical conflict. China, for example, has been spotted quietly embedding itself in systems that manage water, power, and transportation—laying the groundwork for potential disruption in a future conflict scenario.
Enterprises: The New Cyber Battleground
The frontline of cybersecurity is no longer a government bunker—it’s every organizaton’s enterprise IT environment. Whether it’s a bank, healthcare provider, or tech company, organizations today are the gatekeepers of critical infrastructure.
“The idea that a private company is expected to defend itself from nation-state attacks is absurd,” Nicole says. “But that’s where we are.”
As digital ecosystems grow more interconnected, the risks of cascading failures from a single breach multiply. That’s why resilience—not just prevention—has become the new north star for enterprises.
Identity Is the New Perimeter
The most urgent takeaway from this episode is that identity and access management is mission-critical, now more than ever.
With attackers “living off the land” and masquerading as legitimate users, enterprises must know with precision who has access to what—and why. Employees, contractors, and non-human identities are all potential targets; the organizations that thrive will be those who treat access control not as an afterthought, but as a strategic pillar of their cybersecurity posture.
To hear the full conversation, tune in to the latest episode on Identity Radicals!
