Welcome to Day 2 of The Daily Raptor — your field guide to selling smarter in cybersecurity. If Day 1 was the recon mission, today we roll out with a deeper threat update and a quick debrief on RSA. You’ll also hear from our co-founder Ivy (she’s the one with four paws and sharper instincts than your average sales VP).

We know your inbox is a battlefield, so we keep it tight, relevant, and just a little bit dangerous. Get ready to sharpen your pitch, outmaneuver the competition, and stay ahead of the threat landscape. Let’s dive in — because in this game, timing is everything, and Day 2 is when real operators start to separate from the pack.

A highlight or two on our customer’s threat geos: China & Russia, in that order (at least for today!)

  • China:

    In the last 72 hours, the U.S.–China cyber conflict has intensified with three notable developments.

    • First, U.S. lawmakers subpoenaed Chinese telecom giants—China Mobile, China Telecom, and China Unicom—amid concerns these firms may be enabling state-sponsored cyber operations, including advanced persistent threats like Volt Typhoon and Salt Typhoon. These two China-backed groups have been linked to long-term stealth operations targeting U.S. critical infrastructure, with Volt Typhoon notably using “living off the land” techniques to evade detection and embed deeply within systems. The subpoenas reflect mounting anxiety that telecom infrastructure could act as a foothold for such actors to access sensitive enterprise and government systems. Second, the U.S. Embassy in Guatemala disclosed that China-based espionage groups hacked the Guatemalan foreign ministry’s systems, illustrating the global scope of China’s cyber campaigns. Lastly, cybersecurity experts and a former U.S. Rear Admiral have reiterated that China now represents the most significant cyber threat to the United States, urging urgent improvements in both public and private sector defenses.

    • Here are the first two source links in bullet format:

      China Risk: Why do our CIOs & CISOs care?
      CIOs and CISOs care because Volt Typhoon and Salt Typhoon exemplify a new era of stealthy, state-sponsored threats that blend into everyday IT operations—making them incredibly hard to detect and remove. With U.S. lawmakers now investigating Chinese telecom firms as potential enablers, the threat isn’t just technical—it’s strategic. Your customers' boards are asking tough questions about supply chain risk, resilience, and how well they’re protected against nation-state actors. Reps need to understand: this isn't about hypothetical risk—it's about business continuity, regulatory exposure, and protecting national critical infrastructure.

    • Russia

      French Authorities Attribute Decade of Cyber Intrusions to Russia’s GRU

      • In a rare public move, French officials formally linked a series of long-running cyber operations to Russia’s GRU intelligence agency. The attacks — executed by APT28 (The Russian Main Military Intel Agency) — infiltrated defense contractors, ministries, policy groups, and organizations tied to the 2024 Paris Olympics. French authorities view the activity as a deliberate attempt to erode national security infrastructure and democratic resilience. The disclosure signals a global shift toward more open attribution of state-sponsored threats and underscores Russia’s sustained digital aggression in Western Europe.

        Dutch Military Attributes Russian-Linked Infrastructure Attack

        Meanwhile, Dutch military intelligence disrupted a Russian-backed cyber attempt to compromise industrial control systems tied to national infrastructure. While no disruption occurred, officials labeled the attempt a "dangerous precedent" — shifting from espionage to sabotage. This incident highlights the rising stakes across European infrastructure, where digital attacks are approaching physical consequences. Expect increased urgency in public sector cybersecurity procurement across NATO-aligned nations.

      • France accuses a Russia-linked hacking group of targeting the Paris Olympics and French agencies – AP News

      • France accuses Russia of a decade's worth of high-profile cyberattacks – The Verge

  • Russian Activity Risk: Why do our CIOs & CISOs care?

    • Spillover & imitation risk: Tactics used in Europe can spread to U.S. networks via shared vendors or copycat actors.

    • Strategic escalation: Russia’s move toward infrastructure sabotage signals rising cyber-physical threat potential. OT assets w/active monitoring is a must-have.

    • Advanced threat actor validation: Confirms the ongoing need for IR Planning + tech investments in zero-trust, MFA, patching, and continuous/MDR monitoring.

    • Budget & policy justification: Reinforces the case for board-level cybersecurity planning and consideration of strategic law enforcement/government intel-sharing.

Where Do We Go from Here with Our CIOs & CISOs?

  1. Start with Strategic Curiosity
    “How are you currently assessing the business impact of nation-state threats like Volt Typhoon or APT28?”
    This opens the door to understanding how prepared — or exposed — they feel at the leadership level.

  2. Map Threats to Business Continuity
    “If these stealthy actors were inside your network, what systems or operations would be at risk first?”
    Help them connect advanced threats to mission-critical infrastructure and uptime.

  3. Surface Executive Pain Points
    “Are your board and regulators asking tougher questions about supply chain risk, data sovereignty, or telecom dependencies?”
    Use the headlines to spark real discussion about external pressure and internal readiness.

  4. Highlight Gaps in Detection & Response
    “How confident are you in your team’s ability to detect ‘living off the land’ techniques or sabotage-level attacks?”
    This can lead to conversations around MDR, zero trust, OT monitoring, and IR planning.

  5. Bridge to Budget Justification
    “Would it help to frame these risks in terms of regulatory exposure, operational downtime, or competitive impact?”
    Empower champions who need help connecting cybersecurity investments to business value.

  6. Position Yourself as a Strategic Partner
    “Can I help you shape a brief for your board or ELT to elevate this conversation beyond the SOC?”
    Shift from seller to ally. This is where trusted field reps earn long-term influence.

That’s a wrap for our mid-week rundown - much more on Friday. As mentioned we will be highlighting a partnership very soon (next week) to broaden our exposure and bring more voices into the mix - the more voices, the smarter we are (unless they’re all in your head).

A reminder from our co-founder & mascot:

/smb