Minutes, Not Months: Inside the New Cyber Velocity Facing Federal Agencies

48 hours. That's the time it took for a federal employee credentials to be stolen as a result of a phishing attack, to being listed on a dark web marketplace. In Episode 8 of The GIST of Govt IT, Brian and Sean sit down at Check Point's Engage Summit in DC with Yochai Corem, General Manager of Check Point's Exposure Management division, to unpack what happens when both sides of cyber warfare have agentic AI — and why the next three years will not be kind to defenders. Yochai shares why pen testing once a quarter is no longer relevant, how a single Chinese developer built an entire attack program in a week using an army of agents, and what Iranian threat actors targeting Israeli hospitals look like in real-time during active kinetic conflict. The conversation digs into agentic red teaming vs. automated red teaming (and why the difference matters), why "safe remediation" still keeps a human in the loop, how to use the firewalls, WAFs, and IPS you already own as compensating controls when patching takes weeks, and the under-discussed reality that government leaders must put their hands on the keyboard with AI. Plus: Yochai's family cookbook and other vibe-coding stories.