What’s Making 2026 the Toughest Year Yet for CISOs episode artwork

EPISODE · Jan 28, 2026 · 50 MIN

What’s Making 2026 the Toughest Year Yet for CISOs

from Razorwire Cyber Security & InfoSec Insights

What threats should CISOs prioritise as we move into 2026?Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, we're looking ahead to the challenges facing security leaders in 2026.I'm joined by Richard Cassidy, EMEA CISO at Rubrik, and together, we discuss the three themes dominating CISO conversations: navigating the expanding regulatory landscape, preparing for quantum computing's impact on existing cryptography and understanding how attackers are shifting from loud ransomware to quiet economic warfare through time drag operations.SummaryThis episode examines the strategic and operational challenges CISOs face in 2026. The conversation covers how evolving regulations require fundamental changes to business operations and threat response, why tabletop exercises with executive teams are becoming standard practice for testing organisational maturity and how quantum computing is moving from theoretical concern to practical planning requirement. Richard and Jim discuss the technological shifts happening simultaneously with AI and quantum computing and why security awareness gained during the pandemic is being eroded by the race to implement new technologies without proper security consideration. The episode explores how attackers are evolving beyond traditional ransomware towards time drag operations that threaten business continuity without triggering incident declarations and why the combination of deepfakes and AI-driven social engineering represents a fundamental challenge to shared reality.Three Key Talking Points:The Regulatory Burden and Tabletop TestingLearn about the regulatory challenges CISOs face across DORA, NIS2 and evolving frameworks, plus why organisations are increasingly running tabletop exercises with executive teams. Discover how war gaming activities help boards understand real-world breach scenarios and test organisational maturity beyond traditional red teaming. Find out how recent breaches at companies like Ubisoft, M&amp;S and Jaguar Land Rover are driving leadership to take security seriously.Quantum Computing's Imminent ImpactUnderstand why quantum computing has moved from background concern to top-three CISO priority for 2026 to 2028. Explore the timeline for quantum threats to existing cryptography, what organisations need to do now to prepare for post-quantum cryptography and why there's significant uncertainty around adoption strategies. See how quantum computing combines with AI to create a tectonic shift in security technology that requires planning today.Time Drag Operations and Economic WarfareDiscover the shift from loud ransomware to quiet time drag attacks where threat actors threaten extended operational downtime rather than data theft. Learn why boards will pay millions to restore business continuity without declaring cyber incidents and how attackers are exploiting the economic model where disruption costs more than ransom. Explore how this combines with AI-powered deepfakes and social engineering to create attacks that undermine shared reality itself.On the appearance of security: "The economic model of cybercrime has shifted from traditional theft to time drag. If attackers know they can present you with a problem where you're not going to be able to recover your key systems for an inordinate amount of time, there's a higher likelihood that you are going to pay for a level of data or knowledge that will get you back to operational efficiency rather quick."Richard CassidyListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Evolving Regulatory FrameworksLearn about the challenges posed by DORA, NIS2 and other regulatory requirements, including uncertainty around implementation, costs and the procedural changes they demand from organisations.Executive Tabletop ExercisesDiscover why organisations are moving beyond traditional pen testing to run war gaming scenarios with executive teams, testing how leadership would respond to real-world breach scenarios like those that hit M&amp;S, JLR and MGM.Quantum Computing PreparationUnderstand why quantum computing has become a top-three CISO concern for 2026 to 2028, what organisations need to know about post-quantum cryptography and why planning needs to start now despite uncertainty around timelines.Security Awareness ErosionExplore how the security awareness gained during the pandemic is being pushed aside by the rush to implement AI and other technologies, with businesses prioritising efficiency over security considerations.The RAM Crisis and Supply Chain ImpactFind out about the technological shifts happening with component shortages, RAM price increases and how hardware availability is affecting security planning and organisational technology strategies.AI as a Constant ThemeSee how AI weaves through every major security challenge, from regulatory compliance to quantum preparation, even when it's not explicitly the top concern.The Shift to Time Drag OperationsLearn about the attacker evolution from loud, transactional ransomware to quiet economic warfare where threat actors threaten indefinite operational disruption rather than data theft.Why Boards Pay Without Declaring IncidentsUnderstand the economics of why executive teams will pay millions to restore business continuity quickly rather than endure months of disruption, often without ever declaring a cyber incident publicly.Deepfakes and Loss of Shared RealityDiscover the fundamental challenge posed by AI-driven deepfakes and social engineering that make it increasingly difficult to determine what's real, including examples of CEO-targeted WhatsApp attacks and voice cloning.Educating Users Against Sophisticated Social EngineeringExplore why organisations must improve user education to detect the growing sophistication of AI-powered social engineering, deepfakes and attacks designed to exploit human trust and decision-making.Resources Mentioned RubrikDORANIST FrameworkNIST2Marks and Spencer Cyber AttackJaguar Land Rover Cyber AttackMGM Cyber AttackUbisoft Cyber AttackCorsairNvidiaIBMScattered SpiderShiny Lapis HuntersNCSE USASun Tzu's Art of War<a href="https://vaclavsmil.com/" rel="noopener

NOW PLAYING

What’s Making 2026 the Toughest Year Yet for CISOs

0:00 50:01

No transcript for this episode yet

We transcribe on demand. Request one and we'll notify you when it's ready — usually under 10 minutes.

The Hunt Diaz Task Force A hard-hitting, eye-opening podcast that takes you deep into the relentless fight against human and sex trafficking. Each episode explores the dangerous world of traffickers and predators from every angle—street operations, online investigations, and digital warfare. Hear firsthand from law enforcement, federal agents, and prosecutors as they share real stories of sting operations, investigative tactics, and the challenges of bringing traffickers to justice. Follow live sting operations, online predator investigations, and real-time takedowns of trafficking rings, with insights from cybercrime experts, undercover decoys, and live case discussions. We dive deep into how traffickers operate on the dark web, using cryptocurrency and other digital tools to exploit victims. Learn how law enforcement is using cutting-edge technology to track traffickers and disrupt their operations. The Hunt, pulls back the curtain on the digital and real-world fight against trafficking, exposing the p Explicit The Uncaged Pod Jess MacMillan The Uncaged Pod is the podcast for bold, soul-led women who are ready to break free from the cages of perfectionism, people-pleasing, and limiting beliefs. Hosted by Jess MacMillan, mama, keynote speaker, and women's empowerment advocate, this show delivers raw conversations, powerful insights, and unapologetic truths that will inspire you to reclaim your voice, rewrite your story, and rise with unstoppable confidence.Each week, Jess and her guests dive into topics around leadership, personal growth, entrepreneurship, and motherhood, offering real-life strategies, soulful reflections, and empowering stories to help you lead, live, and love uncaged.Whether you're an entrepreneur, a creative, or a woman who’s remembering who she really is, The Uncaged Pod is your invitation to step into your power and live life on your own terms. Explicit Crime and Conscience Ashley Painter Discover the world of true crime with Ashley on Crime and Conscience. Explore psychological insights and stories that challenge our perceptions of guilt and innocence. Uncover the complexities of crime, trauma, and the human experience in each episode. Explicit Technado (Archived) ACI Learning The Technado crew covers a whirlwind of tech topics each week from interviews with industry experts and up-and-coming companies to commentary on topics like security, vendor certifications, networking, and just about anything IT related. Explicit

Frequently Asked Questions

How long is this episode of Razorwire Cyber Security & InfoSec Insights?

This episode is 50 minutes long.

When was this Razorwire Cyber Security & InfoSec Insights episode published?

This episode was published on January 28, 2026.

What is this episode about?

What threats should CISOs prioritise as we move into 2026?Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode,...

Can I download this Razorwire Cyber Security & InfoSec Insights episode?

Yes, you can download this episode by clicking the download button on the episode player, or subscribe to the podcast in your preferred podcast app for automatic downloads.
URL copied to clipboard!