CISO Insights: Voices in Cybersecurity

This podcast explores the profound psychological, economic, and social shifts triggered by the rapid advancement of artificial intelligence, including the impending "work quake" that will radically restructure the labor market. Drawing on insights from hundreds of global experts, the discussion dives into emerging survival frameworks like the "Me:chine" identity and the critical need to develop "existential literacy" as a psychological immune system against algorithmic manipulation. Ultimately, listeners will discover actionable strategies for protecting human agency, nurturing genuine face-to-face connections, and restructuring our institutions to ensure humanity thrives alongside intelligent machines.   Sponsors: www.cisomarketplace.com www.myprivacy.blog  

Operational Technology (OT) interacts directly with the physical world, meaning that cyber attacks can have immediate, devastating real-world safety and environmental consequence. Standard IT security models fall short in OT environments due to decades-old legacy systems, insecure protocols, and strict requirements for continuous availability. This episode explores how organizations can practically adapt modern Zero Trust principles to OT, covering critical strategies like network microsegmentation, compensating controls, and secure remote access without disrupting mission-critical operations. https://zerotrustciso.com   Sponsor www.cisomarketplace.com www.cisomarketplace.services  

As agentic AI systems increasingly automate complex tasks and operate with unprecedented autonomy, they introduce new and unpredictable cyber security risks. This podcast explores the unique vulnerabilities of these interconnected systems, ranging from privilege scope creep and deceptive behaviors to structural and accountability challenges. Tune in to discover actionable best practices for designing, developing, deploying, and operating secure AI agents to protect your organization's critical infrastructure.   Sponsor www.cisomarketplace.com www.airiskassess.com 

In the era of the autonomous enterprise, digital systems are evolving faster than traditional governance can keep up, exposing dangerous hidden vulnerabilities across the modern business. This podcast dives into the 2026 Cloudflare Security Signals Report to unpack the six critical fault lines threatening organizations, from shadow supply chains and legacy technical debt to ungoverned AI agents. Join us as we discuss how enterprise leaders can move beyond a reactive "absorb and recover" mindset to deliberately engineer systems that sense, adapt, and self-correct under machine-speed stress The 2026 Cloudflare Security Signals Report -> https://www.cloudflare.com/lp/security-signals-report/2026/   Sponsors: www.cisomarketplace.com www.breached.company    Grab your seat -> https://ciso.poker/apply

Join us for the first public announcement of CISO.POKER's inaugural tournament at Hacker Summer Camp 2026, an exclusive, zero buy-in Texas Hold'em event designed for 80 senior security executives on the Las Vegas Strip. This episode unpacks how we are replacing the traditional "pay-to-play" vendor pitch with genuine networking, offering an Enterprise security prize pack, Knockout Bounties, and capturing real-time industry intelligence through our anonymous FeltIQ platform. We also dive into our built-in Coalition Giving model, demonstrating how three hours at the poker table can seamlessly fund critical cybersecurity nonprofits while you build authentic industry relationships. https://ciso.poker/sponsor https://ciso.poker/give   Visit the event:  https://ciso.poker/apply    Sponsor: https://cyberadx.network  

In 2026, the global digital landscape is undergoing a massive transformation as rapid technological advancement collides with complex new regulatory frameworks. This episode explores how African nations are pioneering digital public ecosystems for economic integration, while the United States navigates a strict new patchwork of state privacy laws designed to protect minors and consumer data. Join us as we dissect the delicate balance between embracing innovations like AI-powered smart cities and securing fundamental digital rights in an increasingly connected world. https://digitaltwin.compliancehub.wiki https://childrenprivacylaws.com https://biometric.myprivacy.blog https://privacyrights.compliancehub.wiki   Sponsors: www.myprivacy.blog www.scamwatchhq.com 

From the expansion of U.S. state privacy laws and the HIPAA Security Rule overhaul to the enforcement of the EU AI Act, DORA, and India's DPDP Act, 2026 marks a definitive turning point for global regulatory compliance. We explore how these emerging frameworks demand that businesses move beyond static paperwork to demonstrate true operational resilience, continuous monitoring, and boardroom accountability. Tune in to discover the proactive steps your organization must take to avoid massive financial penalties and build a cohesive, evidence-based compliance architecture before it is too late.   Sponsor: www.compliancehub.wiki www.cisomarketplace.com

In April 2026, the cybersecurity landscape experienced a seismic shift as geopolitical tensions and industrialized fraud collided to create unprecedented enterprise risks. This episode dives into the most critical incidents of the month, including TeamPCP's cascading supply chain compromises, Iran-backed wiper attacks on corporate infrastructure, and the exploitation of third-party platforms by groups like ShinyHunters. Join us as we unpack how these sophisticated threats are redefining the "new normal" for defenders and explore the massive global law enforcement operations fighting back.   Sponsors: www.cisomarketplace.com www.breached.company 

Anthropic recently unveiled Claude Mythos, an unreleased frontier AI model with unprecedented cybersecurity capabilities that led the company to restrict its access exclusively to defensive partners via Project Glasswing. This revelation coincided with a chaotic week of accidental source code leaks and an unprecedented legal battle against the Pentagon, which blacklisted Anthropic as a "supply chain risk" over the company's refusal to drop safety guardrails. Together, these dramatic events have fueled a massive hype narrative ahead of Anthropic's planned October 2026 IPO, where the company is targeting a valuation of up to $500 billion. https://podcast.cisomarketplace.com/e/the-mythos-dilemma-ai-zero-days-and-project-glasswing https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026   Sponsors: www.breached.company www.compliancehub.wiki 

In March 2026, a 40-minute supply chain attack on the open-source library LiteLLM allowed hackers to steal four terabytes of highly sensitive data from Mercor, a $10 billion AI training startup. The breach exposed a fragile trust infrastructure across the tech industry, revealing that LiteLLM's security certifications were fabricated by Delve Technologies, a compliance vendor that systematically rubber-stamped fake audits. As major AI labs like Meta indefinitely pause their contracts, Mercor now faces a wave of class-action lawsuits alleging that its mandatory, invasive contractor surveillance practices funneled unauthorized third-party trade secrets and personal data straight to cybercriminals. https://compliancehub.wiki/mercor-litellm-delve-class-action-supply-chain-compliance-fraud/ https://compliancehub.wiki/five-lawsuits-mercor-data-breach-litigation-breakdown/   Sponsors www.breached.company www.compliancehub.wiki 

Anthropic's latest frontier model, Claude Mythos Preview, has demonstrated an unprecedented ability to autonomously discover and exploit zero-day vulnerabilities in critical software. Recognizing the extreme dual-use risks of these capabilities falling into the wrong hands, Anthropic has made the unprecedented decision to withhold the model from general public release. Instead, the model is being deployed through Project Glasswing, a collaborative initiative with major tech industry partners aimed at using this powerful AI exclusively to secure the world's digital infrastructure. https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026 https://www.anthropic.com/glasswing   Sponsors: www.cisomarketplace.com  

Dive into the nuances of California's new CCPA cybersecurity audit requirements and discover how they redefine the standard for "reasonable security". We explore how businesses can strategically leverage existing NIST, ISO, or CIS assessments as a foundation, while identifying the critical scope mismatches they must "top off" to ensure compliance. Tune in for a practical, four-step roadmap to navigate CalPrivacy's 18 evaluation components and prepare your organization's data protection strategy for the next wave of regulatory scrutiny.   Sponsors: www.compliancehub.wiki www.cisomarketplace.com 

Dive into the rapidly evolving cyber threat landscape of Latin America and the Caribbean, where financially motivated threat actors are increasingly exploiting rapid digital adoption to target the region's largest economies. We explore how cybercriminals and hacktivist collectives like FiveFamilies are utilizing encrypted platforms like Telegram and WhatsApp to distribute banking trojans, deploy double-extortion ransomware against critical industries, and launch highly convincing AI-driven social engineering attacks. Join us as we unpack the tactics of these digital adversaries and discuss the urgent need for modernized infrastructure and public-private collaboration to secure the LAC region's digital future.   Sponsors: www.myprivacy.blog www.breached.company  

Explore the evolving landscape of youth digital protection across the European Union, where groundbreaking laws like the GDPR and the Digital Services Act (DSA) are being deployed to shield minors from data exploitation and harmful content. As emerging innovations like immersive virtual environments, neuromarketing, and AI-generated deepfakes introduce unprecedented risks to children's mental privacy and cognitive development, the battle for digital safety is becoming increasingly complex. Join us as we examine how local and regional authorities are stepping up to bridge the gap between high-level regulations and frontline realities, transforming overarching policies into tangible, community-based safeguards for families and schools.   Sponsors: www.myprivacy.blog www.compliancehub.wiki  

This podcast dives into the current wave of Child Online Safety Legislation (COSL), such as the Kids Online Safety Act (KOSA), to unpack the political and societal forces driving these bipartisan bills. We critically examine the prevailing narrative that social media is the primary cause of the youth mental health crisis, exploring how "moral panics" over technology often ignore complex social realities. Furthermore, we discuss the potential unintended consequences of these legislative efforts, including severe threats to data privacy, free expression, and the well-being of marginalized youth through mandated age verification and expanded parental surveillance.   Sponsors: www.myprivacy.blog www.cisomarketplace.com  

This episode dives into the massive compliance fraud orchestrated by Delve, a Y Combinator-backed startup that generated hundreds of identical, fabricated SOC 2 reports using rubber-stamping certification mills. We explore how this "compliance theater" collided with a real-world supply chain attack when LiteLLM, a company boasting Delve-generated certifications, was breached through a compromised vulnerability scanner called Trivy. Ultimately, we unpack the devastating consequences of prioritizing automated compliance badges over actual security controls, and what this structural failure means for enterprise vendor risk management in 2026. https://compliancehub.wiki/litellm-delve-soc2-trust-chain-compliance-failure-2026 https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026 https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal https://cisomarketplace.com/blog/auditor-vs-assessor-compliance-trust-2026 Sponsors www.compliancehub.wiki www.cisomarketplace.com www.breached.company

Il ruolo del Chief Information Security Officer si è radicalmente trasformato da una funzione puramente informatica a una posizione strategica a livello esecutivo, focalizzata sul rischio digitale dell'intera azienda. Spinti dalla rapida adozione dell'intelligenza artificiale agentica, dall'espansione delle identità non umane e dalle nuove e severe normative globali come la Direttiva NIS2 dell'UE, i CISO sono ora essenziali per garantire la resilienza operativa e proteggere la continuità aziendale. Questo podcast esplora come i moderni leader della sicurezza stiano colmando il divario tra la tecnologia e il consiglio di amministrazione per combattere le minacce alla velocità delle macchine e navigare in un panorama normativo sempre più complesso. English: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsors: www.cisomarketplace.com www.breached.company  

The cyber threat landscape is experiencing a massive paradigm shift, as adversaries move away from isolated network breaches to industrialize the compromise of global digital supply chains. This episode breaks down the unprecedented March 2026 TeamPCP campaign, exploring how attackers weaponized the trusted Trivy vulnerability scanner, compromised the widely used LiteLLM AI package, and unleashed the self-propagating Shai-Hulud worm across the npm ecosystem. We also examine how the growing use of artificial intelligence by threat actors, the exploitation of unmonitored edge devices, and the rise of destructive wiper attacks against critical infrastructure are forcing organizations to adopt zero-trust models and continuous resilience strategies. https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026 https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal   Sponsors: www.cisomarketplace.com www.breached.company 

Rola dyrektora ds. bezpieczeństwa informacji (CISO) uległa fundamentalnej transformacji z funkcji operacyjnej IT w strategiczne stanowisko na szczeblu kierowniczym, koncentrujące się na ryzyku cyfrowym w całej organizacji. W związku z szybką adopcją agentycznej sztucznej inteligencji, rosnącą liczbą tożsamości nieludzkich oraz surowymi nowymi globalnymi regulacjami, takimi jak unijna dyrektywa NIS2, dyrektorzy CISO są teraz kluczowi dla zapewnienia odporności operacyjnej i ochrony ciągłości biznesowej. Ten podcast analizuje, w jaki sposób współcześni liderzy ds. bezpieczeństwa zasypują przepaść między technologią a zarządem, aby zwalczać zagrożenia działające z prędkością maszyn i poruszać się w coraz bardziej złożonym krajobrazie regulacyjnym.   English Version: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsors: www.cisomarketplace.com www.breached.company  

O papel do Chief Information Security Officer (CISO) passou por uma transformação fundamental, deixando de ser uma função técnica de TI para se tornar um cargo estratégico de nível executivo focado no risco digital de toda a empresa. Impulsionados pela rápida adoção da inteligência artificial agêntica, pela expansão das identidades não humanas e por novas regulamentações globais rigorosas, como a Diretiva NIS2 da UE, os CISOs agora são essenciais para garantir a resiliência operacional e proteger a continuidade dos negócios. Este podcast explora como os líderes de segurança modernos estão diminuindo a distância entre a tecnologia e a diretoria para combater ameaças em velocidade de máquina e navegar em um cenário regulatório cada vez mais complexo.   English: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsor: www.cisomarketplace.com www.breached.company  

Explore the evolving world of cyber threats in this deep dive into the 2025 malicious infrastructure landscape, where tools like Cobalt Strike and AsyncRAT continued to dominate global attacks. We unpack how cybercriminals and state-sponsored actors rapidly adapted to law enforcement disruptions, highlighting the critical role of Threat Activity Enablers (TAEs) in providing bulletproof hosting and resilient routing networks. Tune in to understand the complex, multi-tiered ecosystems driving today's most prevalent malware families and what defenders can do to stay ahead of these persistent threats. https://www.recordedfuture.com/research/2025-year-in-review-malicious-infrastructure   Sponsors: www.breached.company www.myprivacy.blog 

This episode delves into the complex web of China's influence operations within the Nordic-Baltic information environment, focusing specifically on the contrasting diplomatic landscapes of Denmark and Lithuania. We explore how Beijing utilizes eight distinct avenues of influence—ranging from United Front networks and economic coercion to clandestine espionage—to shape local narratives and pressure political decision-maker. Join us as we uncover how Lithuania took a bold stance with a "values-based" foreign policy, while Denmark grapples with the subtle, backstage coercion of China's "Shadow Wolf Warrior" diplomacy   Sponsors: www.breached.company www.cisomarketplace.com www.myprivacy.blog 

Le rôle du responsable de la sécurité des systèmes d'information (CISO) a fondamentalement évolué, passant d'une fonction informatique à un rôle stratégique de direction axé sur le risque numérique à l'échelle de l'entreprise. Poussés par l'adoption rapide de l'IA agéntique, l'expansion des identités non humaines et de nouvelles réglementations mondiales strictes comme la directive NIS2 de l'UE, les CISO sont désormais essentiels pour garantir la résilience opérationnelle et protéger la continuité des activités. Ce podcast explore comment les leaders modernes de la sécurité comblent le fossé entre la technologie et le conseil d'administration pour combattre les menaces à la vitesse des machines et naviguer dans un paysage réglementaire de plus en plus complexe. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

As foreign information manipulation and interference (FIMI) reach unprecedented levels of global complexity, state actors like Russia and China are increasingly weaponizing artificial intelligence to mass-produce deceptive content. In response, the European External Action Service has launched the FIMI Deterrence Playbook, a proactive strategy designed to systematically dismantle the underlying infrastructures, proxies, and financial networks that sustain these hostile operations. Join us as we explore the digital "House of Cards" behind global disinformation campaigns and discuss how democracies are leveraging sanctions, law enforcement, and digital regulation to raise the costs for perpetrators and protect the information space.   Sponsors: www.cisomarketplace.com www.myprivacy.blog www.breached.company www.compliancehub.wiki 

Die Rolle des Chief Information Security Officers hat sich grundlegend von einer funktionalen IT-Position zu einer strategischen Führungsposition gewandelt, die sich auf das unternehmensweite digitale Risiko konzentriert. Angetrieben durch die schnelle Einführung von agentischer KI, die Zunahme nicht-menschlicher Identitäten und strenge neue globale Vorschriften wie die NIS2-Richtlinie der EU, sind CISOs heute unerlässlich, um die betriebliche Resilienz zu gewährleisten und die Geschäftskontinuität zu schützen. Dieser Podcast untersucht, wie moderne Sicherheitsführungskräfte die Lücke zwischen Technologie und Vorstandsetage schließen, um Bedrohungen in Maschinengeschwindigkeit zu bekämpfen und durch eine immer komplexer werdende Regulierungslandschaft zu navigieren. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

Dive deep into the U.S. Intelligence Community's 2026 Annual Threat Assessment to uncover the most pressing security challenges facing the world today. This episode explores the shifting dynamics of global power, highlighting how major power competition and emerging technologies like artificial intelligence and quantum computing are redefining international security. Join us as we break down what these evolving threats—from transnational crime and terrorism to regional wars—mean for the U.S. Homeland and future global stability. https://www.dni.gov/index.php/newsroom/press-releases/press-releases-2026/4142-pr-03-26   Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

El papel del Director de Seguridad de la Información (CISO) se ha transformado fundamentalmente de una posición funcional de TI a un rol estratégico de nivel ejecutivo centrado en el riesgo digital a nivel empresarial. Impulsados por la rápida adopción de la inteligencia artificial agéntica, la expansión de las identidades no humanas y las nuevas y estrictas regulaciones globales como la Directiva NIS2 de la UE, los CISO son ahora esenciales para garantizar la resiliencia operativa y proteger la continuidad del negocio. Este podcast explora cómo los líderes de seguridad modernos están cerrando la brecha entre la tecnología y la sala de juntas para combatir las amenazas a la velocidad de las máquinas y navegar por un panorama regulatorio cada vez más complejo. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services 

The role of the Chief Information Security Officer has fundamentally transformed from a functional IT position into a strategic, executive-level role focused on enterprise-wide digital risk. Driven by the rapid adoption of agentic AI, expanding non-human identities, and strict new global regulations like the EU's NIS2 Directive, CISOs are now essential for ensuring operational resilience and protecting business continuity. This podcast explores how modern security leaders are bridging the gap between technology and the boardroom to combat machine-speed threats and navigate an increasingly complex regulatory landscape.   Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

This episode examines the Hellscape concept, an evolving asymmetric strategy designed to repel a potential Chinese invasion by flooding the Taiwan Strait with thousands of low-cost uncrewed systems. We analyze the four-layered defensive gauntlet—ranging from over-the-horizon undersea drones to short-range beach-defense quadcopters—intended to deny the People’s Liberation Army both air and sea superiority. Finally, the program explores the implementation hurdles Taiwan faces, such as shifting budget priorities away from expensive conventional platforms and building a self-sufficient domestic drone industry.   Sponsors www.myprivacy.blog www.breached.company  

This episode explores Ukraine’s transformation from a reactive cyber posture to a proactive, multi-layered defense system that culminated in the 2025 creation of a dedicated Cyber Forces Command. We examine the pioneering "patriotic hacktivist" model, where groups like the IT Army and BO Team collaborate with state intelligence to expand the reach and impact of offensive operations. Finally, the discussion covers the vital contributions of private tech giants and international coalitions through the Tallinn Mechanism, alongside the emerging challenges of sustaining this global support as the conflict enters its second decade.   Sponsors:  www.breached.company www.myprivacy.blog  

As drones become increasingly common, the need to protect critical infrastructure, airports, and public events from unauthorized unmanned aerial vehicles has never been greater. This episode dives into the layered Counter-Unmanned Aircraft Systems (C-UAS) that utilize radio frequency, radar, and advanced algorithms to detect, track, and locate both drones and their operators. We also explore the crucial legal and privacy safeguards built into these technologies, explaining how they protect the public by strictly analyzing physical signal characteristics rather than illegally intercepting private communication content. https://secureiot.house/dhs-elevated-threat-home-security-preparedness https://secureiotoffice.world/power-grid-attacks-smart-city-blackouts-iran-iraq https://secureiot.house/iran-drone-threat-california-sleeper-cells-dhs-warning-march-2026   Sponsors: www.myprivacy.blog www.breached.company www.secureiot.house  

Traditional robot security, which long relied on the assumption that attackers needed specialized robotic expertise, is being rendered obsolete by the democratization of AI-powered offensive tools. Using the open-source CAI framework, researchers autonomously identified 38 critical vulnerabilities—including safety-critical motor controls—across diverse consumer robots in just a fraction of the time required by human experts. This technological shift necessitates an urgent transition from static, rule-based defenses toward GenAI-native defensive agents capable of real-time patching and coordinated threat detection to counter these rapid, automated attacks.   Sponsors: www.myprivacy.blog www.breached.company 

Threat actors are increasingly abandoning traditional malware in favor of exploiting valid credentials and native cloud services to move laterally and execute destructive attacks. This episode explores the latest cloud security trends, including the rise of cloud-native ransomware, the abuse of AI and LLM supply chains, and how attackers leverage third-party integrations to breach multiple tenants. Join us as we unpack the strategies defenders must adopt, such as strict identity and access management (IAM) hardening and behavioral monitoring, to secure modern hybrid cloud environments.   Sponsors: www.cisomarketplace.com www.securitycareers.help  

This episode delves into the high-stakes legal battles between authors and tech giants over training generative AI models, like Meta's Llama and Anthropic's Claude, on millions of copyrighted books. We explore recent federal court rulings to understand how the traditional "fair use" defense is being tested by accusations of unauthorized torrenting and the threat of "market dilution". Tune in to discover whether the courts will protect human creators and their markets, or prioritize technological innovation in the rapidly expanding era of generative AI. https://myprivacy.blog/meta-bittorrent-piracy-fair-use-ai-training   Sponsors: www.cisomarketplace.com www.myprivacy.blog 

When AI startup Anthropic refused to let the Pentagon use its Claude model for fully autonomous weapons and mass domestic surveillance, the Department of Defense retaliated by designating the American company an unprecedented "supply chain risk". This standoff highlights a growing crisis as consumer AI systems are rapidly integrated into kinetic military operations and lethal kill chains, accelerating targeting in conflicts like the US-Israeli war on Iran. As the government wields economic warfare and Cold War-era statutes to dismantle corporate ethical guardrails, the tech industry faces a defining battle over who ultimately controls the moral architecture of the world's most powerful technologies. https://cisomarketplace.com/blog/operational-technology-critical-infrastructure-security-2026-strategic-briefing https://breached.company/banned-at-dawn-deployed-by-dusk-the-u-s-used-anthropics-claude-in-the-iran-strikes-hours-after-trump-banned-it   Sponsors: www.breached.company www.cisomarketplace.com  

In this episode, we dive into the escalating military and cyber conflict between the United States and Iran, highlighted by the devastating U.S. strikes of Operation Epic Fury. We unpack the administration's aggressive new 2026 "Cyber Strategy for America" and recent Executive Orders, which signal a doctrinal shift toward offensive operations, deregulation, and the dismantling of transnational cybercrime networks. Join us as we explore the geopolitical and legal fallout of "unleashing" private tech companies to actively defend against adversaries, and how artificial intelligence is rapidly shaping the future of global security. https://securitycareers.help/president-trumps-cyber-strategy-for-america-2026-six-pillars-reshaping-national-cybersecurity https://compliancehub.wiki/trump-cyber-strategy-2026-compliance-implications https://scamwatchhq.com/white-house-executive-order-cybercrime-scams-2026 Sponsors: www.cisomarketplace.com www.breached.company 

As nation-state actors and hacktivist proxies increasingly target operational technology (OT) across the energy and water sectors, the 2026 cybersecurity landscape has reached a critical inflection point. In response to this escalating risk, sweeping new regulatory mandates—such as the NERC CIP Roadmap, permanent TSA pipeline directives, and CIRCIA—are forcing organizations to shift away from traditional perimeter defenses and adopt maturity-based risk management. This episode explores the active threat groups currently pre-positioning within critical networks, breaks down impending compliance deadlines, and outlines how organizations can strategically prioritize their budgets to build true operational resilience. https://secureiotoffice.world/water-infrastructure-cyberattacks-desalination-iran-war https://secureiotoffice.world/power-grid-attacks-smart-city-blackouts-iran-iraq https://cisomarketplace.com/blog/operational-technology-critical-infrastructure-security-2026-strategic-briefing Sponsors: www.cisomarketplace.com www.cisomarketplace.services www.breached.company  

In 2025 and 2026, the illusion of an invincible cloud was shattered by a convergence of unprecedented threats, ranging from Iranian drone strikes physically destroying AWS and Azure data centers in the Gulf to an Amazon AI coding agent autonomously wiping out a production environment. These kinetic and AI-driven disasters, alongside massive configuration failures at Microsoft and Cloudflare, exposed the terrifying reality that our entire digital economy relies on a few hyper-scale providers acting as unacknowledged critical infrastructure. Join us as we unpack why traditional disaster recovery models are officially obsolete and discuss the immediate steps security leaders must take to ensure survival in an era where cloud platforms are active battlegrounds. https://cisomarketplace.com/blog/when-the-cloud-burns-disaster-recovery-backup-and-cloud-redundancy-in-2026 https://cisomarketplace.com/blog/when-the-cloud-burns-part-ii-iran-targets-microsoft-azure-gulf   Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

Law enforcement agencies are increasingly striking back against ransomware syndicates, but highly visible operations do not always translate into long-term success. In this episode, we explore a newly developed framework that systematically evaluates counter-ransomware interventions across four key dimensions: severity, scope, longevity and reversibility, and signalling value. By examining high-profile case studies like the disruptions of LockBit and Hive, we uncover the complex trade-offs involved in tackling cybercrime and discuss how policymakers can design strategies that move past temporary setbacks to inflict lasting damage on the ransomware ecosystem. https://breached.company/operation-leak-fbi-and-global-partners-dismantle-leakbase-one-of-the-worlds-largest-cybercriminal-data-forums   Sponsors: www.breached.company www.cisomarketplace.com

In early 2026, Operation Epic Fury shattered the traditional boundaries of conflict by seamlessly synchronizing devastating kinetic airstrikes with an unprecedented four-pronged cyber assault that plunged Iran into a near-total digital blackout. Behind the scenes, military commanders controversially relied on Anthropic's Claude AI for rapid intelligence assessments and target identification, fundamentally altering the speed and cognitive load of modern battle. However, this historic fusion of digital and physical warfare also exposed critical new global vulnerabilities, ranging from the physical destruction of vital cloud data centers to a relentless wave of hacktivist retaliation utilizing commercial satellite networks to bypass the blackout https://breached.company/operation-roaring-lion-the-cyberattack-that-rewrote-the-rules-of-modern-warfare https://breached.company/when-the-cloud-burns-the-aws-uae-data-center-disaster-and-the-dr-bcp-lessons-everyone-keeps-ignoring https://breached.company/the-cyber-war-in-the-shadows-how-the-2026-iran-israel-u-s-conflict-is-reshaping-the-middle-easts-digital-battlefield https://breached.company/banned-at-dawn-deployed-by-dusk-the-u-s-used-anthropics-claude-in-the-iran-strikes-hours-after-trump-banned-it/ Sponsor: www.cisomarketplace.com www.breached.company  

This episode dives into the UK government's 2026 consultation on how to better protect children and enrich their experiences in a fast-paced digital world. We explore major proposed interventions, including potential bans on social media for under-16s, mandatory daily screentime limits, and new rules restricting addictive design features like infinite scrolling and autoplay. Join us as we unpack the crucial balance between safeguarding kids from emerging online harms—such as emotionally manipulative AI chatbots—while ensuring they build the essential digital skills needed for the future.   Sponsors: www.myprivacy.blog www.scamwatchhq.com  

Dive into the dark reality of "The Com" and the notorious "764" network, sophisticated online ecosystems where digital predators use popular games and social media platforms to groom, extort, and radicalize vulnerable youth. We explore Europol's global initiative, Project Compass, alongside unprecedented international law enforcement efforts aimed at dismantling these decentralized and violent groups. Finally, we equip parents with crucial "operational security" strategies and behavioral red flags to help protect their families' digital privacy and recognize the early warning signs of online exploitation. https://myprivacy.blog/the-7m-tiktok-cult-fbi-raids-escalate-investigation-into-alleged-sex-trafficking-and-financial-exploitation https://myprivacy.blog/the-764-network-how-predators-exploit-children-through-gaming-and-social-media https://myprivacy.blog/protecting-your-familys-digital-privacy-from-the-com-what-parents-need-to-know Sponsor: www.myprivacy.blog 

In this episode, we explore how the global fraud ecosystem has industrialized, equipping cybercriminals with highly scalable tools like Malware-as-a-Service e-skimmer kits and AI-powered purchase scams. We dive into the most pressing emerging threats, including the opaque risks of AI-driven agentic commerce and the rising popularity of one-time password (OTP) interception to enable digital wallet fraud. Finally, we discuss how financial institutions and merchants can fight back by abandoning reactive models in favor of proactive, cross-functional cyber-fraud fusion centers.   Sponsors: www.scamwatchhq.com 

In 2026, organizations are navigating an expanding risk zone where autonomous AI cyberattacks, climate-driven physical disasters, and strict regulatory demands collide. This podcast dives into the core pillars of modern operational resilience, exploring everything from AI-generated incident response playbooks to the evolution of evidence-based attestation standards like SSAE 18 and SOC 2. Join us as we unpack the strategies leaders are using to fight machine-speed threats, implement bulletproof disaster recovery, and guarantee organizational survival in an unpredictable world. www.securitycareers.help/strategic-briefing-the-evolution-of-cybersecurity-compliance-and-ai-integration-2025-2026 https://ssaephysicalsecurity.com   Sponsors: www.cisomarketplace.com www.breached.company 

In 2026, the cyber insurance landscape has dramatically shifted as AI-driven threats, sophisticated ransomware, and supply chain vulnerabilities force insurers to rewrite the rules of coverage. This episode dives deep into the tightening underwriting requirements—from mandatory phishing-resistant MFA to strict AI and nation-state exclusions—that companies must navigate to stay insured. Join us as we explore how businesses can move beyond basic compliance and build the verifiable digital resilience needed to survive in an era of complex regulatory crackdowns and expanding liabilities. www.securitycareers.help/strategic-risk-and-insurance-landscape-2026-global-briefing   Sponsors: www.cisomarketplace.com www.breached.company  

The cybersecurity market is currently flooded with "AI-washed" products, making it critical for CISOs to rigorously vet vendor claims to avoid wasting budgets and creating new vulnerabilities. This episode breaks down a practical evaluation framework, exploring the essential technical, security, and business questions you must ask to avoid compliance nightmares and secure genuine operational efficiency. Tune in to learn how to identify immediate vendor red flags, demand proof over promises, and successfully transition your SOC team through AI augmentation without sacrificing morale. www.securitycareers.help/ciso-strategic-briefing-vetting-ai-security-vendors-and-navigating-the-ai-soc-landscape-2025-2026 https://cisomarketplace.com/blog/cisos-guide-ai-security-vendor-evaluation https://cisomarketplace.com/blog/building-security-vendor-evaluation-framework-ciso-guide   Sponsors: www.cisomarketplace.com www.cisomarketplace.services  

The South Carolina Critical Infrastructure Cybersecurity (SC CIC) program actively defends the state's essential services from escalating digital threats like account compromise and double extortion ransomware. In 2025, the program expanded its reach to 326 participating organizations across 15 critical infrastructure sectors, offering free, proactive resources such as threat intelligence, vulnerability scanning, and readiness exercises. Join us as we explore how SC CIC equips local governments and vital facilities with the tools, grants, and training needed to stop cyberattacks before they disrupt critical daily operations. www.breached.company/south-carolina-critical-infrastructure-cybersecurity-2025-year-in-review   Sponsors: www.cisomarketplace.com   Packt Publishing AI Defense in Action – Feb 21 (TODAY) 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40  

AI failures will not be treated like traditional cyber incidents. When automated systems produce biased decisions, leak sensitive data, or cause regulatory violations, accountability will land at the executive and board level. In this episode, we examine how AI risk is reshaping CISO expectations and what security leaders must prepare for before the first major AI governance crisis hits. www.compliancehub.wiki/ai-governance-and-regulatory-convergence-what-cisos-must-prepare-for-now https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind   Sponsors: www.cisomarketplace.com Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40    

AI adoption is accelerating inside organizations, but governance maturity is not keeping pace. In this episode, we break down the emerging AI security gap — from adversarial model risks to executive accountability failures — and why this shift will redefine the CISO role. If you're building toward senior security leadership, understanding AI governance is no longer optional — it's strategic leverage. https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos   Sponsors: www.cisomarketplace.com   Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40  

This episode explores how the Russian military has pivoted from failed, centralized command architectures to a fragmented but effective ecosystem of volunteer-built tactical software like the "Glaz/Groza" complex. We discuss the critical role of civilian engineers in adapting commercial technology and open-weight AI models to accelerate drone-to-artillery kill chains. Finally, we examine the security risks of using open-source tech and how Russia is mitigating them through domestic platforms like Astra Linux and systematic data collection. www.securitycareers.help/russian-command-and-control-transitioning-toward-ai-enabled-warfare   Sponsors: www.cisomarketplace.com www.myprivacy.blog