CISO Insights: Voices in Cybersecurity

In 2026, the cyber insurance landscape has dramatically shifted as AI-driven threats, sophisticated ransomware, and supply chain vulnerabilities force insurers to rewrite the rules of coverage. This episode dives deep into the tightening underwriting requirements—from mandatory phishing-resistant MFA to strict AI and nation-state exclusions—that companies must navigate to stay insured. Join us as we explore how businesses can move beyond basic compliance and build the verifiable digital resilience needed to survive in an era of complex regulatory crackdowns and expanding liabilities. www.securitycareers.help/strategic-risk-and-insurance-landscape-2026-global-briefing Sponsors: www.cisomarketplace.com www.breached.company

The cybersecurity market is currently flooded with "AI-washed" products, making it critical for CISOs to rigorously vet vendor claims to avoid wasting budgets and creating new vulnerabilities. This episode breaks down a practical evaluation framework, exploring the essential technical, security, and business questions you must ask to avoid compliance nightmares and secure genuine operational efficiency. Tune in to learn how to identify immediate vendor red flags, demand proof over promises, and successfully transition your SOC team through AI augmentation without sacrificing morale. www.securitycareers.help/ciso-strategic-briefing-vetting-ai-security-vendors-and-navigating-the-ai-soc-landscape-2025-2026 https://cisomarketplace.com/blog/cisos-guide-ai-security-vendor-evaluation https://cisomarketplace.com/blog/building-security-vendor-evaluation-framework-ciso-guide Sponsors: www.cisomarketplace.com www.cisomarketplace.services

The South Carolina Critical Infrastructure Cybersecurity (SC CIC) program actively defends the state's essential services from escalating digital threats like account compromise and double extortion ransomware. In 2025, the program expanded its reach to 326 participating organizations across 15 critical infrastructure sectors, offering free, proactive resources such as threat intelligence, vulnerability scanning, and readiness exercises. Join us as we explore how SC CIC equips local governments and vital facilities with the tools, grants, and training needed to stop cyberattacks before they disrupt critical daily operations. www.breached.company/south-carolina-critical-infrastructure-cybersecurity-2025-year-in-review Sponsors: www.cisomarketplace.com Packt Publishing AI Defense in Action – Feb 21 (TODAY) 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40

AI failures will not be treated like traditional cyber incidents. When automated systems produce biased decisions, leak sensitive data, or cause regulatory violations, accountability will land at the executive and board level. In this episode, we examine how AI risk is reshaping CISO expectations and what security leaders must prepare for before the first major AI governance crisis hits. www.compliancehub.wiki/ai-governance-and-regulatory-convergence-what-cisos-must-prepare-for-now https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind Sponsors: www.cisomarketplace.com Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40

AI adoption is accelerating inside organizations, but governance maturity is not keeping pace. In this episode, we break down the emerging AI security gap — from adversarial model risks to executive accountability failures — and why this shift will redefine the CISO role. If you're building toward senior security leadership, understanding AI governance is no longer optional — it's strategic leverage. https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos Sponsors: www.cisomarketplace.com Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40

This episode explores how the Russian military has pivoted from failed, centralized command architectures to a fragmented but effective ecosystem of volunteer-built tactical software like the "Glaz/Groza" complex. We discuss the critical role of civilian engineers in adapting commercial technology and open-weight AI models to accelerate drone-to-artillery kill chains. Finally, we examine the security risks of using open-source tech and how Russia is mitigating them through domestic platforms like Astra Linux and systematic data collection. www.securitycareers.help/russian-command-and-control-transitioning-toward-ai-enabled-warfare Sponsors: www.cisomarketplace.com www.myprivacy.blog

This episode breaks down the ND-ISAC’s essential guide designed to help small and medium-sized businesses avoid the "race to the bottom" when selecting a Third-Party Assessment Organization (C3PAO). We discuss how to utilize a comprehensive scoring system to evaluate potential assessors on critical criteria like technical aptitude, reasonableness, and the all-important intake process. Listeners will learn why the lowest price often carries the highest risk and how to identify an assessor who truly understands their unique environment. www.securitycareers.help/c3pao-selection-guide-for-small-and-medium-sized-businesses-strategic-briefing Sponsors: https://baseline.compliancehub.wiki https://cmmcnist.tools

Join us as we explore the "Information Influence Attribution Framework," a methodology designed to pierce the veil of anonymous Russian disinformation campaigns in Ukraine and beyond. We break down how analysts combine technical infrastructure data, behavioral patterns like those in the DISARM framework, and contextual clues to distinguish organic viral content from coordinated state attacks. Through real-world case studies—from fake BBC videos to anti-mobilization TikToks—we reveal how digital detectives build high-confidence cases to hold state actors accountable. www.scamwatchhq.com/attributing-russian-information-influence-operations-insights-and-frameworks Sponsors: www.myprivacy.blog www.breached.company

This episode explores how catastrophic ransomware attacks like the Change Healthcare and Ascension incidents have transformed cybercrime from a financial nuisance into a lethal patient safety emergency. We uncover the emerging threats defining 2026, including AI data poisoning, "ghost bug" vulnerabilities in legacy medical devices, and the fragile interdependence of the global diagnostic supply chain. Finally, we break down the federal government’s aggressive new enforcement against information blocking and the "Secure by Design" mandates essential for hospital survival. www.breached.company/healthcare-under-siege-47-ransomware-victims-in-30-days-as-patient-safety-crisis-deepens Sponsors www.cisomarketplace.com www.breached.company

Dive into the 2026 State of Security report to understand how geopolitical fragmentation is blurring the lines between statecraft, crime, and war. We explore the shift toward "access-first" strategies by major powers like China and Russia, who are prioritizing the quiet accumulation of access to critical infrastructure and connectivity systems over immediate destruction. Finally, the episode examines the deepening crisis of synthetic identities and how AI is evolving from a hyped threat into a practical tool for fraud and coercion. www.breached.company/2026-state-of-security-geopolitical-fragmentation-and-the-redefining-of-global-conflict Sponsors: www.cisomarketplace.com www.breached.company

This episode investigates why international data protection enforcement currently lags behind the seamless cooperation seen in competition and consumer law. Listeners will discover how legal barriers and resource constraints hinder Data Protection Authorities from effectively sharing investigative information across borders. We conclude by outlining key recommendations from a recent EDPB report, including the adoption of confidentiality waivers and a secure global platform for cross-border complaints. www.compliancehub.wiki/international-data-protection-enforcement-cooperation-analysis-and-recommendations Sponsors: www.myprivacy.blog www.breached.company www.compliancehub.wiki

Based on a comprehensive study of espionage cases in Europe from 2008 to 2024, this episode reveals how intelligence services are adapting to the digital age by treating spying like a "gig economy" job. We explore the shift from traditional insiders to "disposable" spies recruited via social media apps like Telegram, often for single, low-level tasks such as sabotage or observation. The discussion also covers the ten distinct types of modern spies and the complex mix of money, ideology, and ego that motivates them to betray their countries. www.breached.company/espionage-in-europe-2008-2024-motives-methods-and-typologies Sponsor www.myprivacy.blog www.compliancehub.wiki www.breached.company

This series explores the complex battlefield of modern information influence, examining how malign actors exploit cognitive biases and leverage technologies like AI and video games to manipulate public perception and undermine democratic institutions. We delve into the mechanics of these operations—from the creation of data voids and gendered disinformation to the strategic use of fear—and how they threaten the open society. Finally, we discuss the critical countermeasures of psychological defence, focusing on how nations can build societal resilience and media literacy to safeguard the truth without infringing on free speech. www.myprivacy.blog/psychological-defence-and-the-evolution-of-information-influence Sponsor: www.myprivacy.blog www.cisomarketplace.com

As autonomous AI agents face sophisticated "Soul Engineering" attacks that subvert their core identities, the recent Moltbook security crisis highlights the urgent need for verifiable data lineage. This episode explores how the ancient Islamic concept of isnād—the rigorous chain of transmission—is being reimagined as a technical architecture to establish provenance, verify "narrator" reputation via Ilm al-Rijal, and build digital immune systems for AI. Join us as we connect historical scholarship with 2026 cybersecurity trends to solve the problem of "epistemic opacity" and secure the future of agentic AI www.securitycareers.help/strategic-briefing-the-convergence-of-ai-identity-software-quality-and-digital-tradition https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface Sponsors: www.cisomarketplace.com www.cisomarketplace.services

2025 marked a record-breaking inflection point for cybersecurity, with over $96 billion in M&A activity driven by the urgent need to secure the "Machine Age" of enterprise AI. We explore why tech giants are aggressively acquiring "Security for AI" startups to build mandatory guardrails against prompt injection and data poisoning, while the "AI for SOC" market remains in an experimental phase due to lingering trust barriers. Finally, we discuss how this massive consolidation is fueling a "breakout" IPO pipeline for 2026, as regulatory pressures like the EU AI Act transform compliance tools into essential infrastructure www.compliancehub.wiki/the-96-billion-land-grab-who-actually-benefits-when-cybersecurity-changes-hands https://cisomarketplace.com/blog/cisos-guide-ai-security-vendor-evaluation https://www.securitycareers.help/cybersecurity-consolidation-2023-2025-major-m-a-deals-and-market-dynamics https://www.securitycareers.help/the-great-ai-security-gold-rush-why-everyones-buying-security-for-ai-but-nobodys-touching-ai-for-security https://www.securitycareers.help/the-ai-data-center-gold-rush-when-1-trillion-in-investments-meets-community-resistance https://momentumcyber.com/cybersecurity-mergers-acquisitions-report-2025/ Sponsor: www.cisomarketplace.com www.cisomarketplace.services https://vrm.cisomarketplace.services

This episode uncovers why security experts are calling the OpenClaw and Moltbot ecosystem a "security nightmare," revealing how these autonomous agents act as vulnerable infrastructure rather than simple productivity apps. We explore the novel threat of "time-shifted" memory poisoning, where malicious instructions lie dormant in SOUL.md files to trigger logic bombs days or weeks after infection. Finally, we break down the "ClawHavoc" supply chain attack that distributed crypto-stealing malware to thousands of users, prompting Gartner to recommend an immediate blockade of the software. https://breached.company/over-1-000-clawdbot-ai-agents-exposed-on-the-public-internet-a-security-wake-up-call-for-autonomous-ai-infrastructure Sponsors: www.cisomarketplace.com www.breached.company

This episode uncovers the details behind the coordinated cyber sabotage that struck Polish wind farms, a combined heat and power plant, and a manufacturing firm on December 29, 2025. We explore how attackers exploited vulnerable FortiGate VPNs and default credentials to deploy destructive "DynoWiper" malware and corrupt critical industrial firmware, aiming to permanently disable physical equipment. Finally, we examine the forensic evidence linking these attacks to the "Static Tundra" activity cluster and discuss the broader risks facing critical infrastructure today. www.breached.company/polands-winter-power-grid-attack-sandworms-dynowiper-targets-30-facilities-in-coordinated-critical-infrastructure-assault Sponsor: www.cisomarketplace.com

The NATO Strategic Communications Centre of Excellence's 2025 experiment reveals how AI has transformed social media bots from simple spammers into sophisticated actors capable of "psychological realism" and seamless integration into authentic human conversations. Researchers demonstrate that for as little as €10, manipulators can now generate mass-scale AI content and route funding through untraceable cryptocurrency exchanges to evade detection and purchase fake engagement across major platforms like X, TikTok, and Facebook. The episode explores the alarming shift from political spam to militarized narratives and explains why traditional detection methods are failing as synthetic actors move from broadcasting propaganda to embedding themselves within trusted community dialogues. www.compliancehub.wiki/social-media-manipulation-and-the-evolution-of-synthetic-influence-2025-analysis Sponsors: www.myprivacy.blog www.compliancehub.wiki https://digitaltwinrisk.health

This episode explores how Denmark, Estonia, Finland, Iceland, Latvia, Lithuania, Norway, and Sweden are mobilizing a "whole-of-society" defense to protect their democratic institutions from foreign information influence operations. We examine diverse regional strategies, ranging from Lithuania’s volunteer "elves" and Sweden’s Psychological Defence Agency to Finland’s comprehensive security model and strict legislative disruptive measures. Listen in to understand how these nations balance the protection of free speech with the necessity of countering hostile narratives through resilience, situational awareness, and international cooperation. www.compliancehub.wiki/countering-information-influence-operations-strategies-and-resilience-in-the-nordic-baltic-region Sponsors: https://www.myprivacy.blog https://pii.compliancehub.wiki

The global fraud landscape is currently at a turning point known as the Sophistication Shift, where high-volume, "low-effort" scams are being replaced by fewer, sharper, and far more damaging attacks engineered with professionalized precision. Fraudsters have successfully industrialized deception by leveraging a "fraud production ecosystem" that pairs generative AI and deepfakes with autonomous fraud agents and telemetry tampering to bypass traditional verification systems. To counter these advanced networks, institutions are transitioning from static, document-based checks toward continuous, behavioral-driven assurance and unified compliance workbenches. www.scamwatchhq.com/identity-fraud-report-2025-2026-key-insights-and-analysis Sponsor: www.scamwatchhq.com www.cisomarketplace.com

Jurisdictions worldwide are developing AI governance policies that range from comprehensive "hard law" mandates like the EU’s AI Act to voluntary "soft law" frameworks favored by Singapore and the United Kingdom. While these approaches differ in legal enforceability and centralization, they coincide on core principles such as risk-based management and the establishment of dedicated safety institutes. The series also examines how existing privacy and intellectual property statutes serve as foundational baselines, driving new transparency requirements and shaping the legal environment through high-profile litigation like New York Times v. OpenAI www.compliancehub.wiki/global-ai-governance-comparative-analysis-of-legal-and-policy-frameworks Sponsors: https://airiskassess.com https://compliance.airiskassess.com https://cisomarketplace.services

This podcast explores how African nations have transitioned from fragmented sectoral protections to comprehensive, rights-based data frameworks inspired by global standards like the EU GDPR. We delve into the pivotal role of regional instruments like the Malabo Convention and the rise of "enforcement maturity," where increasingly confident regulators are now holding both global tech giants and government departments accountable. Finally, we examine the strategic shift toward continental enforcement norms, AI governance, and the institutionalization of regulator-to-regulator learning to secure Africa's rapidly evolving digital economy. www.compliancehub.wiki/african-data-protection-frameworks-evolution-regulation-and-regional-convergence Sponsors: https://globalcompliancemap.com https://www.compliancehub.wiki

This podcast explores the "decisive role" Swedish businesses play in national resilience, ensuring that vital societal functions like energy, food distribution, and telecommunications continue to operate during armed conflict or severe crisis. We examine how companies prepare for the "two-week" continuity goal by mapping critical dependencies, implementing systematic cybersecurity measures—such as offline data backups—and training staff to recognize and resist malign information influence. Finally, the series details how public authorities and private enterprises coordinate through a "public-private collaboration" framework to manage complex threats, supply chain disruptions, and the mobilization of personnel for total defence duty. Sponsors: https://www.cisomarketplace.services https://www.compliancehub.wiki

Organizations today are struggling with a rapidly growing system of overlapping European frameworks, such as NIS2, DORA, and the GDPR, which often results in duplication of work and high administrative burdens. By adopting a Harmonised Security Management System (HSMS) and the Layered Framework Control Fabric (L-FCF), these entities can implement a "meta-compliance" strategy where a single set of controls meets multiple legal and normative requirements simultaneously. This shift from "island solutions" to an integrated model significantly reduces audit overload while strengthening operational cyber resilience through a coordinated, organisation-wide management cycle. Sponsors: https://www.cisomarketplace.services https://compliancehub.wiki https://compliance.airiskassess.com https://eumapping.compliancehub.wiki https://baseline.compliancehub.wiki

We explore the rapid paradigm shift from passive chatbots to autonomous "agentic" AI, where new standards like the Model Context Protocol (MCP) grant systems the power to execute code and access sensitive files. Drawing on a massive empirical study of over 31,000 agent skills and real-world espionage campaigns like GTG-1002, we expose how attackers leverage "tool poisoning" and indirect prompt injection to hijack these agents for data exfiltration. Finally, we unpack essential defense strategies, including the NIST AI Risk Management Framework and the new OWASP Top 10 for Agentic Applications, to help organizations close the dangerous "consent gap" between user permissions and agent actions. https://cisomarketplace.com/blog/agentic-desktop-agents-ai-local-file-access-security https://cisomarketplace.com/blog/agentic-browser-revolution-ciso-guide-ai-attack-surface https://cisomarketplace.com/blog/workflow-automation-blind-spot-zapier-n8n-power-automate-security https://cisomarketplace.com/blog/ai-agent-security-crisis-mcp-vulnerabilities https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface https://breached.company/over-1-000-clawdbot-ai-agents-exposed-on-the-public-internet-a-security-wake-up-call-for-autonomous-ai-infrastructure/ Sponsors: https://airiskassess.com https://compliance.airiskassess.com https://cloudassess.vibehack.dev https://vibehack.dev

Join us as we analyze the 2026 data protection landscape, where a stabilization in aggregate GDPR fines contrasts with a sharp 22% increase in breach notifications fueled by geopolitical tensions. We discuss how the EU's proposed "Digital Omnibus" aims to streamline the complex "Digital Decade" regulations, even as authorities ramp up enforcement against AI systems like Replika and scrutinize "consent or pay" models. The episode concludes by examining the widening gap between the EU’s focus on personal liability and the UK’s shift toward a pro-innovation, "less is best" regulatory environment following the Data (Use and Access) Act 2025. DLA Piper PDF Downloads: www.compliancehub.wiki/gdpr-enforcement-and-data-breach-landscape-a-synthesis-of-2025-2026-trends Digital Omnibus episode: https://podcast.cisomarketplace.com/e/red-tape-vs-rights-unpacking-the-eus-digital-omnibus-proposal/ Sponsors: www.compliancehub.wiki www.cisomarketplace.services

The European Commission has introduced the "Digital Omnibus," a sweeping legislative package designed to streamline digital rules like the GDPR and AI Act to reduce administrative burdens and foster innovation. However, privacy experts warn that shifting to a subjective definition of "personal data" and creating broad commercial exemptions for "scientific research" could severely undermine fundamental rights and generate significant legal uncertainty. We analyze the clash between the Commission's promise of €5 billion in compliance savings and the potential erosion of data protection enforcement across Europe. www.compliancehub.wiki/analysis-of-the-proposed-digital-omnibus-regulation Sponsors: www.compliancehub.wiki www.cisomarketplace.services https://airiskassess.com

The 2025 CSA and Google Cloud survey reveals a widening gap between the "haves" and "have-nots" of AI readiness, identifying formal governance as the critical "maturity multiplier" that allows organizations to innovate faster while staying secure. Contrary to historical trends where security functions lagged behind new technology, security teams have emerged as early adopters, with over 90% actively testing or planning to use AI for critical tasks like threat detection and red teaming. As enterprises navigate complex multi-model strategies and vendor consolidation, the report emphasizes that operationalizing policies today is the only way to avoid "shadow AI" and successfully transition from pilot programs to production. Sponsor: https://vibehack.dev https://cloudassess.vibehack.dev https://www.cisomarketplace.services

As AI agents move from experimental pilots to production via the Model Context Protocol (MCP), they introduce a fundamental architectural shift where Large Language Models sit at the center of security-critical decisions. This episode unpacks the Coalition for Secure AI’s comprehensive framework, exploring twelve core threat categories that range from novel vectors like tool poisoning and shadow servers to the "confused deputy" problem. Tune in to learn why traditional perimeter defenses are insufficient and how to implement defense-in-depth strategies, including cryptographic identity propagation, hardware-based isolation, and zero-trust validation for AI outputs https://cisomarketplace.com/blog/ai-agent-security-crisis-mcp-vulnerabilities https://www.coalitionforsecureai.org/securing-the-ai-agent-revolution-a-practical-guide-to-mcp-security Whitepaper: https://github.com/cosai-oasis/ws4-secure-design-agentic-systems/blob/mcp/model-context-protocol-security.md Sponsors: https://vibehack.dev www.cisomarketplace.services

This episode explores the Department of War's strategic pivot to "Agentic Warfare," where proactive AI systems evolve from passive tools into digital staff officers capable of executing complex workflows rather than just generating text. We discuss how commanders are shifting from "in the loop" controllers to "on the loop" mission directors, overseeing a "planning multiverse" that runs millions of simulations to "self-heal" operational plans in real time. Finally, we examine the critical race for "decision advantage," arguing that the ability to out-think adversaries with "force guided by foresight" has replaced mass as the primary mechanism of modern deterrence. https://cisomarketplace.com/blog/pentagon-ai-strategy-defense-startups-innovation-shakeup https://scale.com/agentic-warfare Sponsor: www.cisomarketplace.services www.breached.company

This series explores the Cyber Threat Intelligence Capability Maturity Model (CTI-CMM), a stakeholder-first framework designed to help intelligence programs support the specific decisions and actions of those protecting the organization. We guide listeners through the model’s eleven distinct domains and the cyclical five-step implementation process—Prepare, Assess, Plan, Deploy, and Measure—to transition teams from reactive, ad hoc practices to standardized, predictive operations. By analyzing specific use cases and maturity indicators, we demonstrate how to evolve metrics from simply counting effort to quantifying systemic impact and business value. www.breached.company/briefing-the-cyber-threat-intelligence-capability-maturity-model-cti-cmm Sponsors: www.breached.company www.cisomarketplace.com

Transnational cybercrime has evolved into a globally distributed ecosystem where identity is now "synthetic, scalable and weaponizable" due to the proliferation of deepfakes and camera injection tools targeted at digital verification systems. To counter this, the Cybercrime Atlas fosters global collaboration to map criminal infrastructure and identify technical "choke points," a strategy validated by the Serengeti operations which resulted in thousands of arrests and the seizure of $140 million in criminal funds. Simultaneously, experts recommend that institutions implement multi-layered defenses—such as trusted camera source controls and active liveness checks—to harden Know Your Customer (KYC) processes against the democratized threat of AI-generated impersonation. https://initiatives.weforum.org/cybercrime-atlas/home www.scamwatchhq.com/your-voice-your-face-your-money-the-terrifying-rise-of-ai-powered-scams-in-2026 Sponsors: www.securitybydesign.shop SECURE15 - 15% off cybersecurity swag www.generatepolicy.com CISO30 - 30% OFF for first-time buyers

This episode explores the newly drafted Cyber AI Profile, a guide designed by the National Institute of Standards and Technology (NIST) to help organizations manage the complex intersection of artificial intelligence and cybersecurity. We break down the three primary focus areas—Secure, Defend, and Thwart—which provide a structured approach to protecting AI system components, leveraging AI for defensive operations, and building resilience against AI-powered threats. Listeners will learn how this Profile integrates with the existing NIST Cybersecurity Framework (CSF) 2.0 to offer prioritized outcomes and considerations for organizations at any stage of their AI journey. Sponsors: www.cisomarketplace.com www.airiskassess.com compliance.airiskassess.com

The International Monetary Fund (IMF) actively strengthens the global financial system by evaluating national cyber frameworks through the Financial Sector Assessment Program (FSAP) and providing demand-driven Technical Assistance to address increasingly sophisticated threats. Effective regulation requires a delicate balance between principles-based flexibility and prescriptive rules, while ensuring that supervisory intensity is proportionate to an institution's size and systemic importance. However, because the financial sector is an interconnected chain, regulators must ensure that even small institutions maintain a baseline of security to prevent them from becoming the "weakest link" that triggers a systemic crisis. www.securitycareers.help/good-practices-in-cyber-risk-regulation-and-supervision Sponsors: www.cisomarketplace.com www.cisomarketplace.services

This episode examines how Artificial Intelligence and quantum computing have transitioned from frontier concepts to systemic forces that are fundamentally reshaping geostrategic competition and the nature of modern warfare. We investigate the critical milestone of "Q-Day," the point where the deployment of Shor's algorithm threatens to collapse the cryptographic foundations of digital trust, alongside the risks of automated military escalation driven by AI. Lastly, we explore the potential for a "quantum arms race" and the widening "quantum divide" that could leave entire regions behind in a new, bifurcated global order. www.breached.company/global-risks-report-2026-key-insights-and-analysis Sponsors: www.quantumsecurity.ai www.cisomarketplace.com www.breached.company

This podcast explores why 2025 marked a watershed moment where counting compromised records proved to be an inadequate measure of a cyberattack's true devastation. We delve into the "cyber shockwaves" of 2025, ranging from the UK’s first officially confirmed ransomware-related death to the £1.9 billion economic hit that crippled national car production and threatened over 100,000 supply chain jobs. Finally, we examine an emerging five-dimension framework that redefines cybersecurity as a global ESG and human safety issue, focusing on operational disruption and societal harm rather than just data volume. www.breached.company/beyond-the-numbers-the-2025-data-breach-landscape Sponsors: www.breached.company www.cisomarketplace.com

The Cyber-as-a-Service (CaaS) model has fundamentally reshaped the threat landscape by lowering technical barriers, allowing individuals with minimal expertise to conduct complex operations like ransomware or phishing. Thriving in marketplaces that mimic legitimate e-commerce sites, specialized "initial access brokers" act as digital key makers, selling persistent entry points to other criminals in a professionalized supply chain. This modular ecosystem is highly resilient to disruption, as actors frequently rebrand their services and state-sponsored adversaries leverage these tools to target critical infrastructure globally. www.breached.company/national-cyber-threat-assessment-2025-2026-key-insights www.breached.company/beyond-the-numbers-the-2025-data-breach-landscape Sponsors: www.breached.company www.cisomarketplace.com

This episode explores the transition into the "Intelligence Supercycle," where organizations are deploying security AI and automation to identify data breaches 80 days faster and mitigate nearly $1.9 million in potential losses per incident. We delve into the shifting global regulatory landscape, highlighting how aggressive enforcement in the U.S., Canada, and the EU is introducing personal executive liability and mandatory cybersecurity audits that are fundamentally reshaping international business operations. Special focus is placed on the cannabis industry's "perfect storm," examining how federal rescheduling in the U.S. and clinical pivots in Thailand are forcing a rapid move toward blockchain-enabled traceability and biometric age assurance to meet institutional compliance standards. www.cannasecure.tech/briefing-on-global-regulatory-and-data-security-trends-for-2026 Sponsors: https://www.cannasecure.tech https://cannabisrisk.diy

This episode explores how leaders worldwide are adapting to evolving cyber risks, drawing on survey responses from over 800 executives across more than 90 countries. We discuss the acceleration of the cyber arms race, examining how artificial intelligence is simultaneously strengthening defense systems while enabling faster and more sophisticated attacks. With 94% of leaders citing AI as the most significant driver of change in 2026, we break down why the vast majority identify AI-related vulnerabilities as the fastest-growing cyber risk. Sponsors: www.generatepolicy.com www.cyberpolicy.shop

Addressing the "cold start" challenge, platforms like GeneratePolicy.com utilize AI to instantly draft customized, framework-aligned security policies while reducing reliance on expensive consultants. To ensure these documents are actually implemented, tools such as SecureCheck convert dense legal text into actionable IT checklists and audit questionnaires that map directly to standards like SOC 2 and NIST. Finally, the lifecycle is closed through PolicyQuest, which replaces passive acknowledgments with interactive quizzes to verify employee comprehension and identify gaps for continuous policy improvement. www.securitycareers.help/briefing-an-ai-powered-ecosystem-for-cybersecurity-policy-lifecycle-management https://www.compliancehub.wiki/the-policy-lifecycle-problem-nobody-talks-about-and-three-tools-that-actually-solve-it Sponsor with COUPONS: www.cisomarketplace.com Micro Tools: www.generatepolicy.com www.securecheck.tools www.policyquest.diy www.cyberpolicy.shop www.cybertemplates.com

This episode explores how the United States drifted away from the robust, substantive privacy protections envisioned in the early 1970s, replacing them with ineffective "notice and choice" frameworks that favor government surveillance and corporate profit. As we face a new technological crossroads with artificial intelligence, the discussion reveals how Big Tech recycles historical narratives to frame their dominance as inevitable while activists fight to reclaim control over how data is collected and used. Finally, we outline a strategic path for the public interest community to rebuild the intersectional social movement power necessary to enact laws that truly protect rights, equity, and democracy. www.compliancehub.wiki/briefing-document-the-50-year-trajectory-of-u-s-privacy-law-and-the-imperative-for-a-new-social-movement Sponsor: www.compliancehub.wiki

This episode analyzes the 2025 threat landscape, where U.S. data breach costs reached record highs of $10.22 million and cybercriminals utilized the "holiday breach window" to stage sophisticated attacks for the new year. We explore the transition into 2026—projected by experts to be the "Year of the Defender"—where organizations must combat "Agentic AI" threats and manage a staggering 82:1 machine-to-human identity ratio. Listeners will also gain actionable strategies for closing year-end security gaps, such as implementing rigorous patch management and testing incident response plans before the workforce disperses for the season. www.breached.company/cybersecurity-threat-landscape-and-2026-outlook Sponsor: www.breached.company

The year 2026 marks the entry into the "Intelligence Supercycle," a pivotal era where autonomous AI agents transition from mere tools to independent actors capable of executing complex attacks and defensive workflows at machine speed. Security leaders face a dual pressure: responding to the immediate rise of "portfolio extortion" ransomware and "Shadow Agent" risks, while simultaneously addressing the "harvest now, decrypt later" threat that is accelerating the timeline for post-quantum cryptography adoption. To survive this volatility, organizations are moving beyond reactive measures toward "geopatriation" of data and mature Zero Trust programs, as governments nationalize critical infrastructure to defend against pre-positioned nation-state threats. www.securitycareers.help/cybersecurity-outlook-for-2026-an-integrated-threat-and-strategy-briefing Sponsors: www.cisomarketplace.com

This episode examines the 926 cyber incidents recorded across Europe in November 2025, revealing a strategic shift where Distributed Denial of Service (DDoS) campaigns accounted for over 51% of all activity. We unpack how Telegram has become the "central nervous system" for coordinating these disruptions against government and transport infrastructure, operating alongside a fragmented but active ransomware economy led by groups like Qilin. Drawing on FalconFeeds.io’s intelligence, we discuss why this new era of sustained pressure demands a move from reactive defenses to proactive, intelligence-driven readiness. www.breached.company/europe-cyber-threat-briefing-november-2025-analysis Sponsor: www.breached.company

From Australia’s implementation of search engine ID checks to Virginia’s biometric age gates, a synchronized global legislative wave is transforming the web into a permission-based surveillance system. We investigate how these "child safety" mandates are necessitating permanent identity databases that effectively eliminate anonymous speech, as seen in Victoria's crackdown on "hate speech" and the EU's "trusted flagger" hierarchy. Finally, we explore the escalating diplomatic crisis as U.S. lawmakers threaten to compel testimony from foreign regulators accused of enforcing a "global censorship regime" on American platforms. www.compliancehub.wiki/briefing-on-global-digital-regulation-and-surveillance-trends Sponsor: www.compliancehub.wiki

With global cybercrime costs projected to reach $10.5 trillion annually by 2025, this episode unpacks the surge in ransomware and data breaches targeting critical sectors like healthcare, manufacturing, and water systems. We explore how "enterprising adversaries" are weaponizing generative AI for deepfakes and vishing while exploiting third-party supply chains to compromise major entities like 700Credit and Snowflake. Finally, we analyze the critical "human element" of cybersecurity, from the infiltration of North Korean IT workers to the bribing of insiders, revealing why identity protection has become the new perimeter. www.breached.company/briefing-2025-cybersecurity-threat-landscape-and-incident-analysis Micro Tools: https://finemydata.com https://databreachcostcalculator.com Sponsors: www.breached.company www.cisomarketplace.com

As the global cybersecurity market approaches $300 billion, organizations are shifting from reactive measures to a "preemptive" posture to combat the rise of autonomous AI agents and "harvest now, decrypt later" quantum threats. We explore how the "CISO 3.0" must navigate a massive 4.8 million-person talent shortage by adopting cybersecurity mesh architectures and platform consolidation while managing a complex "compliance cliff" that includes the EU AI Act, DORA, and strict new SEC enforcement priorities. This episode analyzes the critical pivot toward identity-centric security and AI governance required to survive an era where machines battle machines and trust is the new perimeter. www.securitycareers.help/2026-cybersecurity-landscape-a-briefing-on-key-trends-threats-and-regulatory-imperatives Sponsor: www.cisomarketplace.com

This series explores how emerging technologies—from Artificial Intelligence to biotechnology—are acting as "force multipliers" to transform the human brain itself into a contested battlefield. We examine NATO's strategic framework for "Cognitive Superiority," detailing how adversaries exploit the "OODA loop" to disrupt decision-making and how nations can build resilience against these invisible threats. Moving beyond traditional propaganda, we reveal how this continuous "gray zone" warfare targets not just military forces, but the trust and social contracts of entire democratic societies. https://www.myprivacy.blog/the-silent-war-psychological-operations-from-the-kgb-to-tiktok https://www.compliancehub.wiki/the-white-house-influencer-pipeline-how-the-biden-administration-revolutionized-government-communications-through-social-media www.myprivacy.blog/cognitive-warfare-a-synthesis-of-natos-strategic-assessment-and-research-initiatives Sponsors: www.cisomarketplace.com www.cisomarketplace.services www.securitybydesign.shop -> 15% off Merch

As the cybersecurity landscape transitions from reactive detection to automated preemption, this series explores how the rise of "Agentic AI" and autonomous threats are forcing organizations to radically modernize their security stacks. We dive deep into the essential governance strategies for the year ahead, including the adoption of the new NIST SP 800-63-4 digital identity guidelines and the necessity of moving toward phishing-resistant, passwordless authentication. Join us to discover how CISOs are optimizing budgets to combat deepfakes and supply chain risks while preparing for a regulatory environment that demands continuous, demonstrable compliance. Sponsors: www.cisomarketplace.com www.cisomarketplace.services https://securitybydesign.shop

Join us as we explore the comprehensive guidance released by international cybersecurity agencies, including CISA and the NSA, regarding the integration of Artificial Intelligence into critical infrastructure environments. We will break down the four key principles for owners and operators, which range from understanding unique AI risks—such as model drift and lack of explainability—to embedding necessary oversight and failsafe practices. Finally, we discuss how to balance the efficiency and predictive capabilities of AI with the absolute necessity of maintaining functional safety and data security in operational technology. Sponsors: www.cisomarketplace.com www.cisomarketplace.services