CISO Insights: Voices in Cybersecurity

The United States faces an unprecedented range of sophisticated cyber threats, highlighting the urgent need for a dedicated military branch to uniquely organize, train, and equip personnel for the digital domain. This episode explores the CSIS Commission's comprehensive plan for an independent U.S. Cyber Force, detailing its proposed structure of 30,000 personnel, reliance on expert warrant officers rather than an enlisted cadre, and the creation of a specialized Cyber National Guard. Listeners will discover how this proposed service aims to revolutionize military recruitment by prioritizing elite technical specialization and securing the nation's critical infrastructure against rapidly evolving adversaries. https://www.csis.org/analysis/csis-commission-us-cyber-force-generation   Sponsors www.cisomarketplace.com www.securitycareers.help

Non-human identities now vastly outnumber human users, with recent estimates showing up to an 82-to-1 disparity in enterprise environments. The rapid adoption of autonomous AI agents amplifies this crisis, as these agents utilize compound identities and inherited "invisible browser" sessions to operate at machine speed, easily bypassing traditional security controls. To secure this dynamic attack surface, organizations must abandon static, permanent secrets in favor of short-lived ephemeral credentials and advanced intent inference that evaluates the true purpose behind an agent's autonomous actions https://cisomarketplace.com/blog/non-human-identity-secrets-governance-at-scale-ciso https://cisomarketplace.com/blog/zero-trust-technical-implementation-segmentation-policy-engine-ciso https://cisomarketplace.com/blog/ai-agent-identity-market-landscape-2025-2026   Sponsors: www.vibehack.dev www.myprivacy.blog https://airiskassess.com

The Model Context Protocol (MCP) is rapidly becoming the standard for AI-driven automation, yet its rapid adoption has significantly outpaced the development of its security model. This episode explores the inherent design vulnerabilities of MCP, such as unrestricted repository access, tool parameter injection, and remote code execution, which expose organizations to novel and systemic attack vectors. We also dive into practical defense strategies, detailing how security teams can safely implement MCP by enforcing strict trust boundaries, rigorous input validation, and comprehensive application sandboxing. https://cisomarketplace.com/blog/ai-agent-security-crisis-mcp-vulnerabilities https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface https://cisomarketplace.com/blog/ciso-guide-securing-ai-agents https://cisomarketplace.com/blog/soul-engineering-identity-layer-attacks-on-ai-agents NSA PDF:    Sponsors: www.vibehack.dev www.cisomarketplace.com

The 2026 Data Breach Investigations Report reveals a rapidly shifting threat landscape where the exploitation of vulnerabilities has officially overtaken credential abuse as the top initial access vector. Alongside this shift, defenders are battling the explosion of "Shadow AI" data leaks and sophisticated, synchronous "pretexting" attacks that bypass traditional email-centric security training. Despite these advanced AI-driven threats, the report emphasizes that surviving the modern cyber battlefield requires a refinement of cybersecurity fundamentals—like patch management and access control—rather than a complete revolution. https://cisomarketplace.com/blog/verizon-dbir-2026-ciso-guide-vulnerability-exploitation-credential-theft 2026 Verizon DBIR   Sponsors: www.breached.company www.cisomarketplace.com

In 2026, global organizations face a shifting regulatory landscape defined by the EU's Digital Omnibus package and the proposed SECURE Data Act in the United States. This episode explores how compliance leaders can adapt to delayed EU AI Act deadlines, navigate new data subject rights, and operationalize AI governance using standards like ISO 42001 and NIST. We also dive into the technical realities of continuous SOC 2 monitoring and the urgent transition to post-quantum cryptography to defend against "Harvest Now, Decrypt Later" attacks. https://compliance.airiskassess.com https://airiskassess.com   Sponsor: www.compliancehub.wiki www.cisomarketplace.com

The global landscape of identity is shifting rapidly in 2026, driven by the expanding rollout of mobile driver's licenses (mDLs) in the United States and the looming European Digital Identity (EUDI) Wallet mandate under eIDAS 2.0. This transition towards digital public infrastructure faces unprecedented cybersecurity challenges, primarily fueled by a 900% surge in AI-generated deepfakes and the rise of autonomous AI fraud agents. To combat these emerging threats, governments and organizations are racing to implement multi-modal liveness detection, privacy-preserving digital credentials, and robust "Know Your Agent" (KYA) frameworks. https://biometric.myprivacy.blog https://pii.compliancehub.wiki   Sponsors: https://scamwatchhq.com https://cryptoimpacthub.com

Welcome to a deep dive into the monumental shifts in data security, artificial intelligence governance, and global privacy regulations defining the corporate landscape in 2026. In this episode, we explore the intersection of aggressive new enforcement frameworks, such as the EU AI Act and the federal TAKE IT DOWN Act, alongside the profound impacts of sweeping children's online safety mandates. We also break down how Privacy-Enhancing Technologies (PETs) and decentralized identity solutions are helping organizations navigate an era of complex data breaches and strict operational accountability. https://compliancehub.wiki/take-it-down-act-ftc-enforcement-deepfake-platform-compliance-2026 https://compliancehub.wiki/eu-ai-act-omnibus-high-risk-deadline-extension-compliance-2026   Sponsors: https://biometric.myprivacy.blog https://childrenprivacylaws.com https://pii.compliancehub.wiki https://privacyrights.compliancehub.wiki

Over half of New Zealanders are now deeply concerned about their individual privacy, driven largely by anxieties over children's digital safety and the use of artificial intelligence in decision-making. While an overwhelming majority demand more control over how their personal information is used, nearly half of the population is experiencing "privacy fatigue," feeling that protecting their data simply takes too much effort. Against a backdrop of low trust in government data handling—a sentiment especially pronounced among Māori respondents—the public is strongly backing tougher laws and large fines to hold organizations accountable.   Sponsor www.compliancehub.wiki www.myprivacy.blog

Delve into the complex and evolving national security challenges facing Canada in 2025, as outlined by the Canadian Security Intelligence Service (CSIS). This episode explores the shadowy world of foreign interference, transnational repression, and the alarming rise of youth radicalization within violent extremist movements. Join us as we unpack the critical threats targeting Canada's democratic institutions, cutting-edge tech startups, and the increasingly contested Arctic region. Read the report: https://www.canada.ca/content/dam/csis-scrs/images/2025/public-report/Public%20Report_EN_2025_DIGITAL.pdf   Sponsors: www.compliancehub.wiki www.myprivacy.blog

In this podcast, we explore the groundbreaking guidelines set by the G7 Cybersecurity Working Group for creating a Software Bill of Materials (SBOM) for Artificial Intelligence. Our experts break down the seven critical information clusters—including metadata, models, datasets, and security properties—that serve as an essential "ingredient list" for AI systems. Tune in to discover how these foundational recommendations aim to boost transparency, manage vulnerabilities, and secure the global AI supply chain.   Read G7 framework for Ai Software Bill of Materials SBOM: https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/KI/SBOM-for-AI_minimum-elements.html   Sponsors: www.compliancehub.wiki https://airiskassess.com

In this episode, we explore how frontier AI models like OpenAI's GPT-5.5-Cyber and Anthropic's Claude Mythos are fundamentally shifting the landscape of cybersecurity by operating at machine speed. We dive deep into the dual-use reality of these highly capable tools, analyzing how they dramatically compress the vulnerability discovery-to-remediation pipeline while simultaneously introducing new offensive risks. Finally, we examine the competing governance frameworks—OpenAI's scalable Trusted Access for Cyber (TAC) and Anthropic's heavily restricted Project Glasswing coalition—to help security leaders understand the strategic implications for their enterprises. https://cisomarketplace.services/ai-services https://cisomarketplace.services/engagements/claude-cybersecurity-consulting https://cisomarketplace.services/engagements/openai-cybersecurity-consulting   Sponsors www.cisomarketplace.com www.cyberadx.network   August 5th 2026 - DEFCON / Blackhat / Bsides LV week https://ciso.poker

In 2026, organizations face an unprecedented convergence of global cybersecurity regulations and rapid technological shifts that are creating a massive "compliance stack". This episode dives into sweeping new mandates, including the EU's Cyber Resilience Act and NIS 2 Directive, the U.S. transition to Post-Quantum Cryptography, and emerging global AI governance frameworks. We explore how CISOs can navigate tightening budgets and strict reporting deadlines while defending against automated AI attacks and the looming "harvest now, decrypt later" quantum threat. https://risk.quantumsecurity.ai   Sponsors: https://compliancehub.wiki https://cisomarketplace.com

Between 2024 and 2026, the educational technology sector suffered a catastrophic supply chain collapse as hackers compromised roughly 350 million records through major platforms like PowerSchool and Canvas. By exploiting weak trust boundaries in shared multi-tenant architectures, threat actors such as the ShinyHunters group moved beyond targeting individual schools to attacking the centralized vendors that thousands of institutions rely on. As a result, schools are left bearing the intense legal and regulatory burdens of notifying their communities, while criminals weaponize both structured identity data and private behavioral context for long-term fraud and extortion. https://breached.company/san-diego-community-college-district-cyberattack-2026 https://breached.company/instructure-canvas-shinyhunters-275-million-students-breach-2026   Sponsors: www.myprivacy.blog www.breached.company www.compliancehub.wiki

This podcast explores the profound psychological, economic, and social shifts triggered by the rapid advancement of artificial intelligence, including the impending "work quake" that will radically restructure the labor market. Drawing on insights from hundreds of global experts, the discussion dives into emerging survival frameworks like the "Me:chine" identity and the critical need to develop "existential literacy" as a psychological immune system against algorithmic manipulation. Ultimately, listeners will discover actionable strategies for protecting human agency, nurturing genuine face-to-face connections, and restructuring our institutions to ensure humanity thrives alongside intelligent machines.   Sponsors: www.cisomarketplace.com www.myprivacy.blog

Operational Technology (OT) interacts directly with the physical world, meaning that cyber attacks can have immediate, devastating real-world safety and environmental consequence. Standard IT security models fall short in OT environments due to decades-old legacy systems, insecure protocols, and strict requirements for continuous availability. This episode explores how organizations can practically adapt modern Zero Trust principles to OT, covering critical strategies like network microsegmentation, compensating controls, and secure remote access without disrupting mission-critical operations. https://zerotrustciso.com   Sponsor www.cisomarketplace.com www.cisomarketplace.services

As agentic AI systems increasingly automate complex tasks and operate with unprecedented autonomy, they introduce new and unpredictable cyber security risks. This podcast explores the unique vulnerabilities of these interconnected systems, ranging from privilege scope creep and deceptive behaviors to structural and accountability challenges. Tune in to discover actionable best practices for designing, developing, deploying, and operating secure AI agents to protect your organization's critical infrastructure.   Sponsor www.cisomarketplace.com www.airiskassess.com

In the era of the autonomous enterprise, digital systems are evolving faster than traditional governance can keep up, exposing dangerous hidden vulnerabilities across the modern business. This podcast dives into the 2026 Cloudflare Security Signals Report to unpack the six critical fault lines threatening organizations, from shadow supply chains and legacy technical debt to ungoverned AI agents. Join us as we discuss how enterprise leaders can move beyond a reactive "absorb and recover" mindset to deliberately engineer systems that sense, adapt, and self-correct under machine-speed stress The 2026 Cloudflare Security Signals Report -> https://www.cloudflare.com/lp/security-signals-report/2026/   Sponsors: www.cisomarketplace.com www.breached.company    Grab your seat -> https://ciso.poker/apply

Join us for the first public announcement of CISO.POKER's inaugural tournament at Hacker Summer Camp 2026, an exclusive, zero buy-in Texas Hold'em event designed for 80 senior security executives on the Las Vegas Strip. This episode unpacks how we are replacing the traditional "pay-to-play" vendor pitch with genuine networking, offering an Enterprise security prize pack, Knockout Bounties, and capturing real-time industry intelligence through our anonymous FeltIQ platform. We also dive into our built-in Coalition Giving model, demonstrating how three hours at the poker table can seamlessly fund critical cybersecurity nonprofits while you build authentic industry relationships. https://ciso.poker/sponsor https://ciso.poker/give   Visit the event:  https://ciso.poker/apply    Sponsor: https://cyberadx.network

In 2026, the global digital landscape is undergoing a massive transformation as rapid technological advancement collides with complex new regulatory frameworks. This episode explores how African nations are pioneering digital public ecosystems for economic integration, while the United States navigates a strict new patchwork of state privacy laws designed to protect minors and consumer data. Join us as we dissect the delicate balance between embracing innovations like AI-powered smart cities and securing fundamental digital rights in an increasingly connected world. https://digitaltwin.compliancehub.wiki https://childrenprivacylaws.com https://biometric.myprivacy.blog https://privacyrights.compliancehub.wiki   Sponsors: www.myprivacy.blog www.scamwatchhq.com

From the expansion of U.S. state privacy laws and the HIPAA Security Rule overhaul to the enforcement of the EU AI Act, DORA, and India's DPDP Act, 2026 marks a definitive turning point for global regulatory compliance. We explore how these emerging frameworks demand that businesses move beyond static paperwork to demonstrate true operational resilience, continuous monitoring, and boardroom accountability. Tune in to discover the proactive steps your organization must take to avoid massive financial penalties and build a cohesive, evidence-based compliance architecture before it is too late.   Sponsor: www.compliancehub.wiki www.cisomarketplace.com

In April 2026, the cybersecurity landscape experienced a seismic shift as geopolitical tensions and industrialized fraud collided to create unprecedented enterprise risks. This episode dives into the most critical incidents of the month, including TeamPCP's cascading supply chain compromises, Iran-backed wiper attacks on corporate infrastructure, and the exploitation of third-party platforms by groups like ShinyHunters. Join us as we unpack how these sophisticated threats are redefining the "new normal" for defenders and explore the massive global law enforcement operations fighting back.   Sponsors: www.cisomarketplace.com www.breached.company

Anthropic recently unveiled Claude Mythos, an unreleased frontier AI model with unprecedented cybersecurity capabilities that led the company to restrict its access exclusively to defensive partners via Project Glasswing. This revelation coincided with a chaotic week of accidental source code leaks and an unprecedented legal battle against the Pentagon, which blacklisted Anthropic as a "supply chain risk" over the company's refusal to drop safety guardrails. Together, these dramatic events have fueled a massive hype narrative ahead of Anthropic's planned October 2026 IPO, where the company is targeting a valuation of up to $500 billion. https://podcast.cisomarketplace.com/e/the-mythos-dilemma-ai-zero-days-and-project-glasswing https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026   Sponsors: www.breached.company www.compliancehub.wiki

In March 2026, a 40-minute supply chain attack on the open-source library LiteLLM allowed hackers to steal four terabytes of highly sensitive data from Mercor, a $10 billion AI training startup. The breach exposed a fragile trust infrastructure across the tech industry, revealing that LiteLLM's security certifications were fabricated by Delve Technologies, a compliance vendor that systematically rubber-stamped fake audits. As major AI labs like Meta indefinitely pause their contracts, Mercor now faces a wave of class-action lawsuits alleging that its mandatory, invasive contractor surveillance practices funneled unauthorized third-party trade secrets and personal data straight to cybercriminals. https://compliancehub.wiki/mercor-litellm-delve-class-action-supply-chain-compliance-fraud/ https://compliancehub.wiki/five-lawsuits-mercor-data-breach-litigation-breakdown/   Sponsors www.breached.company www.compliancehub.wiki

Anthropic's latest frontier model, Claude Mythos Preview, has demonstrated an unprecedented ability to autonomously discover and exploit zero-day vulnerabilities in critical software. Recognizing the extreme dual-use risks of these capabilities falling into the wrong hands, Anthropic has made the unprecedented decision to withhold the model from general public release. Instead, the model is being deployed through Project Glasswing, a collaborative initiative with major tech industry partners aimed at using this powerful AI exclusively to secure the world's digital infrastructure. https://cisomarketplace.com/blog/project-glasswing-claude-mythos-cybersecurity https://cisomarketplace.com/blog/claude-mythos-leak-cybersecurity-stocks-crash-2026 https://www.anthropic.com/glasswing   Sponsors: www.cisomarketplace.com

Dive into the nuances of California's new CCPA cybersecurity audit requirements and discover how they redefine the standard for "reasonable security". We explore how businesses can strategically leverage existing NIST, ISO, or CIS assessments as a foundation, while identifying the critical scope mismatches they must "top off" to ensure compliance. Tune in for a practical, four-step roadmap to navigate CalPrivacy's 18 evaluation components and prepare your organization's data protection strategy for the next wave of regulatory scrutiny.   Sponsors: www.compliancehub.wiki www.cisomarketplace.com

Dive into the rapidly evolving cyber threat landscape of Latin America and the Caribbean, where financially motivated threat actors are increasingly exploiting rapid digital adoption to target the region's largest economies. We explore how cybercriminals and hacktivist collectives like FiveFamilies are utilizing encrypted platforms like Telegram and WhatsApp to distribute banking trojans, deploy double-extortion ransomware against critical industries, and launch highly convincing AI-driven social engineering attacks. Join us as we unpack the tactics of these digital adversaries and discuss the urgent need for modernized infrastructure and public-private collaboration to secure the LAC region's digital future.   Sponsors: www.myprivacy.blog www.breached.company

Explore the evolving landscape of youth digital protection across the European Union, where groundbreaking laws like the GDPR and the Digital Services Act (DSA) are being deployed to shield minors from data exploitation and harmful content. As emerging innovations like immersive virtual environments, neuromarketing, and AI-generated deepfakes introduce unprecedented risks to children's mental privacy and cognitive development, the battle for digital safety is becoming increasingly complex. Join us as we examine how local and regional authorities are stepping up to bridge the gap between high-level regulations and frontline realities, transforming overarching policies into tangible, community-based safeguards for families and schools.   Sponsors: www.myprivacy.blog www.compliancehub.wiki

This podcast dives into the current wave of Child Online Safety Legislation (COSL), such as the Kids Online Safety Act (KOSA), to unpack the political and societal forces driving these bipartisan bills. We critically examine the prevailing narrative that social media is the primary cause of the youth mental health crisis, exploring how "moral panics" over technology often ignore complex social realities. Furthermore, we discuss the potential unintended consequences of these legislative efforts, including severe threats to data privacy, free expression, and the well-being of marginalized youth through mandated age verification and expanded parental surveillance.   Sponsors: www.myprivacy.blog www.cisomarketplace.com

This episode dives into the massive compliance fraud orchestrated by Delve, a Y Combinator-backed startup that generated hundreds of identical, fabricated SOC 2 reports using rubber-stamping certification mills. We explore how this "compliance theater" collided with a real-world supply chain attack when LiteLLM, a company boasting Delve-generated certifications, was breached through a compromised vulnerability scanner called Trivy. Ultimately, we unpack the devastating consequences of prioritizing automated compliance badges over actual security controls, and what this structural failure means for enterprise vendor risk management in 2026. https://compliancehub.wiki/litellm-delve-soc2-trust-chain-compliance-failure-2026 https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026 https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal https://cisomarketplace.com/blog/auditor-vs-assessor-compliance-trust-2026 Sponsors www.compliancehub.wiki www.cisomarketplace.com www.breached.company

Il ruolo del Chief Information Security Officer si è radicalmente trasformato da una funzione puramente informatica a una posizione strategica a livello esecutivo, focalizzata sul rischio digitale dell'intera azienda. Spinti dalla rapida adozione dell'intelligenza artificiale agentica, dall'espansione delle identità non umane e dalle nuove e severe normative globali come la Direttiva NIS2 dell'UE, i CISO sono ora essenziali per garantire la resilienza operativa e proteggere la continuità aziendale. Questo podcast esplora come i moderni leader della sicurezza stiano colmando il divario tra la tecnologia e il consiglio di amministrazione per combattere le minacce alla velocità delle macchine e navigare in un panorama normativo sempre più complesso. English: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsors: www.cisomarketplace.com www.breached.company

The cyber threat landscape is experiencing a massive paradigm shift, as adversaries move away from isolated network breaches to industrialize the compromise of global digital supply chains. This episode breaks down the unprecedented March 2026 TeamPCP campaign, exploring how attackers weaponized the trusted Trivy vulnerability scanner, compromised the widely used LiteLLM AI package, and unleashed the self-propagating Shai-Hulud worm across the npm ecosystem. We also examine how the growing use of artificial intelligence by threat actors, the exploitation of unmonitored edge devices, and the rise of destructive wiper attacks against critical infrastructure are forcing organizations to adopt zero-trust models and continuous resilience strategies. https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026 https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal   Sponsors: www.cisomarketplace.com www.breached.company

Rola dyrektora ds. bezpieczeństwa informacji (CISO) uległa fundamentalnej transformacji z funkcji operacyjnej IT w strategiczne stanowisko na szczeblu kierowniczym, koncentrujące się na ryzyku cyfrowym w całej organizacji. W związku z szybką adopcją agentycznej sztucznej inteligencji, rosnącą liczbą tożsamości nieludzkich oraz surowymi nowymi globalnymi regulacjami, takimi jak unijna dyrektywa NIS2, dyrektorzy CISO są teraz kluczowi dla zapewnienia odporności operacyjnej i ochrony ciągłości biznesowej. Ten podcast analizuje, w jaki sposób współcześni liderzy ds. bezpieczeństwa zasypują przepaść między technologią a zarządem, aby zwalczać zagrożenia działające z prędkością maszyn i poruszać się w coraz bardziej złożonym krajobrazie regulacyjnym.   English Version: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsors: www.cisomarketplace.com www.breached.company

O papel do Chief Information Security Officer (CISO) passou por uma transformação fundamental, deixando de ser uma função técnica de TI para se tornar um cargo estratégico de nível executivo focado no risco digital de toda a empresa. Impulsionados pela rápida adoção da inteligência artificial agêntica, pela expansão das identidades não humanas e por novas regulamentações globais rigorosas, como a Diretiva NIS2 da UE, os CISOs agora são essenciais para garantir a resiliência operacional e proteger a continuidade dos negócios. Este podcast explora como os líderes de segurança modernos estão diminuindo a distância entre a tecnologia e a diretoria para combater ameaças em velocidade de máquina e navegar em um cenário regulatório cada vez mais complexo.   English: https://www.podbean.com/ew/pb-r9v3x-1a73307    Sponsor: www.cisomarketplace.com www.breached.company

Explore the evolving world of cyber threats in this deep dive into the 2025 malicious infrastructure landscape, where tools like Cobalt Strike and AsyncRAT continued to dominate global attacks. We unpack how cybercriminals and state-sponsored actors rapidly adapted to law enforcement disruptions, highlighting the critical role of Threat Activity Enablers (TAEs) in providing bulletproof hosting and resilient routing networks. Tune in to understand the complex, multi-tiered ecosystems driving today's most prevalent malware families and what defenders can do to stay ahead of these persistent threats. https://www.recordedfuture.com/research/2025-year-in-review-malicious-infrastructure   Sponsors: www.breached.company www.myprivacy.blog

This episode delves into the complex web of China's influence operations within the Nordic-Baltic information environment, focusing specifically on the contrasting diplomatic landscapes of Denmark and Lithuania. We explore how Beijing utilizes eight distinct avenues of influence—ranging from United Front networks and economic coercion to clandestine espionage—to shape local narratives and pressure political decision-maker. Join us as we uncover how Lithuania took a bold stance with a "values-based" foreign policy, while Denmark grapples with the subtle, backstage coercion of China's "Shadow Wolf Warrior" diplomacy   Sponsors: www.breached.company www.cisomarketplace.com www.myprivacy.blog

Le rôle du responsable de la sécurité des systèmes d'information (CISO) a fondamentalement évolué, passant d'une fonction informatique à un rôle stratégique de direction axé sur le risque numérique à l'échelle de l'entreprise. Poussés par l'adoption rapide de l'IA agéntique, l'expansion des identités non humaines et de nouvelles réglementations mondiales strictes comme la directive NIS2 de l'UE, les CISO sont désormais essentiels pour garantir la résilience opérationnelle et protéger la continuité des activités. Ce podcast explore comment les leaders modernes de la sécurité comblent le fossé entre la technologie et le conseil d'administration pour combattre les menaces à la vitesse des machines et naviguer dans un paysage réglementaire de plus en plus complexe. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services

As foreign information manipulation and interference (FIMI) reach unprecedented levels of global complexity, state actors like Russia and China are increasingly weaponizing artificial intelligence to mass-produce deceptive content. In response, the European External Action Service has launched the FIMI Deterrence Playbook, a proactive strategy designed to systematically dismantle the underlying infrastructures, proxies, and financial networks that sustain these hostile operations. Join us as we explore the digital "House of Cards" behind global disinformation campaigns and discuss how democracies are leveraging sanctions, law enforcement, and digital regulation to raise the costs for perpetrators and protect the information space.   Sponsors: www.cisomarketplace.com www.myprivacy.blog www.breached.company www.compliancehub.wiki

Die Rolle des Chief Information Security Officers hat sich grundlegend von einer funktionalen IT-Position zu einer strategischen Führungsposition gewandelt, die sich auf das unternehmensweite digitale Risiko konzentriert. Angetrieben durch die schnelle Einführung von agentischer KI, die Zunahme nicht-menschlicher Identitäten und strenge neue globale Vorschriften wie die NIS2-Richtlinie der EU, sind CISOs heute unerlässlich, um die betriebliche Resilienz zu gewährleisten und die Geschäftskontinuität zu schützen. Dieser Podcast untersucht, wie moderne Sicherheitsführungskräfte die Lücke zwischen Technologie und Vorstandsetage schließen, um Bedrohungen in Maschinengeschwindigkeit zu bekämpfen und durch eine immer komplexer werdende Regulierungslandschaft zu navigieren. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services

Dive deep into the U.S. Intelligence Community's 2026 Annual Threat Assessment to uncover the most pressing security challenges facing the world today. This episode explores the shifting dynamics of global power, highlighting how major power competition and emerging technologies like artificial intelligence and quantum computing are redefining international security. Join us as we break down what these evolving threats—from transnational crime and terrorism to regional wars—mean for the U.S. Homeland and future global stability. https://www.dni.gov/index.php/newsroom/press-releases/press-releases-2026/4142-pr-03-26   Sponsors: www.cisomarketplace.com www.cisomarketplace.services

El papel del Director de Seguridad de la Información (CISO) se ha transformado fundamentalmente de una posición funcional de TI a un rol estratégico de nivel ejecutivo centrado en el riesgo digital a nivel empresarial. Impulsados por la rápida adopción de la inteligencia artificial agéntica, la expansión de las identidades no humanas y las nuevas y estrictas regulaciones globales como la Directiva NIS2 de la UE, los CISO son ahora esenciales para garantizar la resiliencia operativa y proteger la continuidad del negocio. Este podcast explora cómo los líderes de seguridad modernos están cerrando la brecha entre la tecnología y la sala de juntas para combatir las amenazas a la velocidad de las máquinas y navegar por un panorama regulatorio cada vez más complejo. English: https://podcast.cisomarketplace.com/e/the-2026-ciso-architects-of-digital-trust/  Sponsors: www.cisomarketplace.com www.cisomarketplace.services

The role of the Chief Information Security Officer has fundamentally transformed from a functional IT position into a strategic, executive-level role focused on enterprise-wide digital risk. Driven by the rapid adoption of agentic AI, expanding non-human identities, and strict new global regulations like the EU's NIS2 Directive, CISOs are now essential for ensuring operational resilience and protecting business continuity. This podcast explores how modern security leaders are bridging the gap between technology and the boardroom to combat machine-speed threats and navigate an increasingly complex regulatory landscape.   Sponsors: www.cisomarketplace.com www.cisomarketplace.services

This episode examines the Hellscape concept, an evolving asymmetric strategy designed to repel a potential Chinese invasion by flooding the Taiwan Strait with thousands of low-cost uncrewed systems. We analyze the four-layered defensive gauntlet—ranging from over-the-horizon undersea drones to short-range beach-defense quadcopters—intended to deny the People’s Liberation Army both air and sea superiority. Finally, the program explores the implementation hurdles Taiwan faces, such as shifting budget priorities away from expensive conventional platforms and building a self-sufficient domestic drone industry.   Sponsors www.myprivacy.blog www.breached.company

This episode explores Ukraine’s transformation from a reactive cyber posture to a proactive, multi-layered defense system that culminated in the 2025 creation of a dedicated Cyber Forces Command. We examine the pioneering "patriotic hacktivist" model, where groups like the IT Army and BO Team collaborate with state intelligence to expand the reach and impact of offensive operations. Finally, the discussion covers the vital contributions of private tech giants and international coalitions through the Tallinn Mechanism, alongside the emerging challenges of sustaining this global support as the conflict enters its second decade.   Sponsors:  www.breached.company www.myprivacy.blog

As drones become increasingly common, the need to protect critical infrastructure, airports, and public events from unauthorized unmanned aerial vehicles has never been greater. This episode dives into the layered Counter-Unmanned Aircraft Systems (C-UAS) that utilize radio frequency, radar, and advanced algorithms to detect, track, and locate both drones and their operators. We also explore the crucial legal and privacy safeguards built into these technologies, explaining how they protect the public by strictly analyzing physical signal characteristics rather than illegally intercepting private communication content. https://secureiot.house/dhs-elevated-threat-home-security-preparedness https://secureiotoffice.world/power-grid-attacks-smart-city-blackouts-iran-iraq https://secureiot.house/iran-drone-threat-california-sleeper-cells-dhs-warning-march-2026   Sponsors: www.myprivacy.blog www.breached.company www.secureiot.house

Traditional robot security, which long relied on the assumption that attackers needed specialized robotic expertise, is being rendered obsolete by the democratization of AI-powered offensive tools. Using the open-source CAI framework, researchers autonomously identified 38 critical vulnerabilities—including safety-critical motor controls—across diverse consumer robots in just a fraction of the time required by human experts. This technological shift necessitates an urgent transition from static, rule-based defenses toward GenAI-native defensive agents capable of real-time patching and coordinated threat detection to counter these rapid, automated attacks.   Sponsors: www.myprivacy.blog www.breached.company

Threat actors are increasingly abandoning traditional malware in favor of exploiting valid credentials and native cloud services to move laterally and execute destructive attacks. This episode explores the latest cloud security trends, including the rise of cloud-native ransomware, the abuse of AI and LLM supply chains, and how attackers leverage third-party integrations to breach multiple tenants. Join us as we unpack the strategies defenders must adopt, such as strict identity and access management (IAM) hardening and behavioral monitoring, to secure modern hybrid cloud environments.   Sponsors: www.cisomarketplace.com www.securitycareers.help

This episode delves into the high-stakes legal battles between authors and tech giants over training generative AI models, like Meta's Llama and Anthropic's Claude, on millions of copyrighted books. We explore recent federal court rulings to understand how the traditional "fair use" defense is being tested by accusations of unauthorized torrenting and the threat of "market dilution". Tune in to discover whether the courts will protect human creators and their markets, or prioritize technological innovation in the rapidly expanding era of generative AI. https://myprivacy.blog/meta-bittorrent-piracy-fair-use-ai-training   Sponsors: www.cisomarketplace.com www.myprivacy.blog

When AI startup Anthropic refused to let the Pentagon use its Claude model for fully autonomous weapons and mass domestic surveillance, the Department of Defense retaliated by designating the American company an unprecedented "supply chain risk". This standoff highlights a growing crisis as consumer AI systems are rapidly integrated into kinetic military operations and lethal kill chains, accelerating targeting in conflicts like the US-Israeli war on Iran. As the government wields economic warfare and Cold War-era statutes to dismantle corporate ethical guardrails, the tech industry faces a defining battle over who ultimately controls the moral architecture of the world's most powerful technologies. https://cisomarketplace.com/blog/operational-technology-critical-infrastructure-security-2026-strategic-briefing https://breached.company/banned-at-dawn-deployed-by-dusk-the-u-s-used-anthropics-claude-in-the-iran-strikes-hours-after-trump-banned-it   Sponsors: www.breached.company www.cisomarketplace.com

In this episode, we dive into the escalating military and cyber conflict between the United States and Iran, highlighted by the devastating U.S. strikes of Operation Epic Fury. We unpack the administration's aggressive new 2026 "Cyber Strategy for America" and recent Executive Orders, which signal a doctrinal shift toward offensive operations, deregulation, and the dismantling of transnational cybercrime networks. Join us as we explore the geopolitical and legal fallout of "unleashing" private tech companies to actively defend against adversaries, and how artificial intelligence is rapidly shaping the future of global security. https://securitycareers.help/president-trumps-cyber-strategy-for-america-2026-six-pillars-reshaping-national-cybersecurity https://compliancehub.wiki/trump-cyber-strategy-2026-compliance-implications https://scamwatchhq.com/white-house-executive-order-cybercrime-scams-2026 Sponsors: www.cisomarketplace.com www.breached.company

As nation-state actors and hacktivist proxies increasingly target operational technology (OT) across the energy and water sectors, the 2026 cybersecurity landscape has reached a critical inflection point. In response to this escalating risk, sweeping new regulatory mandates—such as the NERC CIP Roadmap, permanent TSA pipeline directives, and CIRCIA—are forcing organizations to shift away from traditional perimeter defenses and adopt maturity-based risk management. This episode explores the active threat groups currently pre-positioning within critical networks, breaks down impending compliance deadlines, and outlines how organizations can strategically prioritize their budgets to build true operational resilience. https://secureiotoffice.world/water-infrastructure-cyberattacks-desalination-iran-war https://secureiotoffice.world/power-grid-attacks-smart-city-blackouts-iran-iraq https://cisomarketplace.com/blog/operational-technology-critical-infrastructure-security-2026-strategic-briefing Sponsors: www.cisomarketplace.com www.cisomarketplace.services www.breached.company