CISO Insights: Voices in Cybersecurity

The South Carolina Critical Infrastructure Cybersecurity (SC CIC) program actively defends the state's essential services from escalating digital threats like account compromise and double extortion ransomware. In 2025, the program expanded its reach to 326 participating organizations across 15 critical infrastructure sectors, offering free, proactive resources such as threat intelligence, vulnerability scanning, and readiness exercises. Join us as we explore how SC CIC equips local governments and vital facilities with the tools, grants, and training needed to stop cyberattacks before they disrupt critical daily operations. www.breached.company/south-carolina-critical-infrastructure-cybersecurity-2025-year-in-review   Sponsors: www.cisomarketplace.com   Packt Publishing AI Defense in Action – Feb 21 (TODAY) 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40

AI failures will not be treated like traditional cyber incidents. When automated systems produce biased decisions, leak sensitive data, or cause regulatory violations, accountability will land at the executive and board level. In this episode, we examine how AI risk is reshaping CISO expectations and what security leaders must prepare for before the first major AI governance crisis hits. www.compliancehub.wiki/ai-governance-and-regulatory-convergence-what-cisos-must-prepare-for-now https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind   Sponsors: www.cisomarketplace.com Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40    

AI adoption is accelerating inside organizations, but governance maturity is not keeping pace. In this episode, we break down the emerging AI security gap — from adversarial model risks to executive accountability failures — and why this shift will redefine the CISO role. If you're building toward senior security leadership, understanding AI governance is no longer optional — it's strategic leverage. https://www.hackernoob.tips/the-ai-governance-maturity-gap-why-most-security-teams-are-behind https://www.securitycareers.help/ai-governance-will-be-a-core-skill-for-the-next-generation-of-cisos   Sponsors: www.cisomarketplace.com   Packt Publishing AI Defense in Action – Feb 21 40% discount code: CISOMP40 https://www.eventbrite.com/e/ai-defense-in-action-tickets-1848270770629?aff=CISOMP&discount=CISOMP40

This episode explores how the Russian military has pivoted from failed, centralized command architectures to a fragmented but effective ecosystem of volunteer-built tactical software like the "Glaz/Groza" complex. We discuss the critical role of civilian engineers in adapting commercial technology and open-weight AI models to accelerate drone-to-artillery kill chains. Finally, we examine the security risks of using open-source tech and how Russia is mitigating them through domestic platforms like Astra Linux and systematic data collection. www.securitycareers.help/russian-command-and-control-transitioning-toward-ai-enabled-warfare   Sponsors: www.cisomarketplace.com www.myprivacy.blog 

This episode breaks down the ND-ISAC’s essential guide designed to help small and medium-sized businesses avoid the "race to the bottom" when selecting a Third-Party Assessment Organization (C3PAO). We discuss how to utilize a comprehensive scoring system to evaluate potential assessors on critical criteria like technical aptitude, reasonableness, and the all-important intake process. Listeners will learn why the lowest price often carries the highest risk and how to identify an assessor who truly understands their unique environment. www.securitycareers.help/c3pao-selection-guide-for-small-and-medium-sized-businesses-strategic-briefing   Sponsors: https://baseline.compliancehub.wiki https://cmmcnist.tools  

Join us as we explore the "Information Influence Attribution Framework," a methodology designed to pierce the veil of anonymous Russian disinformation campaigns in Ukraine and beyond. We break down how analysts combine technical infrastructure data, behavioral patterns like those in the DISARM framework, and contextual clues to distinguish organic viral content from coordinated state attacks. Through real-world case studies—from fake BBC videos to anti-mobilization TikToks—we reveal how digital detectives build high-confidence cases to hold state actors accountable. www.scamwatchhq.com/attributing-russian-information-influence-operations-insights-and-frameworks   Sponsors: www.myprivacy.blog www.breached.company  

This episode explores how catastrophic ransomware attacks like the Change Healthcare and Ascension incidents have transformed cybercrime from a financial nuisance into a lethal patient safety emergency. We uncover the emerging threats defining 2026, including AI data poisoning, "ghost bug" vulnerabilities in legacy medical devices, and the fragile interdependence of the global diagnostic supply chain. Finally, we break down the federal government’s aggressive new enforcement against information blocking and the "Secure by Design" mandates essential for hospital survival. www.breached.company/healthcare-under-siege-47-ransomware-victims-in-30-days-as-patient-safety-crisis-deepens   Sponsors www.cisomarketplace.com www.breached.company  

Dive into the 2026 State of Security report to understand how geopolitical fragmentation is blurring the lines between statecraft, crime, and war. We explore the shift toward "access-first" strategies by major powers like China and Russia, who are prioritizing the quiet accumulation of access to critical infrastructure and connectivity systems over immediate destruction. Finally, the episode examines the deepening crisis of synthetic identities and how AI is evolving from a hyped threat into a practical tool for fraud and coercion. www.breached.company/2026-state-of-security-geopolitical-fragmentation-and-the-redefining-of-global-conflict   Sponsors: www.cisomarketplace.com www.breached.company

This episode investigates why international data protection enforcement currently lags behind the seamless cooperation seen in competition and consumer law. Listeners will discover how legal barriers and resource constraints hinder Data Protection Authorities from effectively sharing investigative information across borders. We conclude by outlining key recommendations from a recent EDPB report, including the adoption of confidentiality waivers and a secure global platform for cross-border complaints.   www.compliancehub.wiki/international-data-protection-enforcement-cooperation-analysis-and-recommendations   Sponsors: www.myprivacy.blog www.breached.company www.compliancehub.wiki 

Based on a comprehensive study of espionage cases in Europe from 2008 to 2024, this episode reveals how intelligence services are adapting to the digital age by treating spying like a "gig economy" job. We explore the shift from traditional insiders to "disposable" spies recruited via social media apps like Telegram, often for single, low-level tasks such as sabotage or observation. The discussion also covers the ten distinct types of modern spies and the complex mix of money, ideology, and ego that motivates them to betray their countries.  www.breached.company/espionage-in-europe-2008-2024-motives-methods-and-typologies   Sponsor www.myprivacy.blog www.compliancehub.wiki www.breached.company  

This series explores the complex battlefield of modern information influence, examining how malign actors exploit cognitive biases and leverage technologies like AI and video games to manipulate public perception and undermine democratic institutions. We delve into the mechanics of these operations—from the creation of data voids and gendered disinformation to the strategic use of fear—and how they threaten the open society. Finally, we discuss the critical countermeasures of psychological defence, focusing on how nations can build societal resilience and media literacy to safeguard the truth without infringing on free speech. www.myprivacy.blog/psychological-defence-and-the-evolution-of-information-influence   Sponsor: www.myprivacy.blog www.cisomarketplace.com  

As autonomous AI agents face sophisticated "Soul Engineering" attacks that subvert their core identities, the recent Moltbook security crisis highlights the urgent need for verifiable data lineage. This episode explores how the ancient Islamic concept of isnād—the rigorous chain of transmission—is being reimagined as a technical architecture to establish provenance, verify "narrator" reputation via Ilm al-Rijal, and build digital immune systems for AI. Join us as we connect historical scholarship with 2026 cybersecurity trends to solve the problem of "epistemic opacity" and secure the future of agentic AI www.securitycareers.help/strategic-briefing-the-convergence-of-ai-identity-software-quality-and-digital-tradition https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface   Sponsors: www.cisomarketplace.com www.cisomarketplace.services 

2025 marked a record-breaking inflection point for cybersecurity, with over $96 billion in M&A activity driven by the urgent need to secure the "Machine Age" of enterprise AI. We explore why tech giants are aggressively acquiring "Security for AI" startups to build mandatory guardrails against prompt injection and data poisoning, while the "AI for SOC" market remains in an experimental phase due to lingering trust barriers. Finally, we discuss how this massive consolidation is fueling a "breakout" IPO pipeline for 2026, as regulatory pressures like the EU AI Act transform compliance tools into essential infrastructure www.compliancehub.wiki/the-96-billion-land-grab-who-actually-benefits-when-cybersecurity-changes-hands https://cisomarketplace.com/blog/cisos-guide-ai-security-vendor-evaluation https://www.securitycareers.help/cybersecurity-consolidation-2023-2025-major-m-a-deals-and-market-dynamics https://www.securitycareers.help/the-great-ai-security-gold-rush-why-everyones-buying-security-for-ai-but-nobodys-touching-ai-for-security https://www.securitycareers.help/the-ai-data-center-gold-rush-when-1-trillion-in-investments-meets-community-resistance https://momentumcyber.com/cybersecurity-mergers-acquisitions-report-2025/ Sponsor: www.cisomarketplace.com www.cisomarketplace.services  https://vrm.cisomarketplace.services

This episode uncovers why security experts are calling the OpenClaw and Moltbot ecosystem a "security nightmare," revealing how these autonomous agents act as vulnerable infrastructure rather than simple productivity apps. We explore the novel threat of "time-shifted" memory poisoning, where malicious instructions lie dormant in SOUL.md files to trigger logic bombs days or weeks after infection. Finally, we break down the "ClawHavoc" supply chain attack that distributed crypto-stealing malware to thousands of users, prompting Gartner to recommend an immediate blockade of the software. https://breached.company/over-1-000-clawdbot-ai-agents-exposed-on-the-public-internet-a-security-wake-up-call-for-autonomous-ai-infrastructure   Sponsors: www.cisomarketplace.com www.breached.company  

This episode uncovers the details behind the coordinated cyber sabotage that struck Polish wind farms, a combined heat and power plant, and a manufacturing firm on December 29, 2025. We explore how attackers exploited vulnerable FortiGate VPNs and default credentials to deploy destructive "DynoWiper" malware and corrupt critical industrial firmware, aiming to permanently disable physical equipment. Finally, we examine the forensic evidence linking these attacks to the "Static Tundra" activity cluster and discuss the broader risks facing critical infrastructure today. www.breached.company/polands-winter-power-grid-attack-sandworms-dynowiper-targets-30-facilities-in-coordinated-critical-infrastructure-assault   Sponsor: www.cisomarketplace.com  

The NATO Strategic Communications Centre of Excellence's 2025 experiment reveals how AI has transformed social media bots from simple spammers into sophisticated actors capable of "psychological realism" and seamless integration into authentic human conversations. Researchers demonstrate that for as little as €10, manipulators can now generate mass-scale AI content and route funding through untraceable cryptocurrency exchanges to evade detection and purchase fake engagement across major platforms like X, TikTok, and Facebook. The episode explores the alarming shift from political spam to militarized narratives and explains why traditional detection methods are failing as synthetic actors move from broadcasting propaganda to embedding themselves within trusted community dialogues. www.compliancehub.wiki/social-media-manipulation-and-the-evolution-of-synthetic-influence-2025-analysis   Sponsors: www.myprivacy.blog www.compliancehub.wiki  https://digitaltwinrisk.health

This episode explores how Denmark, Estonia, Finland, Iceland, Latvia, Lithuania, Norway, and Sweden are mobilizing a "whole-of-society" defense to protect their democratic institutions from foreign information influence operations. We examine diverse regional strategies, ranging from Lithuania’s volunteer "elves" and Sweden’s Psychological Defence Agency to Finland’s comprehensive security model and strict legislative disruptive measures. Listen in to understand how these nations balance the protection of free speech with the necessity of countering hostile narratives through resilience, situational awareness, and international cooperation. www.compliancehub.wiki/countering-information-influence-operations-strategies-and-resilience-in-the-nordic-baltic-region   Sponsors: https://www.myprivacy.blog https://pii.compliancehub.wiki  

The global fraud landscape is currently at a turning point known as the Sophistication Shift, where high-volume, "low-effort" scams are being replaced by fewer, sharper, and far more damaging attacks engineered with professionalized precision. Fraudsters have successfully industrialized deception by leveraging a "fraud production ecosystem" that pairs generative AI and deepfakes with autonomous fraud agents and telemetry tampering to bypass traditional verification systems. To counter these advanced networks, institutions are transitioning from static, document-based checks toward continuous, behavioral-driven assurance and unified compliance workbenches.   www.scamwatchhq.com/identity-fraud-report-2025-2026-key-insights-and-analysis   Sponsor: www.scamwatchhq.com www.cisomarketplace.com

Jurisdictions worldwide are developing AI governance policies that range from comprehensive "hard law" mandates like the EU’s AI Act to voluntary "soft law" frameworks favored by Singapore and the United Kingdom. While these approaches differ in legal enforceability and centralization, they coincide on core principles such as risk-based management and the establishment of dedicated safety institutes. The series also examines how existing privacy and intellectual property statutes serve as foundational baselines, driving new transparency requirements and shaping the legal environment through high-profile litigation like New York Times v. OpenAI www.compliancehub.wiki/global-ai-governance-comparative-analysis-of-legal-and-policy-frameworks   Sponsors: https://airiskassess.com https://compliance.airiskassess.com https://cisomarketplace.services  

This podcast explores how African nations have transitioned from fragmented sectoral protections to comprehensive, rights-based data frameworks inspired by global standards like the EU GDPR. We delve into the pivotal role of regional instruments like the Malabo Convention and the rise of "enforcement maturity," where increasingly confident regulators are now holding both global tech giants and government departments accountable. Finally, we examine the strategic shift toward continental enforcement norms, AI governance, and the institutionalization of regulator-to-regulator learning to secure Africa's rapidly evolving digital economy.  www.compliancehub.wiki/african-data-protection-frameworks-evolution-regulation-and-regional-convergence   Sponsors:  https://globalcompliancemap.com https://www.compliancehub.wiki