The 2026 FIFA World Cup presents a massive global stage, but its unmatched visibility is already attracting a complex web of physical, digital, and geopolitical security threats across the US, Mexico, and Canada. In this episode, we break down how host nations are preparing for vastly different physical risks, ranging from transnational organized crime in Mexico to violent extremists targeting fan zones during the US 250th Independence Day celebrations. We also dive into the digital battleground, exploring how cybercriminals are using artificial intelligence to scale ticketing fraud, and how state-sponsored threat groups from Russia, China, and Iran are exploiting the tournament for intelligence gathering and disruptive cyberattacks.
https://www.recordedfuture.com/research/2026-fifa-world-cup-threats
https://www.recordedfuture.com/blog/2026-fifa-world-cup-cyber-physical-threats-security-guide
 
Sponsors
www.breached.company
www.myprivacy.blog
 

In this episode, we dive into Anthropic's dual-release of Claude Fable 5 and Mythos 5, two highly capable AI models built from the exact same architecture but designed for vastly different worlds. We explore how Fable 5 protects the general public with novel cyber and biological fallbacks, alongside invisible safeguards that quietly thwart competing frontier AI development. Finally, we unpack the raw, unrestricted power of Mythos 5, detailing its exclusive use by vetted cyberdefenders and researchers through Project Glasswing to secure critical infrastructure.
 
https://www.anthropic.com/news/claude-fable-5-mythos-5
System Card: https://www-cdn.anthropic.com/d00db56fa754a1b115b6dd7cb2e3c342ee809620.pdf
 
Sponsor:
https://cisomarketplace.services/program
https://cisomarketplace.services/ai-services
https://cisomarketplace.services/engagements/claude-cybersecurity-consulting

In a world where software ships daily and attackers automate their methods, traditional point-in-time security assessments like annual pentests leave mid-market organizations blind for most of the year. This episode explores the transition to a continuous, AI-augmented security model built on six interconnected pillars—ranging from automated compliance and incident response to a self-healing DevSecOps pipeline. Discover how human operators maintain absolute control over the entire ecosystem through a centralized "Operator Seat," ensuring that while security is highly automated, it is never unattended.
 
https://cisomarketplace.services/program
https://cisomarketplace.services/ai-services
 

This podcast explores how the CISO Marketplace streamlines vendor sourcing for security leaders by eliminating repetitive "discovery theater". It dives into how organizations can use ten free total cost of ownership (TCO) and sizing tools to uncover hidden technology costs, such as compounding carrier waste, unbudgeted cloud egress fees, and the true staffing requirements for a 24/7 SOC. Listeners will also learn how leveraging vendor-agnostic, CISSP-credentialed engineers can help them translate their exact needs into actionable RFP specifications and negotiate better contracts.
https://sourcing.cisomarketplace.com/tools/sase-readiness
https://sourcing.cisomarketplace.com/tools/ucaas-tco
https://sourcing.cisomarketplace.com/tools/firewall-sizing
https://sourcing.cisomarketplace.com/tools/sdwan-vs-mpls
https://sourcing.cisomarketplace.com/tools/soc-build-vs-buy
https://sourcing.cisomarketplace.com/tools/endpoint-planner
https://sourcing.cisomarketplace.com/tools/cloud-egress-cost
https://sourcing.cisomarketplace.com/tools/mobility-audit
https://sourcing.cisomarketplace.com/tools/iot-risk-surface
https://sourcing.cisomarketplace.com/tools/iam-zero-trust-tco

The June 2026 U.S. executive order establishes a voluntary pre-release review framework and classified NSA benchmarks to govern the advanced cyber capabilities of frontier AI models. While the federal government pushes an innovation-first agenda with no mandatory licensing or pre-clearance, AI developers face a starkly different reality of binding penalties from the EU AI Act and emerging state laws like Illinois SB 315. This episode explores how enterprise compliance teams must simultaneously navigate these conflicting regulatory tracks and the strategic risks of sharing advanced models during the government's 30-day early access window.
https://compliancehub.wiki/trump-ai-executive-order-frontier-model-cybersecurity-voluntary-framework-2026
https://myprivacy.blog/trump-ai-executive-order-frontier-model-security
 
Sponsors:
www.compliancehub.wiki
www.myprivacy.blog

The United States faces an unprecedented range of sophisticated cyber threats, highlighting the urgent need for a dedicated military branch to uniquely organize, train, and equip personnel for the digital domain. This episode explores the CSIS Commission's comprehensive plan for an independent U.S. Cyber Force, detailing its proposed structure of 30,000 personnel, reliance on expert warrant officers rather than an enlisted cadre, and the creation of a specialized Cyber National Guard. Listeners will discover how this proposed service aims to revolutionize military recruitment by prioritizing elite technical specialization and securing the nation's critical infrastructure against rapidly evolving adversaries.
https://www.csis.org/analysis/csis-commission-us-cyber-force-generation
 
Sponsorswww.cisomarketplace.com
www.securitycareers.help
 

Non-human identities now vastly outnumber human users, with recent estimates showing up to an 82-to-1 disparity in enterprise environments. The rapid adoption of autonomous AI agents amplifies this crisis, as these agents utilize compound identities and inherited "invisible browser" sessions to operate at machine speed, easily bypassing traditional security controls. To secure this dynamic attack surface, organizations must abandon static, permanent secrets in favor of short-lived ephemeral credentials and advanced intent inference that evaluates the true purpose behind an agent's autonomous actions
https://cisomarketplace.com/blog/non-human-identity-secrets-governance-at-scale-ciso
https://cisomarketplace.com/blog/zero-trust-technical-implementation-segmentation-policy-engine-ciso
https://cisomarketplace.com/blog/ai-agent-identity-market-landscape-2025-2026
 
Sponsors:
www.vibehack.dev
www.myprivacy.blog
https://airiskassess.com
 

The Model Context Protocol (MCP) is rapidly becoming the standard for AI-driven automation, yet its rapid adoption has significantly outpaced the development of its security model. This episode explores the inherent design vulnerabilities of MCP, such as unrestricted repository access, tool parameter injection, and remote code execution, which expose organizations to novel and systemic attack vectors. We also dive into practical defense strategies, detailing how security teams can safely implement MCP by enforcing strict trust boundaries, rigorous input validation, and comprehensive application sandboxing.
https://cisomarketplace.com/blog/ai-agent-security-crisis-mcp-vulnerabilities
https://cisomarketplace.com/blog/agent-skills-next-ai-attack-surface
https://cisomarketplace.com/blog/ciso-guide-securing-ai-agents
https://cisomarketplace.com/blog/soul-engineering-identity-layer-attacks-on-ai-agents
NSA PDF: 
 
Sponsors:
www.vibehack.dev
www.cisomarketplace.com