This podcast dives into the current wave of Child Online Safety Legislation (COSL), such as the Kids Online Safety Act (KOSA), to unpack the political and societal forces driving these bipartisan bills. We critically examine the prevailing narrative that social media is the primary cause of the youth mental health crisis, exploring how "moral panics" over technology often ignore complex social realities. Furthermore, we discuss the potential unintended consequences of these legislative efforts, including severe threats to data privacy, free expression, and the well-being of marginalized youth through mandated age verification and expanded parental surveillance.
 
Sponsors:
www.myprivacy.blog
www.cisomarketplace.com
 

This episode dives into the massive compliance fraud orchestrated by Delve, a Y Combinator-backed startup that generated hundreds of identical, fabricated SOC 2 reports using rubber-stamping certification mills. We explore how this "compliance theater" collided with a real-world supply chain attack when LiteLLM, a company boasting Delve-generated certifications, was breached through a compromised vulnerability scanner called Trivy. Ultimately, we unpack the devastating consequences of prioritizing automated compliance badges over actual security controls, and what this structural failure means for enterprise vendor risk management in 2026.
https://compliancehub.wiki/litellm-delve-soc2-trust-chain-compliance-failure-2026
https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026
https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal
https://cisomarketplace.com/blog/auditor-vs-assessor-compliance-trust-2026
Sponsors
www.compliancehub.wiki
www.cisomarketplace.com
www.breached.company

Il ruolo del Chief Information Security Officer si è radicalmente trasformato da una funzione puramente informatica a una posizione strategica a livello esecutivo, focalizzata sul rischio digitale dell'intera azienda. Spinti dalla rapida adozione dell'intelligenza artificiale agentica, dall'espansione delle identità non umane e dalle nuove e severe normative globali come la Direttiva NIS2 dell'UE, i CISO sono ora essenziali per garantire la resilienza operativa e proteggere la continuità aziendale. Questo podcast esplora come i moderni leader della sicurezza stiano colmando il divario tra la tecnologia e il consiglio di amministrazione per combattere le minacce alla velocità delle macchine e navigare in un panorama normativo sempre più complesso.
English: https://www.podbean.com/ew/pb-r9v3x-1a73307 
 
Sponsors:
www.cisomarketplace.com
www.breached.company
 

The cyber threat landscape is experiencing a massive paradigm shift, as adversaries move away from isolated network breaches to industrialize the compromise of global digital supply chains. This episode breaks down the unprecedented March 2026 TeamPCP campaign, exploring how attackers weaponized the trusted Trivy vulnerability scanner, compromised the widely used LiteLLM AI package, and unleashed the self-propagating Shai-Hulud worm across the npm ecosystem. We also examine how the growing use of artificial intelligence by threat actors, the exploitation of unmonitored edge devices, and the rise of destructive wiper attacks against critical infrastructure are forcing organizations to adopt zero-trust models and continuous resilience strategies.
https://breached.company/litellm-supply-chain-attack-teampcp-trivy-pypi-2026
https://compliancehub.wiki/delve-compliance-startup-fake-soc2-audit-scandal
 
Sponsors:
www.cisomarketplace.com
www.breached.company 

Rola dyrektora ds. bezpieczeństwa informacji (CISO) uległa fundamentalnej transformacji z funkcji operacyjnej IT w strategiczne stanowisko na szczeblu kierowniczym, koncentrujące się na ryzyku cyfrowym w całej organizacji. W związku z szybką adopcją agentycznej sztucznej inteligencji, rosnącą liczbą tożsamości nieludzkich oraz surowymi nowymi globalnymi regulacjami, takimi jak unijna dyrektywa NIS2, dyrektorzy CISO są teraz kluczowi dla zapewnienia odporności operacyjnej i ochrony ciągłości biznesowej. Ten podcast analizuje, w jaki sposób współcześni liderzy ds. bezpieczeństwa zasypują przepaść między technologią a zarządem, aby zwalczać zagrożenia działające z prędkością maszyn i poruszać się w coraz bardziej złożonym krajobrazie regulacyjnym.
 
English Version: https://www.podbean.com/ew/pb-r9v3x-1a73307 
 
Sponsors:
www.cisomarketplace.com
www.breached.company
 

O papel do Chief Information Security Officer (CISO) passou por uma transformação fundamental, deixando de ser uma função técnica de TI para se tornar um cargo estratégico de nível executivo focado no risco digital de toda a empresa. Impulsionados pela rápida adoção da inteligência artificial agêntica, pela expansão das identidades não humanas e por novas regulamentações globais rigorosas, como a Diretiva NIS2 da UE, os CISOs agora são essenciais para garantir a resiliência operacional e proteger a continuidade dos negócios. Este podcast explora como os líderes de segurança modernos estão diminuindo a distância entre a tecnologia e a diretoria para combater ameaças em velocidade de máquina e navegar em um cenário regulatório cada vez mais complexo.
 
English: https://www.podbean.com/ew/pb-r9v3x-1a73307 
 
Sponsor:
www.cisomarketplace.com
www.breached.company
 

Explore the evolving world of cyber threats in this deep dive into the 2025 malicious infrastructure landscape, where tools like Cobalt Strike and AsyncRAT continued to dominate global attacks. We unpack how cybercriminals and state-sponsored actors rapidly adapted to law enforcement disruptions, highlighting the critical role of Threat Activity Enablers (TAEs) in providing bulletproof hosting and resilient routing networks. Tune in to understand the complex, multi-tiered ecosystems driving today's most prevalent malware families and what defenders can do to stay ahead of these persistent threats.
https://www.recordedfuture.com/research/2025-year-in-review-malicious-infrastructure
 
Sponsors:
www.breached.company
www.myprivacy.blog 

This episode delves into the complex web of China's influence operations within the Nordic-Baltic information environment, focusing specifically on the contrasting diplomatic landscapes of Denmark and Lithuania. We explore how Beijing utilizes eight distinct avenues of influence—ranging from United Front networks and economic coercion to clandestine espionage—to shape local narratives and pressure political decision-maker. Join us as we uncover how Lithuania took a bold stance with a "values-based" foreign policy, while Denmark grapples with the subtle, backstage coercion of China's "Shadow Wolf Warrior" diplomacy
 
Sponsors:
www.breached.company
www.cisomarketplace.com
www.myprivacy.blog