In episode 194 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Ed Skoudis, President of SANS Technology Institute. Together, they conduct a mid-year review of 2026 cybersecurity predictions from seven Center for Internet Security® (CIS®) experts, as shared on the CIS website.
Here are some highlights from our episode:
- 01:50. Ongoing conversations about improving defense with artificial intelligence (AI)
- 05:19. A trap to avoid: Automating things with AI because we can regardless of utility
- 06:54. Ed's prediction about a near-term transition for AI-enabled vulnerability discovery
- 09:27. How AI agents change the economics around conducting a penetration test
- 11:26. Adversary emulation: A blurry proposition when threat actors use AI to look like anybody
- 14:02. Ed's prediction about threat actors shifting APT profiles within a single attack campaign
- 17:00. The need to systematically rethink cyber defense to support state and local cybersecurity
- 23:34. How adversaries are pivoting to the "authorization sprawl" in light of zero trust efforts
- 29:20. Industry-specific threat intelligence as a way to keep organizations informed
- 32:10. Why a policy isn't the same as security control for operational technology (OT)
- 33:55. Social expectations and public policy objectives around holistic OT security
- 39:52. Compliance as a floor, not a ceiling, that results as a byproduct of continuous security
- 43:43. The need for oversight and confidence in technology as distinct from the "Fog of More"
Resources
- Episode 169: 2026 Cybersecurity Predictions from CIS — Pt 1
- Episode 174: 2026 Cybersecurity Predictions from CIS — Pt 2
- Episode 179: 2026 Cybersecurity Predictions from CIS — Pt 3
- The Myth of Mythos: What It Means For Information Security
- Episode 189: The Present and Future of AI-enabled Pentesting
- Authorization Sprawl: The Vulnerability Reshaping Modern Attacks
- Episode 188: DBIR 2026 Insights and Collaboration with CIS
- Mapping and Compliance with the CIS Controls
- Mapping and Compliance with the CIS Benchmarks
If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].
Fler avsnitt av Cybersecurity Where You Are (audio)
Visa alla avsnitt av Cybersecurity Where You Are (audio)Cybersecurity Where You Are (audio) med Center for Internet Security finns tillgänglig på flera plattformar. Informationen på denna sida kommer från offentliga podd-flöden.
