What’s Making 2026 the Toughest Year Yet for CISOs

Описание: What threats should CISOs prioritise as we move into 2026?

Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I’m Jim and in this episode, we’re looking ahead to the challenges facing security leaders in 2026.

I’m joined by Richard Cassidy, EMEA CISO at Rubrik, and together, we discuss the three themes dominating CISO conversations: navigating the expanding regulatory landscape, preparing for quantum computing’s impact on existing cryptography and understanding how attackers are shifting from loud ransomware to quiet economic warfare through time drag operations.

⸻

Summary
This episode examines the strategic and operational challenges CISOs face in 2026. The conversation covers how evolving regulations require fundamental changes to business operations and threat response, why tabletop exercises with executive teams are becoming standard practice for testing organisational maturity and how quantum computing is moving from theoretical concern to practical planning requirement.

Richard and Jim discuss the technological shifts happening simultaneously with AI and quantum computing and why security awareness gained during the pandemic is being eroded by the race to implement new technologies without proper security consideration.

The episode explores how attackers are evolving beyond traditional ransomware towards time drag operations that threaten business continuity without triggering incident declarations and why the combination of deepfakes and AI-driven social engineering represents a fundamental challenge to shared reality.

⸻

Three Key Talking Points:
• The Regulatory Burden and Tabletop Testing
• Quantum Computing’s Imminent Impact
• Time Drag Operations and Economic Warfare

⸻

On the appearance of security:
“The economic model of cybercrime has shifted from traditional theft to time drag. If attackers know they can present you with a problem where you’re not going to be able to recover your key systems for an inordinate amount of time, there’s a higher likelihood that you are going to pay for a level of data or knowledge that will get you back to operational efficiency rather quick.”
Richard Cassidy

⸻

Listen to this episode on your favourite podcasting platform:
(https://razorwire.captivate.fm/listen)

⸻

In this episode, we covered the following topics:
• Evolving Regulatory Frameworks
• Executive Tabletop Exercises
• Quantum Computing Preparation
• Security Awareness Erosion
• The RAM Crisis and Supply Chain Impact
• AI as a Constant Theme
• The Shift to Time Drag Operations
• Why Boards Pay Without Declaring Incidents
• Deepfakes and Loss of Shared Reality
• Educating Users Against Sophisticated Social Engineering
⸻

For more information about us or if you have any questions you would like us to discuss email [email protected].
If you need consultation, visit (https://www.razorthorn.com). We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.

⸻

Follow us online:
LinkedIn: (  / razorthorn-security  )
YouTube: (   / razorthornsecurity  )
TikTok: (  / razorwire.podcast  )
Instagram: (  / razorwire.podcast  )
X: (https://x.com/RazorThornLTD)
Website: (https://www.razorthorn.com)