Home Insights PodcastsEpisode 174: 2026 Cybersecurity Predictions from CIS — Pt 2

Episode 174: 2026 Cybersecurity Predictions from CIS — Pt 2

In episode 174 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Kyle Leonard, Cyber Threat Intelligence Analyst at the Center for Internet Security^® (CIS^®), and Randy Rose, VP of Security Operations & Intelligence at CIS. Together, they continue their discussion of 2026 cybersecurity predictions from seven CIS experts, as shared on the CIS website.

Here are some highlights from our episode:

02:00. How cross-platform campaigns are becoming the norm
03:09. Threat actors' use of generative artificial intelligence (GenAI) to expand their attacks and gain efficiencies
05:08. The blurring line of what separates today's script kiddies from nation-state threat actors
07:47. Fully autonomous malware: in the realm of possibility but not here yet
13:19. How specialization in the criminal ecosystem requires us to rethink analysis itself
16:07. Shrinking dwell time: a product of the democratization of complex tools' availability
18:02. The effective use of social engineering to lower threat actors' operational costs
19:20. Malware's increasing use of trusted infrastructure to thwart cyber defenses
20:25. The use of behavioral analysis to apply bottleneck security mechanisms
22:40. Evolving threat actors' tradecraft: pseudo-random subdomains, GenAI models, and SEO poisoning
26:39. What trust looks like today: something that's dynamic and negotiated at a moment's notice
31:25. Supply chain attackers' pivot to edge device vendors and security appliance makers
33:43. The ongoing work of CIS to support state and local governments' cybersecurity efforts

Resources

If you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing [email protected].

Subscribe to Our Podcast

As of June 23, 2025, the MS-ISAC has introduced a fee-based membership. Any potential reference to no-cost MS-ISAC services no longer applies.