Razorwire Cyber Security

What threats should CISOs prioritise as we move into 2026? Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this episode, we're looking ahead to the challenges facing security leaders in 2026. I'm joined by Richard Cassidy, EMEA CISO at Rubrik, and together, we discuss the three themes dominating CISO conversations: navigating the expanding regulatory landscape, preparing for quantum computing's impact on existing cryptography and understanding how attackers are shifting from loud ransomware to quiet economic warfare through time drag operations. Summary This episode examines the strategic and operational challenges CISOs face in 2026. The conversation covers how evolving regulations require fundamental changes to business operations and threat response, why tabletop exercises with executive teams are becoming standard practice for testing organisational maturity and how quantum computing is moving from theoretical concern to practical planning requirement. Richard and Jim discuss the technological shifts happening simultaneously with AI and quantum computing and why security awareness gained during the pandemic is being eroded by the race to implement new technologies without proper security consideration. The episode explores how attackers are evolving beyond traditional ransomware towards time drag operations that threaten business continuity without triggering incident declarations and why the combination of deepfakes and AI-driven social engineering represents a fundamental challenge to shared reality. Three Key Talking Points: The Regulatory Burden and Tabletop Testing Learn about the regulatory challenges CISOs face across DORA, NIS2 and evolving frameworks, plus why organisations are increasingly running tabletop exercises with executive teams. Discover how war gaming activities help boards understand real-world breach scenarios and test organisational maturity beyond traditional red teaming. Find out how recent breaches at companies like Ubisoft, M&S and Jaguar Land Rover are driving leadership to take security seriously. Quantum Computing's Imminent Impact Understand why quantum computing has moved from background concern to top-three CISO priority for 2026 to 2028. Explore the timeline for quantum threats to existing cryptography, what organisations need to do now to prepare for post-quantum cryptography and why there's significant uncertainty around adoption strategies. See how quantum computing combines with AI to create a tectonic shift in security technology that requires planning today. Time Drag Operations and Economic Warfare Discover the shift from loud ransomware to quiet time drag attacks where threat actors threaten extended operational downtime rather than data theft. Learn why boards will pay millions to restore business continuity without declaring cyber incidents and how attackers are exploiting the economic model where disruption costs more than ransom. Explore how this combines with AI-powered deepfakes and social engineering to create attacks that undermine shared reality itself. On the appearance of security: "The economic model of cybercrime has shifted from traditional theft to time drag. If attackers know they can present you with a problem where you're not going to be able to recover your key systems for an inordinate amount of time, there's a higher likelihood that you are going to pay for a level of data or knowledge that will get you back to operational efficiency rather quick." p...