Matthew Rosenquist, longtime security strategist and former Intel CISO, gives his insights into why 2026 is unlike any year before it in cybersecurity, and what security leaders need to do right now to stay ahead.

He explains:

• Why AI is a force multiplier for attackers first and what that means for defenders
• How the vulnerability discovery-to-exploit window has collapsed from months to hours
• The evolution of ransomware into AI-powered blackmail and extortion
• Why MCP servers are the next major attack surface nobody is talking about
• The CISO identity crisis and how to shift from cost center to business partner
• Shadow AI, prompt injection, and why privacy is on life support
• What the CISOs who survive AI disruption will do differently from those who don't

Episode Timeline:

• (00:00) Intro and why 2026 hits different for cybersecurity
• (14:40) How Matthew builds his annual predictions across 4 domains
• (16:37) Why AI is the first force to dominate all four at once
• (18:53) Social engineering at scale: AI's first killer app for attackers
• (21:14) Zero days for $6 and the collapse of the exploit window
• (24:14) Why human inertia is still the defender's biggest enemy
• (33:54) Security by design and shrinking the zero day pool
• (43:39) When tools have agency: the blurring line between AI and humans
• (51:30) MCP servers, shadow AI and the governance gap no one is closing
• (58:00) A real world AI phishing attack that almost fooled a security expert
• (01:05:33) How ransomware is evolving into AI-powered blackmail
• (01:37:39) The CISO identity shift from cost center to competitive edge

Connect with Matthew Rosenquist on LinkedIn

Powered by Control D