The 2026 Threat Landscape, Iran, and AI-Powered Phishing with Michael Kosak

Failed to add items

Sorry, we are unable to add the item because your shopping cart is already at capacity.

Add to basket failed.

Please try again later

Add to wishlist failed.

Please try again later

Remove from wishlist failed.

Please try again later

Adding to library failed

Please try again

Follow podcast failed

Unfollow podcast failed

The 2026 Threat Landscape, Iran, and AI-Powered Phishing with Michael Kosak

Listen for free

View show details

Mike Kosak joins Cyber Voices to deliver a frank assessment of the 2026 cyber threat environment: it's not great, and it's getting worse. Mike is Director of Threat Intelligence at LastPass, with nearly 25 years of experience that began in the US Department of Defense as a counterterrorism intelligence officer. He served three deployments to Iraq supporting Operation Iraqi Freedom, led the Pentagon office responsible for intelligence updates to the Chairman of the Joint Chiefs of Staff, and acted as senior command representative to Joint Special Operations Command for the Defence Intelligence Agency. Since moving into the private sector he has led strategic cyber intelligence at Bank of America, headed the Cyber Threat Intelligence team at TIAA, and now drives threat intelligence at LastPass.

In this conversation Mike and David unpack what the ongoing conflict in the Middle East means for Australian defenders, why Five Eyes membership puts Australia squarely in scope regardless of physical proximity, and how Iran targets opportunistically and then retrofits the rationale to fit. They look at China and Taiwan as a potential 2027 flashpoint, with critical infrastructure, education, and the defence industrial base already in frequent crosshairs. The conversation then shifts to phishing, where AI has lowered the barrier to entry and lifted operational tempo dramatically. Mike shares what his team has been observing as a single threat actor group develops its own AI-assisted phishing kit across three increasingly sophisticated versions, evolving from a basic login page to an attacker-in-the-middle reverse proxy.

The episode closes with practical guidance for the Australian cyber community: the Essential Eight still gets you 80% of the way there, and getting a real handle on your tech stack, including shadow AI and shadow tech, will pay enormous dividends as the gap between vulnerability detection and exploitation continues to shrink.

Subscribe to Cyber Voices wherever you get your podcasts, and find us on YouTube for the video version.

No reviews yet