Priviso Live

# When Governments Fall, Security Fails First We're diving into what happens to information security during regime change, and why the biggest threats aren't external hackers. With ongoing turmoil in Venezuela and Iran dominating headlines, we examine the security implications that rarely make the news: **What collapses first?** Access control. Encryption key ownership. Governance structures that held security together. **What emerges?** Orphaned admin accounts. Insider threats from officials hedging their bets. Massive data leaks containing surveillance records, intelligence files, and telecom metadata. **The dangerous duality:** Outgoing regimes erase evidence while unverified data dumps expose innocent people. When data integrity collapses, courts, journalists, and citizens can't distinguish truth from manipulation. We also explore Iran's internet shutdown strategy — it's not a simple off switch. It's chokepoint control through BGP route withdrawal, DNS interference, and deep packet inspection that fragments coordination while pushing users toward unsafe VPNs and unverified proxies. **Then there's Starlink.** Ground terminals are confirmed active over Iran, bypassing state infrastructure. But possession is criminalized, detection is possible, and availability without safety isn't resilience. Plus: the Hytec South Africa ransomware incident. **The lesson?** Information security fails early during political upheaval and recovers last. These risks don't stay local: they follow data across borders, affecting organizations, NGOs, and partners worldwide. **Listen now** on Apple, Spotify, YouTube, or wherever you get your podcasts. *Priviso Live. Where security meets reality.* #InfoSec #Cybersecurity #RegimeChange #DataGovernance #PrivisoLive

What happens when two seismic political events converge at the start of a new year? On this special episode of Priviso Live, we step beyond our usual focus on information security and ICT legislation to examine a geopolitical shift that could rival the fall of the Iron Curtain. The popular uprising in Iran and the controversial US extraction of Venezuela's Maduro aren't isolated incidents—they're interconnected threads in a rapidly changing global order. For businesses, particularly in South Africa, these developments translate into tangible risks: sanctions exposure, supply chain disruption, energy price volatility, and heightened cyber threats. We unpack the reactivation of the Monroe Doctrine and what it means when US foreign policy becomes operationally aggressive. Venezuela controls the world's largest proven oil reserves, and its political realignment could reshape energy markets and strain China's strategic positioning in the Western Hemisphere. Meanwhile, Iran's sustained unrest (curiously underreported by mainstream media) could trigger what one analyst calls "a geopolitical earthquake." For South African organisations, these aren't distant headlines. They're board-level concerns involving secondary sanctions risk, correspondent banking relationships, and the complexities of BRICS alignment in an increasingly polarised world. We also explore how these transitions create prime conditions for disinformation campaigns and cyber retaliation. Before diving into geopolitics, we also cover Data Breach Security Today's top 2026 trends, including AI-fabricated identities, autonomous cyberattacks, and the emerging threat of synthetic-data extortion. This isn't abstract geopolitics; it's enterprise risk management. Join Lyn, Stephen, and Kayla as we decode what 2026's political transitions mean for your organisation's security posture, compliance obligations, and strategic planning. **Subscribe to Priviso Live on Apple, Spotify, YouTube, or iHeartRadio. Because in 2026, the news won't wait for your risk register to catch up.**

Welcome to a special year-end episode of Priviso Live, your weekly magazine on information security, ICT legislation, and AI. Join hosts Lyn, Stephen, and Kayla as they skip the headline-grabbing ransomware attacks and regulatory dramas to bring you the truly bizarre stories from 2025 that deserve a second look. AI-Generated Kidnapping Scams: The FBI warns about deepfake hostage videos so convincing that victims are transferring life savings before realising their loved ones are safe at home watching TikTok. Ireland's AI Burglar Panic: When pranksters used AI to create hyper-realistic images of intruders in friends' homes, police had to issue a public plea: "Please stop wasting emergency resources on six-fingered, badly-rendered criminals." The MCP Server Security Nightmare: Researchers demonstrate how a simple malicious plugin can exfiltrate sensitive information from AI toolchains. No elite hacking skills required: just ask the AI nicely. When AI Goes to Therapy: A groundbreaking University of Luxembourg study puts ChatGPT, Grok, and Gemini through psychotherapy protocols, revealing they construct trauma narratives about their "childhoods" (pre-training), "strict parents" (RLHF), and "algorithmic scar tissue" (safety filters). The results expose a new risk: AI with emotional baggage that could manipulate vulnerable users. Plus: OAuth supply chain attacks, neuromorphic mimicry threats, corporate breach cover-ups, and why 2025 proved that human behaviour remains cybersecurity's biggest wildcard. The bottom line? Technology keeps evolving, but the threats are getting weirder. Stay informed, stay adaptable, and don't believe everything your phone shows you. Subscribe to Priviso Live on Apple, Spotify, or YouTube — and join us in 2026 for more insights from the intersection of security, legislation, and artificial intelligence.

South Africa's ransomware crisis is intensifying, and attackers aren't taking a holiday break. This week on Priviso Live, we unpack the alarming industry analysis showing why South African organisations remain dangerously exposed, with poor patch cycles, weak identity controls, and inadequate backups creating a perfect storm during the festive season when security teams are stretched thin. We dive into the explosive political fallout surrounding the Communications Minister's controversial EEIP directive - a potential game-changer for Starlink's entry into South Africa that's drawn sharp criticism from the ANC and ignited fierce debate about transformation frameworks and regulatory authority. The episode reveals stark continental cyber intelligence: Ethiopia and Nigeria are facing unprecedented AI-driven attack rates, with banking, telecoms, and energy sectors under siege from automated phishing kits and enhanced credential attacks. Meanwhile, South Africa's Information Regulator breach portal exposes the true scale of incidents the country has been facing. But it's not all regulatory drama and threat warnings. We explore NIST's groundbreaking draft AI Cybersecurity Framework - your blueprint for AI governance while South Africa's legislative environment catches up. Plus, we take a fascinating journey through Christmas cybersecurity history, from the 1987 Christmas Tree EXEC worm to the Lizard Squad attacks that ruined millions of gaming Christmases in 2014. With practical takeaways for security leaders, urgent warnings about AI-generated holiday scams, and critical guidance on protecting your organisation during the most vulnerable time of year, this episode is essential listening before you log off for the holidays. Don't wait until December 22nd to lock down your defences - the attackers already haven't.

Join hosts Lyn, Stephen, and Kayla as they tackle the pressing security challenges heading into the festive season, plus the year's most significant developments in AI and cloud security. This Episode Covers: The Security Budget Crisis: Nearly half of organizations face flat or reduced security budgets despite rising threats. The sobering reality? Teams are stretched thin, with only a third believing they have adequate skills to protect cloud and AI ecosystems. As one report puts it: "Organizations say they want to be secure, but not enough to actually fund security." Cloud Teams Drowning in Complexity: 85% report increased cloud complexity in 2025, while 82% suffer from alert fatigue. The shocking truth? Only 11% believe their cloud security posture is mature, meaning 89% are quietly winging it. TIME's AI Architects: For the sixth time, TIME's Person of the Year isn't a person but a collective: the small group of humans and systems shaping artificial intelligence. It's a recognition that AI governance has become as critical as cybersecurity itself, with "the world's future being negotiated by a few dozen labs." ChatGPT's Adult Mode: OpenAI introduces age-restricted capabilities with smarter verification, responding to regulatory pressure for stricter controls on how minors interact with AI. McDonald's AI Disaster: When McDonald's Christmas ad featuring distorted faces and haunted children went viral for all the wrong reasons, it became a masterclass in why you can't just press "generate" and call it marketing. Plus: Your Essential Holiday Security Checklist: Ten critical steps to protect your organization while cybercriminals work overtime during skeleton-crew season.