Cybersecurity Headlines Department of Know: Davos worries, UK-China tensions, calendar concerns
Jan 27, 2026
Jason Shockey, CISO at Cenlar FSB, focuses on cybersecurity program maturity and AI governance. Krista Arndt, Associate CISO at St. Luke's, brings hands-on healthcare security and threat modeling experience. They discuss calendar and AI agent risks, LastPass phishing and MFA limits, SmarterMail exploit lessons, UK-China cyber dialogue, AI-generated malware, and selling AI guardrails to the business.
AI Snips
Chapters
Transcript
Episode notes
Treat Your Calendar Like A Threat Vector
- Verify calendar, email, and AI assistant prompts before acting on them.
- Krista Arndt warns that your schedule can be weaponized via social engineering.
Calendars Expand Prompt Injection Risk
- Prompt injection can expose private meeting details via calendar invites.
- Models copying calendar content create a new class of business-logic attacks at scale.
Limit Sensitive Data In Calendar Invites
- Don’t store sensitive data or attachments in calendar invites.
- Jason Shockey urges using stronger MFA and minimizing calendar attack surface.