Jordan: The U.S. government's primary cyber defense agency is now operating in reactive mode. Let that sit for a second. CISA — the organization whose entire mandate is to get ahead of threats before they hit — is now waiting for fires before it shows up with water. If you're a CISO and you haven't adjusted your threat intelligence posture accordingly, today's episode is for you.

Alex: Welcome to Cleartext. I'm Alex Chen. It's Thursday, March 26th, 2026. With me as always is Jordan Reeves. Today we're covering a lot of ground — a degraded CISA and what that means for enterprise self-reliance, a supply chain attack on a widely-used AI package that should have your security teams auditing dependencies right now, a device code phishing campaign hitting hundreds of Microsoft 365 environments, the FCC's sweeping router ban, Google pulling its post-quantum timeline forward by six years, and the ongoing question of whether personal CISO liability is quietly breaking the profession. Plus, a governance blind spot around AI agent access that most organizations haven't even started to address. Let's get into it.

Alex: So Jordan, CISA. Walk me through what's actually happening operationally.

Jordan: The DHS shutdown has gutted CISA's proactive posture. We're talking furloughs, cuts, reduced capacity. The agency has essentially triage-d itself down to maintaining the 24/7 operations center and responding to imminent threats. Everything else — threat intelligence sharing, early warning advisories, sector coordination, proactive hunts — that pipeline is either frozen or running on fumes. Acting leadership has been candid about it. They're saying systemic risk across critical infrastructure is increasing. That's not boilerplate. That's an admission.

Alex: And the enterprise implication is direct. CISA has become a meaningful part of many organizations' external threat intelligence diet — KEV catalog updates, emergency directives, sector-specific briefings. If you've been relying on that as a signal layer, you now have a gap. Not a future gap. A current gap.

Jordan: Right. And I'd push CISOs to think about this structurally, not just as a temporary inconvenience. If your threat intelligence program can't function without federal inputs, that's a design flaw. The commercial threat intel market exists for exactly this reason. ISACs are still operational. Your sector peers are still talking. This is the moment to stress-test whether your detection and response capabilities are genuinely self-sufficient or whether they've been quietly subsidized by government visibility.

Alex: The board framing here is actually pretty clean. If a director asks why the security budget needs to hold or grow this cycle, the answer includes: the federal backstop we've historically relied on is currently degraded, and we need to compensate.

Jordan: Staying in the geopolitical lane — the FCC has now placed all consumer-grade routers manufactured outside the U.S. on its covered list. Every single one. This is framed as national security, and there's a legitimate security thread running through it — foreign-manufactured networking hardware has been a persistent espionage vector. But let's be honest, there's also a reshoring policy agenda embedded in this move.

Alex: For CISOs, the near-term question is inventory. If your remote workforce is on company-approved consumer-grade routers — which happened a lot post-pandemic — you now have a procurement and compliance problem. The longer-term question is supply chain. Enterprise-grade equipment from major vendors is less exposed here, but you need to know exactly what's in your environment before someone in legal asks.

Jordan: And while we're on the topic of government surveillance of Americans — there's a story worth flagging from Risky Business. FBI Director Kash Patel confirmed to Congress that the Bureau is purchasing Americans' location data commercially. No warrant required. Just a data broker transaction.

Alex: This has direct implications for CISOs thinking about employee privacy, travel security programs, and data broker exposure. If location data on your executives or employees is commercially available and purchasable by federal agencies without a warrant, that's also commercially available to threat actors with a budget. The attack surface here isn't just legal or political. It's operational.

Jordan: Let's shift to the breach desk. LiteLLM — a widely-used open-source AI package — was compromised with credential-stealing malware in a supply chain attack attributed to a group called TeamPCP. If you haven't heard of LiteLLM before, your developers probably have. It's a popular abstraction layer that sits between applications and large language model APIs. It touches credentials. It touches secrets. And it's maintained by a small team.

Alex: This is the open-source AI dependency problem in its clearest form. Organizations have been adopting AI tooling at a pace that their security and procurement processes cannot match. Your developers are pulling packages from PyPI the same way they always have, but now those packages are sitting in front of your most sensitive API keys — cloud providers, model providers, internal systems. The attack surface has changed. The hygiene hasn't.

Jordan: Immediate action item: audit your AI-related dependencies. Not next sprint. This week. Know what packages are in use, who maintains them, and what they have access to. SBOMs are your friend here, but only if you're actually generating and reviewing them.

Alex: Simultaneously, there's an active campaign targeting Microsoft 365 environments through device code phishing. Over 340 organizations across the U.S., Canada, Australia, New Zealand, and Germany. First spotted February 19th, accelerating since. The attack abuses the OAuth device code authentication flow — it's a legitimate enterprise feature being weaponized.

Jordan: Device code flow was designed for devices that can't easily display a browser — think smart TVs, IoT endpoints. But attackers have figured out they can use it to generate auth codes that victims authenticate on their behalf, handing over valid tokens with no password required and often no MFA challenge triggered. It bypasses a lot of the conditional access controls organizations think are protecting them.

Alex: If you're running Microsoft 365, pull your conditional access policies today. Specifically look at whether device code flow is restricted or blocked for users who don't need it. This isn't a novel technique, but the scale and pace of this campaign suggests it's working. When something's working at 340 organizations, it keeps working.

Jordan: Google announced it's moving its post-quantum cryptography migration target from 2035 to 2029. Six years earlier. That's not a minor calendar adjustment. When the world's largest internet infrastructure company pulls its cryptographic timeline forward by six years, it's telling you something about their threat modeling.

Alex: The driver is harvest-now-decrypt-later. Nation-state actors are collecting encrypted traffic today with the expectation that quantum computing will make it decryptable in the future. Classified data, M&A communications, long-term contracts, health records — anything with a shelf life beyond five to seven years is potentially exposed. NIST has finalized its post-quantum standards. The roadmap exists. What CISOs need to do now is begin crypto-agility planning — understanding where classical encryption lives in your environment and building a migration path, even if full execution is still years out.

Jordan: Use Google's announcement as a forcing function. If your board asks why you're spending on cryptography modernization, the answer is that Google doesn't think 2035 is safe enough and neither should you.

Alex: Let's spend a minute on the CISO liability piece, because it's one of those slow-moving issues that the industry keeps not solving. Regulators are pursuing personal accountability after major breaches. The SEC's posture, DOJ actions, state-level enforcement — it's accumulating. And the research is starting to show the downstream effect: experienced practitioners are declining CISO roles, risk reporting to boards is becoming more defensive than accurate, and security culture is weakening because leaders are rationally protecting themselves.

Jordan: This is a structural problem, not an individual one. If the incentive structure pushes CISOs toward liability management over honest risk disclosure, everyone loses — the organization, the board, the regulators who created the incentive in the first place.

Alex: If you're in a CISO role right now, three things: know exactly what your D&O policy covers and what it doesn't, make sure your board-level risk communications are documented with appropriate context and caveats, and understand your reporting line. If you're reporting to a CFO or COO and something goes wrong, your independence will be questioned. These aren't paranoid considerations anymore. They're table stakes.

Jordan: Finally, a governance story that's going to become a much bigger story. The Cloud Security Alliance surveyed 228 IT and security professionals in January. Majority of their organizations have AI agents running in core production systems. Almost nobody has clear ownership of how those agents authenticate or what they're authorized to access.

Alex: Non-human identities are the new shadow IT. We spent years chasing service accounts and API keys. AI agents are the same problem, amplified. They're persistent, they have broad access, and right now most organizations couldn't tell you who's responsible for securing them if you asked.

Jordan: If you don't have a policy for AI agent identity and access management, you're already behind. Start with a simple question: can you enumerate every AI agent operating in your production environment and tell me what credentials it uses and what it can touch? If the answer is no, that's your gap.

Alex: Zooming out on the week — the theme is self-reliance under pressure. Federal cyber infrastructure is degraded. Supply chains are being weaponized through AI tooling. Authentication flows built for convenience are being turned against us. And the professionals responsible for managing all of it are operating under increasing personal legal exposure. The organizations that navigate this period well are going to be the ones that don't wait for external signals — from CISA, from Google, from a breach notification — before they act.

Jordan: The threat environment doesn't pause for budget cycles or government shutdowns. Your program has to be able to stand on its own.

Alex: That's Cleartext for Thursday, March 26th. If something in today's episode is directly actionable for your team, send it to them. If you have a take on the CISO liability question, we want to hear it. Find us where you find your podcasts. We'll be back tomorrow.