
Episode 20 : 2026 Kickoff: Security Resolutions, Key Deadlines, and Don’t Mislead the Feds
From Distilled Security Podcast by Justin Leapline, Joe Wynn, and Rick Yocum
January 26, 2026 · 1h 20m · Episode 20
About this episode
The Distilled Security team discusses security priorities and compliance dates for 2026, emphasizing the importance of honesty in cybersecurity compliance.
In the first episode of 2026, the Distilled Security team kicks off the year with a practical discussion on security priorities, key compliance dates to watch in 2026, and why misleading the government on cybersecurity compliance can have serious consequences. The conversation focuses on simplifying security programs, returning to core fundamentals, and learning from real-world enforcement and regulatory cases. The episode closes with a holiday pour and a preview of format changes coming next. ⏱️ Timestamps 0:00 Intro & episode overview 0:33 2026 security resolutions: simplify & back to basics 5:45 “Science projects”: removing emotion from decisions 8:36 Justin’s goals: family, travel, business & AI workflows 17:52 EOS + Atomic Habits workbook (goal planning) 23:54 Key compliance dates to watch in 2026 31:45 California privacy updates & risk assessments (CCPA) 35:39 EU AI Act + NIS2 enforcement ramp-up 42:48 Drink break: High West “A Midwinter Night’s Dram.” 45:04 Don’t mislead the feds: FedRAMP, SolarWinds, CMMC—wrap-up to 1:20:12 🎙️ Hosts Justin Leapline – @justinleapline Joe Wynn – @wynnjoe Rick Yocum – @rickyocum 🌐 Connect with Us Website…
People in this episode
Hosts: Justin Leapline, Joe Wynn, Rick Yocum
Topics covered
- security resolutions
- compliance dates
- cybersecurity
- regulatory cases
- simplifying security programs
- California privacy updates
- EU AI Act enforcement
Keywords
- security priorities
- compliance
- cybersecurity
- 2026
- California privacy
- EU AI Act
- FedRAMP
Mentioned in this episode
Organizations: California, EU AI Act, NIS2, FedRAMP, SolarWinds, CMMC
Products: High West A Midwinter Night’s Dram
More episodes of Distilled Security Podcast
- Episode 24: 2 Years, 24 Episodes & The State of Security in the Age of AI · May 14, 2026 · 1h 43m
- Episode 23: Nobody read the report · April 14, 2026 · 2h 10m
- Episode 22: Is AI Good for Security, CIRCIA Starts the Clock, and the M&A Problem Nobody's Talking About · March 9, 2026 · 1h 56m
- Episode 21: AI Notetakers Are Illegal, GRC Tools Are Lying, and ISO 42001 Changes Everything · February 18, 2026 · 1h 51m
- Episode 19: Cloudflare Outage, AI-Powered Attacks & The Rise of GRC Engineering | Distilled Security Podcast · December 8, 2025 · 2h 12m
- Episode 18: TRISS Highlights, Cloud Chaos & SaaS Lessons Learned · November 10, 2025 · 1h 53m
Explore listener stats, chart rankings, contacts and more on the Distilled Security Podcast podcast page.