Inside the FBI | Transcript: Introducing Ahead of the Threat, Season Two

January 30, 2026 • 8 Minutes

Introducing Ahead of the Threat, Season Two

[A bright, midtempo, technological-feeling track featuring different types of synthesizer sounds begins.]

Narrator: This week, the FBI Cyber Division announced that its podcast series, Ahead of the Threat, is returning for a second season.

Host and FBI Cyber Assistant Director Brett Leatherman will join expert guests from government and the cybersecurity space for candid discussions aimed at:

breaking down the FBI’s cyber strategy and priorities in this space;
educating private sector leaders and cyber teams about topical news, threat trends, and digital defenses;
encouraging them to build working relationships with the Bureau before cyber crisis strikes.
On this special installment of our podcast, we’re sharing Episode Zero of Ahead of the Threat in its entirety so you can know what to expect from Season Two. We’ll conclude by telling you how you can follow the series so you don’t miss out on any future installments of the show.

This is Inside the FBI.

[The Inside the FBI jingle kicks in. It's a bright and driving track.]

***

[A new track with a futuristic, airy tone begins.]

Assistant Director Brett Leatherman, FBI Cyber Division: Cyberattacks don't start with a bang. They start with something ordinary. A click. A reused password. An unpatched system. A vendor you trusted. These attacks often start with one organization, but increasingly have downstream impact to others.

I'm Brett Leatherman, head of the FBI's Cyber Division. Welcome to season two of Ahead of the Threat.

Most people know the FBI for our work disrupting sophisticated criminal enterprises, bringing violent offenders and corrupt officials to justice, countering terrorism, and chasing foreign spies. This podcast is about an equally important front line of that same mission: Defending the homeland in cyberspace.

Here's how we spend our days at FBI Cyber: We pursue the people behind the keyboard, criminals and nation-state actors, so we can stop or disrupt attacks, hold adversaries accountable, and help victims recover when it happens. Since 2022, we've provided thousands of decryption keys to ransomware victims, helping them avoid more than $800 million in ransom payments.

We do it with a unique view of the threat, world-class investigative capabilities and partnerships across the government, industry, and around the world. And we have an obligation to share what we're seeing with you the insights that help you defend. That's what this podcast is for. And if you're new here, welcome. Let me tell you what we're seeing right now.

Ransomware is targeting the backbone of our economy, and the playbook keeps evolving. Last year, we saw a 17% jump in attacks and more than 30 new groups entered the market. Attackers are increasingly going one to many. They hit software providers, managed service providers, and other shared access points so a single intrusion can ripple across hundreds, sometimes thousands, of organizations. We've seen bad actors exploit remote management tooling and reach downstream customers through one weak link. That's the one-to-many problem. One breach cascading impact. Supply chain compromise is now the second-most-common way in, and these intrusions go undetected for nearly nine months on average.

And it's not just criminals. Nation-state actors are targeting American businesses in critical infrastructure, sometimes directly, sometimes through proxies and contractors looking to steal, to surveil, and to pre-position access they can use later. And we've been public about this in joint advisories. PRC [People's Republic of China]-backed actors work alongside commercial entities that serve China's intelligence apparatus. They use compromised devices and trusted connections to move from one network into another. If adversaries are taking an all-of-society approach to attack us, we need an all-of-society approach to defend against it. That's the environment we're in.

And that's why this podcast exists. If you listen to Season One, you'll recognize the mission. Each episode will open with news of the day. What matters, why it matters, and what defenders should do about it. I'll sit down with an expert from government or industry, people who see the threat up close and know what works. And this season, we'll take you inside FBI Cyber, introducing you to the people and capabilities working every day to protect this country.

The goal is simple: Help you step back from the day-to-day so you can see the threat more clearly, connect the dots, and drive change. Early in Season Two, you're going to hear a lot about two things. First, the administration's cyber strategy, the FBI's cyber strategy, and the priorities shaping the year ahead.

Here's why it matters. It helps define what “good” looks like and where we need to raise the floor.

It's about critical infrastructure businesses of every size and the balance we all want, where the costs of cyberattacks don't keep landing on American victims. And we'll be clear about where the FBI fits—pursuing adversaries, driving disruption in supporting victims alongside our federal partners.

Second, Operation Winter SHIELD. From mid-January through mid-March, we are running an eight-week campaign focused on one thing: Defending the homeland of cyberspace against cyber threats with real economic and national security implications. Last year alone, nearly 5,000 critical infrastructure organizations reported cyber incidents to the FBI, and we know that number significantly underrepresents the true scale.

Each week, we'll share what we're seeing in our law enforcement work, the top ways organizations continue to be compromised. Most of it won't surprise you. You're living it. But we continue to see it across every sector.

Our goal is to give you practical steps to begin moving the needle towards greater resilience. This podcast is for defenders, CISOs, security teams, and risk managers. It's also for general counsels, CEOs, and boards of directors. Because today, cyber risk is business risk, and protecting the country and cyberspace takes all of us. If that's you, this is the conversation to be a part of.

Season Two drops in a few weeks. If you want some context for what we're building, Season One with Bryan Vorndran and Jamil Farshchi is a strong foundation and still relevant today. There's work ahead, and the adversaries aren't waiting. Together, let's get ahead of the threat.

[The musical track with a futuristic, airy tone starts playing again.]

***

[The episode’s opening track begins again and plays through the end of the episode.]

Narrator: Visit fbi.gov/aheadofthethreat to learn more about the show, listen to archival episodes, and learn how to find the series on your favorite podcast platform.

You can also check out fbi.gov/cyber to learn more about the FBI’s Cyber Strategy and our commitment to cross-sector cyber collaboration.

We also recommend visiting fbi.gov/fieldoffices to find the nearest FBI field office to your organization and starting a working relationship with their cyber squad today.

Together, we can stay ahead of the threat.

***

Narrator: This has been another production of Inside the FBI.

You can follow us on your favorite podcast player, including Spotify, Apple Podcasts, or YouTube. You can also listen to our show via the myFBI Dashboard App. Visit fbi.gov/dashboardapp to learn more.

And you can subscribe to email alerts about new episodes at fbi.gov/podcasts.

On behalf of the FBI’s Office of Public Affairs, thanks for listening.

[The track gets louder before fading out.]