In 2026, one of the biggest threats to homeland security will be identity compromise and fake content at scale. The use of AI is not just accelerating attacks; it’s rewriting the playbook. If mission owners don’t act now, the homeland security community will be chasing symptoms, while adversaries own the narrative.
Adversarial AI is here, and it has changed the speed and scale of attacks impacting your mission. AI-driven campaigns that couple tailored social engineering with automated credential replay, session theft, and model-generated lures at machine speed cannot be combatted with legacy cyber hygiene practices and old multi-factor authentication (MFA) solutions.
Homeland Security Scenario: Securing FIFA 2026 and LA28
Imagine the opening match of FIFA 2026. Stadium gates stall as ticketing systems lock up, broadcast feeds flicker, and social media erupts with convincing but fabricated videos of crowd panic. In minutes, confidence collapses, operations seize, and public safety is at risk. This scenario isn’t hypothetical; it is possible. While working at the Department of Homeland Security (DHS), my team and I worked through the chaos while supporting security operations during the disruption of a major sporting event.
On February 3, 2013, at the Superdome in New Orleans, Super Bowl XLVII was set for an unforgettable halftime show. Beyoncé delivered a flawless performance, complete with a Destiny’s Child reunion, but moments later, the unexpected happened: the stadium went dark. The blackout struck just after the kickoff of the third quarter, shortly after Beyoncé’s set ended. Scoreboards, lighting, and signage all failed, leaving only emergency lights. Fans, players, and broadcasters were frozen in place. The outage lasted 34 minutes, sparking speculation and jokes that Beyoncé blew the grid.
Behind the scenes, this wasn’t just an inconvenience; it was a potential security crisis. We were lucky. We had a trusted platform with strong authentication and trusted content, the HSIN (Homeland Security Information Network). HSIN served as the secure backbone for real-time coordination, enabling law enforcement, emergency management and cyber professionals to share situational updates, verify that the outage wasn’t a cyberattack or terror incident, maintain operational continuity, and communicate with venue personnel.
Fast forward to now, the decade of sport and two of the highest profile events – FIFA 2026 and LA28 – and imagine the lights going out again. Even the most choreographed, high-profile events can face unpredictable disruptions. The 2013 Super Bowl blackout shows why strong authentication, interoperable credentials, and trusted content remain mission critical.
FIFA World Cup 2026 is, in the minds of our adversaries using AI, an attractive digital battleground. Spanning 104 matches across 16 venues in the United States, Canada, and Mexico, FIFA 2026 is the largest soccer tournament ever. Its reliance on digital systems for ticketing, stadium operations, transportation and more makes it a prime target for cybercriminals and state-sponsored actors. Imagine live broadcasts and emergency warnings dropping during an outage across multiple venues in different countries with a limited ability to communicate with fans and teams. Now imagine fake content spreading at speed, on fans’ phones, and on screens across the venues. Engineering trust in the complex battleground isn’t optional, and it is possible. Here’s what can be done.
- Identity: Kill the Old MFA Before It Kills You. Organizations, systems, devices that still use passwords, SMScodes or push approvals need to be updated. MFA was publicly reported as phish-able in 2018. If you or your partners are still using it, your organization and the broader homeland security missions remain vulnerable. Using older MFA solutions is like locking the front door and leaving the windows open. AI-driven phishing kits bypass older solutions in seconds.
The fix is clear: Use Personal Identity Verification (PIV) credentials or CAC (Common Access Card) for government employees and contractors, and issue Fast IDentity Online (FIDO) passkeys for everyone else. Ensure FIDO2 compliance, the latest standard and part of the Cybersecurity and Infrastructure Security Agency’s (CISA’s) guidance (CISA MFA Guide) for Zero Trust implementation. FIDO2 uses a phone, laptop, or tablet to store a special key just for you, such as your fingerprint, your face, or your PIN to prove it’s really you. Unlike a password, your passkey never leaves your device. Hackers can’t guess it, and you won’t forget it. No password is sent anywhere!
- Credentials: Trust That Travels.The homeland security missiondoesn’t stop at agency borders. State, local and international partners in law enforcement, emergency management and cybersecurity need credentials that work everywhere, securely, without friction. The solution is Verifiable Credentials (VCs). They’re cryptographically signed, privacy-preserving, and now a World Wide Web Consortium (W3C) standard. When the VCs are implemented, every government, vendor, and platform can implement the same protocol. That means credentials issued by DHS can be verified by state agencies, private partners, or even international allies without implementing custom integrations. DHS Customs and Border Protection (CBP) is proving it works in their CBP VC Pilot. Building a homeland security network of trust starts with issuing credentials for worker onboarding, facility access, and cross venue roles that are interoperable, that machines and humans can trust.
- Content: Develop Pathways for Authenticity. Communications are the first casualty when synthetic media floods the zone during disruption, disaster or unrest. Everyone needs to know what’s real. Start creating verifiable content for broadcasters and messaging platforms so the public can confirm source, time, and edit history in seconds. Develop a crisis communications plan with designated signed channels, preapprove release workflows, and train spokespeople to reference verification steps live. Embedding authenticity in every official communication using Coalition for Content Provenance and Authenticity (C2PA) Content Credentials. The Library of Congress is paving the way in the LOC C2PA Initiative by applying C2PA to images, videos, audio, and documents with metadata that proves who created it, when it was created, and what edits were made. This metadata is tamper-evident and travels with the file, so anyone can verify its origin and integrity using trusted tools.
A cyber-based “blackout” during a FIFA 2026 match or at the upcoming LA28 Olympics could be devastating, threatening financial, operational, and physical safety. The answer lies in trusted, interoperable cyber-physical incident response systems—HSIN-style platforms for security operations, and C2PA-style provenance for digital evidence. Together, they form the digital infrastructure backbone essential for mega-event resilience in the AI era.
