“The World Cup is about to put billions of people, devices, and transactions online at once — across ticketing, payments, broadcast, stadium operations, and host-city infrastructure,” warns Dave Russell, SVP and Head of Product Strategy at Veeam Software. “The scale of the attack surface is unprecedented: temporary tournament networks layered onto existing environments, a vast ecosystem of suppliers and partners, and countless dependencies that create real opportunities for disruption.”

The World Cup will begin on June 11, but the cyber risks are already presenting themselves. Recent threat alerts have indicated the event could be attractive to politically-motivated hackers, scammers, and other malicious cyber actors. 

Threat actors leveraging the heightened activity is nothing new. But this year, the World Cup is facing a cyber threat that, historically, it hasn’t seen as often: malicious AI agents. 

“What’s critical to recognize is that this will be the first World Cup in the agentic era, where the actor is no longer only human. AI agents can initiate actions, move data, change configurations, and trigger workflows at machine speed. That changes the risk model: trust can’t be based on intent or assumptions — it has to be based on verification, governance, and recoverability; continuously,” explains Russell. “In this reality, resilience isn’t optional — it’s the foundation. Global events don’t just test prevention; they test whether organizations can sustain trust under extreme and highly visible pressure. And while AI can strengthen detection and response, it also accelerates impersonation, phishing, and disruption, meaning speed and scale now apply to attackers and defenders alike.”

As security leaders prepare for the World Cup to test their organizations’ resiliency, Russell highlights the importance of convergence for security and AI trust. 

“A fragmented approach — where identity, access, compliance, and recovery live in separate silos — creates gaps precisely when autonomous systems are acting at machine speed,” he explains. “The path forward is a unified trust layer that connects data integrity, identities, access, and resilience so organizations can continuously validate what’s true, tightly control who (or what) can act, and recover rapidly and cleanly when something goes wrong.”

Russell concludes, “When every outage or integrity issue becomes public in seconds, the champions won’t be the organizations that claim they’ll never be hit; they’ll be the ones that keep critical systems running, prove the trustworthiness of their data, and restore confidence at a global scale.”