United States · 2026 – 2028

The World Is Coming
to the U.S.
Is Your Organization
Ready?

The Super Bowl. The FIFA World Cup. The Olympic Games. As the U.S. steps onto the global stage, cyber threat actors are already preparing. Nation-state groups and ransomware organizations don't sit out major global events — they plan for them. The events are in California. The threat exposure is nationwide.

→ Request Your Assessment Learn more ↓
A joint initiative by Tec-Refresh + Semperis
Super Bowl SoFi Stadium
🏈 Super Bowl LX
Levi's Stadium
Santa Clara, CA · 2026
FIFA World Cup
⚽ FIFA World Cup
SoFi Stadium
Los Angeles · 2026
LA Olympics 2028
🏅 Olympic Games
LA 2028
Los Angeles · 2028
Active Threat IntelligenceNation-state actors including Volt Typhoon have already established persistence inside U.S. critical infrastructure. The window to prepare is now.
0+
Cyber incidents during the 2024 Paris Olympics
9/10
Cyberattacks target Active Directory
0
Major global events hosted in the U.S.
50 States
The threat exposure is nationwide — not limited to host cities
The Threat Is Real. The Timeline Is Fixed.

Major Global Events Are Proven Targets for Coordinated Cyberattacks

The 2024 Paris Olympics faced over 140 cybersecurity incidents during the games — targeting transportation networks, public agencies, and utilities. Prior FIFA World Cups saw coordinated infrastructure probes and phishing campaigns. The upcoming U.S.-hosted events will be larger and more complex than any of these.

For SLED organizations and critical infrastructure operators, the stakes are especially high. A successful cyberattack — particularly one targeting identity systems — doesn't just disrupt IT. It disrupts public services, emergency operations, and community trust in real time, in front of a global audience.

It's also important to understand that host-city exposure doesn't stay in the host city. The infrastructure supporting these events — power, telecommunications, financial networks, supply chains, emergency services — is deeply interconnected across state lines. During the 2024 Paris Olympics, nation-state groups used the global spotlight to probe infrastructure well beyond France. U.S. organizations should expect no different when the games come home.

Preparedness isn't optional. And the window to act is now.

Olympics stadium
🏅 2024 Paris Olympics
140+
Cybersecurity incidents during the games — transport, utilities, and public agencies all targeted
FIFA World Cup
⚽ FIFA World Cup 2022
Coordinated
Infrastructure probes and phishing campaigns targeting public agencies in the weeks before the event
SoFi Stadium
🏈 United States · 2026–2028
Largest Yet
The upcoming U.S.-hosted events will be longer, larger, and more complex — and threat actors are already planning
The Threat Doesn't Stop at the State Line

California hosts the events.
The entire nation shares the exposure.

The infrastructure supporting these events — power grids, telecommunications, financial networks, emergency services, supply chains — doesn't stop at California's border. Neither do the threat actors targeting them. During the 2024 Paris Olympics, nation-state groups used the global spotlight to probe critical systems well beyond France. Groups like Volt Typhoon have already established persistence inside U.S. critical infrastructure in preparation for exactly these moments. When the world is watching, threat actors are too — and they're not just watching California.

50
states share the elevated threat exposure
The Assessment Offer

Know Where You Stand.
Get a Roadmap to Get There.

The Preparedness & Identity Resilience Assessment is a structured evaluation of your organization's readiness for identity-based attacks and operational disruption. Delivered by Tec-Refresh, with Semperis supporting the identity infrastructure components.

DELIVERABLE 01
Executive Risk Report
Written for C-suite and board-level audiences. Clear findings, business impact framing, and actionable priorities — no technical jargon required. Ready to present the day you receive it.
DELIVERABLE 02
NIST CSF 2.0 Alignment Heatmap
A visual gap analysis across all five CSF 2.0 functions — Identify, Protect, Detect, Respond, Recover — showing your current state versus target state at a glance.
DELIVERABLE 03
Prioritized Remediation Roadmap
A sequenced 90-day, 6-month, and 12-month action plan organized by risk severity and feasibility. Know exactly what to fix, in what order, and why.

Remediation takes time. The right time to start is now.

→ Request Your Assessment

Assessment spots are limited. Tec-Refresh is working with organizations across the U.S. through Q2 and Q3 2026. Request yours while capacity is available.

How It Works

Simple. Structured. Actionable.

1
Schedule
Request your assessment and connect with a Tec-Refresh advisor to confirm scope and logistics. Most assessments begin within two to three weeks of scheduling.
2
Assessment
Our team evaluates your identity infrastructure, operational resilience posture, NIST CSF 2.0 alignment, and threat exposure. Conducted remotely, with on-site options for larger organizations.
3
Deliverables
Within two to three weeks you receive your Executive Risk Report, NIST CSF 2.0 Alignment Heatmap, and Prioritized Remediation Roadmap — ready to present to leadership.
Built Around the Framework That Matters

NIST CSF 2.0 — The Federal Standard for Cyber Readiness

Every assessment maps directly to all five NIST CSF 2.0 functions. You'll know exactly where you stand — and what to do next.

Identify
Asset visibility, identity inventory, and risk awareness across your environment
Protect
AD hardening, MFA enforcement, and privileged access controls
Detect
Identity threat detection and anomaly monitoring — powered by Semperis ITDR
Respond
Incident playbooks, coordination plans, and tabletop exercise readiness
Recover
AD forest recovery, BCP maturity, and RTO vs. actual recovery capability
Two Organizations. One Mission.

About the Partners

Tec-Refresh and Semperis bring complementary expertise to every engagement — from assessment through remediation and ongoing resilience.

Tec-Refresh
Tec-Refresh
A managed security services provider based in Newport Beach, CA, serving public sector and critical infrastructure organizations nationwide. Deep expertise in cybersecurity, business continuity, and operational resilience across SLED and critical infrastructure environments.
Campaign Lead
Semperis
Semperis
The industry leader in identity threat detection and Active Directory resilience. Semperis protects some of the world's most critical organizations from identity-based attacks and enables rapid recovery from Active Directory compromise.
Identity + AD Resilience
Tec-Refresh + Semperis
Together, we provide a comprehensive approach to cyber preparedness — from assessment through remediation and ongoing resilience. When the world is watching, your organization will be ready.
The Campaign. The Timeline. The Opportunity.

Three Phases. One Goal.

● Active Now
Phase 1 — Awareness
2025 – 2026
Awareness campaigns, webinars, and readiness assessments. Organizations that assess now have the runway to remediate before the world arrives.
Phase 2 — Engagement
2026 – 2027
Regional field events and executive briefings across the U.S. Deepen resilience, validate assessments, and close remaining gaps.
Phase 3 — Peak Readiness
2027 – 2028
Final preparation as global events arrive. Organizations that started in Phase 1 will be confident. Those that waited will be reacting.
The window is 2026. Closing identity security gaps — hardening Active Directory, implementing incident response playbooks, addressing NIST CSF 2.0 gaps — takes months, not weeks. Organizations that begin now will be genuinely ready. Those that wait may not.
Industry Resources

Built for Your Sector

Every industry faces a different compliance landscape and threat profile. We built dedicated resources for the organizations most exposed ahead of the U.S. global event window.

SLED
State, Local & Education
CMMC 2.0 CISA KEV NIST CSF 2.0
Explore SLED resource
Healthcare
Hospitals & Health Systems
HIPAA HHS HC3 NIST CSF 2.0
Explore Healthcare resource
Manufacturing
Defense & Industrial Manufacturers
CMMC 2.0 NIST CSF 2.0 ICS/SCADA
Explore Manufacturing resource
Energy
Utilities & Critical Infrastructure
NERC CIP TSA Directives CISA KEV
Explore Energy resource
Finance
Financial Institutions & Insurers
GLBA SEC Rules FFIEC
Explore Finance resource
Retail
Retailers & Consumer Brands
PCI DSS 4.0 NIST CSF 2.0 Supply Chain
Explore Retail resource
Resources & Insights

From the World Stage Series

Thought leadership and webinars from Tec-Refresh and Semperis — updated as new content is published.

Blogs
April 2026
Why California’s Biggest Moment Could Be Its Biggest Cyber Risk

The Super Bowl, FIFA World Cup, and Olympic Games are coming to California — and so are the threat actors who plan around them.

Read the blog →
May 2026 · SLED
Identity Is the New Perimeter — What SLED Leaders Need to Know

A joint piece from Tec-Refresh and Semperis on why Active Directory is the primary target for attacks against SLED organizations — and what to do about it.

Read the blog →
May 2026 · SLED
SLED Cybersecurity 101: CMMC, CISA Directives, and What Agencies Actually Need

A practical breakdown of the compliance mandates shaping public-sector cybersecurity — what CMMC 2.0 and CISA KEV directives mean for state agencies, school districts, and municipalities.

Read the blog →
Webinar
Now Live — Watch On-Demand
Identity Under Siege — Are You Ready for 2028?
Hosted by Miguel Martinez, CTO at Tec-Refresh, with Greg Mundy, Senior Solutions Architect at Semperis.
Monday, June 9, 2026  ·  On-demand after broadcast
Watch Now →
Get Started

Request Your Preparedness Assessment

Fill out the form below and a Tec-Refresh advisor will be in touch within one business day to discuss your organization's needs and confirm next steps. You'll also get access to our on-demand webinar, Identity Under Siege — Are You Ready for 2028?, now available to watch.

Your information will only be used to follow up on your assessment request. Tec-Refresh does not sell or share contact information.

Not ready to request an assessment?

Watch on demand: Identity Under Siege — Are You Ready for 2028?
Hosted by Miguel Martinez (Tec-Refresh CTO) + Semperis · Free · Available Soon

Watch the Webinar On-Demand →