Cybersecurity awareness firm Adaptive Security launched a 15-part employee training series on Tuesday, produced in partnership with comedian and television host Conan O'Brien, targeting AI-driven threat vectors including voice phishing, deepfake video, and AI-powered spear phishing. The announcement was made via PR Newswire on June 9, 2026.

What Was Built and Why

The series, accessible through Adaptive Security's platform, consists of fifteen video modules fronted by O'Brien and aimed at preparing enterprise employees to recognize and respond to the current generation of AI-augmented social engineering attacks. According to Variety, Adaptive Security — an AI-focused cybersecurity firm — brokered the partnership specifically to use O'Brien's comedic format as a delivery mechanism for threat awareness content.

The threat landscape the series addresses is not hypothetical. Voice phishing — or vishing — has evolved considerably with the availability of low-latency, high-fidelity voice cloning APIs. Deepfake video generation, once requiring significant compute and post-production time, can now be produced at near-real-time speeds accessible to moderately resourced threat actors. Spear phishing, always the most targeted variant of credential and access harvesting, has been substantially augmented by large language models capable of generating contextually accurate, grammatically clean lures at scale — eliminating the historically reliable signal of poor writing quality.

These are the vectors Adaptive Security's training series is designed to address. The format — entertainment-led rather than compliance-checkbox — is a deliberate structural choice. Security awareness training has a well-documented engagement problem: completion rates for traditional corporate modules are often low, and retention lower still. Embedding threat education into a content format employees actually choose to watch is an attempt to close that gap.

O'Brien's Role and the Deepfake Thread

Mashable reported that O'Brien revives a deepfake gag concept within the training videos — a callback to comedic territory he has explored publicly before. The move is more than a stylistic flourish. Using a known public figure in a production that explicitly demonstrates or parodies deepfake techniques creates a pedagogical loop: the viewer is simultaneously watching an entertainer they recognize and being primed to think critically about the authenticity of video they encounter. Whether that loop closes effectively at scale is a separate empirical question, but the design intent is coherent.

O'Brien's involvement adds a layer of earned credibility with a demographic that security teams often struggle to reach: employees who view security training as a tax on their time rather than a professional necessity. A recognizable face with comedic timing does not change the underlying threat model, but it changes the probability of a non-security employee pressing play — and staying through the module.

Adaptive Security's Platform Position

Adaptive Security positions itself at the intersection of AI threat simulation and workforce readiness. Its platform, as described on the company's site, is built around simulating the AI-native attack types its training series covers — meaning the O'Brien content is designed to sit alongside active simulation exercises rather than replace them. This is consistent with a broader industry direction: pairing passive awareness content with active phishing and vishing simulations to create a closed-loop training environment.

The firm is one of a cluster of security startups that emerged as generative AI lowered the cost and skill floor for social engineering attacks. Vishing simulation, deepfake detection training, and LLM-generated spear phishing drills are now a distinct product category — distinct from legacy security awareness training vendors whose content predates these threat classes.

The Format Question

It is worth being precise about what a celebrity-fronted training series is and is not. It is a content distribution strategy — a bet that production value and a recognizable host improve engagement metrics. It is not, by itself, a technical control. Organizations deploying it still need detection tooling, incident response procedures, and the governance structures that make security culture durable rather than episodic.

That framing matters for security leaders evaluating the offering. The relevant questions are not whether O'Brien is funny — presumably he is — but what the completion and retention data look like, how the content integrates with existing LMS and phishing simulation infrastructure, and whether the deepfake and vishing scenarios are updated as the underlying models evolve. AI-generated attack content is not static; training content that was accurate at launch can become outdated within months as generation quality improves and new attack patterns emerge.

Looking at the broader arc here: the industry has been trying to solve the engagement problem in security awareness training for the better part of two decades. I covered early iterations of game-based and video-led security training when it first emerged as a category in the mid-2000s — the same structural argument was being made then, that entertainment delivery would move the needle on retention. The results were mixed. What is different now is that the threat content itself — deepfakes, AI-cloned voices — is inherently dramatic and visually demonstrable in a way that older threat classes, like password hygiene or patch compliance, never were. A module showing a convincing deepfake of a known face making a plausible fraudulent request is self-evidently compelling in a way a slide deck about phishing URLs never managed to be. Whether that novelty advantage holds as deepfake content becomes ambient is a question the industry will answer empirically over the next several years.

Deployment and Availability

The series launched on June 10, 2026, and is available through Adaptive Security's platform at adaptivesecurity.com/conan. No pricing details or licensing terms were disclosed in the available materials. Adaptive Security has not publicly stated whether the O'Brien series will be offered as a standalone product or exclusively bundled with its broader simulation platform.

For security and IT leaders, the immediate practical question is whether the content addresses the specific threat taxonomy relevant to their organization's risk profile. Voice phishing targeting finance and executive functions, deepfake video deployed in fraud or impersonation scenarios, and LLM-assisted spear phishing are all high-relevance threat classes for most enterprise environments in 2026. A training series that covers all three, with production quality sufficient to hold attention, is at minimum a credible addition to a layered awareness program — provided the underlying content is technically accurate and the scenarios reflect current attack methodology rather than last year's.

The O'Brien partnership is an unusual distribution choice for a cybersecurity firm. It is also a logical one, given where the attention economy sits and what security teams are actually competing against for employee time and cognitive bandwidth.