In episode 188 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager sit down with Philippe "Phil" Langlois, Data Breach Investigations Report (DBIR) Author at Verizon; and Charity Otwell, Director of the CIS Critical Security Controls® (CIS Controls®) at the Center for Internet Security® (CIS®). Together, they discuss some of the top insights of the 2026 DBIR and how CIS contributed to the publication.
Here are some highlights from our episode:
00:50. Introductions to Phil and Charity
02:46. Vulnerability exploitation as the most common attack vector
05:25. The role of artificial intelligence (AI) in threat actors' natural system thinking
07:03. The need for clear governance and responsibility around vulnerability management
08:58. Insight into the types of techniques threat actors research using frontier AI models
13:43. A trending drop in ransomware payouts and organizations willing to pay attackers
14:59. Why a healthy dose of distrust goes a long way in assessing attackers' claims of victims
16:24. How two ransomware groups stand out above the norm
17:49. The ongoing risk surrounding vendor, supplier, and other third party exposure
22:34. The need for governance in managing data issues involving the use of AI
27:14. Three ways in which CIS contributed to the 2026 DBIR
34:02. How the 2026 DBIR informs the CIS Controls and parting actionable steps
Podden och tillhörande omslagsbild på den här sidan tillhör
Center for Internet Security. Innehållet i podden är skapat av Center for Internet Security och inte av,
eller tillsammans med, Poddtoppen.