24 min
#181 - Inside the 2024 Verizon Data Breach Investigations Report CISO Tradecraft®
-
- Technology
In this episode of CISO Tradecraft, host G Mark Hardy discusses the findings of the 2024 Verizon Data Breach Investigations Report (DBIR), covering over 10,000 breaches. Beginning with a brief history of the DBIR's inception in 2008, Hardy highlights the evolution of cyber threats, such as the significance of patching vulnerabilities and the predominance of hacking and malware. The report identifies the top methods bad actors use for exploiting companies, including attacking VPNs, desktop sharing software, web applications, conducting phishing, and stealing credentials, emphasizing the growing sophistication of attacks facilitated by technology like ChatGPT for phishing and deepfake tech for social engineering. The episode touches on various cybersecurity measures, the omnipresence of multi-factor authentication (MFA) as a necessity rather than a best practice, and the surge in denial-of-service (DDoS) attacks. Hardy also discusses generative AI's role in enhancing social engineering attacks and the potential impact of deepfake content on elections and corporate reputations. Listeners are encouraged to download the DBIR for a deeper dive into its findings.
Transcripts: https://docs.google.com/document/d/1HYHukTHr6uL6khGncR_YUJVOhikedjSE
Chapters
00:00 Welcome to CISO Tradecraft
00:35 Celebrating Milestones and Offering Services
01:39 Diving into the Verizon Data Breach Investigations Report
04:22 Top Attack Methods: VPNs and Desktop Sharing Software Vulnerabilities
09:24 The Rise of Phishing and Credential Theft
19:43 Advanced Threats: Deepfakes and Generative AI
23:23 Closing Thoughts and Recommendations
In this episode of CISO Tradecraft, host G Mark Hardy discusses the findings of the 2024 Verizon Data Breach Investigations Report (DBIR), covering over 10,000 breaches. Beginning with a brief history of the DBIR's inception in 2008, Hardy highlights the evolution of cyber threats, such as the significance of patching vulnerabilities and the predominance of hacking and malware. The report identifies the top methods bad actors use for exploiting companies, including attacking VPNs, desktop sharing software, web applications, conducting phishing, and stealing credentials, emphasizing the growing sophistication of attacks facilitated by technology like ChatGPT for phishing and deepfake tech for social engineering. The episode touches on various cybersecurity measures, the omnipresence of multi-factor authentication (MFA) as a necessity rather than a best practice, and the surge in denial-of-service (DDoS) attacks. Hardy also discusses generative AI's role in enhancing social engineering attacks and the potential impact of deepfake content on elections and corporate reputations. Listeners are encouraged to download the DBIR for a deeper dive into its findings.
Transcripts: https://docs.google.com/document/d/1HYHukTHr6uL6khGncR_YUJVOhikedjSE
Chapters
00:00 Welcome to CISO Tradecraft
00:35 Celebrating Milestones and Offering Services
01:39 Diving into the Verizon Data Breach Investigations Report
04:22 Top Attack Methods: VPNs and Desktop Sharing Software Vulnerabilities
09:24 The Rise of Phishing and Credential Theft
19:43 Advanced Threats: Deepfakes and Generative AI
23:23 Closing Thoughts and Recommendations
24 min