Somaini's Trust Issues

EP 15: Alex Pinto

Listen

Description

Discussion with Alex Pinto, Associate Director at Verizon and Manager of the Verizon DBIR report.

Verizon DBIR: https://www.verizon.com/business/resources/reports/dbir/

Alex Pinto: https://www.linkedin.com/in/alexcpsec/

Support the show and Donate to NCMEC: https://give.missingkids.org/TrustIssues

Summary

In this conversation, Justin Somaini speaks with Alex Pinto, the Associate Director of Threat Intelligence at Verizon, about the Verizon Data Breach Investigations Report (DBIR). They discuss Alex's background in cybersecurity, the importance of the DBIR in guiding security programs, and the extensive data collection process that informs the report. The conversation also delves into current trends in cybersecurity, particularly the rise in exploitation of vulnerabilities and the challenges of vulnerability management. Alex emphasizes the need for collaboration and data sharing in the cybersecurity community to effectively combat threats. In this conversation, Justin Somaini discusses the evolving landscape of cybersecurity, focusing on the distinctions between phishing and pretexting, the rise of social engineering attacks, and the impact of AI on cyber threats. He emphasizes the importance of understanding human factors in security processes and the necessity of robust controls like MFA and effective backup strategies. The discussion also highlights the need for innovation in defensive measures and the importance of community collaboration in addressing cybersecurity challenges.

Chapters

00:00 Introduction to Trust Issues and Guest Background

09:46 The Verizon DBIR Report: Overview and Importance

19:45 Data Collection and Collaboration for the DBIR

29:52 Trends in Cybersecurity: Vulnerability Management and Exploitation

37:47 Initial Access Vectors: Credential Theft and Pretexting

40:09 Understanding Phishing and Pretexting

43:04 The Evolution of Social Engineering Attacks

48:44 The Role of AI in Cybersecurity Threats

55:44 Innovations in Cyber Defense

61:45 Key Controls for Effective Cyber Defense

69:40 The Future of Cybersecurity and Community Collaboration

Keywords

cybersecurity, Verizon DBIR, threat intelligence, vulnerability management, data analysis, initial access, credential theft, pretexting, machine learning, security trends phishing, pretexting, social engineering, AI in cybersecurity, cyber defense, ransomware, MFA, vulnerability management, cybersecurity trends, community collaboration