Leveraging the Verizon 2023 DBIR: Key Insights and Actionable Takeaways

Previously presented on July 20, 2023

The Verizon 2023 Data Breach Investigations Report (DBIR) is widely recognized across the cybersecurity industry for its comprehensive analysis of the global threat landscape, based on real-world data from actual security incidents and breaches. It serves as an authoritative source of information for organizations seeking to enhance their cybersecurity defenses and make better informed risk management decisions.

This year’s report recommends implementation of specific CIS Critical Security Controls (CIS Controls) and CIS Safeguards to defend against top attack patterns such as system intrusion, social engineering, and basic web application attacks—showcasing the effectiveness of the CIS Controls to protect against global threats for all industries.

Discussion Topics

Key contributors discuss the collaboration efforts of both teams and key insights and findings from this year’s report. They’ll also discuss how to leverage the data from the 2023 DBIR via evidence-based assessments and conducting due diligence.

Speakers

Phyllis Lee
Vice President of Security Best Practices Content Development, Center for Internet Security (CIS)

Phyllis has over 25 years of experience in information assurance and has performed vulnerability assessments, virtualization research, and worked in security automation. Prior to joining CIS, Lee worked at the National Security Agency (NSA) focusing on the intersection between malware and virtualization, which included collaboration with MIT Lincoln Labs. Lee also participated in a variety of security automation standardization efforts and led the security automation strategy for the NSA Information Assurance Directorate (IAD). She graduated from Johns Hopkins University with a Master of Science in computer science.

Phil Langlois
Data Breach Investigations Report (DBIR) Author, Verizon

Philippe Langlois is currently working as the lead engineer and author of the Verizon Data Breach Investigations Report (DBIR). Prior to joining Verizon, he worked at CIS leading various data driven projects, such as the CIS Controls and the MS-ISAC Nationwide Cyber Security Review.

Tom Brennan
Executive Director, CREST Americas Region

Tom Brennan chairs the Americas Council and works with government and commercial organizations to optimize CREST's value as a cybersecurity accreditation body and industry standards advocate. His focus is the Cybersecurity and Infrastructure Security Agency’s 16 critical infrastructure sectors vital to U.S. security, the national economy, and public health and safety. Brennan spearheads strategic plans for CREST's organizational growth while serving as an industry evangelist and educator on the value of using accredited cybersecurity products and professionals to improve consumer privacy, security, and protections worldwide. Brennan is a U.S. Marine veteran and has been involved with CREST since 2016. He is the Chief Information Officer of the national law firm Mandelbaum Barrett, overseeing critical infrastructure, privacy, and security operations. He is also an Advisory Board Member of the Gerson Lehrman Group, a Cyber Fellows Advisory Council Member, a Member of the Information Technology Advisory Committee of the County College of Morris, a Senior Advisor and Industry Advisory Board Member of the New Jersey Institute of Technology, and a Cyber Fellows Advisory Council Member of the NYU Tandon School of Engineering.

Theodore "TJ" Sayers
Director, Intelligence & Incident Response, Center for Internet Security (CIS)

TJ Sayers is the Director of Intelligence & Incident Response at the MS- and EI-ISAC. He completed his graduate studies in 2018 and holds several industry certifications. He also serves in the U.S. Navy Reserve.