Digital Shadows CISO Rick Holland hosts this edition of ShadowTalk. Rick is joined by repeat special guest David Thejl-Clayton, Senior Advisor in Cyber Defense at Combitech. They discuss:
- Rick and David's thoughts on the 2022 DBIR report (Full disclosure, they are fanboys)
- Research that shows how APT groups primarily go after known vulnerabilities and not 0days
- David's experience helping customers create their custom version of the DBIR
***Resources from this week’s podcast***
Find David on Twitter: https://twitter.com/DCSecuritydk
Find David on LinkedIn: https://www.linkedin.com/in/davidclayton454/
2022 Data Breach Investigations Report: https://www.verizon.com/business/resources/reports/dbir/
Vocabulary for Event Recording and Information Sharing (VERIS): http://veriscommunity.net/
SANS CTI Summit - VERISIZE your way into CTI: https://www.youtube.com/watch?v=AwMC6INC5TE
Software Updates Strategies: a Quantitative Evaluation against Advanced Persistent Threats https://arxiv.org/abs/2205.07759
Foreningen for Danske Cyber Alumner https://fdca.dk/
Checkout the “Roll your own DBIR” Templates on GitHub here: https://github.com/cvpl-fdca/rollyourown-DBIR
