The 2026 Verizon DBIR is here — and one finding changes the conversation around cyber risk.

For years, the industry has focused on identity as the primary attack surface. But according to the latest Data Breach Investigations Report, vulnerability exploitation has now overtaken credential abuse as the most common initial access vector in breaches.

In this episode of Reimagining Cyber, Tyler Moffitt breaks down what the report really means for defenders, MSPs, and SMBs. He explores why attackers are moving faster than patch cycles, how AI is accelerating both exploitation and phishing, and why “identity vs. patching” is the wrong debate.

He also unpacks:

• Why vulnerability exploitation surged to the top attack vector
• How AI is compressing the timeline from disclosure to attack
• Why ransomware still dominates breach outcomes
• The growing role of third-party and supply-chain risk
• Why SMBs struggle most with patch management and visibility
• Practical steps organizations should prioritize right now
• What MSPs should be telling customers after this year’s DBIR

Key takeaway:
“Identity is the new perimeter, but vulnerability management is still the unlocked window.”

If you work in cybersecurity, IT, risk management, or support SMB environments, this episode delivers practical insight into where attackers are succeeding — and what organizations need to do next.

#CyberSecurity #DBIR #Ransomware #PatchManagement #IdentitySecurity #AI #MSP #CyberRisk #VerizonDBIR #Infosec

As featured on Million Podcasts' 

Best 100 Cybersecurity Podcasts  

Top 50 Chief Information Security Officer CISO Podcasts 

Top 70 Security Hacking Podcasts

This list is the most comprehensive ranking of Cyber Security Podcasts online and we are honoured to feature amongst the best!

Follow or subscribe to the show on your preferred podcast platform.
Share the show with others in the cybersecurity world.
Get in touch via [email protected]