Podcast

Alice in Supply Chains - DBIR Bonus Episode with special guest Alex Pinto (Verizon Business)

May 19, 2026

Episode description:

This special bonus episode of Alice in Supply Chains dives into the newly released Verizon Business Data Breach Investigations Report (DBIR) 2026 and what its findings reveal about today’s evolving cybersecurity landscape.

Show notes:

In this special interview episode, Adrian and Alexandre sit down with Alex Pinto, lead author of the Verizon Data Breach Investigations Report, to walk through the 2026 edition before the broader industry has fully digested it. Pinto explains why the 2026 dataset, with 31,850 incidents and 22,624 confirmed breaches contributed by over 100 organizations in 145 countries — is the most statistically rigorous breach corpus in the industry.

Tenchi Security is a 2026 contributor, providing the survival-analysis dataset behind the report's new look at third-party MFA and cloud privilege exposures. Alex Sieira walks through what the curves actually mean: half of MFA findings get fixed in seven days, but 45% of cloud privilege management findings are still open a year after discovery.

The conversation digs into the headline shifts: vulnerability exploitation has now overtaken credential abuse as the most common initial access vector. Third-party involvement in breaches has climbed from 30% last year to 48% this year, and the median time to fully remediate CISA KEV findings slipped from 32 to 43 days.

Then Pinto unveils what will probably be the most-talked-about new section of the 2026 report: Verizon analyzed an anonymized dataset from Anthropic. The data includes analysis of nearly 800 threat actors, maps their prompt activity to MITRE ATT&CK techniques, and cross-references it against MITRE's software database. The DBIR folks immediately think to ask the data: “are attackers using LLMs for novel techniques, or for things every EDR already catches?”

The trio close out by debating Sieira's hypothesis that the metric to watch isn't total CVE volume — it's the percentage of vulnerabilities with reliable working exploits, which is the variable AI is most likely to move — and Pinto makes the case that vulnerability management is becoming a crisis-management discipline rather than a dashboard-watching one.

References:

Show Transcript

Watch or listen to full episodes in English

Recent Episodes

Episode 17

Episode 17 of the Alice in Supply Chains podcast, with co-hosts Alex Sieira (CTO & Co-founder, Tenchi Security) and Adrian Sanabria (Principal Researcher, The Defenders Initiative), is now live! In this episode, our expert duo deep-dives into the most pressing third-party cyber risk stories from edition 45 of the Alice in Supply Chains Newsletter, exploring how modern cascading breaches are fundamentally changing the defensive landscape.

Bonus episode - with guest John Hammond

In this special bonus episode, Adrian and Alexandre are joined by John Hammond, one of cybersecurity’s most recognizable YouTube creators and Senior Principal Security Researcher at Huntress, a cybersecurity company dedicated to protecting businesses of all sizes against modern-day cybercrime, for a deep dive into software supply chain attacks using the recent Axios NPM compromise as a case study.

Episode 16

In this April 2026 episode of Alice in Supply Chains, Adrian and Alexandre cover three stories that weren't on anyone's 2026 bingo card — and all of which land on the TPRM analyst's desk.

View all episodes