Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec Defensive Security Podcast Episode 336
Jan 15, 2026
Explore the rising trends in cybersecurity, including insurers' recommendations for 2026 that focus on phishing and vendor outages. Discover the importance of role-based access control to limit risk and the dangers of legacy systems. Delve into the implications of a recent $8.5 million theft linked to a compromised developer key and the data leak involving Conde Nast. The hosts also discuss the complexities of software liability in reseller chains, highlighting vulnerabilities that need urgent attention.
AI Snips
Chapters
Transcript
Episode notes
Phishing Risks Surge In Insurer Data
- Cyber insurance claims shifted in 2025: vendor outage claims fell while phishing-related payouts rose significantly.
- This signals attackers refocusing on social engineering and business-process fraud rather than just infrastructure exploits.
Limit Privilege With Role-Based Controls
- Implement role-based access controls to limit unnecessary privileges and reduce blast radius after compromise.
- Restrict user privileges by default to contain damage when accounts or endpoints are breached.
Use Phishing‑Resistant Multi‑Factor Auth
- Deploy phishing-resistant MFA like passkeys, FIDO, or hardware tokens for high-risk and privileged accounts.
- Strong MFA noticeably reduces successful credential theft and phishing payouts, insurers say.