Most cybersecurity incidents involve external actors with financial motives, according to Verizon’s most recent Data Breach Investigations Report (Report), which covers 16,312 incidents, including 5,199 confirmed data breaches, that occurred between November 1, 2021, and October 31, 2022. The top three vectors for these attacks are stolen credentials, phishing and vulnerability exploits. This article synthesizes the key findings in the Report, with additional insights culled from Verizon webinars that parsed the findings and their practical implications for improving cybersecurity. See “Verizon Report Details Evolution of Threats and Provides Cybersecurity Program Advice” (Apr. 5, 2023).