Covers the foundational daily habits and routine practices that keep your digital life secure. Topics include password management, software updates, secure browsing, account maintenance, and simple steps individuals and organizations can take to reduce their attack surface.
posts
A Single Unpatched Laptop Cost One Hospital $3 Million In 2023, the U.S. Department of Health and Human Services settled with a healthcare provider after a ransomware attack that started on one employee's unpatched workstation. The machine hadn't been updated in over 90 days. That
In February 2024, Change Healthcare — one of the largest health payment processors in the U.S. — got hit with a ransomware attack that disrupted claims processing for weeks and exposed data on roughly 100 million individuals. The root cause? Compromised credentials on a system that lacked multi-factor authentication. That'
3.4 Billion Spam Emails Hit Inboxes Every Single Day That number comes straight from cybersecurity researchers tracking global email traffic, and it should stop you cold. Spam email isn't the mild nuisance it was in 2005 — today it's the primary delivery vehicle for ransomware, credential
October Ends. The Phishing Emails Don't. Every October, organizations plaster break rooms with cybersecurity posters, blast out a few reminder emails, and call it a win. Then November rolls around, and the same employees click the same malicious links. I've watched this cycle repeat for over
In March 2023, the FBI's Internet Crime Complaint Center reported that Americans lost over $10.3 billion to cybercrime in 2022 — a 49% jump from 2021. The vast majority of those losses traced back to failures in basic security practices. Not zero-day exploits. Not nation-state attacks. Basic, preventable
In March 2023, the FBI's Internet Crime Complaint Center reported that Americans lost over $10.3 billion to cybercrime in 2022 — a 49% increase from 2021. The majority of those losses didn't come from sophisticated nation-state attacks. They came from poor habits: reused passwords, unpatched software,
In March 2021, a single compromised password led to the Colonial Pipeline ransomware attack that shut down fuel delivery across the U.S. East Coast. The account didn't even have multi-factor authentication enabled. That's not a sophisticated nation-state exploit — that's a basic cyber hygiene
A Single Reused Password Cost One Company Everything In 2021, the Colonial Pipeline ransomware attack shut down fuel distribution across the U.S. East Coast. The entry point? A single compromised password on a legacy VPN account that lacked multi-factor authentication. That's not a sophisticated nation-state exploit. That&
A $4.88 Million Problem With a Simple Fix IBM's 2024 Cost of a Data Breach Report pegged the global average cost of a breach at $4.88 million. That number keeps climbing. But here's the part that should keep you up at night: the Verizon
Every October, Organizations Pretend to Care About Security Last October, a mid-sized healthcare company ran a poster campaign for Cybersecurity Awareness Month. Inspirational quotes about passwords. A lunch-and-learn nobody attended. Two weeks later, a threat actor walked through their defenses using a single phishing email that an accounts payable clerk
