posts
The Framework That 50% of U.S. Organizations Still Get Wrong When Colonial Pipeline went dark in 2021, it wasn't because the company lacked a security budget. It was because basic controls — like multi-factor authentication on a legacy VPN — weren't in place. A single compromised credential
The Breach That Didn't Start With You In 2023, the MOVEit Transfer vulnerability gave threat actors a master key to thousands of organizations — not through their own systems, but through a single third-party file transfer tool. Over 2,600 organizations and 77 million individuals were impacted, according to
The $350 Million Acquisition That Fell Apart Over a Data Breach When Verizon moved to acquire Yahoo in 2017, the deal was nearly complete. Then Yahoo disclosed two massive data breaches affecting all three billion user accounts. Verizon knocked $350 million off the purchase price. That single failure in cybersecurity
The Framework 87% of Organizations Claim to Follow — But Most Get Wrong When the Change Healthcare breach exposed the records of over 100 million people in 2024, investigators found something familiar: the organization had a cybersecurity program on paper. What it lacked was disciplined execution against a proven structure. That
The $350 Million Wake-Up Call Nobody Expected When Verizon acquired Yahoo in 2017, a previously undisclosed breach affecting 3 billion accounts forced the deal price down by $350 million. That single failure of cybersecurity due diligence became the most expensive cautionary tale in M&A history — and it permanently
