Tag

Cybersecurity Training

Covers cybersecurity training programs, techniques, and best practices designed to equip employees and individuals with the skills to recognize and respond to cyber threats. Topics include security awareness curricula, simulation exercises, and measuring training effectiveness.

posts

Cybersecurity Tips

Cybersecurity Tips That Actually Stop Breaches in 2026

In 2024, the average cost of a data breach hit $4.88 million according to IBM's Cost of a Data Breach Report. That number keeps climbing. And after two decades in this field, I can tell you that most of those breaches didn't involve some sophisticated

Carl B. Johnson Jul 11, 2026 4 min read
VPN Best Practices

VPN Best Practices: What Actually Protects You in 2026

In early 2024, Ivanti disclosed critical vulnerabilities in its Connect Secure VPN that were already being actively exploited by threat actors — including nation-state groups. CISA issued an emergency directive ordering federal agencies to disconnect affected devices within 48 hours. If that doesn't make you rethink your VPN best

Carl B. Johnson Jul 05, 2026 5 min read
Jobs Computer Security

Jobs in Computer Security: How to Break In and Move Up

700,000 Openings and Counting — Why Jobs in Computer Security Are Exploding The U.S. had roughly 700,000 unfilled cybersecurity positions in 2024, according to CyberSeek, a project supported by NIST and CompTIA. That number hasn't shrunk. If anything, the demand for jobs in computer security has

Carl B. Johnson Jul 04, 2026 5 min read
CISA Cybersecurity Guidelines

CISA Cybersecurity Guidelines: What They Mean for You

The Federal Agency Most Hackers Wish You'd Never Heard Of In January 2024, CISA — the Cybersecurity and Infrastructure Security Agency — issued an emergency directive after threat actors exploited vulnerabilities in Ivanti VPN products to infiltrate multiple federal agencies. The directive gave agencies 48 hours to disconnect affected devices.

Carl B. Johnson Jul 02, 2026 5 min read
Phishing Links

What Is a Phishing Link? How to Spot and Stop Them

Last year, a mid-size accounting firm in Ohio lost $1.2 million after a single employee clicked one link in a spoofed Microsoft 365 email. The link looked like a routine password-reset page. It wasn't. Within 90 minutes, a threat actor had harvested credentials, bypassed weak authentication, and

Carl B. Johnson Jun 28, 2026 5 min read
Phish Setlist

Phish Setlist for Security: Building Your Attack Plan

What a Phish Setlist Actually Means for Your Security Team When the band Phish takes the stage, they never play the same setlist twice. Every show is crafted for the audience. Your phishing simulation program should work the same way. A phish setlist — a curated, rotating collection of phishing attack

Carl B. Johnson Jun 28, 2026 5 min read
Keylogger Attack

Keylogger Attack: How Hackers Steal Every Keystroke

In 2023, the FBI dismantled a cybercriminal operation that used the Snake malware — a sophisticated keylogger that had quietly exfiltrated credentials from government networks across 50 countries for nearly two decades. Every password. Every internal message. Every classified document typed into a keyboard. That's the reality of a

Carl B. Johnson Jun 28, 2026 5 min read
Data Breach Notification Requirements

Data Breach Notification Requirements: A 2026 Guide

In February 2024, Change Healthcare suffered a ransomware attack that exposed the protected health information of approximately 100 million Americans. The fallout wasn't just technical — it was regulatory. Congressional hearings, state attorney general investigations, and an avalanche of class-action lawsuits followed, largely because stakeholders questioned whether data breach

Carl B. Johnson Jun 27, 2026 6 min read
Jobs Computer Security

Jobs in Computer Security: Your 2026 Career Guide

3.5 Million Openings and Nobody to Fill Them Cybersecurity Ventures projected 3.5 million unfilled cybersecurity positions globally by 2025, and we're still feeling that gap heading into 2026. Meanwhile, the FBI's IC3 received a record $12.5 billion in reported cybercrime losses in 2023

Carl B. Johnson Jun 26, 2026 5 min read
Phishing Attack Examples

Phishing Attack Examples: 7 Real Scams Still Working

The Email That Cost One Company $121 Million In 2019, a Lithuanian national named Evaldas Rimasauskas pleaded guilty to stealing over $121 million from Google and Facebook using nothing more than fake invoices and spoofed email addresses. No zero-day exploits. No sophisticated malware. Just phishing emails that looked like they

Carl B. Johnson Jun 21, 2026 6 min read