Tag

Data Breach Prevention

Explores strategies and best practices for preventing data breaches in organizations of all sizes. Covers topics like access controls, encryption, network monitoring, incident response planning, and employee awareness to help reduce the risk of unauthorized data exposure.

posts

VPN Best Practices

VPN Best Practices: What Actually Protects You in 2026

In early 2024, Ivanti disclosed critical vulnerabilities in its Connect Secure VPN that were already being actively exploited by threat actors — including nation-state groups. CISA issued an emergency directive ordering federal agencies to disconnect affected devices within 48 hours. If that doesn't make you rethink your VPN best

Carl B. Johnson Jul 05, 2026 5 min read
Zero Trust

What Is Zero Trust? A Practical Guide for 2026

The Breach That Made "Trust" a Dirty Word In 2020, the SolarWinds breach gave threat actors access to the internal networks of at least nine U.S. federal agencies and over 100 private companies. The attackers moved laterally for months — undetected — because once they were inside the network

Carl B. Johnson Jul 03, 2026 5 min read
CISA Cybersecurity Guidelines

CISA Cybersecurity Guidelines: What They Mean for You

The Federal Agency Most Hackers Wish You'd Never Heard Of In January 2024, CISA — the Cybersecurity and Infrastructure Security Agency — issued an emergency directive after threat actors exploited vulnerabilities in Ivanti VPN products to infiltrate multiple federal agencies. The directive gave agencies 48 hours to disconnect affected devices.

Carl B. Johnson Jul 02, 2026 5 min read
Password Manager

Why Use a Password Manager: Stop Reusing Passwords

The Breach That Started With One Reused Password In 2023, a single employee at Norton LifeLock's parent company, Gen Digital, reused a personal password across multiple accounts. Attackers used credential stuffing to compromise nearly 925,000 customer accounts. One password. Nearly a million victims. If you've

Carl B. Johnson Jul 02, 2026 5 min read
Zero Trust Network Access

Zero Trust Network Access: A Practical Guide for 2026

The Breach That Proved Firewalls Aren't Enough In 2023, MGM Resorts lost an estimated $100 million after a threat actor used social engineering — a single phone call to the help desk — to bypass perimeter defenses and move laterally through internal systems. The attackers didn't need to

Carl B. Johnson Jun 30, 2026 6 min read
Security in Cloud Computing

Security in Cloud Computing: What Goes Wrong First

Capital One Lost 100 Million Records — The Cloud Wasn't the Problem In 2019, a former AWS employee exploited a misconfigured web application firewall and exfiltrated over 100 million Capital One customer records. The cloud infrastructure worked exactly as designed. The humans configuring it didn't. That breach

Carl B. Johnson Jun 27, 2026 5 min read