Tag

Data Breach Prevention

Explores strategies and best practices for preventing data breaches in organizations of all sizes. Covers topics like access controls, encryption, network monitoring, incident response planning, and employee awareness to help reduce the risk of unauthorized data exposure.

posts

Acceptable Use Policy

Acceptable Use Policy Cybersecurity: Your First Defense

The Policy Nobody Reads Until It's Too Late In December 2020, a SolarWinds employee reportedly used the password "solarwinds123" on a critical server — a credential so weak it became a punchline at Congressional hearings. But here's the question nobody asked loudly enough: did SolarWinds

Carl B. Johnson Jan 06, 2022 8 min read
NIST Cybersecurity Framework

NIST Cybersecurity Framework: A Practical Guide for 2022

When Colonial Pipeline shut down 5,500 miles of fuel infrastructure in May 2021 due to a single compromised password, it wasn't a failure of technology. It was a failure of framework. The company lacked the layered defenses, detection capabilities, and response plans that the NIST Cybersecurity Framework

Carl B. Johnson Jan 01, 2022 7 min read
Cybersecurity for Law Firms

Cybersecurity for Law Firms: A Practical Defense Guide

Why Threat Actors Love Targeting Law Firms In February 2021, the law firm Jones Day confirmed that hackers had stolen confidential client data through a vulnerability in Accellion's file-transfer appliance. Sensitive case documents, including those related to major corporate litigation, ended up on the Clop ransomware gang'

Carl B. Johnson Jan 01, 2022 7 min read
Cybersecurity for Nonprofits

Cybersecurity for Nonprofits: A Practical Defense Guide

The Blackbaud Breach Should Have Been a Wake-Up Call In May 2020, a ransomware attack hit Blackbaud — one of the largest cloud computing providers serving nonprofits, hospitals, and universities. The breach exposed donor records, financial data, and Social Security numbers belonging to millions of people across hundreds of organizations. Blackbaud

Carl B. Johnson Jan 01, 2022 7 min read
Securing Cloud Applications

Securing Cloud Applications: A Practical 2021 Guide

The Misconfiguration That Exposed 3.8 Billion Records In June 2021, researchers discovered an unsecured Elasticsearch instance containing 3.8 billion records — names, emails, phone numbers, and social media profiles compiled from scraped and breached data. It sat wide open on the internet. No password. No access controls. Just a

Carl B. Johnson Dec 23, 2021 7 min read