Tag

Data Breach Prevention

Explores strategies and best practices for preventing data breaches in organizations of all sizes. Covers topics like access controls, encryption, network monitoring, incident response planning, and employee awareness to help reduce the risk of unauthorized data exposure.

posts

Cyber Hygiene Checklist

Cyber Hygiene Checklist: 12 Steps That Actually Work

When Colonial Pipeline paid $4.4 million in ransom in May 2021, investigators traced the initial compromise back to a single compromised VPN credential — one that didn't have multi-factor authentication enabled. That's not a sophisticated nation-state exploit. That's a basic hygiene failure. And it

Carl B. Johnson Nov 28, 2021 6 min read
Cybersecurity for Executives

Cybersecurity for Executives: What Boards Get Wrong

When Colonial Pipeline's CEO Joseph Blount testified before the Senate in June 2021, he admitted the company paid $4.4 million in ransom after a single compromised password shut down the largest fuel pipeline in the United States. No multi-factor authentication. No segmentation between IT and operational technology.

Carl B. Johnson Nov 28, 2021 6 min read
Cybersecurity Due Diligence

Cybersecurity Due Diligence: What Most Companies Skip

When Marriott acquired Starwood Hotels in 2016, the deal looked solid on paper. Two years later, Marriott disclosed that hackers had been inside Starwood's reservation system since 2014 — exposing the personal data of up to 500 million guests. The breach predated the acquisition. The liability didn't.

Carl B. Johnson Sep 23, 2021 7 min read
Dark Web Monitoring

Dark Web Monitoring for Businesses: A Practical Guide

In April 2021, a collection of 533 million Facebook user records surfaced on a dark web forum — names, phone numbers, email addresses, all posted for anyone to grab. Three months before that, a compilation of 3.2 billion email and password pairs called COMB (Compilation of Many Breaches) appeared on

Carl B. Johnson Sep 23, 2021 7 min read
Stolen Credentials Dark Web

Stolen Credentials Dark Web: How Your Logins Get Sold

In April 2021, researchers discovered a database of 533 million Facebook user records — names, phone numbers, email addresses — freely circulating on a dark web forum. That same month, a compilation of 3.2 billion email-password pairs called "COMB" surfaced, aggregated from years of breaches. Stolen credentials on the

Carl B. Johnson Sep 23, 2021 7 min read
Identity Theft Protection

Identity Theft Protection for Businesses: A Field Guide

In March 2021, the FBI's Internet Crime Complaint Center reported that business email compromise and identity theft schemes cost U.S. organizations over $4.2 billion in 2020 alone — making it the single most expensive category of cybercrime. That number isn't slowing down. If you run

Carl B. Johnson Sep 16, 2021 7 min read
Cybersecurity Glossary

Cybersecurity Glossary for Beginners: 40 Terms to Know

During the 2020 SolarWinds breach investigation, I watched a boardroom full of executives stare blankly when an incident responder mentioned "lateral movement" and "supply chain compromise." They had no idea what was happening to their own network — not because they were negligent, but because nobody had

Carl B. Johnson Sep 16, 2021 8 min read