Tag

Data Breach Prevention

Explores strategies and best practices for preventing data breaches in organizations of all sizes. Covers topics like access controls, encryption, network monitoring, incident response planning, and employee awareness to help reduce the risk of unauthorized data exposure.

posts

Phishing Links

What Is a Phishing Link? How Attackers Steal Data

In July 2021, a single phishing link sent to an employee at a Florida IT management company led to the Kaseya ransomware attack — one of the largest supply chain compromises in history. Over 1,500 businesses were affected downstream. That's the reality of what a phishing link can

Carl B. Johnson Aug 08, 2021 7 min read
Phishing Attack

Phishing Attack Anatomy: How Breaches Actually Start

In May 2021, a single phishing attack against Colonial Pipeline's legacy VPN account triggered the largest fuel supply disruption in U.S. history. One compromised credential. No multi-factor authentication. Five days of chaos across the Eastern Seaboard. That's what a phishing attack looks like when it

Carl B. Johnson Jul 13, 2021 7 min read
Phishing

Define Phishing: What It Really Looks Like in 2021

In March 2021, a single phishing email led to the compromise of over 30,000 U.S. organizations through the Microsoft Exchange Server vulnerabilities. The attackers didn't need a sophisticated zero-day to get their initial foothold — they needed someone to click. If you're trying to define

Carl B. Johnson Jul 01, 2021 7 min read
Cyber Security

Cyber Security in 2021: What Actually Stops Breaches

Colonial Pipeline. JBS Foods. SolarWinds. The first half of 2021 has delivered a masterclass in what happens when cyber security fails at scale. Colonial paid $4.4 million in ransom. JBS paid $11 million. And the SolarWinds fallout — which compromised nine federal agencies and over 100 private companies — is still

Carl B. Johnson Jul 01, 2021 7 min read
Security of Cyberspace

Security of Cyberspace: What Actually Works in 2021

The Colonial Pipeline ransomware attack in May 2021 shut down fuel delivery across the U.S. East Coast for nearly a week. Gas stations ran dry. Panic buying erupted. A single compromised password — reportedly linked to an inactive VPN account without multi-factor authentication — brought critical infrastructure to its knees. If

Carl B. Johnson Jun 03, 2021 6 min read
Cybersecurity Tips

Cybersecurity Tips That Actually Stop Breaches in 2021

Colonial Pipeline. SolarWinds. The Microsoft Exchange Server hack. We're barely halfway through 2021, and the breach headlines already read like a disaster film. Each one of these incidents started with something preventable — a compromised password, an unpatched system, a single employee who clicked the wrong link. The cybersecurity

Carl B. Johnson Jun 03, 2021 6 min read
IT Security

IT Security in 2021: What Most Organizations Get Wrong

Colonial Pipeline. SolarWinds. Microsoft Exchange. We're barely halfway through 2021 and the breach headlines are relentless. But here's what frustrates me most: the majority of these incidents didn't exploit exotic zero-day vulnerabilities. They exploited basic IT security gaps that organizations have known about for

Carl B. Johnson Jun 01, 2021 7 min read
Web Security Best Practices

Web Security Best Practices: 12 Steps That Actually Work

In March 2021, a single misconfigured web server at a major airline exposed 4.2 million passenger records. Names, email addresses, passport numbers — all sitting in an unprotected cloud bucket. The fix would have taken about fifteen minutes. The breach response cost millions and took months. That's the

Carl B. Johnson Jun 01, 2021 6 min read
Computer Security Companies

Computer Security Companies: What They Won't Tell You

Colonial Pipeline just paid $4.4 million in ransom to a criminal group called DarkSide — and they had a security vendor. SolarWinds, a company that literally sold security monitoring tools, became the vector for one of the most devastating supply chain attacks in history. If massive organizations with million-dollar security

Carl B. Johnson Jun 01, 2021 6 min read
Cybersecurity Definition

Cybersecurity Definition: What It Really Means in 2021

Colonial Pipeline just paid a $4.4 million ransom to get its systems back online, shutting down fuel delivery across the U.S. East Coast for nearly a week. If you searched for a cybersecurity definition expecting a clean, academic sentence, this incident should tell you everything textbooks leave out.

Carl B. Johnson May 18, 2021 6 min read