Tag

Data Breach Prevention

Explores strategies and best practices for preventing data breaches in organizations of all sizes. Covers topics like access controls, encryption, network monitoring, incident response planning, and employee awareness to help reduce the risk of unauthorized data exposure.

posts

IT Security

IT Security in 2026: What Actually Works Now

In February 2024, Change Healthcare — one of the largest health IT companies in the United States — suffered a ransomware attack that disrupted insurance claims processing for thousands of hospitals and pharmacies nationwide. UnitedHealth Group, its parent company, later disclosed that the breach affected roughly 100 million individuals. The root cause?

Carl B. Johnson Feb 22, 2019 7 min read
Web Security Best Practices

Web Security Best Practices That Actually Stop Breaches

The MOVEit Breach Started With One Overlooked Web Flaw In 2023, a single SQL injection vulnerability in the MOVEit Transfer web application led to one of the largest mass exploitation events in history. Over 2,600 organizations were compromised. Sensitive data from government agencies, banks, and healthcare providers was exfiltrated

Carl B. Johnson Feb 22, 2019 8 min read
Computer Security Companies

Computer Security Companies: What They Won't Tell You

The Breach That $300K in Security Tools Didn't Stop In 2023, a mid-sized healthcare firm in the Midwest spent over $300,000 annually on products from multiple computer security companies. Endpoint detection, SIEM, email gateway filtering — the full stack. Then an employee clicked a phishing link inside a

Carl B. Johnson Feb 22, 2019 7 min read
Cyber Security

Cyber Security in 2026: What Actually Stops Breaches

A Single Stolen Password Cost One Company $150 Million In 2024, Change Healthcare suffered a catastrophic breach that disrupted pharmacy operations across the United States for weeks. The entry point? A compromised credential on a system lacking multi-factor authentication. That single oversight in cyber security led to what UnitedHealth Group

Carl B. Johnson Feb 14, 2019 6 min read
Cybersecurity Definition

Cybersecurity Definition: What It Really Means in 2026

The Breach That Rewrote the Cybersecurity Definition for Everyone In 2023, MGM Resorts lost an estimated $100 million after a social engineering attack that started with a single phone call to their help desk. The threat actor didn't exploit a zero-day vulnerability. They didn't brute-force a

Carl B. Johnson Feb 14, 2019 6 min read
Computer Security Advice

Computer Security Advice That Actually Works in 2026

The Breach That Started With a Single Reused Password In January 2024, a midsize accounting firm lost access to every client file it had. A single employee reused their corporate email password on a third-party scheduling app. That app got breached. Within 48 hours, a threat actor used those stolen

Carl B. Johnson Feb 02, 2019 7 min read
Computer Security Software

Computer Security Software: What Actually Stops Breaches

In 2023, MGM Resorts had world-class computer security software deployed across its entire infrastructure. Firewalls, endpoint detection, SIEM platforms — the works. A single social engineering phone call bypassed all of it, leading to an estimated $100 million in losses. That incident should have been a wake-up call for every organization

Carl B. Johnson Feb 02, 2019 6 min read
Define Cyber

Define Cyber: What It Really Means in 2026

A Two-Billion-Dollar Word Nobody Can Explain In 2023, the SEC adopted new cybersecurity disclosure rules requiring every public company to report material cyber incidents within four business days. Boards scrambled. Legal teams panicked. And a surprising number of executives asked the same question behind closed doors: what does "cyber&

Carl B. Johnson Feb 02, 2019 6 min read
NIST Standards

NIST Standards: A Practical Guide for Real-World Security

When Change Healthcare suffered its catastrophic ransomware attack in early 2024 — disrupting pharmacy operations across the United States for weeks — investigators found a familiar culprit: stolen credentials and no multi-factor authentication on a critical system. The company's parent, UnitedHealth Group, eventually disclosed the breach affected roughly 100 million

Carl B. Johnson Feb 02, 2019 7 min read