Tag

Employee Cybersecurity

Resources focused on building a security-conscious workforce through training, awareness campaigns, and policy enforcement. Topics include phishing simulations, security onboarding programs, acceptable use policies, and techniques for fostering lasting behavioral change among employees.

posts

Phish Food

Phish Food: What Threat Actors Serve Your Employees

In May 2024, the FBI's Internet Crime Complaint Center released data showing that phishing was still the number one reported cybercrime — for the fifth year running. Over 298,000 complaints in 2023 alone. Despite billions spent on email filters and endpoint protection, threat actors keep winning because the

Carl B. Johnson Sep 11, 2024 7 min read
Phishing Training for Employees

Phishing Training for Employees: A Practical Guide

In March 2024, a finance employee at a multinational firm in Hong Kong wired $25.6 million to threat actors after a deepfake video call convinced him his CFO had authorized the transfer. One employee. One convincing lure. Twenty-five million dollars gone. That's not a hypothetical — it'

Carl B. Johnson May 03, 2024 7 min read
Insider Threat Awareness

Insider Threat Awareness: What Your Team Isn't Telling You

The Threat That Already Has a Badge and a Password In January 2023, the FBI arrested a former GE employee and a collaborator for stealing trade secrets related to turbine technology — a scheme that had been running for years. The insider had legitimate access the entire time. No firewall stopped

Carl B. Johnson Dec 09, 2023 7 min read
Insider Threats

Malicious Insider vs Negligent Insider: The Real Threat

Two Employees, Two Paths to a Breach In May 2023, Tesla disclosed that two former employees had leaked the personal data of over 75,000 workers — including Social Security numbers and financial records — to a German news outlet. That wasn't a sophisticated nation-state hack. It was insiders walking

Carl B. Johnson Dec 09, 2023 7 min read