Tag

Enterprise Security

Articles tagged with enterprise security address the unique cybersecurity challenges facing large organizations. Topics include network segmentation, zero-trust architecture, identity and access management, threat detection at scale, and building security operations centers to protect complex IT environments.

posts

Zero Trust

What Is Zero Trust? A Practical Guide for 2026

The Breach That Made "Trust" a Dirty Word In 2020, the SolarWinds breach gave threat actors access to the internal networks of at least nine U.S. federal agencies and over 100 private companies. The attackers moved laterally for months — undetected — because once they were inside the network

Carl B. Johnson Jul 03, 2026 5 min read
Shadow IT Risks

Shadow IT Risks: The Threats Hiding in Your Network

A Single Spreadsheet Cost One Hospital $3 Million In 2023, a healthcare employee uploaded patient records to an unauthorized cloud spreadsheet tool to "make things easier" for her team. Nobody in IT knew about it. No encryption, no access controls, no audit trail. When that tool suffered a

Carl B. Johnson Jun 20, 2026 6 min read
Shadow IT

What Is Shadow IT? The Hidden Risk You Can't Ignore

In 2023, a financial services employee signed up for an unsanctioned file-sharing app using their corporate email. Within weeks, a threat actor exploited a vulnerability in that app and exfiltrated 11,000 customer records. The security team didn't even know the app existed. That's shadow IT

Carl B. Johnson May 30, 2026 5 min read
Password Manager Benefits

Password Manager Benefits That Stop 80% of Breaches

The Breach That Started With "Company2024!" In January 2024, a mid-size healthcare company lost 2.3 million patient records. The root cause wasn't a sophisticated zero-day exploit. It wasn't a nation-state threat actor. It was an employee who reused the same password across their

Carl B. Johnson Apr 29, 2026 5 min read
Shadow IT Risks

Shadow IT Risks: The Invisible Threat Draining Your Budget

A Marketing Team's Slack Alternative Nearly Took Down an Entire Hospital Network In 2023, a regional healthcare system discovered that its marketing department had been using an unapproved messaging platform for over 14 months. Nobody in IT knew. The platform stored patient-adjacent data with no encryption, no access

Carl B. Johnson Apr 16, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2025

In May 2023, MOVEit Transfer suffered a mass exploitation that ultimately affected over 2,700 organizations and exposed data on roughly 95 million individuals. Some of those organizations had a tested data breach response plan ready to execute. Most didn't. The difference between the two groups wasn'

Carl B. Johnson Jul 15, 2025 7 min read
Shadow IT

What Is Shadow IT? The Hidden Risk Draining Your Security

The Salesforce Instance Nobody Knew About In 2022, a mid-size healthcare company discovered that one of its marketing teams had been running an entirely separate Salesforce instance — for eleven months. Patient-adjacent data sat in an environment with no encryption at rest, no access controls, and no logging. The IT security

Carl B. Johnson Nov 03, 2023 7 min read
Shadow IT Risks

Shadow IT Risks: The Hidden Threat Draining Your Budget

Your Employees Already Built a Second IT Department A marketing manager signs up for an AI writing tool using her corporate email. A sales rep stores client contracts in a personal Dropbox. An engineering team spins up an AWS instance without telling anyone. None of these people are malicious. Every

Carl B. Johnson Oct 27, 2020 7 min read
Shadow IT

What Is Shadow IT? The Hidden Risk Draining Your Budget

The Breach That Started With a Spreadsheet App In 2023, a midsize healthcare company discovered that an employee had been syncing patient records to an unauthorized cloud storage service for over eight months. The service had no encryption, no access controls, and no audit logging. By the time the security

Carl B. Johnson Oct 27, 2020 7 min read
Shadow IT

What Is Shadow IT? The Hidden Risk You Can't Ignore

Your Employees Already Built a Second IT Department In 2023, a Gartner survey found that 41% of employees acquired, modified, or created technology outside of IT's visibility. By now, that number has only grown. If you're asking what is shadow IT, the short answer is this:

Carl B. Johnson Sep 08, 2019 7 min read