Tag

Phishing Prevention

Delivers actionable advice on recognizing and preventing phishing attacks, including email phishing, spear phishing, smishing, and vishing. Covers detection techniques, employee training approaches, email security tools, and real-world phishing examples to strengthen your defenses.

posts

Multi-Factor Authentication

Multi-Factor Authentication Setup: A Practical Guide

The Breach That Started With a Single Stolen Password In January 2024, a threat actor used stolen credentials to access a Snowflake customer environment — no malware, no exploit, just a username and password harvested months earlier. The fallout hit Ticketmaster and AT&T, exposing hundreds of millions of records.

Carl B. Johnson Jun 15, 2025 8 min read
Multi-Factor Authentication

MFA vs Two-Factor Authentication: What Really Matters

In March 2024, a threat actor bypassed a major healthcare provider's two-factor authentication by intercepting SMS codes through a SIM-swapping attack — compromising over 2 million patient records. The organization thought they were protected. They had "MFA" checked off on their compliance audit. But they'd

Carl B. Johnson Jun 15, 2025 7 min read
Password Manager

Why Use a Password Manager: The Case Is Settled

The Breach That Started With "CompanyName2024!" In January 2025, a mid-size healthcare provider in the Midwest discovered that an attacker had been living inside their network for eleven weeks. The initial access point? A reused password. An employee had used the same credential for their company email and

Carl B. Johnson Jun 15, 2025 7 min read
Password Hygiene Tips

Password Hygiene Tips That Actually Stop Breaches

The Breach That Started With "Spring2024!" In early 2024, a midsize healthcare company in the Midwest lost 2.3 million patient records. The root cause wasn't a sophisticated zero-day exploit. It wasn't a nation-state threat actor. It was an employee who reused the same

Carl B. Johnson Jun 15, 2025 6 min read
Incident Response

Cyber Incident Response Steps: A Practical 2025 Guide

The Breach That Took 277 Days to Find IBM's 2024 Cost of a Data Breach Report found the global average cost of a breach hit $4.88 million — and organizations that took longer than 200 days to identify and contain a breach paid significantly more. The average lifecycle?

Carl B. Johnson Jun 14, 2025 8 min read
Cybersecurity Incident Examples

Cybersecurity Incident Examples That Changed Everything

The Breach That Cost Change Healthcare $22 Million in Ransom In February 2024, the ransomware group ALPHV/BlackCat crippled Change Healthcare — a company that processes roughly one-third of all U.S. healthcare claims. The attack disrupted pharmacies, hospitals, and billing systems nationwide for weeks. UnitedHealth Group, Change Healthcare's

Carl B. Johnson Jun 14, 2025 7 min read
NIST Cybersecurity Framework

NIST Cybersecurity Framework: A Practical Guide for 2025

The Framework Nobody Reads — Until After the Breach In February 2024, Change Healthcare suffered a ransomware attack that disrupted pharmacy operations across the United States for weeks. UnitedHealth Group eventually disclosed that the breach affected roughly 100 million individuals — making it one of the largest healthcare data breaches in history.

Carl B. Johnson May 10, 2025 7 min read