Tag

Phishing Prevention

Delivers actionable advice on recognizing and preventing phishing attacks, including email phishing, spear phishing, smishing, and vishing. Covers detection techniques, employee training approaches, email security tools, and real-world phishing examples to strengthen your defenses.

posts

Cybersecurity Due Diligence

Cybersecurity Due Diligence: What Most Companies Miss

The $350 Million Typo in Verizon's Yahoo Deal When Verizon acquired Yahoo in 2017, the discovery of two massive data breaches — affecting all 3 billion Yahoo accounts — knocked $350 million off the purchase price. That's not a rounding error. That's what happens when cybersecurity

Carl B. Johnson May 12, 2026 5 min read
Phishing Definition

Phishing Definition: What It Really Means in 2026

In 2024, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — making it the most reported cybercrime category for the fifth consecutive year. That number almost certainly undercounts reality. Most phishing attacks never get reported. If you've landed here searching for a phishing

Carl B. Johnson May 12, 2026 5 min read
CISA Cybersecurity Guidelines

CISA Cybersecurity Guidelines: What Actually Matters

In January 2024, CISA disclosed that a threat actor had exploited vulnerabilities in Ivanti Connect Secure products to breach the agency's own systems. Let that sink in. The federal agency responsible for defending U.S. critical infrastructure got hit. If CISA itself isn't immune, your organization

Carl B. Johnson May 11, 2026 5 min read
Spoofing Caller

Spoofing Caller Attacks: How Hackers Weaponize Your Phone

In 2023, the FBI's Internet Crime Complaint Center received over 40,000 complaints related to spoofing, with losses exceeding $300 million. That number keeps climbing. A spoofing caller attack — where a threat actor manipulates the caller ID to impersonate a trusted number — is one of the oldest tricks

Carl B. Johnson May 08, 2026 5 min read
Cybersecurity for Nonprofits

Cybersecurity for Nonprofits: A Practical Survival Guide

The Breach That Cost a Children's Charity Everything In 2023, Save the Children Federation disclosed it had been hit by the BianLian ransomware gang, which claimed to have stolen nearly 7 GB of sensitive data including financial records, medical information, and personal data. A global nonprofit with significant

Carl B. Johnson May 08, 2026 5 min read
Ransomware Protection

Ransomware Protection Tips That Actually Work in 2026

A Single Click Cost One Hospital Chain $100 Million In 2024, Change Healthcare — the payment processing backbone of the U.S. healthcare system — was crippled by a ransomware attack attributed to the ALPHV/BlackCat group. UnitedHealth Group, its parent company, disclosed the incident would cost over $870 million in direct

Carl B. Johnson May 07, 2026 5 min read
Third Party Risk Management

Third Party Vendor Cybersecurity Risk: A Practical Guide

The Breach That Didn't Start With You In early 2024, a massive data breach at Change Healthcare — a subsidiary of UnitedHealth Group — disrupted the entire U.S. healthcare payment system for weeks. The root cause? A threat actor exploited compromised credentials on a remote access portal that lacked

Carl B. Johnson May 07, 2026 5 min read
Cybersecurity Awareness Month

Cybersecurity Awareness Month: What Actually Works

October Comes and Goes — Breaches Don't Every October, organizations dust off the same tired PowerPoint decks, send a few reminder emails about password hygiene, and pat themselves on the back for "participating" in Cybersecurity Awareness Month. Then November arrives, an employee clicks a credential-harvesting link, and

Carl B. Johnson May 07, 2026 5 min read