Tag

Ransomware Response

Covers immediate actions and strategic decisions organizations must make during a ransomware attack. Articles explore isolation techniques, negotiation considerations, law enforcement engagement, and system restoration workflows.

posts

Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

The Breach That Exposed 147 Million People — And a Broken Response When Equifax disclosed its 2017 breach, the technical failure got the headlines. But the real catastrophe was the response. Weeks of delay, a phishing-prone notification website, and executives who dumped stock before the public announcement. The company eventually paid

Carl B. Johnson Jul 09, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2026

The Breach That Didn't Have to Cost $350 Million When Equifax disclosed its 2017 breach affecting 147 million people, the eventual settlement topped $700 million. But here's what most people forget: the vulnerability that attackers exploited had a patch available months before the breach. Equifax didn&

Carl B. Johnson Jun 22, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

The Breach That Exposed 147 Million People — and a Broken Plan When Equifax disclosed its 2017 breach, the company technically had a data breach response plan. They had security teams, legal counsel, and a PR department. What they didn't have was a plan that actually worked under pressure.

Carl B. Johnson Jun 10, 2026 6 min read
Cyber Incident Reporting

How to Report a Cyber Incident: A Step-by-Step Guide

In 2023, the FBI's Internet Crime Complaint Center received over 880,000 complaints with potential losses exceeding $12.5 billion — a 22% increase in losses from the year before. Yet the FBI estimates a massive number of cyber incidents still go unreported. That gap between what happens and

Carl B. Johnson May 23, 2026 5 min read
Data Breach Response Plan

Data Breach Response Plan: What Actually Works in 2024

When MGM Resorts got hit in September 2023, the chaos lasted ten days. Hotel room keys stopped working. Slot machines went dark. Reservation systems crashed. The estimated cost topped $100 million. And here's the part that stings — the initial compromise reportedly started with a social engineering call to

Carl B. Johnson Jan 22, 2024 8 min read
Incident Response Plan Template

Incident Response Plan Template: Build Yours Today

In September 2023, MGM Resorts watched helplessly as a social engineering attack — reportedly initiated through a phone call to their help desk — cascaded into a full-blown operational shutdown. Slot machines went dark. Hotel room keys stopped working. The estimated cost exceeded $100 million. MGM had cybersecurity tools. What they lacked

Carl B. Johnson Dec 11, 2023 7 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

Marriott Had 383 Million Records Exposed — And No Clear Playbook When Marriott disclosed its massive breach in 2018, the company revealed that attackers had been inside Starwood's reservation system since 2014 — four years of undetected access to 383 million guest records. The breach cost Marriott over $28 million

Carl B. Johnson Mar 18, 2022 7 min read
Cyber Incident Response Steps

Cyber Incident Response Steps That Actually Work

The Breach That Exposed a Missing Plan In December 2021, a vulnerability in Apache Log4j sent every security team on the planet into a tailspin. Organizations that had practiced cyber incident response steps mobilized in hours. Those that hadn't? They scrambled, pointed fingers, and lost precious time while

Carl B. Johnson Jan 31, 2022 7 min read
Cyber Incident Reporting

How to Report a Cyber Incident: A Step-by-Step Guide

The Colonial Pipeline Attack Changed Incident Reporting Forever In May 2021, the Colonial Pipeline ransomware attack shut down fuel distribution across the U.S. East Coast. The company paid a $4.4 million ransom. But here's what most people missed: Colonial Pipeline reported the incident to the FBI

Carl B. Johnson Jan 18, 2022 7 min read
Cyber Incident Reporting

How to Report a Cyber Incident: A Step-by-Step Guide

In July 2020, Twitter suffered one of the most visible cyber incidents of the year — a coordinated social engineering attack that compromised high-profile accounts including Barack Obama, Elon Musk, and Apple. The attackers walked away with over $100,000 in Bitcoin. But what stood out to me wasn't

Carl B. Johnson Dec 20, 2020 7 min read