Tag

Security Awareness Training

Discover resources and strategies for building effective security awareness training programs. Posts cover curriculum design, engagement techniques, compliance requirements, and methods for measuring training impact to reduce human-related security incidents across organizations.

posts

Ransomware Protection

Ransomware Protection Tips That Actually Work in 2022

Colonial Pipeline paid $4.4 million in ransom in May 2021. Within months, JBS Foods handed over $11 million. Kaseya's supply chain attack hit over 1,500 businesses in a single weekend. And those are just the ones that made headlines. The FBI's Internet Crime Complaint

Carl B. Johnson Mar 18, 2022 7 min read
Data Breach

What Causes a Data Breach: 7 Root Causes Explained

In January 2022, the International Committee of the Red Cross disclosed that a sophisticated cyberattack compromised the personal data of more than 515,000 vulnerable people — including missing persons, detainees, and their families. The breach didn't happen because of some exotic zero-day exploit. It happened because of a

Carl B. Johnson Mar 18, 2022 6 min read
Data Breach Response Plan

Data Breach Response Plan: Build One Before You Need It

Marriott Had 383 Million Records Exposed — And No Clear Playbook When Marriott disclosed its massive breach in 2018, the company revealed that attackers had been inside Starwood's reservation system since 2014 — four years of undetected access to 383 million guest records. The breach cost Marriott over $28 million

Carl B. Johnson Mar 18, 2022 7 min read
Data Breach Examples

Data Breach Examples: Lessons That Still Apply in 2022

In January 2022, the International Committee of the Red Cross disclosed that a sophisticated cyberattack compromised the personal data of more than 515,000 vulnerable people — including refugees, detainees, and missing persons. The attackers exploited an unpatched vulnerability in a single system. One missed update. Half a million of the

Carl B. Johnson Feb 24, 2022 6 min read
Cost of a Data Breach

Cost of a Data Breach: What 2022 Trends Signal

$4.24 Million Per Breach — and the Trajectory Is Ugly IBM's 2021 Cost of a Data Breach Report pegged the global average at $4.24 million per incident — the highest in 17 years of the study. That figure jumped 10% from the prior year. If you're

Carl B. Johnson Feb 24, 2022 7 min read
Strong Passwords

How to Create a Strong Password That Actually Stops Hackers

The 123456 Problem Is Worse Than You Think In December 2021, NordPass published its annual list of the most common passwords. Sitting at number one — for the third year running — was "123456." Number two? "123456789." These aren't passwords from 2005. They're passwords

Carl B. Johnson Feb 15, 2022 7 min read
Cyber Incident Response Steps

Cyber Incident Response Steps That Actually Work

The Breach That Exposed a Missing Plan In December 2021, a vulnerability in Apache Log4j sent every security team on the planet into a tailspin. Organizations that had practiced cyber incident response steps mobilized in hours. Those that hadn't? They scrambled, pointed fingers, and lost precious time while

Carl B. Johnson Jan 31, 2022 7 min read
Cybersecurity Incident Examples

Cybersecurity Incident Examples That Changed Everything

The Breach That Cost a Pipeline Its Entire Operation In May 2021, Colonial Pipeline — the largest fuel pipeline in the United States — shut down completely after a ransomware attack. A single compromised password on a legacy VPN account gave the DarkSide threat actor group everything they needed. The company paid

Carl B. Johnson Jan 18, 2022 6 min read