Tag

Social Engineering Defense

Focuses on recognizing and countering manipulation tactics that attackers use to exploit human trust. Covers pretexting, baiting, tailgating, impersonation scams, and organizational defenses such as verification protocols, awareness campaigns, and incident reporting procedures.

posts

Cybersecurity Tips

Cybersecurity Tips That Actually Stop Breaches in 2021

Colonial Pipeline. SolarWinds. The Microsoft Exchange Server hack. We're barely halfway through 2021, and the breach headlines already read like a disaster film. Each one of these incidents started with something preventable — a compromised password, an unpatched system, a single employee who clicked the wrong link. The cybersecurity

Carl B. Johnson Jun 03, 2021 6 min read
Computer Security Companies

Computer Security Companies: What They Won't Tell You

Colonial Pipeline just paid $4.4 million in ransom to a criminal group called DarkSide — and they had a security vendor. SolarWinds, a company that literally sold security monitoring tools, became the vector for one of the most devastating supply chain attacks in history. If massive organizations with million-dollar security

Carl B. Johnson Jun 01, 2021 6 min read
Define Cyber

Define Cyber: What It Actually Means for Security

In May 2021, a single compromised password shut down the largest fuel pipeline in the United States. The Colonial Pipeline ransomware attack disrupted gas supplies across the Eastern Seaboard, triggered panic buying, and cost the company a $4.4 million ransom payment. If you ever needed a reason to define

Carl B. Johnson May 15, 2021 7 min read
Phishing Simulation Training

Phishing Simulation Training: Why 97% of Users Fail

In March 2021, a single phishing email led to a credential theft incident at a mid-size manufacturing firm in Ohio. The attacker impersonated the CEO, asked the controller to update direct deposit information, and walked away with $1.7 million. The email had two typos, a slightly wrong domain, and

Carl B. Johnson May 04, 2021 7 min read
Cybersecurity Tips for Small Business

Cybersecurity Tips for Small Business: A 2021 Guide

In 2020, the FBI's Internet Crime Complaint Center received 791,790 complaints — a 69% increase over 2019 — with reported losses exceeding $4.2 billion. Small businesses absorbed a disproportionate share of that damage. The Verizon 2020 Data Breach Investigations Report found that 28% of data breaches involved small

Carl B. Johnson Apr 02, 2021 7 min read
Data Breach Prevention

Data Breach Prevention: 9 Steps That Actually Work

In December 2020, SolarWinds disclosed that threat actors had compromised its Orion software platform, ultimately breaching at least nine U.S. federal agencies and over 100 private companies. The attack went undetected for months. It wasn't a zero-day exploit that got them in — it was a compromised build

Carl B. Johnson Feb 24, 2021 7 min read
Cybersecurity Culture

Cybersecurity Culture in the Workplace: A Practical Guide

The Breach That Started With a Single Slack Message In September 2022, a threat actor sent a series of social engineering messages to an Uber employee, eventually convincing them to approve a multi-factor authentication push notification. That single lapse gave the attacker access to internal systems, Slack channels, and admin

Carl B. Johnson Oct 10, 2020 7 min read