Tag

Zero Trust Security

Zero trust security content examines the principle of never trusting and always verifying every user, device, and connection. Articles explore micro-segmentation, least-privilege access, continuous monitoring, and how organizations transition from perimeter-based defenses to zero trust models.

posts

Data Breach Prevention

Data Breach Prevention: 9 Steps That Actually Work

The Breach That Started With a Single Stolen Password In May 2021, a single compromised password shut down fuel distribution across the Eastern United States. The Colonial Pipeline ransomware attack disrupted gas supplies for days and cost the company a $4.4 million ransom payment. The root cause? A legacy

Carl B. Johnson Mar 18, 2022 6 min read
Password Security Best Practices

Password Security Best Practices That Actually Work

The 61% Problem You're Probably Ignoring The 2021 Verizon Data Breach Investigations Report found that 61% of all breaches involved credential data. Not sophisticated zero-day exploits. Not nation-state malware. Stolen, weak, or reused passwords. That single statistic should reshape how your organization thinks about password security best practices

Carl B. Johnson Feb 24, 2022 6 min read
Insider Threats

How to Prevent Insider Threats: A Practical Guide

In December 2020, a former Cisco employee pleaded guilty to accessing the company's cloud infrastructure and deleting 456 virtual machines, wiping out 16,000 Webex Teams accounts. He'd left the company months earlier. His credentials still worked. That single insider incident cost Cisco roughly $2.4

Carl B. Johnson Jan 15, 2022 6 min read
Insider Threats

Malicious Insider vs Negligent Insider: Real Threats

One Cost the Company $3.4 Billion. The Other Just Forgot to Lock the Door. In 2020, a former Ubiquiti employee launched a devastating attack against his own employer — stealing proprietary data, attempting extortion, and then posing as a whistleblower to tank the company's stock. That's

Carl B. Johnson Jan 15, 2022 7 min read
Work From Home Cybersecurity

Work From Home Cybersecurity: A Practical Defense Guide

The Breach That Started on a Kitchen Table In December 2020, a SolarWinds contractor working from home reportedly used the password "solarwinds123" on a critical server. That single weak credential contributed to one of the most devastating supply chain attacks in history, compromising at least nine U.S.

Carl B. Johnson Jan 15, 2022 7 min read
NIST Cybersecurity Framework

NIST Cybersecurity Framework: A Practical Guide for 2022

When Colonial Pipeline shut down 5,500 miles of fuel infrastructure in May 2021 due to a single compromised password, it wasn't a failure of technology. It was a failure of framework. The company lacked the layered defenses, detection capabilities, and response plans that the NIST Cybersecurity Framework

Carl B. Johnson Jan 01, 2022 7 min read