Tag

Zero Trust Security

Zero trust security content examines the principle of never trusting and always verifying every user, device, and connection. Articles explore micro-segmentation, least-privilege access, continuous monitoring, and how organizations transition from perimeter-based defenses to zero trust models.

posts

Supply Chain Attack Examples

Supply Chain Attack Examples That Changed Cybersecurity

The Attack That Hit 18,000 Organizations at Once In December 2020, security firm FireEye disclosed that it had been breached — and that the attack vector traced back to a routine software update from SolarWinds, a trusted IT management vendor. Within days, the scope became staggering: up to 18,000

Carl B. Johnson Oct 01, 2021 7 min read
Cybersecurity Due Diligence

Cybersecurity Due Diligence: What Most Companies Skip

When Marriott acquired Starwood Hotels in 2016, the deal looked solid on paper. Two years later, Marriott disclosed that hackers had been inside Starwood's reservation system since 2014 — exposing the personal data of up to 500 million guests. The breach predated the acquisition. The liability didn't.

Carl B. Johnson Sep 23, 2021 7 min read
Multi-Factor Authentication

Authenticator App vs SMS Verification: Which Is Safer?

In February 2021, T-Mobile disclosed a data breach that exposed customer phone numbers and SIM information. That same month, the FBI's Internet Crime Complaint Center continued logging a surge in SIM swap complaints — a threat that directly undermines SMS-based two-factor authentication. If your organization still relies on text

Carl B. Johnson Sep 16, 2021 7 min read
Cyber Security

Cyber Security in 2021: What Actually Stops Breaches

Colonial Pipeline. JBS Foods. SolarWinds. The first half of 2021 has delivered a masterclass in what happens when cyber security fails at scale. Colonial paid $4.4 million in ransom. JBS paid $11 million. And the SolarWinds fallout — which compromised nine federal agencies and over 100 private companies — is still

Carl B. Johnson Jul 01, 2021 7 min read
Security of Cyberspace

Security of Cyberspace: What Actually Works in 2021

The Colonial Pipeline ransomware attack in May 2021 shut down fuel delivery across the U.S. East Coast for nearly a week. Gas stations ran dry. Panic buying erupted. A single compromised password — reportedly linked to an inactive VPN account without multi-factor authentication — brought critical infrastructure to its knees. If

Carl B. Johnson Jun 03, 2021 6 min read