Tag

Zero Trust Security

Zero trust security content examines the principle of never trusting and always verifying every user, device, and connection. Articles explore micro-segmentation, least-privilege access, continuous monitoring, and how organizations transition from perimeter-based defenses to zero trust models.

posts

Cyber Hygiene

Cyber Hygiene Definition: What It Really Means in 2026

A Single Reused Password Cost One Company Everything In 2021, the Colonial Pipeline ransomware attack shut down fuel distribution across the U.S. East Coast. The entry point? A single compromised password on a legacy VPN account that lacked multi-factor authentication. That's not a sophisticated nation-state exploit. That&

Carl B. Johnson Sep 07, 2020 6 min read
Cyber Hygiene Checklist

Cyber Hygiene Checklist: 12 Steps That Actually Work

In 2023, MGM Resorts lost an estimated $100 million after a threat actor called Scattered Spider social-engineered an IT help desk with a ten-minute phone call. No zero-day exploit. No nation-state tooling. Just sloppy basics. That breach — and hundreds like it every year — could have been prevented with a disciplined

Carl B. Johnson Sep 07, 2020 7 min read
Cybersecurity Due Diligence

Cybersecurity Due Diligence: What Most Companies Miss

The $350 Million Wake-Up Call Nobody Expected When Verizon acquired Yahoo in 2017, a previously undisclosed breach affecting 3 billion accounts forced the deal price down by $350 million. That single failure of cybersecurity due diligence became the most expensive cautionary tale in M&A history — and it permanently

Carl B. Johnson Jun 25, 2020 7 min read
Man in the Middle Attack

Man in the Middle Attack: How Hackers Steal Data

In 2015, a Belgian company called Crelan Bank lost over €70 million to a sophisticated fraud scheme that began with attackers intercepting email communications between executives. The threat actors positioned themselves between two parties, manipulated invoices, and redirected payments — all without either side realizing the conversation had been compromised. That&

Carl B. Johnson May 08, 2020 7 min read
Phishing Prevention Tips

Phishing Prevention Tips That Actually Stop Attacks

In 2023, the FBI's Internet Crime Complaint Center received over 298,000 phishing complaints — more than any other cybercrime category. That number has only grown since. I've spent years helping organizations respond to phishing incidents, and the pattern is almost always the same: someone clicks a

Carl B. Johnson Jan 19, 2020 7 min read
Cybersecurity Training for Employees

Cybersecurity Training for Employees: A 2026 Guide

The Breach That Started With a Single Click In January 2024, a finance department employee at a mid-size manufacturing firm opened what looked like a routine DocuSign notification. Within 72 hours, a threat actor had exfiltrated 1.2 million customer records and deployed ransomware across the company's entire

Carl B. Johnson Dec 14, 2019 7 min read