Tag

Zero Trust Security

Zero trust security content examines the principle of never trusting and always verifying every user, device, and connection. Articles explore micro-segmentation, least-privilege access, continuous monitoring, and how organizations transition from perimeter-based defenses to zero trust models.

posts

Cybersecurity

Cybersecurity in 2026: What Actually Works Now

The Breach That Changed How I Think About Cybersecurity In February 2024, Change Healthcare suffered a ransomware attack that disrupted insurance claims processing for hospitals and pharmacies across the United States. UnitedHealth Group confirmed the breach affected approximately 100 million individuals — making it one of the largest healthcare data breaches

Carl B. Johnson Feb 25, 2019 6 min read
Security of Cyberspace

Security of Cyberspace: What Actually Works in 2026

In February 2024, Change Healthcare — one of the largest health payment processors in the United States — suffered a ransomware attack that disrupted pharmacy operations, delayed insurance claims, and exposed the protected health information of roughly 100 million people. One set of stolen credentials. No multi-factor authentication on a critical system.

Carl B. Johnson Feb 25, 2019 6 min read
Cybersecurity Tips

Cybersecurity Tips That Actually Stop Breaches in 2026

In 2024, the average cost of a data breach hit $4.88 million globally, according to IBM's Cost of a Data Breach Report. That number didn't come from sophisticated nation-state attacks or exotic zero-days. Most of those breaches started with stolen credentials, a phishing email, or

Carl B. Johnson Feb 25, 2019 6 min read
Security for System Administrators

Security for System Administrators: A 2026 Field Guide

The Breach That Started With a Single Unpatched Server In 2023, the MOVEit Transfer vulnerability (CVE-2023-34362) let the Cl0p ransomware gang compromise thousands of organizations worldwide — including federal agencies and major financial institutions. The root cause wasn't exotic malware or a sophisticated zero-day chain. It was a known

Carl B. Johnson Feb 25, 2019 7 min read
What Is Cybersecurity

What Is Cybersecurity? A Practitioner's Real-World Guide

The Question Everyone Asks After the Breach In 2023, MGM Resorts lost an estimated $100 million after a threat actor called Scattered Spider social-engineered its way past the help desk with a single phone call. The attackers didn't exploit some exotic zero-day vulnerability. They called IT, pretended to

Carl B. Johnson Feb 22, 2019 7 min read
Web Security Best Practices

Web Security Best Practices That Actually Stop Breaches

The MOVEit Breach Started With One Overlooked Web Flaw In 2023, a single SQL injection vulnerability in the MOVEit Transfer web application led to one of the largest mass exploitation events in history. Over 2,600 organizations were compromised. Sensitive data from government agencies, banks, and healthcare providers was exfiltrated

Carl B. Johnson Feb 22, 2019 8 min read
Computer Security Companies

Computer Security Companies: What They Won't Tell You

The Breach That $300K in Security Tools Didn't Stop In 2023, a mid-sized healthcare firm in the Midwest spent over $300,000 annually on products from multiple computer security companies. Endpoint detection, SIEM, email gateway filtering — the full stack. Then an employee clicked a phishing link inside a

Carl B. Johnson Feb 22, 2019 7 min read