Technology sprawl usually starts with good intentions. A team signs up for a new collaboration platform. Someone...
Cyber Security
It’s The Day After a Cyberattack: Now What?
Most cybersecurity conversations end at prevention. And of course, things like firewalls, MFA, awareness training, and...
A Cybersecurity Myth: We’re Too Small to Target
A common thing we hear from smaller organizations when it comes to cybersecurity is this: “We’re not a big...
The Hidden Cost of “Free” Tools in Your Organization
I mean, let’s be real here: Who doesn’t like a freebie? There’s just something inherently appealing about anything you...
The Promptware Kill Chain: A New Kind of Cyber Threat
A growing concern in AI security is “prompt injection” — the idea that someone can sneak malicious instructions posed...
Five Cybersecurity Questions Every Board Should Be Asking
In a previous post, I explored how foundations have a distinctive cyber risk profile. Small internal teams, high...
Hackers Don’t Break In Anymore. They Just Log In
Nobody pictures a security breach starting with Karen from Communications. But here’s the uncomfortable truth: the...
AI Didn’t Break Your Security… It Just Turned on the Lights
I know that many (most?) of our customers have already rolled out AI tools within their organizations -- or they are...
Cybersecurity Fatigue Is Real. Here’s How to Overcome It
If cybersecurity feels exhausting lately, you’re not imagining things. New threats (many driven by AI). Another...
It’s Beginning to Look a Lot Like Phish-mas: 2025 Holiday Scams
Yep, here I am again: your annual voice of doom and gloom, warning you about this year’s biggest holiday phishing...
Trust Under Attack: AI Deepfakes Rewriting the Rules for Nonprofit Security
Philanthropy has always attracted fraudsters — fake charities, spoofed donor names, wire transfer scams. But with the...
AI for Good Security: Helping Nonprofits Defend Against Cyber Threats
As we all know, nonprofits exist to make the world better, not to fend off hackers. Yet as more mission-driven...
Human Risk Management (HRM): Turning People into Cybersecurity Assets
It seems like every week I see news stories about how cybersecurity threats are evolving at a frightening rate, now...
Cybersecurity Insurance: A Shield or a Sham?
Cybersecurity insurance has become a hot topic in recent years, especially as data breaches, ransomware attacks, and...
Email Spoofing: When the Message in Your Inbox Comes from You
This topic reminds me of that 1979 horror movie with the famous line, “The call is coming from inside the house!” ...
Identity Theft: The Major Cyber Threat to Mid-Sized Organizations
When we think about cybersecurity, we often picture firewalls, antivirus software, and ransomware protection—and yes,...
The Impact of DOGE Cuts to CISA and Organizational Cybersecurity
In recent months, the Cybersecurity and Infrastructure Security Agency (CISA) has faced significant workforce...
Cybersecurity Meets the Art of War: Why Sun Tzu Still Wins in the Digital Age
Ever since I wrote Zen and the Art of Cybersecurity, I’ve kept an eye out for other Eastern philosophies that could...