I had a call today to answer questions about a security audit we recently finished. The customer had several questions...
Cyber Security
You Can Help a Smaller Organization Be CyberSmart
I have been on a mission for a while now, looking for ways to push cybersecurity knowledge out to smaller...
What You Should Do About the LastPass Breach
Welcome to 2023! What with the holidays (you do remember them, right?) and the end-of-year distractions (hello, bomb...
Top Phishing Trends in 2022
Our partners at cybersecurity firm INKY just came out with their “Email Security Annual Report” for 2022-2023, chock...
Clone Phishing: A Scary New Tactic
Oh boy. These guys just don’t stop; they’re coming up with new tricks to steal our data, left, right and center. The...
The Online Holiday Scams You Need to Look Out For
Yes, my friends, it’s that time of year again. Time to start making our lists and checking them twice. Time to start...
Phishing Business-Related Messages Still Most Successful
Back in April I gave you the results of a quarterly study by KnowBe4 that looks into which phishing subject lines...
Can We Please Stop Making it So Easy for the Hackers?
Ahhh, passwords. The bane of our collective existence. Yes, we know we need them to protect our private information....
If Security Compliance is Auditable, Get a Compliance Tool
I have written before about a security compliance tool we have been using, ComplyUp. (You can read about it here and...
CGNET and ActZero
Ricardo (our CTO) and I met with ActZero (in real life!) today to further develop our partnership. I have written...
Phishing in Your Own Pond: The Importance of Simulated Phish Tests
Phishing simulations are a key part of any comprehensive security awareness training program. By sending out fake...
Here are Some Cybersecurity Awareness Month Resources for You
Yes, Virginia, it is October and that means it is--wait for it--National Cybersecurity Awareness Month! Not just a...
We Are Here for You with Zero Trust Resources
Zero ____. It is one of this week’s New York Times crossword clues. (Don’t tell me the answer. I have not solved the...
Four Factors for Effective Security Awareness Training
Social engineering remains the top way criminals infiltrate an organization’s data, and the problem gets worse every...
Yes, MFA Can Be Hacked. Now What?
I read a blog post today from our friends and partners at cybersecurity firm KnowBe4 that was a bit unnerving. While...
ComplyUp and NIST 800-171 are Ruining My Life
Yes, I am exaggerating. Call it artistic license. But ComplyUp and NIST 800-171 are beginning to rewire my brain. This...
The Human Firewall: The MOST Important Part of Cybersecurity
Your organization may be guilty of a common misconception, that cybersecurity and risk management are the sole purview...
There’s Something About INKY
I wrote last week about our adoption of INKY and teased about the INKY logo. To spare you the searching, I have...