Entries by Brad Johnson

What’s new in phishing?

I was recently asked to comment on what’s new in phishing. In some sense, phishing attacks are always the same. They count on the fact that some (small) percentages of people will follow links or provide information to sources that haven’t been verified or shouldn’t be trusted. They also know that even though most IT […]

How enterprises can protect themselves against cyber-attacks

I was recently asked to comment on data security in relation to increasing threat of cyber attacks ahead of the upcoming 2020 election. How can enterprises adequately protect the data privacy of their products and services as well as their clients and employees?  My response is that there’s no silver bullet to prevent cyber attacks […]

Ransomware – should you pay or not?

You may have seen the recent news about cities and towns being held hostage to hackers infecting their data. With over 25 years of experience in cyber security, I’ve seen it all. To help guide you in managing a ransomware attack, I’ve outlined the steps you can take to minimize the impact on your organization […]

How significant is the tool sprawl problem?

Following up on my post earlier this month on Shadow IT, I wanted to discuss a related issue – “tool sprawl.” Tool sprawl describes an environment where the deployment and use of tools is not managed by a single IT group: applications, software, and tools are installed by end-users because they believe that waiting for […]

Four Tips for Dealing with Shadow IT

Simply stated, Shadow IT is what happens when people within an organization decide to deploy Information Technology systems and services without approval from the official IT group.  On the positive side, this can be the source of real innovation from within the company without the normal formal approval process that can be time consuming and […]

Three Security Predictions for 2019

I was recently asked my thoughts about cyber security trends for the 2019. Here are a few of my predictions: 1. Many security issues will still be caused by human error. Despite many technology advances, a significant number of issues are caused by people using bad judgement or organizations deploying hardware and services insecurely. The […]

Can Additional Legislation Improve IoT Security

I was recently asked if increased legislation could help improve IoT security, and how it will affect the IT department. Here’s my response: Legislation can absolutely help IoT security by ensuring that manufacturers follow common core principles, strategies and infrastructure. The Cybersecurity Improvement Act of 2017 is an example of how legislation can compel manufacturers […]

Tips to Protect Against Ransomware

Following the Wannacry outbreak, we were reading about another attack, called Adylkuzz. Both cyberthreats rely on a Windows bug that was patched on March 14 and only affect PCs that haven’t installed the latest version of Microsoft’s software updates. In light of this news, I thought it would be timely to talk about some common sense […]