Entries by Brad Johnson

Protecting Data from Cyber Thieves

Getting hacked is one of the most feared outcomes for anybody who is doing business on or through the Internet. The bad news is there are always people trying to hack systems and get access to sensitive, private or confidential data. The good news is that the tips a financial advisor should follow to safeguard […]

Steps Enterprises Should Take to Eliminate Website Vulnerabilities

It’s understood that security is not an endpoint. It is a process that requires constant vigilance, reassessment and evolutionary change. The security of a website is no exception. Most websites continue to have security vulnerabilities because the primary focus tends to be on application functionality and not security. Application developers are incented to finish updates […]

Steps SMBs Should Take to Protect Their Data

With security breaches continuing to dominate the news, I’d like to take this opportunity to share my response to a recent Q&A addressing the steps small businesses should take to protect their data against security breaches.  1.  What steps should small businesses take to protect their data and e-commerce sites? One of the most important steps […]

What is the next Heartbleed in IT?

As IT security consultants, we are constantly surveying the landscape to see what the next threat will be for our clients. What made Heartbleed so dangerous is that it existed in a piece of software that most Internet users depend on (infrastructure) and that the exploit itself yielded immediately consumable security data (payload) like certificate […]

24/7 Cyber Security: Questions Small Retailers Should Ask an eCommerce Site Provider

‘Tis the season for scammers – so providing secure commerce capabilities to customers is high on the list of small retailers By their nature, small retailers don’t have the skills, expertise or infrastructure to provide their own eCommerce capabilities. Knowing that, the key to providing secure commerce capabilities to their customers is using well-known (large) […]

Common mistakes in IT security risk assessments

Dark Reading put together an article focused on common mistakes organizations make when running IT security risk assessments.  Included below was my response and the Dark Reading article is posted here. Trying to do too much.  One of the most common mistakes is trying to go from nothing (haven’t done an assessment) to finished in […]