WPA3 delivers several security improvements. Here’s a big one: When you connect to an open Wi-Fi network, the traffic between your device and the Wi-Fi access point will be encrypted,…
Here’s a big problem that bugs me: Most people manage cyber risks the way they manage static risks. This is a big mistake. Here’s an example: Fire is a static risk….

There are two main strategies I use when I’m in the role of CISO: Make sure people know what’s expected of them. This includes written procedures, training, and periodic reminders…
“Share prices of breached companies hit a low point approximately 14 market days following a breach. Share prices fall 2.89% on average, and underperform the NASDAQ by -4.6%,” according to…
A journal of blank pages that you keep under lock and key when you’re not actively using it. This approach has a lot of security potential, but it’s not very…
For routine uses, I recommend “Darik’s Boot and Nuke” (DBAN) using the “DoD Short” method. Darik’s Boot and Nuke – Wikipedia But, if you have any personal information that you…
I’m not sure about Dashlane, but I can help you figure it out. Password managers are under constant attack. You want a team of skilled and motivated people quickly responding…
The motivations for releasing malicious code onto the public Internet fall into four broad categories: Political ambitions of a nation/state: Good examples are NotPetya and Shamoon, both of which are designed to destroy…
As the Shamoon and NotPetya disk wiper malware have shown, an infected computer in a business context can be so compromised that it’s effectively destroyed. In many documented cases, organizations…
By mitigate, I assume you mean a company experienced a data breach and now wants to prevent it from happening again. The first step is to make a preliminary mitigation…