I’m going to answer this question with a question: Did you know there are at least five high-profile cyber battles that have already happened that you can study? Stuxnet –…
This question was recently asked by Mohammad on Quora. Here’s how I encouraged him to set himself apart in a new career in Cyber Security. There’s one practice that I’ve…
WPA3 delivers several security improvements. Here’s a big one: When you connect to an open Wi-Fi network, the traffic between your device and the Wi-Fi access point will be encrypted,…
Here’s a big problem that bugs me: Most people manage cyber risks the way they manage static risks. This is a big mistake. Here’s an example: Fire is a static risk….

There are two main strategies I use when I’m in the role of CISO: Make sure people know what’s expected of them. This includes written procedures, training, and periodic reminders…
“Share prices of breached companies hit a low point approximately 14 market days following a breach. Share prices fall 2.89% on average, and underperform the NASDAQ by -4.6%,” according to…
A journal of blank pages that you keep under lock and key when you’re not actively using it. This approach has a lot of security potential, but it’s not very…
For routine uses, I recommend “Darik’s Boot and Nuke” (DBAN) using the “DoD Short” method. Darik’s Boot and Nuke – Wikipedia But, if you have any personal information that you…
I’m not sure about Dashlane, but I can help you figure it out. Password managers are under constant attack. You want a team of skilled and motivated people quickly responding…
The motivations for releasing malicious code onto the public Internet fall into four broad categories: Political ambitions of a nation/state: Good examples are NotPetya and Shamoon, both of which are designed to destroy…