When I came on in January of 2020 as co-founder of the Carolina Cyber Center (C3), we cast a vision for what C3 was to become. We wanted to do three things: to develop men and women of character in cybersecurity, to provide services to small businesses (public and...
Over 400K lost: Another Type of Fraud
After speaking to a TV station recently about the Zelle fraud vector, I had another phone call on behalf of an elderly woman. Victim to another instance of fraud, this woman lost over $480,000. From the sound of it, the only thing she now has left to live on is social...
The Everyday Struggle to Survive and Protect
I still remember the moment I was alerted that the password used for my company’s cloud storage—where we stored our backups, our data, essentially everything we wouldn’t want to be misplaced or stolen—had been compromised in a data breach. It was a heart-stopping...
Make the Statistics Irrelevant
Between 60-80% of data breaches aren’t publicized. We recently signed an agreement with a large group purchasing organization (GPO) to offer services to healthcare companies across America—services like cybersecurity risk assessments, policies, procedures,...
Building Security Together: A Hack the Port 2022 Review
Last week, I had the honor of being a part of the Hack the Port conference in Fort Lauderdale. We heard from national leaders including Alejandro Mayorkas, Secretary of the Department of Homeland Security (DHS); Jen Easterly, Director of Cybersecurity and...
Goodbye, PayPal.
After twenty years, I deleted my PayPal account last Monday morning. You’ve heard my thoughts on user responsibility as it relates to Zelle fraud. But the reality is that responsibility is a two-way street. Even though we are responsible for ensuring that who we send...
Fight the Epidemic: Burnout in Cybersecurity
“71% of [security] analysts experience some level of burnout” and, “64% say they’re likely to switch jobs in the next year.”[1] I love this industry, and it pains me to see statistics like this, even assuming massive bias in the data. While the “security analyst” role...
Learning Cybersecurity Beyond Technical Skill
We all remember sitting through classes because we had to; it didn’t matter if we respected our instructors, if we would ever need to know this again, or if we thought they knew what they were talking about. The only thing that mattered was getting through the class,...
The Attack You’re Responsible For
When a smishing (SMS-phishing) attack poses as your bank and rips you off thousands of dollars through Zelle, who’s responsible and accountable for the? Is it your bank, since they cover other types of fraudulent losses? Is it Zelle, since it was their platform that...
Competence Before Certification: A Letter to Cybersecurity Students
To Current and Future Students, Our jobs are not easy. By ‘our,’ I mean yours and mine. We prepare long hours, studying to create a technical foundation. We work to understand the ins and outs of networks, applications, and firewalls. We painstakingly analyze...