Cybersecurity Executive, Speaker & Strategist
Over the past several weeks, I’ve been noticing a pattern: legitimate corporate emails from well-known companies are getting blocked. Not going to spam. Blocked. The culprit in most cases? Spamhaus ZEN. And the common thread is Google. Here’s what’s happening, why it’s getting worse, and what your organization should do about it. The Core Problem: Shared IP Contamination Google Workspace…
You’re Outsourcing Risk That’s Easy to Reduce Having worked in the world of email filtering for more than 15 years, I know a thing or two about the proper email configuration settings necessary to dramatically reduce SPAM and phishing. Over time, new configuration standards have been improved to the point that it’s possible to drastically reduce your exposure simply by…
What Happened? Hackerbot-claw – an AI bot, running autonomously for a week, scanned 47,000 repos and compromised at least 6 major targets including Microsoft, DataDog, Aqua Security, CNCF projects, and popular tools like RustPython and Trivy by opening more than a dozen pull requests, achieving arbitrary code execution and exfiltrating tokens with write permissions. No zero-days. No nation-state resources. Just…
CrowdStrike 2026 Global Threat Report finds that the average attacker breakout time has dropped to just 29 minutes for financially motivated attackers in 2025. That’s a whopping 65% acceleration year-over-year with the fastest observed breakout time clocking in at 27 seconds. Breakout time is the elapsed time between an attacker gaining initial foothold and moving laterally to another system inside…
Anthropic shipped Remote Control for Claude Code today — and developers are losing their minds over it. You can now kick off a complex coding session at your desk, walk away, and keep full control from your phone. It’s genuinely impressive engineering. But before you forward this to your dev team as a cool new tool, your security organization needs…
On Friday, Investing.com reported that shares of cybersecurity software companies tumbled after Anthropic introduced Claude Code Security. CrowdStrike was among the biggest decliners, falling 8%, while Cloudflare slumped 8.1%. Zscaler dropped 5.5%, SailPoint shed 9.4%, and Okta declined 9.2%. The Global X Cybersecurity ETF fell 4.9% and closed at its lowest since November 2023. What Is Claude Code Security? Claude…
I started seeking the next step in my career a few weeks ago. I first updated my resume and set my LinkedIn profile to “Open to Work” for recruiters and hiring teams to see my status. I also put a post indicating that I was “Open to Work” outlining what I am seeking. Within minutes, I was contacted by two…
People by nature don’t like to be told what to do. Most people would rather be told what needs to be done and left to their own devices to produce the end result. That approach works fine if you are an organization of one. Bring in another person and suddenly things start to get done differently by each person. Those…
A company can have the best security controls in place, have a staff that is highly security-aware and have what they consider outstanding security practices in place and yet bad things can and do happen. Many times, security breaches are caused by malicious actors exploiting some unnoticed vulnerability in a running service or other infrastructure. These breaches happen without involving…
A recent post by Kendra Cooley led to a lively discussion around the value of SOC2 attestations. She followed this up with an article that goes into a bit more depth. Discussion around these sorts of issues is always educational. The devil is in the details. When one discusses SOC without clarifying the details, the waters get muddy very fast.…
Happy New Year! As I began 2024, I spent a little time last weekend evaluating my online presence and personal security practices. I thought it would be worth sharing my perspective on how I manage my personal online accounts and access to those accounts. In doing this, maybe I can motivate you to make it a point to evaluate and…
Cybersecurity seems to dominate our lives. So much of our lives are dependent upon the Internet as we use connected devices to manage our shopping, finances and communications. The amount of data consumed and copied worldwide in 2010 was about 2 zettabytes. The amount predicted for 2024 is 147 zettabytes – almost 7500% growth in 14 years! Data is an…