How To Win Friends and Influence People To Be More Cybersecure
At the beginning of George Johnson’s career as a safety inspector, he would tellpeople about the roles and regulations requiring them to wear hard hats. Theywould put their hard hats on when they saw him, and then promptly take themoff after he left.Later on in his career, he would go to the worksites and ask […]
What Gymnastics Taught Me About Cyber
My daughter has been in gymnastics for several years. This, of course, means that I’ve spent countless hours in a gymnasium watching her, cheering her on, supporting her when she’s frustrated. All while trying to be a good dad by not looking at my phone and getting lost on social media or email. I remember […]
Zero Trust and the Parable of the Oranges
The Parable of the Oranges is a powerful metaphor for leadership and teamwork, and it can be especially relevant to those working in information technology and cybersecurity. The story goes like this: An ambitious man who has been with a company for years is passed over for a promotion by a person with only a […]
George’s Top 10 Favorite Reads of 2022
For the past several years, I’ve been doing a summary of my top 10 books of the year (5 nonfiction & 5 fiction). Not all these books came out in 2022, but I read them all this year. These books aren’t all cybersecurity related, but you can skip to the end for that:) Nonfiction  […]
The Most Important Part of Zero Trust: People.
Since my book Project Zero Trust came out, I’ve had the privilege of talking to cybersecurity leaders from all over the world. Since the President’s Executive Order on Zero Trust came out, there’s been a real hunger for helpful information on how to be successful at a Zero Trust implementation. I think the reason that […]
The Best 10 Free Cybersecurity Services
I’ve seen several recent posts about lots of free and open source tools in the security community. These kinds of tools are incredibly important, but they often are targeted towards individuals with some experience to be able to use. This is a challenge for small businesses or nonprofits who may not have the resources or […]
The Five Best TED Talks on Cybersecurity
It’s been a long year since the pandemic began, and one of the things that I’ve missed most has been the opportunity to be able to attend our local TED talks or to hear my cyber peers share their important perspectives on cyber with the TED audiences. With that in mind, I thought I’d share […]
Make Cybersecurity Easy With Tiny Habits
Have you ever been told to never write your password down? Or never use social media? Don’t click on links? Never use Wi-Fi at a coffee shop? Cybersecurity should be easy, but sometimes advice like this makes it seem hard. We think making cybersecurity can be easy, you just need to build habits. There are […]
The Inside Story of How The Girl Scouts Created Their Cybersecurity Merit Badges
In June 2017, I was in Vancouver, British Columbia, attending Palo Alto Networks’ annual cybersecurity conference, Ignite. Typically, the focus is on in-depth technical challenges and on how customers are solving those problems using Palo Alto’s technology, but something different happened in 2017. During the opening keynote, Mark McLaughlin, who was the CEO of Palo […]
Cybersecurity Mythbusters – Biggest Phisher Edition
You should always expect to get a phishing message. Or at least that’s what we tell people. That is the solution to all our phishing problems, right? Actually, I think this has turned out to be another one of those myths that we tell ourselves in the cybersecurity world. And to protect our communities effectively, […]
Cybersecurity’s Pepsi Challenge
I’ve been thinking a lot lately about one of the most famous marketing campaigns of all time, the Pepsi Challenge. But this isn’t an article about soft drinks, or marketing agencies. This article is about cybersecurity awareness and how we need something better. If you’ve never taken the Pepsi Challenge, let me describe it for […]
Phishing Fair Can Build Trust
I was talking with some colleagues on LinkedIn recently about simulated phishing. A company last week used a particularly tone deaf simulated phishing message at a company struggling during the COVID-19 pandemic. Employees had been furloughed, salaries were cut, so when a simulated phishing message claiming to offer bonuses was sent, the employees were furious. […]