Small Business, Big Exposure: California’s New Cyber Law Hits More Than You Think
Think you're too small to worry? Think again. On July 24, 2025, California approved new cybersecurity rules that don’t just apply ...
Why Every Business Needs a Written Information Security Plan (WISP)—Before They Learn the Hard Way
What Is a WISP? A Written Information Security Plan (WISP) is exactly what it sounds like: a formal, documented plan outlining your organization’s security program. It spells out the policies, procedures, and responsibilities for protecting your company’s data. Think of ...
What You Don’t See Can Hurt You: Why Cybersecurity Change Can’t Wait
Let’s face it—changing the way your business operates is hard. You’ve built systems. Created workflows. Trained your team. And even if you know things could be more secure, the idea of altering how people work, communicate, and handle data feels ...
Not All Cybersecurity Assessments Are Safe—Here’s What You Need to Know
If your business has brought in a third party to assess cybersecurity risks—or is planning to—you’re already ahead of the game. But here’s the catch: not all assessments are created equal. Recent vulnerabilities (CVE-2025-32353 and CVE-2025-32354) exposed a major flaw ...
“We’ve Got This Handled.” Famous Last Words.
I was just talking to an MSP owner last night at CRN Secure. Confident guy. Told me he had everything covered when it came to cyber liability. So I hit him with a few of my favorite questions: How are ...
Why Rushing Compliance Could Be the Most Expensive Mistake Your Business Ever Makes
Imagine someone telling you they could build out your entire HIPAA compliance program in under three days. That’s not a typo. Three days. No heavy lifting required on your part. Sounds almost ...
Will Your Cyber Insurance Actually Pay Out?
I was on a call with a client when the million-dollar question dropped: “What steps can I take to guarantee my ...
Victoria’s Secret Just Pulled the Plug on Its Website. Here’s Why That Should Worry You.
Last week, Victoria’s Secret—the billion-dollar lingerie brand—shut down its U.S. website and paused some store services. They called it a “security incident.” No one knows yet what happened behind the scenes, but one thing is clear: it was serious enough ...
Is Your IT Guy About to Lose You Your Business? Your Career? Your House?
If you’re a CEO, CFO, or business owner, your IT guy might be the weakest link in your liability chain. Yeah, I said it. This is the person who couldn’t get your email to sync on your phone last week. ...
Joy’s $300K Ice Cream Disaster: Why CEOs Should Fear Sugar Cones and Section 5
Last week, I had an ice cream cone. The old-school sugar kind. Delicious, nostalgic—and apparently a hacker favorite. Because back in February 2023, the folks at Joy, the ice cream cone company, got breached. That’s right—cone makers. And not just ...
