Resources
Stop Trying to Boil the Cybersecurity Ocean
Let’s not pretend. Cybersecurity sounds exhausting. You’ve got a business to run, people to manage, goals to hit, and now someone’s telling you that you need 40 new policies, a risk framework, and maybe a cybersecurity bootcamp just to stay ...
Cyber Trends
The Windows 11 Time Bomb Your MSP Forgot to Mention
Let me tell you a story. It starts like most horror stories do—with a false sense of security. I sat down recently with the CEO of a well-run, 250-person company. Smart guy. Good business. Solid MSP. We talked shop: headcount, ...
Microsoft Just Extorted You. Here’s What to Do About It.
You don’t have to upgrade to Windows 11. That’s the good news. The bad news? If you don’t, your business is about to enter a slow, painful spiral into cyber vulnerability and operational chaos. Right now, people are calling Microsoft’s ...
Well, That Didn’t Last Long: Why Your Cyber Strategy Can’t Be Based on Headlines
Not even a full week. That’s how long we had between a glimmer of good news and a fresh slap of reality. Just a few days ago, security analysts were celebrating. Ransomware payments, they said, were down. A win! Maybe ...
Business Resilience
Part 2: Coffee or a Crisis: The CEO’s Choice in Cybersecurity
Last time we looked at why tabletop exercises matter and how they can reveal the cracks business leaders don’t notice until ...
The Silent IT Risk That Can Wreck Your Company Value: Tribal Knowledge
When CEOs and CFOs think about cybersecurity risk, they think about hackers, ransomware, and data breaches. What they do not think about is the way their own IT teams operate—and how that internal process can make or break the company ...
Could Your Business Survive a Cyberattack? (Most Can’t—and Won’t)
The US bombed Iranian nuclear facilities last week. The result? A “spectacular military success,” sure—followed immediately by the Department of Homeland Security warning that Iran’s state-backed hackers (and a gaggle of bored ...
Security Best Practices
Stop Trying to Boil the Cybersecurity Ocean
Let’s not pretend. Cybersecurity sounds exhausting. You’ve got a business to run, people to manage, goals to hit, and now someone’s telling you that you need 40 new policies, a risk framework, and maybe a cybersecurity bootcamp just to stay ...
The Cybersecurity Test You Think You're Passing (You're Not)
We were just running a security assessment for a 150-person company last week. Nice organization. Professional. Fancy logos on their trucks. Well-funded. And in about 11 minutes, we were inside their network. Here’s how it started: We sent an email. ...
Why Every CEO Needs a Cyber Incident Response Playbook
Why This Problem Lands on Your Desk When a cyber incident hits your company, the first call usually goes to IT. But very quickly, the responsibility shifts to you and your leadership team. Regulators, insurers, customers, and even the media ...
More Articles
You Can Do Everything Right—And Still Get Sued
His team scrambled. Worked all hours. Pulled the company back online. They did it fast. They did it clean. Then they did what responsible companies are supposed to do. They sent out breach notifications. They offered identity protection to the ...
Your Security Software Can Be Bypassed—Will Your Evidence Hold Up in Court?
Let’s start with a question: Have you ever inspected your IT team’s work? Not asked them how things are going. Not nodded while they mentioned “zero trust” and “EDR.” Actually inspected their work. Because you do it everywhere else. You ...
Sued Yet? You Will Be.
I was talking to a lawyer the other day—one of the good ones. The kind who’s seen too many “it’ll never happen to me” business owners get chewed up in court. I asked him a simple question: “How do you ...
Your Gate Is Locked. But Is It Doing Anything?
Last week, I had a conversation with a CEO who just crossed a billion dollars in revenue. Yes, billion with a “B.” Big milestone. Big operations. Big targets. So why was he on the phone with me? Because his security ...
You Thought You Were Safe. You Weren’t. Now the Clock Is Ticking.
For years, small business leaders have operated under a dangerous assumption: “We’re not big enough to be a target.” That illusion? It’s gone. Just ask the British retailers—Harrods, Marks & Spencer, and the Co-op—who’ve been dragged into the spotlight after ...
The Thank You Tour: The Simple Habit That Transformed My Leadership (and My Friday Afternoons)
Let me guess: you make time to follow up when things go wrong. You spot the mistake. You catch the error. You bring the heat. And yes, you do it because you care—about the business, the clients, the mission. But ...
Change Your Password? No. Change Your Strategy Before It’s Too Late
Let me guess—you’ve been meaning to change your password. Great. But here’s the problem: if that’s your whole plan, you’ve already lost the game. We’ve seen inside the networks of companies just like yours. We’ve watched how your team behaves ...
The Day After the Breach: 3 CFO Mistakes That Turn Cyber Incidents Into Lawsuits
You’ve balanced the books. Squeezed every dollar from operations. Watched every hire, lease, and expense. But while you’ve been busy protecting the budget… who’s protecting you the day after a breach? Let’s be clear: when hackers hit, it’s not your ...
Cyber Chaos at Marks &; Spencer: No Plan, No Sleep, No Excuse
You might not shop there, but you should pay attention. Marks & Spencer, or M&S, is a British retail giant—think Macy’s meets Whole Foods. They’re one of the most recognizable names in UK retail. Hundreds of locations. Thousands of employees. ...
You Can’t Scale If You Can’t Name the Dragon
I was having dinner the other night with a CEO of a $2 million MSP. He was excited. Like, jittery-excited. We hadn’t even ordered drinks before he started laying out all the “amazing things” his company had going on. New ...
When the Breach Happens, You’re Not the Victim—You’re the Defendant
Let’s start with the bad news. When your company gets breached—and you will get breached—you won’t be the victim in anyone’s eyes. Not your insurer. Not the regulators. Not your board. And definitely not the people whose data was impacted. ...
The One Lie That’s Killing Your Business (and the Seat It’s Sitting In)
I had breakfast with Jim Collins the other day. Okay—he was on stage. I was in the crowd of 400 CEOs, frantically taking notes while inhaling burnt coffee and half-warm Styrofoam eggs. But I was there. I heard him speak ...
