Do we really need another cybersecurity blog? There are already so many good cybersecurity blogs available. I read many of them myself and will occasionally cite some here. So why do we need another?

As an ethical hacker I like to keep up with the latest tactics, techniques, and procedures or TTPs, and the attack vectors that threat actors use to exploit vulnerabilities. But it’s that kind of techno-jargon that keeps non-technical people from reading these. So, I decided to create a cybersecurity blog that is mostly jargon-free; one that spells things out in plain terms for the regular guy or gal. This is how I conduct cybersecurity training and how I speak with business leaders who need our services. So I’ve created this blog to speak to those who are interested in protecting themselves from cybercriminals without getting deep in the weeds. I may occasionally throw some techspeak into a post, mainly so search engines know how to categorize it.

I’ve also decided to keep this blog mostly free from hypothetical threats. Many of the threats you read about involve vulnerable areas of software that, under the right conditions, could enable hackers to do something bad. Unless there is an imminent threat, I’ll try to stay away from the hypothetical and focus on what’s actually happening now—the threats you need to watch out for. Most importantly, I’ll end each with practical steps you can follow to be safe.

I’ve arranged posts in three categories.  First is Recent Threats. These are attacks that are happening now that you should be aware of. Security Tips covers general cybersecurity concepts and good practices. Just for Fun… well, you know what they say about all work and no play.

Although my team and I do cybersecurity professionally, I’m not going to use this blog to advertise. If you’d like our help improving your business’s security, feel free to contact me.

John the Cyber Guy