The groundhog has emerged to find...6 MORE WEEKS OF HACKS AND CYBERATTACKS! Wait, only 6??!! The litany of the hacked is our listing for each known/reported hack in the previous month. The point of the litany is not shame but awareness-raising that, well, these sorts of things happen. And so, the litany of the hacked for January 2026, which now includes some big-time targets, entire cities, and nation-state actors. Amazing that the groundhog even tries to guesstimate! Caracas, VZ...Islamic Republic of Iran Broadcasting (IRIB)...Kensington and Chelsea Council, UK...Instagram...Google Play...Palo Alto Networks...Sedgwick Government Solutions...KPMG Netherlands...Crunchbase...Nike...Poland's power grid...Fortinet...McDonald’s India...Luxshare Precision...Ingram Micro...Spokane County, WA...Gmail (AGAIN!)...The College Board's online SAT... The list goes on. Here's an...exciting...bonus: according to James Azar over at the Cyber Hub podcast, malicious Chrome and Edge browser ...

Boss man. Boss lady. Your cybersecurity manager is the lynchpin that makes your cyber-operations work.  We previously discussed cybersecurity technician talent, and now it's time for cybersecurity manager talents. Cybersecurity technician talent is the foundation for cybersecurity manager talent. Unfortunately, and we see this all the time, high-performing technicians are more likely to be promoted to manager. Promoting high-performing technicians to management makes sense in many ways, some good and some bad. It's critical for the cybersecurity manager to know cybersecurity. Also, and we all understand this, we're not going to promote people who are poor performers at a lower level.  This is the argument about minimum competence again. Sure, technician performance is a sign that the person is minimally competent, and yes that counts.  But there are too many differences in the demands on managers versus technicians for competence at a lower level to predict performance at...

  The nuts and bolts. The inside-out. Top to bottom. A to Z. The whole enchilada. Your cybersecurity technician may not come in knowing all these but this is the cybersecurity technician's domain. Cybersecurity technician talent is not dependent on where (or whether) that person went to college, or their MOS in the military, or the factoid that they held this job at a different organization. Sure, those are signs that the person is minimally competent, and yes that counts. But even recruiting at the 'right' elite college won't guarantee you more than that. Because other things count, also. And you/your recruiters are remiss if they don't take these other things into consideration. What counts beyond minimum competence is talent. We previously discussed the definition of talent offered by Conchie & Dalton: "A measurable, innate characteristic that a person demonstrates consistently in order to achieve high performance. Talents are strictly defined. A person...

Ah, how little joy it brings me to regularly search for "cybersecurity news today" and then to read the AI summary. Today, that means this: As of late January 2026, critical cybersecurity developments include  CISA adding a severe VMware vCenter flaw (CVE-2024-37079) to its exploited list, a surge in Chinese-linked cyber espionage using AI, and massive ransomware threats targeting critical infrastructure . Key focus areas include AI-driven attacks, browser security, and urgent patching for zero-day vulnerabilities This a good example of the current threat environment: A new exploit in some widely-used software (VMware in this case); AI-powered state-sponsored spying (the Chinese Communist Party in this case); Ransomware continuing to flourish, because it is profitable; Web browsers being targeted, because we use them so much and for so much; Urgent patching for zero-day vulnerabilities. All of this has become depressing normal for cybersecurity professionals; so much so th...

  You might expect to see polar bears on your street during a winter mega-storm. And you might expect to see polar bears if you popped your periscope up in the Antarctic. What if you see polar bears somewhere else? Have you ever seen that before? Pattern recognition is an important part of professional work. A lot of stock market work is done using charting, which is a fancy way of saying "I've seen this before." The dirty secret is than anyone can chart stocks (etc.) using financial websites, thus "I've seen this before" starts to sound a lot like "I've been in this job for a long time." Question is, how does the person turn their experience into action? It is well-known that experience is not a reliable indicator of performance. Instead it is a reliable indicator of minimum competence, and sometimes that counts.  But when you need an effective professional for your hedge fund or cybersecurity role, minimum competence is not enough. You need a...

Recently the topic of "Zero Trust" as a cybersecurity paradigm came up. This is a simple-seeming question which requires some context because a simple definition isn't really going to help you much. Here is the simple definition: Zero Trust is a cybersecurity paradigm whose motto is  Never trust, always verify. This motto is snappy and short and clear at the high level. But once you try to imagine how you would implement this paradigm there are many questions, starting with "what's the practical definition of 'cybersecurity paradigm'"? Your cybersecurity paradigm is your fundamental approach to cybersecurity. It underlies everything you do to maximize authorized access to your cyber resources while minimizing unauthorized access. It is usually so deeply ingrained and so pervasive that you aren't even aware of it. The most common cybersecurity paradigm we see is The Perimeter Paradigm: you build a virtual castle around your cyber resources and the...