Resources

On January 5th, 2026, the NYS Intelligence Center sent a note stating that they were observing threat actors successfully using EDR evasion tools to hide their activities and extend their undetected access to networks in NYS. Once again, not marketing bullets, but technical facts.

The September NYS Intelligence Center Cyber Analysis Unit spotlight summary had some disturbing ransomware news that validated some things I have been saying for quite some time: “Automation is the most adopted and effective factor: 80% of the RaaS groups analyzed have some automation and AI in their platforms.

Threat actors are especially fond of your newest employees.   Often, there is either a public announcement or they post on LinkedIn or other social media, proudly announcing that they are joining your organization. The bad guys can then do some simple research on who their boss is and perhaps who their co-workers are.

Are the bad guys already living in your house, using your network and devices as members of a bot army to use your resources and bandwidth as a weapon against businesses, the US government, and the military? One of the “go to” techniques of threat actors is that when they see a geo block from […]

It has been said that 80% of the account compromises start with stolen credentials. I read the other day that Microsoft gets 4,000 attacks per second against its cloud accounts! Threat actors really want to be in your account. AI is helping them increase their odds of getting there.

Now that the Threat Actors are using AI to craft phishing emails, protecting your users has become increasingly more challenging. The attacks are too perfect. Your users can’t tell the difference. You and I probably can’t tell the difference either. Yet 70% of the bad things that reach your network most likely come via email.

This presentation provides a practical, analogy‑driven explanation of the major layers of modern cybersecurity protection—Antivirus, EDR, MDR, and XDR—focusing on how each level increases visibility, responsiveness, and proactive defense within an organization’s network.

The Summer Priorities 2025 presentation provides a comprehensive, task‑driven roadmap for strengthening district and organizational IT environments during the summer maintenance window. The guidance spans cybersecurity hardening, infrastructure maintenance, disaster recovery preparation, and operational cleanup.

The Google Bulk Mail Update presentation outlines the significant changes Google has implemented for bulk email senders and the impact those rules now have on school districts, municipalities, and organizations that send high‑volume email. It emphasizes how authentication standards, message reputation, and technical DNS configurations now directly influence deliverability and reliability.

“Living Through a Security Event” is a practical, experience‑driven presentation that walks organizations—especially K‑12 districts—through the realities of preparing for, responding to, and defending against cybersecurity incidents. It emphasizes legal considerations, communication strategy, cyber‑insurance obligations, and modern attack behaviors.