Credo Cyber Consulting LLC

05/25/2026

Remembering all of the brave men and women who made the ultimate sacrifice for our freedom. 🇺🇸🇺🇸

04/21/2026

As a business owner, there is nothing more satisfying than seeing your logo in print. 🤩

02/10/2026

Are you guilty of Sharenting?

Don't feel bad, most of us are.

Sharenting, a portmanteau of "sharing" and "parenting," refers to the habitual practice of parents posting detailed information, images, and narratives about their children on social media platforms and digital channels without obtaining the child's informed consent. While the impulse to share parental pride is understandable and historically manifested through photo albums and family gatherings, the permanence, discoverability, and scale of digital sharing fundamentally alter the risk calculus.

Individual posts may appear benign in isolation. However, the "Mosaic Effect" demonstrates how small, seemingly insignificant details accumulate into a comprehensive profile that reveals sensitive information about habits, routines, and vulnerabilities.

The convergence of widely available AI tools and abundant training data, much of it inadvertently provided by parents, creates an environment where children's digital identities can be manipulated, weaponized, and exploited at scale.

The practice of sharenting intersects privacy ethics, security risk management, and long-term digital citizenship in ways that demand careful consideration and informed decision-making. As artificial intelligence capabilities continue to advance and threat actors develop increasingly sophisticated exploitation techniques, the information shared today about children will face security challenges we cannot yet fully anticipate.

Check out my latest blog post, "Shared Today, Stolen Tomorrow: Why Oversharing is a Security Risk for the Next Generation," to learn more about Sharenting and how it could potentially be another attack vector for your employees and your organization: https://credocyber.com/shared-today-stolen-tomorrow-why-oversharing-is-a-security-risk-for-the-next-generation/

For a deeper dive into Sharenting, pick up a copy of my book, "The Digital Citizen's Guide to Cybersecurity: How to be safe and empowered online": https://www.amazon.com/Digital-Citizens-Guide-Cybersecurity-Empowered/dp/1956464220

01/19/2026

If your IT team, cyber team, and physical security team aren’t talking daily… you’re leaving gaps (and wasting time)! 🛡️✨

Today’s incidents don’t stay in one lane:
• A badge system outage becomes a business continuity issue.
• A phishing click turns into an access control problem.
• A “door propped open” moment can be the start of a data breach.

Cross-trained, silo-free teams spot patterns faster, respond cleaner, and make smarter risk calls because everyone shares the same mission and threat picture. I am so excited to see more organizations moving toward this holistic approach!

A quick leadership move that helps: run one shared tabletop a quarter (cyber + facilities + security + comms) and measure handoffs, not just individual team performance.

I’d love to hear from you: what’s ONE barrier you can remove this quarter to get IT, cyber, and physical security operating like one team? 👇

01/13/2026

Approaching your organization's posture through mitigation is a great way to manage resources effectively and efficiently. Check out my latest LinkedIn article on Security Risk Management, where I share practical tips for integrating converged security risk management into your overall security program.

https://credocyber.com/security-risk-management-101-a-beginners-guide-to-mastering-mission-driven-protection/

In an era when organizational assets face unprecedented threats from digital adversaries and physical vulnerabilities, the imperative for systematic security risk management has never been more urgent.

10/03/2025

I am excited to share that for Cybersecurity Awareness Month, X-Factor Publishing's latest release From Chalk Dust to Digital Trust: A Guide in Data Privacy and Security for K-12 Leaders by Antoinette K. and Michelle Krieger will be out soon! Readers will find clear guidance on protecting student da...

10/01/2025

IT'S THAT TIME OF YEAR AGAIN...

Pumpkin spice lattes ☕, crisp apples🍎, and 💻!

Cybersecurity is not just an issue or even exclusively a corporate or organizational issue. Every single person who has access to the Internet needs to be educated and equipped to protect themselves. That was the inspiration for my first book: The Digital Citizen's Guide to Cybersecurity: How to stay safe and empowered online.

In the book, I provide actionable steps that can be taken by everyone to protect themselves and their from being exploited. I used to say that the "demographic" for my book is ages 8-100. But these days, kids as young as 5 are accessing the Internet through iPads that their parents give them. So... I have changed my sentiment to this book can benefit ANYONE capable of accessing the Internet. It is never too early to start educating young people about the dangers of the World Wide Web and how to engage online in a healthy way.

You can get your copy of my book on Amazon: https://a.co/d/harHauA

01/15/2025

The recent data breach at PowerSchool, a widely used educational technology platform that serves over 60 million students with more than 18,000 customers in nearly 100 countries, has compromised the personal information of numerous students and educators. This incident underscores the critical importance of implementing robust measures within educational institutions that include the monitoring of third-party suppliers and supply chain security.

Educational platforms are increasingly becoming targets for cyberattacks, given the sensitive data they handle and the vast attack surface. A breach not only jeopardizes personal information but also disrupts the educational process and erodes trust among students, parents, and educators.

To mitigate such risks, educational institutions should consider the following steps:

* Conduct Regular Security Audits: Identify and address vulnerabilities within systems to prevent potential breaches.

* Implement Comprehensive Security Policies: Establish clear guidelines for data protection and incident response.

* Invest in Advanced Security Technologies: Utilize tools that detect and prevent unauthorized access to sensitive information.

* Provide Ongoing Cybersecurity Training: Educate staff and students about best practices to recognize and avoid potential threats.

By proactively strengthening cybersecurity programs, educational institutions can better safeguard their communities against the evolving landscape of cyber threats.

Credo Cyber Consulting LLC can help your organization conduct an internal audit to determine vulnerabilities within your cybersecurity program and create a plan of action to remediate those vulnerabilities. We also specialize in cybersecurity training that is effective and impactful.

https://www.usatoday.com/story/news/education/2025/01/13/powerschool-data-breach-what-to-know-students/77667159007/

The company became aware of the data breach in late December and said it's continuing to operate normally.

11/20/2024

What a great education session this morning at on Emerging Threats and Future Trends: Navigating the Future of Cybersecurity. It was an honor sharing the stage with Joshua, Gary, and Mark.

Great conversation around securing security data, AI, Zero Trust, and securing the supply chain.

A special shout out to PSA Security Network for putting this group together.

Thank you Matt Barnette, Brittany Board , Mary O’Sullivan, Brooke Erickson, MSSL, and Karlie Turner for all of your support.

11/10/2023

In today's digital age, where technology is deeply intertwined with business operations, cybersecurity risk has emerged as a significant threat to organizations of all sizes. The digital landscape has evolved rapidly, offering numerous advantages, but it has also given rise to a host of vulnerabilit...