This article was originally published by Robert E. Johnson, III on LinkedIn — read it here.  There's a dangerous idea taking hold in the cybersecurity industry right now. It sounds modern. It sounds like progress. And it's incomplete.  ... Read More

Entropy Always Wins... Why Integrity Assurance Is Foundational to Cybersecurity This article was originally published by Robert E. Johnson, III  on LinkedIn — read it here. There is a question every organization should be asking more often: How do we know our systems are still what we believe them to be? ... Read More

Entropy Always Wins... Why Integrity Assurance Is Foundational to Cybersecurity This article was originally published by Robert E. Johnson, III  on LinkedIn — read it here. There is a question every organization should be asking more often: How do we know our systems are still what we believe them to be? ... Read More

Why AI-Accelerated Cyber Attacks Are Reshaping Security, And Why Integrity Monitoring Matters More Than Ever This article was originally published by Robert E. Johnson, III on LinkedIn — read it here.  The cybersecurity industry is entering a structural shift unlike anything we have seen before.  For years, offensive cyber capabilities were ... Read More

President Trump's Cyber Strategy for America makes a few things very clear: the United States must detect adversaries earlier, secure critical infrastructure, strengthen technology supply chains, and ensure that systems can recover rapidly after cyber incidents.  These goals appear throughout the strategy, but when viewed through a technical lens, they ... Read More

If you are running a strong EDR platform, you're doing something right. EDR is essential. It's great at detecting and responding to malicious activity: suspicious processes, behaviors, lateral movement, and indicators of compromise.  But here's the uncomfortable truth: EDR does not tell you, with certainty, whether your systems are still in ... Read More

The Rising Stakes in Critical Infrastructure Security Cybersecurity has traditionally been framed as an IT issue, protecting desktops, databases, and cloud platforms. But the real frontier is deeper. It's in the industrial systems that power our grids, drive our factories, safeguard our hospitals, and keep our transportation moving.  ... Read More

In a recent podcast interview with Cybercrime Magazine host, Heather Engel, Cimcor President and CEO, Robert E. Johnson, III discuss how organizations are starting to move away from treating IT operations and cybersecurity as two separate areas and are instead bringing them together by aligning service processes with security practices ... Read More

What is CVE-2025-53770, the "ToolShell" Zero-Day Vulnerability? On July 18, 2025, cybersecurity researchers uncovered a critical zero-day vulnerability impacting Microsoft SharePoint, known as CVE-2025-53770, or "ToolShell." This exploit, categorized as an unauthenticated remote code execution (RCE) flaw, quickly became a nightmare scenario for many organizations. Over 100 entities, including government ... Read More

The Cybersecurity Industry is in Trouble In recent years, several vendors with prominent brands have added "FIM" to their feature sets. The problem is that it's not real FIM. It's merely change monitoring, which produces little more than noise. It's painful to watch this unfold in our industry. It feels ... Read More