Sign up to save your podcasts
Or
Share Why Most Cybersecurity Breaches Still Happen
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Why Most Cybersecurity Breaches Still Happen
Most cybersecurity breaches don’t happen because of sophisticated hackers—they happen because of basic mistakes.
In this episode of Gaining the Technology Leadership Edge, Mike sits down with cybersecurity consultant Mike Andrews of Yastis to break down why the majority of security incidents still rely on phishing, weak authentication, and poor access controls. Drawing from over 20 years in the Department of Defense and private-sector consulting, Mike explains how attackers consistently exploit human processes rather than advanced technical flaws.
Using real-world examples like the MGM breach, the conversation shows how social engineering and inadequate help desk verification can bring down even the largest organizations. Mike outlines practical steps businesses can take to reduce risk, including strong multi-factor authentication, proper network segmentation, least-privilege access, validated backups, and incident response planning.
The episode also compares government and private-sector security approaches, highlighting why continuous monitoring, formal compliance practices, and perimeter awareness make such a difference. Importantly, Mike explains why cybersecurity is accessible even for small and mid-sized businesses—and why budget is rarely the real barrier.
This episode is essential listening for technology leaders, founders, and executives who want to understand real cybersecurity risks, avoid common pitfalls, and protect their organizations without overcomplicating the solution.
View all episodes
By Mike MahonyMost cybersecurity breaches don’t happen because of sophisticated hackers—they happen because of basic mistakes.
In this episode of Gaining the Technology Leadership Edge, Mike sits down with cybersecurity consultant Mike Andrews of Yastis to break down why the majority of security incidents still rely on phishing, weak authentication, and poor access controls. Drawing from over 20 years in the Department of Defense and private-sector consulting, Mike explains how attackers consistently exploit human processes rather than advanced technical flaws.
Using real-world examples like the MGM breach, the conversation shows how social engineering and inadequate help desk verification can bring down even the largest organizations. Mike outlines practical steps businesses can take to reduce risk, including strong multi-factor authentication, proper network segmentation, least-privilege access, validated backups, and incident response planning.
The episode also compares government and private-sector security approaches, highlighting why continuous monitoring, formal compliance practices, and perimeter awareness make such a difference. Importantly, Mike explains why cybersecurity is accessible even for small and mid-sized businesses—and why budget is rarely the real barrier.
This episode is essential listening for technology leaders, founders, and executives who want to understand real cybersecurity risks, avoid common pitfalls, and protect their organizations without overcomplicating the solution.