Abnormal Blog
Mike Britton
Chief Information Security Officer
Mike Britton is the CISO of Abnormal Security, where he leads information security and privacy programs. Prior to Abnormal Security, Mike spent the last six years as the CSO and Chief Privacy Officer for Alliance Data. He brings 25 years of information security, privacy, compliance, and IT experience from a variety of Fortune 500 global companies. He holds an MBA with a concentration in Information Assurance from the University of Dallas.
Explore why account takeover attacks pose a major threat to enterprises and why multi-factor authentication (MFA) alone isn't enough to prevent them.
Advanced attacks targeting state and local governments are increasing. Discover what our research revealed about this alarming trend.
Attackers attempt to steal payment information by posing as UPS and FedEx and sending fake shipment notifications about a pending delivery.
Discover the dangers of cross-platform account takeover, the challenges of detecting this attack, and how to implement proactive protection against ATO.
Explore the biggest takeaways from the 2023 FBI IC3 Report, including the steady increase in losses due to business email compromise (BEC).
In this Vision 2024 CISO panel recap, Mike Britton shares some of the biggest takeaways from his conversation with industry-leading CISOs.
Energy and infrastructure organizations face an increased risk of business email compromise and vendor email compromise attacks. Learn more.
Discover the most engaging phishing email subjects, according to Abnormal data, and how to protect your organization from these scams.
Discover key cybersecurity strategies for protecting your organization against emerging email threats in 2024.
See how attackers are using generative AI in their email attacks to bypass email security solutions and trick employees.
Explore the intricacies of this BazarCall phishing attack that uses a Google Form for heightened authenticity.
This Disney+ scam email uses brand impersonation and personalization to send a convincing fake subscription charge notice.
Attackers attempt to solicit fraudulent donations via cryptocurrency transfers under the guise of collecting donations for children in Palestine.
Attackers capitalize on the Bittrex bankruptcy by targeting customers with a convincing credential phishing attack.
Interested in charting a course toward becoming a CISO? Here are 12 tips to help you on your journey.
It’s the 20th anniversary of Cybersecurity Awareness Month! Make sure your workforce is prepared to combat emerging threats with these 5 tips.
Email attacks like BEC against the healthcare industry are on the rise in 2023. Protect yourself with sophisticated cloud-native email security.
Scams about the Nigerian Prince that promise millions have been around for decades. But they are transitioning, now using ChatGPT and similar tools to seem more convincing.
It’s 2023 but not much has changed in phishing, as brand impersonation remains an attacker favorite.
Discover how one threat actor compromised five vendor organizations to commit the same invoice fraud attack against more than a dozen victims.
Discover key cybersecurity takeaways from last week’s email breach on federal agencies by a Chinese APT group.
Business collaboration tools help employees with productivity and communication. But they can also present a number of cybersecurity risks for your business.
Businesses need to stay ahead of malicious apps, social engineering, and more to keep their emails safe.
Learn the biggest risks associated with your vendor relationships and how to protect your organization from Vendor Email Compromise (VEC) attacks.
Abnormal research into an advanced Israel-based threat group puts a spotlight on the continuing rise of BEC attacks.
Happy World Password Day! Learn why good password hygiene is important for every employee and how to reduce the risk of account takeovers.
Hear what the CISOs at Abnormal Security, Wiz, Rubrik, and Noname Security have to say about the biggest security challenges modern organizations face.
Discover more about collaboration app attacks and how to protect your organization from this emerging threat.
Celebrate Identity Management Day by learning more about the latest practices, tools, and techniques to keep your data secure.
Vendor email compromise is expensive. See how Abnormal protected our customer from a $36 million invoice fraud attack.
Learn why executives are popular targets for account takeovers, the consequences of a successful takeover, and how organizations can prevent these attacks.
Discover the biggest takeaways about business email compromise, pig butchering, and phishing from the 2022 FBI Internet Crime Report.
Learn how validating your tools, ensuring ROI, and extracting the optimal benefits from your investment can help protect you from cyberattacks in 2023.
Our Modern Email Attacks series has wrapped! Here are some of the biggest takeaways from Chris Krebs, Troy Hunt, and Theresa Payton.
Allowing remote work improves engagement and retention, but it also increases your attack surface. Here’s how to protect your distributed workforce.
Learn how threat actors execute email account takeovers, how they exploit compromised accounts, and what you can do to reduce your risk.
Credential phishing attacks can lead to loss of revenue, loss of data, and long-term reputational damage. Learn why these attacks are successful and how to block them.
Learn about the most common socially-engineered attacks and why these tactics are still so successful—despite a growing awareness from employees.
The email threat landscape is evolving fast. Discover the new tactics cybercriminals are using and how to reduce your risk of falling victim to these modern email attacks.
Successful phishing attacks have increased by 34% in the last year, making it the most common email attack. Learn why phishing is so dangerous.
January 28th is Data Privacy Day, where individuals and organizations alike can take part in the international effort to safeguard privacy and data.
We've arrived at that time of year—a time for reflection and celebration and spending time with family, and also that time of year where the cyber grinches hope to spoil the holiday fun.
While cybersecurity awareness is a year-round venture, it is especially important to be mindful during certain times of the year. With Thanksgiving here in the United States on Thursday, our thoughts will likely be on our family and friends and everything we have to be thankful for this holiday season.
As we close the books on another Cybersecurity Awareness Month, it’s clear that cybersecurity should be a priority all twelve months—not just one. To do so, security teams should emphasize practical tools (the what) and techniques (the how) to keep the company and employees safe.
As with every equation, there are always two sides and while it can be easy to blame users when they fall victim to scams and attacks, we also need to examine how we build and staff security teams.