Welcome!

I'm so glad you are here.

Although the Internet is an amazing resource for information, shopping, and socializing, it has become filled with scams, theft, and malware designed for a single purpose: to empty your wallets, investment accounts, and company coffers of hard earned cash.

The Surveillance Economy thrives on personal data you give up each time you visit a web site. Google and Facebook are giants gathering, packaging and selling your personal data every day. Online advertisers are bidding to buy data about you so they can earn money by serving you advertisements at virtually every site you visit online. Your personally identifiable information (PII) is under constant attack and stolen almost daily from companies with weak security practices you trusted to keep PII safe. Your passwords have been stolen and are likely being used to break in to sites that store your money and private data right now.

Anyone claiming to fix it all and make it completely safe for you is another scam artist ready to take your money and run.

My reason for being here is to educate you about how data breaches affect you and how you can become a "hard target" to keep scammers, malware, and data harvesters at bay. You'll learn how to make it harder for them to get your data so you can retain as much privacy as you can in today's online minefield. You'll understand how newsworthy data breaches affect you and what actions you can take to minimize your losses. Scammers, criminals, and unscrupulous data brokers look for easy targets. Become an online porcupine of deterrence.

Here's my deal: I'll give you news reports and understanding of the effects so you can take corrective actions to protect yourself, your family, and your company. You'll receive information about tools and techniques scammers are using to steal for money and data and what you can do to reduce your risk of becoming their next victim. We don't live in a vacuum; regulators and lawmakers must hear from you to make changes so I'll provide issues you can use to inform your elected representatives to update statutes and regulations for online protections.

Why subscribe?

You'll receive free:

Data breach news reports, how the breach effect you, and how to reduce your risk from exposed data.
Commentary on how Artificial Intelligence is reshaping our daily online activities
Notes and commentary on topical issues that affect your online activities
Pictures and short vignettes of my cat Tigre the Tiger Tabby

If you become a paid subscriber, you'll also be able to:

Comment and join a community of everyday people sharing experiences with each other and how they are making themselves online porcupines.
Periodic "Ask the Ace" Q&A sessions for you to get your questions answered about online risk reduction
Checklists and tools to harden your web browser that reduce and obscure personal data so you can retain more of your privacy online
Processes for interacting with your email and social media activities to reduce your risk of triggering malware that can steal your data, money, and encrypt or destroy your devices
Alerts about new online threats and corrective actions to implement to reduce your risk of attack and loss

Who I am

I started my IT career over 30 years ago building high performance UNIX computer aided design (CAD) networks for semiconductor engineers in Silicon Valley, CA.

I transitioned into Internet engineering and communications in the mid-1990's and am a veteran of the year 2000 scare. In early 2000, computer worms became a problem, and I transitioned into computer network security.

In 2005, credit card data breaches were all over the news and I landed a job at Visa in the department responsible for compliance with their Cardholder Data Security Program where I reviewed audit reports of companies that processed Visa credit cards. In 2007 I moved into full-time credit card data security, auditing complex ecommerce networks for the next 15 years.

I've audited networks for Fortune 100 companies in the U.S.A. and traveled extensively to Europe, Mexico, the Caribbean, and South America working in cybersecurity.

Professional Certifications

ISACA Certified Information Security Manager (CISM)
ISACA Certified Information System Auditor (CISA)
ISC2 Certified Information System Security Professional (CISSP)
ISC2 Certified Cloud Security Professional (CCSP)
CompTIA Secure Cloud Professional (CSCP)
CompTIA Cloud+
CompTIA CTT+ Classroom Trainer (cert retired 2023)
CompTIA Security+
Microsoft AZ-900, Azure Fundamentals
Microsoft AI-900, Azure AI Fundamentals
Microsoft MCSE Server 2003, Security – (cert retired 2020)
PCI Professional (PCIP #320004)
Toastmasters International Dynamic Leadership Proficient
Toastmasters International Competent Communicator

I'm an amateur photographer - my father gave me my first camera at age 12. You can see my photo work at my other Substack Paul's Visual Arts.

I am a Contributing Author and Photographer at TASTE | Pacific Northwest, Linda Naylor's food and travel Substack. Learn how to steam artichokes here.

Are you ready to be an online porcupine? Smash the Subscribe button below now! Already a subscriber? Upgrade to Paid and grow sharper porcupine quills to poke those data harvesters and scammers!

Subscribe to Essential Risk Management

Keeping individuals and organizations safe online by arming your with knowledge, processes, and tools for proactive self-defense.

People

Paul Caloca - EssentialRiskMgt

@paulcaloca1

Keeping individuals and organizations safe online by arming you with knowledge, processes, and tools for proactive self-defense.

Paul Caloca

@pcaloca

Sharing my photography of nature, culinary arts, and the beauty of the Pacific Northwest. Food, drink, family & friends, travel, photographing the world one day at a time. Collaborator on Pacific Northwest Experiences publication.