Andrew Johnston

Andrew Johnston

Principal Consultant

Andrew Johnston is a Principal Consultant at Mitiga where he leads complex client engagements in the incident response and breach readiness space. Drawing on twelve years of experience in cybersecurity, Andrew has worked with clients both in an incident response capacity as well as performing proactive services. In addition to his private sector work, Andrew has served with the Federal Bureau of Investigation in the Cyber and Counterterrorism divisions where he performed field work and provided technical expertise to criminal and national security investigations. Prior to Mitiga, Andrew also worked with both Mandiant and Booz Allen Hamilton where he provided proactive services to Fortune 50 and government clients. Andrew is an Adjunct Professor at Fordham University’s Graduate School of Arts and Sciences where he teaches courses on IoT security and red teaming exercises. Andrew holds Bachelor’s degrees in Applied Mathematics and Computer Science, as well as a Master’s degree in Cybersecurity from Fordham University.

An Easy Misconfiguration to Make: Hidden Dangers in the Cloud Control Plane

The biggest risk in cloud development is not recognizing the differences between cloud and traditional definitions of common architecture terms. For example, imagine a system that is completely “firewalled off”—a firewall prevents any inbound or outbound connections from the machine.

What is the Spring4Shell exploit? An overview of the Spring vulnerability

Spring is a Java framework for dependency injection and Model-View-Controller (MVC) web development. Spring is a very popular framework; over 6,000 other libraries use the "spring-beans" library (according to Maven Central). Spring4Shell, a new exploit in Spring, was just disclosed.

How a Cybersecurity Awareness Program Can Empower Employees and Increase Security

Cybersecurity awareness is different from other types of cybersecurity. In cybersecurity there is certainly awareness and training, but technology and policies are also in place to help manage risks, assist in prevention, and detect anomalies. However, the common and often easy initial access vector remains users.

Lacking readiness, massive Twitch.tv breach may be a win for competitors

What seems clear now is that Twitch simply wasn’t ready for an attack. Twitch claims that this latest incident was “a result of a server configuration change that allowed improper access by an unauthorized third party.”