Josh Moulin
@joshmoulin.bsky.social
Leading Natsar, LLC to boost global cybersecurity maturity. Past: SVP @ CIS, CIO/CISO @ Nevada National Security Site, Executive Partner @ Gartner, Law Enforcement Cybercrimes Task Force Commander.
Cyber incidents don’t always start online. Physical access, facilities, and operational environments often play a role. I help organizations evaluate where physical and cyber security intersect — and where gaps exist. #PhysicalSecurity #CyberRisk buff.ly/XiOIP2l
Natsar Services | Natsar
Natsar offers cybersecurity services for individuals and organizations, including risk management, incident response, digital forensics, vCISO support, and coaching—tailored to help you build…
buff.ly
January 29, 2026 at 4:03 PM
Cyber incidents don’t always start online. Physical access, facilities, and operational environments often play a role. I help organizations evaluate where physical and cyber security intersect — and where gaps exist. #PhysicalSecurity #CyberRisk buff.ly/XiOIP2l
Cybersecurity conversations fail when leaders don’t get clear, actionable insight. I provide executive and board briefings that translate cyber risk, readiness, and exposure into decisions leaders can act on. #ExecutiveLeadership #BoardGovernance buff.ly/wsc0B1j
Executive and Board Briefings | Natsar
Equip your leadership team with expert cybersecurity briefings from Natsar. Empower informed decision-making and strengthen governance.
buff.ly
January 28, 2026 at 4:03 PM
Cybersecurity conversations fail when leaders don’t get clear, actionable insight. I provide executive and board briefings that translate cyber risk, readiness, and exposure into decisions leaders can act on. #ExecutiveLeadership #BoardGovernance buff.ly/wsc0B1j
Mergers, acquisitions, and major business changes introduce cyber risk that’s often overlooked. I help organizations identify and manage security exposure before it becomes a costly post-deal surprise. #MergersAndAcquisitions #CyberRisk #DueDiligence #BusinessSecurity www.natsar.com/consulting
Natsar Services | Natsar
Natsar offers cybersecurity services for individuals and organizations, including risk management, incident response, digital forensics, vCISO support, and coaching—tailored to help you build…
www.natsar.com
January 27, 2026 at 4:03 PM
Mergers, acquisitions, and major business changes introduce cyber risk that’s often overlooked. I help organizations identify and manage security exposure before it becomes a costly post-deal surprise. #MergersAndAcquisitions #CyberRisk #DueDiligence #BusinessSecurity www.natsar.com/consulting
Cybersecurity risk isn’t just technical — it’s a leadership and governance issue. I work with executives to translate cyber risk into decisions that align with business priorities and real-world constraints. #CyberLeadership #RiskManagement #Cybersecurity buff.ly/HpgNTj9
vCISO Services | Natsar
Boost your business's cybersecurity with Natsar's vCISO services, offering over 20 years of executive and technical expertise. Elevate security, protect your brand, and achieve cybersecurity maturity…
buff.ly
January 26, 2026 at 4:03 PM
Cybersecurity risk isn’t just technical — it’s a leadership and governance issue. I work with executives to translate cyber risk into decisions that align with business priorities and real-world constraints. #CyberLeadership #RiskManagement #Cybersecurity buff.ly/HpgNTj9
Compliance doesn’t have to be overwhelming. I help utilities assess risk, build practical compliance roadmaps, and strengthen cybersecurity programs that meet DOH and DEC requirements. #CyberCompliance #WaterUtilities #CyberResilience #PublicInfrastructure www.natsar.com/water
Cybersecurity for Public Water and Wastewater Systems | Natsar
Protect your water utility from cyber threats. Natsar provides expert, compliant, and practical cybersecurity solutions for public water and wastewater systems.
www.natsar.com
January 22, 2026 at 4:03 PM
Compliance doesn’t have to be overwhelming. I help utilities assess risk, build practical compliance roadmaps, and strengthen cybersecurity programs that meet DOH and DEC requirements. #CyberCompliance #WaterUtilities #CyberResilience #PublicInfrastructure www.natsar.com/water
Some cybersecurity requirements for New York utilities will take effect immediately once adopted. Early planning — assessments, training, and incident reporting — can reduce operational and budget strain later. #WaterSecurity #RiskManagement buff.ly/xRK1rbX
January 21, 2026 at 4:03 PM
Some cybersecurity requirements for New York utilities will take effect immediately once adopted. Early planning — assessments, training, and incident reporting — can reduce operational and budget strain later. #WaterSecurity #RiskManagement buff.ly/xRK1rbX
DOH and DEC cybersecurity rules share common goals but differ in scope, timelines, and training requirements. Understanding which rules apply to your system is critical to staying compliant. #CyberRisk #WaterSector #RegulatoryCompliance #Cybersecurity
www.natsar.com/water
www.natsar.com/water
January 20, 2026 at 4:05 PM
DOH and DEC cybersecurity rules share common goals but differ in scope, timelines, and training requirements. Understanding which rules apply to your system is critical to staying compliant. #CyberRisk #WaterSector #RegulatoryCompliance #Cybersecurity
www.natsar.com/water
www.natsar.com/water
New York is moving toward mandatory cybersecurity requirements for water and wastewater utilities. DOH and DEC proposals signal a shift from guidance to enforceable expectations for critical infrastructure. #Cybersecurity #WaterUtilities #CyberCompliance #CriticalInfrastructure www.natsar.com/water
January 19, 2026 at 4:03 PM
New York is moving toward mandatory cybersecurity requirements for water and wastewater utilities. DOH and DEC proposals signal a shift from guidance to enforceable expectations for critical infrastructure. #Cybersecurity #WaterUtilities #CyberCompliance #CriticalInfrastructure www.natsar.com/water
Third-party breaches often expose sensitive employee and operational data. I help organizations evaluate vendor access, clarify accountability, and reduce supply-chain cyber risk before incidents spread. #ThirdPartyRisk #SupplyChainSecurity #CyberRisk #Cybersecurity www.natsar.com/it-and-cyber...
IT & Cyber Program Assessments / Audits | Natsar
Natsar delivers independent cybersecurity program assessments and audits against CMMC, NIST, CIS, HIPAA, SOC 2, ISO, CJIS, CISA CPGs, NYS DFS, and more. Trusted in national security and by…
www.natsar.com
January 15, 2026 at 4:04 PM
Third-party breaches often expose sensitive employee and operational data. I help organizations evaluate vendor access, clarify accountability, and reduce supply-chain cyber risk before incidents spread. #ThirdPartyRisk #SupplyChainSecurity #CyberRisk #Cybersecurity www.natsar.com/it-and-cyber...
Korean Air confirms a data leak affecting ~30,000 current and former staff after the Cl0p gang targeted a catering partner. Airline ecosystems and connected suppliers remain attractive targets. #CyberNews #DataLeak #ThirdPartyRisk #Cybersecurity hackread.com/30000-korean...
30,000 Korean Air Employee Records Stolen as Cl0p Leaks Data Online
hackread.com
January 14, 2026 at 4:02 PM
Korean Air confirms a data leak affecting ~30,000 current and former staff after the Cl0p gang targeted a catering partner. Airline ecosystems and connected suppliers remain attractive targets. #CyberNews #DataLeak #ThirdPartyRisk #Cybersecurity hackread.com/30000-korean...
Phishing campaigns increasingly abuse trusted platforms to bypass technical controls. I help organizations train teams to recognize sophisticated social engineering tactics before a click turns into an incident. #Phishing #SecurityTraining #CyberAwareness #CyberRisk www.natsar.com/tabletop-exe...
Cybersecurity and Crisis Tabletop Exercises | Natsar
Strengthen your cyber resilience with Natsar's customized tabletop exercises. Identify gaps, refine your response, and boost organizational readiness.
www.natsar.com
January 13, 2026 at 4:02 PM
Phishing campaigns increasingly abuse trusted platforms to bypass technical controls. I help organizations train teams to recognize sophisticated social engineering tactics before a click turns into an incident. #Phishing #SecurityTraining #CyberAwareness #CyberRisk www.natsar.com/tabletop-exe...
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails that impersonate legitimate Google messages. Trusted cloud services can be weaponized to evade detection. #CyberNews #Phishing #CloudSecurity #ThreatLandscape securityaffairs.com/186425/cyber...
Phishing campaign abuses Google Cloud Application to impersonate legitimate Google emails
securityaffairs.com
January 12, 2026 at 4:04 PM
Researchers uncovered a phishing campaign abusing Google Cloud Application Integration to send emails that impersonate legitimate Google messages. Trusted cloud services can be weaponized to evade detection. #CyberNews #Phishing #CloudSecurity #ThreatLandscape securityaffairs.com/186425/cyber...
Regulatory failures often stem from unclear policies and weak governance. I help organizations align policies and oversight so data protection obligations are understood and followed.
#DataGovernance #Compliance #CyberRisk www.natsar.com/consulting
#DataGovernance #Compliance #CyberRisk www.natsar.com/consulting
Natsar Services | Natsar
Natsar offers cybersecurity services for individuals and organizations, including risk management, incident response, digital forensics, vCISO support, and coaching—tailored to help you build…
www.natsar.com
January 8, 2026 at 4:01 PM
Regulatory failures often stem from unclear policies and weak governance. I help organizations align policies and oversight so data protection obligations are understood and followed.
#DataGovernance #Compliance #CyberRisk www.natsar.com/consulting
#DataGovernance #Compliance #CyberRisk www.natsar.com/consulting
The DOJ announced Disney will pay a $10M civil penalty over COPPA violations tied to its YouTube content. Data protection obligations extend beyond security incidents to how organizations handle sensitive user data. #CyberNews #DataPrivacy #COPPA #RegulatoryRisk hackread.com/disney-fine-...
Disney Fined $10M for Violating Children’s Privacy Laws on YouTube
hackread.com
January 7, 2026 at 4:03 PM
The DOJ announced Disney will pay a $10M civil penalty over COPPA violations tied to its YouTube content. Data protection obligations extend beyond security incidents to how organizations handle sensitive user data. #CyberNews #DataPrivacy #COPPA #RegulatoryRisk hackread.com/disney-fine-...
When government agencies rely on third parties, visibility into risk matters. I help organizations assess cyber programs, identify gaps, and strengthen defenses before attackers exploit them. #CyberRisk #ThirdPartyRisk #SecurityAssessments #Cybersecurity www.natsar.com/it-and-cyber...
IT & Cyber Program Assessments / Audits | Natsar
Natsar delivers independent cybersecurity program assessments and audits against CMMC, NIST, CIS, HIPAA, SOC 2, ISO, CJIS, CISA CPGs, NYS DFS, and more. Trusted in national security and by…
www.natsar.com
January 6, 2026 at 4:02 PM
When government agencies rely on third parties, visibility into risk matters. I help organizations assess cyber programs, identify gaps, and strengthen defenses before attackers exploit them. #CyberRisk #ThirdPartyRisk #SecurityAssessments #Cybersecurity www.natsar.com/it-and-cyber...
Sedgwick confirmed a cyberattack after a ransomware group claimed it compromised Sedgwick Government Solutions. Third-party providers supporting government agencies remain high-value targets. #CyberNews #Ransomware #ThirdPartyRisk #Cybersecurity www.securityweek.com/sedgwick-con...
Sedgwick Confirms Cyberattack on Government Subsidiary
Hackers have compromised a file transfer system at Sedgwick’s subsidiary that serves government agencies.
ift.tt
January 5, 2026 at 11:00 PM
Sedgwick confirmed a cyberattack after a ransomware group claimed it compromised Sedgwick Government Solutions. Third-party providers supporting government agencies remain high-value targets. #CyberNews #Ransomware #ThirdPartyRisk #Cybersecurity www.securityweek.com/sedgwick-con...
I help higher ed and nonprofit teams strengthen their defenses against phishing, vishing, and social engineering. One call can cost you more than you think. #CyberAwareness #RiskManagement #HigherEd #SecurityTraining www.natsar.com/tabletop-exe...
Cybersecurity and Crisis Tabletop Exercises | Natsar
Strengthen your cyber resilience with Natsar's customized tabletop exercises. Identify gaps, refine your response, and boost organizational readiness.
www.natsar.com
December 30, 2025 at 4:02 PM
I help higher ed and nonprofit teams strengthen their defenses against phishing, vishing, and social engineering. One call can cost you more than you think. #CyberAwareness #RiskManagement #HigherEd #SecurityTraining www.natsar.com/tabletop-exe...
A vishing attack on Harvard exposed contact, donation, and biographical data from its alumni systems. Phone-based threats are real—and evolving. #Vishing #CyberSecurity #DataBreach #HigherEd securityaffairs.com/185034/secur...
Harvard reports vishing breach exposing alumni and donor contact data
Harvard Alumni Affairs systems suffered a vishing breach, exposing emails, phone numbers, addresses, donation data and biographical info.
securityaffairs.com
December 29, 2025 at 4:01 PM
A vishing attack on Harvard exposed contact, donation, and biographical data from its alumni systems. Phone-based threats are real—and evolving. #Vishing #CyberSecurity #DataBreach #HigherEd securityaffairs.com/185034/secur...
I help defense teams train for threats beyond the keyboard—like social engineering and targeted influence. Know what to look for. Prepare your people. #DefenseCyber #OPSEC #Training #ThreatAwareness www.natsar.com/tabletop-exe...
Cybersecurity and Crisis Tabletop Exercises | Natsar
Strengthen your cyber resilience with Natsar's customized tabletop exercises. Identify gaps, refine your response, and boost organizational readiness.
www.natsar.com
December 26, 2025 at 4:02 PM
I help defense teams train for threats beyond the keyboard—like social engineering and targeted influence. Know what to look for. Prepare your people. #DefenseCyber #OPSEC #Training #ThreatAwareness www.natsar.com/tabletop-exe...
The Army warns that adversaries are posing as fake recruiters and companies to target military personnel and families. Social engineering isn’t just online—it’s operational. #OPSEC #CyberSecurity #MilitaryIntel #SocialEngineering www.nextgov.com/defense/2025...
Foreign spies are targeting Army soldiers, civilians and families, official warns
Current and former federal workers, especially those with security clearances, should be aware of the attempts, an Army intelligence chief said in a November memo.
www.nextgov.com
December 24, 2025 at 4:02 PM
The Army warns that adversaries are posing as fake recruiters and companies to target military personnel and families. Social engineering isn’t just online—it’s operational. #OPSEC #CyberSecurity #MilitaryIntel #SocialEngineering www.nextgov.com/defense/2025...
I help companies assess third-party risks and reduce exposure to targeted ransomware campaigns like the Oracle EBS breach. Vendor security matters. #VendorRisk #RansomwareDefense #CyberSecurity #IncidentResponse www.natsar.com/consulting
Natsar Services | Natsar
Natsar offers cybersecurity services for individuals and organizations, including risk management, incident response, digital forensics, vCISO support, and coaching—tailored to help you build…
www.natsar.com
December 23, 2025 at 4:03 PM
I help companies assess third-party risks and reduce exposure to targeted ransomware campaigns like the Oracle EBS breach. Vendor security matters. #VendorRisk #RansomwareDefense #CyberSecurity #IncidentResponse www.natsar.com/consulting
Cl0p ransomware actors added over 100 victims to their leak site—including a Canon subsidiary—after exploiting Oracle EBS systems. Ransomware actors are getting bolder. #Ransomware #Cl0p #OracleEBS #Cybersecurity www.securityweek.com/canon-says-s...
Canon Says Subsidiary Impacted by Oracle EBS Hack
More than 100 alleged victims of the Oracle EBS campaign have been added to the Cl0p ransomware website.
www.securityweek.com
December 22, 2025 at 4:03 PM
Cl0p ransomware actors added over 100 victims to their leak site—including a Canon subsidiary—after exploiting Oracle EBS systems. Ransomware actors are getting bolder. #Ransomware #Cl0p #OracleEBS #Cybersecurity www.securityweek.com/canon-says-s...
I help engineering firms assess cyber risks tied to global operations and partnerships. Threat actors are watching—be ready. #CyberResilience #EngineeringSecurity #CyberRisk #InfrastructureSecurity www.natsar.com/it-and-cyber...
IT & Cyber Program Assessments / Audits | Natsar
Natsar delivers independent cybersecurity program assessments and audits against CMMC, NIST, CIS, HIPAA, SOC 2, ISO, CJIS, CISA CPGs, NYS DFS, and more. Trusted in national security and by…
www.natsar.com
December 18, 2025 at 4:02 PM
I help engineering firms assess cyber risks tied to global operations and partnerships. Threat actors are watching—be ready. #CyberResilience #EngineeringSecurity #CyberRisk #InfrastructureSecurity www.natsar.com/it-and-cyber...
A U.S. engineering firm was targeted by Russian hackers for its work with a Ukrainian sister city. Cyber threats now follow geopolitical ties—are you prepared? #CyberThreats #Engineering #Geopolitics #CyberSecurity www.securityweek.com/russian-hack...
Russian Hackers Target US Engineering Firm Because of Work Done for Ukrainian Sister City
The attack on the engineering firm was identified by Arctic Wolf in September before it could disrupt the engineering company’s operations or spread further.
www.securityweek.com
December 17, 2025 at 4:04 PM
A U.S. engineering firm was targeted by Russian hackers for its work with a Ukrainian sister city. Cyber threats now follow geopolitical ties—are you prepared? #CyberThreats #Engineering #Geopolitics #CyberSecurity www.securityweek.com/russian-hack...
I help colleges and universities prepare for and recover from cyberattacks. From incident response to forensic support, it’s about protecting what matters most. #Cybersecurity #IncidentResponse #HigherEducation #CyberResilience www.natsar.com/digital-fore...
Digital Forensics and Incident Response | Natsar
Expert digital forensics and incident response services for businesses, governments, and law firms. Trusted support for investigations, breaches, and litigation.
www.natsar.com
December 16, 2025 at 4:02 PM
I help colleges and universities prepare for and recover from cyberattacks. From incident response to forensic support, it’s about protecting what matters most. #Cybersecurity #IncidentResponse #HigherEducation #CyberResilience www.natsar.com/digital-fore...