Happy Thanksgiving! From all of us at the Washington Center for Cybersecurity Research & Development....Have a safe and Happy Thanksgiving!

When, not if... The number of businesses through the nation is rather large. Many of these know they are regularly targeted. Too many of the remainder businesses are hoping that security by obscurity works. It does not. Small- and medium-businesses (SMB) are actively targeted by the attackers due to this lack of sufficient focus on Infosec. One symptom of this is a lack of a security policy, or one in place on the shelf with a large amount of dust due to a lack of any review

51% of SMBs attacked by ransomware according to survey By Carolyn Schrader It seems that no business is too small to be a target of ransomware. Ponemon Institute, a research company that focuses on information management topics, recently conducted a survey of small and mid-size businesses regarding ransomware attacks. The survey, sponsored by Carbonite, a cloud back-up company, found that 51% of the responding SMBs were attacked. Of the survey respondents, 30% of them had 200

Phishing: An International Issue  By Charles Parker The commonality of phishing is its efficiency in successful attacks from an ROI perspective. As this has worked so well in the US and other areas, the international application of this method of attack will continue to grow. This has also been an increasing issue for Canada.   Recently, to assist in decreasing the opportunities for successful attacks, a set of training ideas had been advanced. These included what is and is n

Vulnerabilities in Many Forms By Charles Parker II Vulnerabilities are from many sources. One familiar source of these issues occurs with the output from scan reports listing items needing to be reviewed. Another source of constant issues for the Admins and CISOs are the users. This source is generally unintentional (clicking on links, files, etc. from emails). At times this detrimental activity may be intentional and directed. Within the last six months there has been two ca

Connected Cities: More Areas and Vulnerabilities to Monitor By Charles Parker IoT has been notable in the news over the last two years. The focus has been the connected home/lights turning on/off or colors, thermostats, coffeemakers, refrigerators, and other equipment. One area somewhat ignored in the current research has been the cities. This would manifest itself into the cameras located on the streets monitoring movements and actions, microphones to triangulate where noise

The Generic Blanket Training is not Appropriate or Effective By Charles Parker Every year corporations and businesses go through the annual, employee dreaded security training. Their eyes become glazed over and the staff’s mouths slowly begin to open even so slightly as the physical manifestations of the apathy being to appear.   To simply check the box that the training had been without usability focus is a fallacy of actual security. The training needs to be different from

By Charles Parker II One area which has been explored, but not as extensively as it deserves, is the insider threats. This is not limited...

HIPAA: Compliance with Many Areas to Monitor By Charles Parker II The HIPAA regulation is a rather expansive regulation. With all of the...

Hacking Continues to Follow Economic Models By Charles Parker In economics, there are the basic supply and demand curves. As these move...