Tax time frauds can harm small businesses By Carolyn Schrader Tax filing due date for individuals is April 18th this year, which is soon approaching. The IRS recently alerted taxpayers to be watchful for last-minute phishing email scams. Cybercriminals continue to send phishing emails requesting employee W2 information. They are also sending scam emails to tax preparers asking for a change of disbursement of refunds to a prepaid debit card or to a different bank account.   Sc

WCC14 Domain name privacy for small businesses By Carolyn Schrader  Domain names are a must-have in today’s business world. Many businesses own multiple names, even if they only use one actual website. Some businesses neglect to ensure privacy of the registration information, unfortunately. A personal address, email address or phone number are visible to anyone looking, unless the WHOIS data is marked private.   What is WHOIS?   WHOIS is a protocol used on the Internet. It is

Cyber-Vigilantism By Charles Parker There have been a number of scams perpetrated over the years. These have preyed on the elderly, less than tech savvy, grandparents, and others. They could steal intellectual property, money, staff member data and information, or simply be an annoyance. This could cost thousands of dollars and hours upon hours of work to correct. The effects could last years.   With all of the cost, stress, and anxiety this generally causes, people affected

PDFs: Still be wary By Charles Parker Phishing is no different than other attack methodologies. These evolve over time. Initially the attack may be a bit unsophisticated and rough. These attacks tend to work for a bit, until a defense is put in place. At this point, the attack improves its operations or mode of attack, much like a business would improve its operations if the need presented itself.   Phishing has exhibited this trait as well. Phishing began, and to an extent,

Even Non-Profits are Targeted By Charles Parker To an attacker, data is data. It is a commodity to look for, breach a target for, steal, and sell. The focus and process itself is not that complicated. The target data is the same for a profit and non-profit. The difference to the attacker though is the non-profit may not have the ability to put a full defense-in-depth in place to secure its enterprise.   A specific, troubling issue affecting the non-profits has been social eng

Preparing for an Attack & Breach By Charles Parker The attackers have branched out and are no longer merely focusing on one or two industries, such as DoD contractors or hospitals. This is partially due to their business model and ease of use, especially with ransomware. The revenue driven by these activities continues to grow. At this junction, it is prudent to plan for an attack and breach. With this completed and periodically updated, the enterprise and operations would be

Cloud Computing and HIPAA Guidelines By Dr. James Angle As healthcare organizations across the country scramble to take advantage of the power of the cloud, Health and Human Services (HHS) is providing guidance for use of cloud services. The guidelines provide both covered entities and the Cloud Service Provider (CSP) information to assist them in understanding their obligations under HIPAA regulations. When a covered entity contracts a cloud provider for services that rece

Brain Drain in Our Government Agencies By Dr. Jane LeClair As long ago as 1981 the federal government was concerned with the loss of knowledge -'brain drain' - from various agencies. A GAO report "The Government Brain Drain" dated Sep 14, 1981 notes "The Government brain drain caused by inadequate salary levels, irregular pay adjustments, and distorted pay interrelationships of top Federal officials is one of the most critical but perhaps least understood and appreciated pr

By Dr. Jane LeClair A brand new year has started and what better time to think about the security of your system. Now is a good time to upgrade your security, and of course change your passwords! Dr. Jane LeClair is the president of the Washington Center for Cybersecurity Research & Development.

HIPAA: Compliance with Many Areas to Monitor By Charles Parker The HIPAA regulation is a rather expansive regulation. With all of the aspects HIPAA has to note for the of the different environments and cases encountered, including the administration, technical, and physical security issues to be addressed, it is almost surprising this regulation is not longer.   As important as HIPAA and securing the medical data, information, and records are, the scrutiny of the HIPAA-applic