Cloud Computing and HIPAA Guidelines By Dr. James Angle As healthcare organizations across the country scramble to take advantage of the power of the cloud, Health and Human Services (HHS) is providing guidance for use of cloud services. The guidelines provide both covered entities and the Cloud Service Provider (CSP) information to assist them in understanding their obligations under HIPAA regulations. When a covered entity contracts a cloud provider for services that rece

Brain Drain in Our Government Agencies By Dr. Jane LeClair As long ago as 1981 the federal government was concerned with the loss of knowledge -'brain drain' - from various agencies. A GAO report "The Government Brain Drain" dated Sep 14, 1981 notes "The Government brain drain caused by inadequate salary levels, irregular pay adjustments, and distorted pay interrelationships of top Federal officials is one of the most critical but perhaps least understood and appreciated pr

By Dr. Jane LeClair A brand new year has started and what better time to think about the security of your system. Now is a good time to upgrade your security, and of course change your passwords! Dr. Jane LeClair is the president of the Washington Center for Cybersecurity Research & Development.

HIPAA: Compliance with Many Areas to Monitor By Charles Parker The HIPAA regulation is a rather expansive regulation. With all of the aspects HIPAA has to note for the of the different environments and cases encountered, including the administration, technical, and physical security issues to be addressed, it is almost surprising this regulation is not longer.   As important as HIPAA and securing the medical data, information, and records are, the scrutiny of the HIPAA-applic

Changing Cultures By Dr. Jane LeClair Cybersecurity is a word that is getting a lot of attention these days. Hardly a week passes without the public being informed by the media of yet another major cyber breach. Major business organizations have been attacked, the digital systems of political parties breached, our critical infrastructure probed, even the White House has been attacked. Those systems were no doubt defended against intrusions with well configured firewalls, intr

Be ready for seasonal cyber scams By Carolyn Schrader   The holiday season is a prime opportunity for cybercriminals to target people and businesses. Employees are more apt to be shopping using employee equipment. Businesses are buying gifts for staff, clients, and business partners. Vigilance and a strong measure of skepticism can help reduce the chances of being a victim.   Eight scams to be ready for include:   1. Social Media Scams with fake offers or discounts Everyone l

Happy Thanksgiving! From all of us at the Washington Center for Cybersecurity Research & Development....Have a safe and Happy Thanksgiving!

When, not if... The number of businesses through the nation is rather large. Many of these know they are regularly targeted. Too many of the remainder businesses are hoping that security by obscurity works. It does not. Small- and medium-businesses (SMB) are actively targeted by the attackers due to this lack of sufficient focus on Infosec. One symptom of this is a lack of a security policy, or one in place on the shelf with a large amount of dust due to a lack of any review

51% of SMBs attacked by ransomware according to survey By Carolyn Schrader It seems that no business is too small to be a target of ransomware. Ponemon Institute, a research company that focuses on information management topics, recently conducted a survey of small and mid-size businesses regarding ransomware attacks. The survey, sponsored by Carbonite, a cloud back-up company, found that 51% of the responding SMBs were attacked. Of the survey respondents, 30% of them had 200

Phishing: An International Issue  By Charles Parker The commonality of phishing is its efficiency in successful attacks from an ROI perspective. As this has worked so well in the US and other areas, the international application of this method of attack will continue to grow. This has also been an increasing issue for Canada.   Recently, to assist in decreasing the opportunities for successful attacks, a set of training ideas had been advanced. These included what is and is n