Washington Works Blog

What happens when your company configures something on its infrastructure incorrectly? It turns out, according to a recent data leak, that a lot can go wrong, especially in regards to cybersecurity and the privacy of sensitive records. The affected software was not an unknown third-party application, but was actually Microsoft! How did one of the world’s largest software developers put out software that potentially exposed millions of records? Let’s dig into the details.

It’s easy to focus on threats that are external to your business, like viruses and malware that are just waiting to infiltrate your network, but what about threats that exist from within? While insider threats are not particularly common in the dramatic, over-the-top way that they are made out to be in movies and media, they are still a very real issue that should be addressed by your organization’s network security protocols.

With Microsoft announcing that the Windows 11 release is right around the corner, most users will be looking to upgrade to hardware that supports it. This is a topic for another day. As we approach the Windows 11 launch, Microsoft is gearing up to retire one of its most controversial (and ultimately innovative) operating systems to date, Windows 8.1. Today, we thought we’d talk a little bit about the mixed bag Windows 8.1 is and how it will be important to move off of the software by January 2023.

Phishing attacks are some of the most common threats out there. Hackers will craft messages or web pages designed to harvest information from your employees, be it through suspicious requests for credentials via email or through false websites that look so much like the real thing that it’s no wonder they were tricked. How can you make sure that your employees don’t fall for these dirty tricks? It all starts with comprehensive phishing training.

To say someone is adept at a task is to say that they are a professional, or someone with a considerable amount of knowledge that contributes to their ability to complete a particular task. In cybersecurity, this is extremely important, as the entire concept of cybersecurity is complex by nature. Your business too can improve its cybersecurity practices and shift focus to a more mindful approach to network security.

We believe that at the end of the day, employees want to do the right thing and accomplish their daily tasks without incident. However, technology can often break these plans with unexpected issues that prevent them from doing so. If you don’t take the time to provide the proper IT support when it is needed, you force your employees to either be unproductive or find unconventional (and often unsecure) solutions.

Data breaches have become all too common for small businesses over the past several years and when it seems like there is a solution to one problem, something even worse pops up. Part of a comprehensive risk management strategy is identifying problems and doing what you can to keep them from affecting your business. Let’s take a look at the major cybersecurity threats small businesses are facing in 2021 and what you can do to keep them from hurting your business.

Almost daily there is another data breach reported that exposes data for hundreds of thousands or millions of people. This is a troubling trend. One of the most troubling events happened recently as 700 million profiles from the social media network LinkedIn were found for sale on a popular hackers forum. What’s worse is that the company isn’t admitting that it had been breached recently. Let’s take a brief look at this situation and try to unpack what is going on with LinkedIn.

We know, we know; you’re probably sick of seeing ransomware in headlines, and so are we, but we cannot stress enough how important having an awareness of it is for any business owner. A new study has found that businesses infected by ransomware who choose to pay up experience a different type of fallout--one that is a major cause for concern and a stark reminder that there are no guarantees with ransomware. Ever.

Data privacy is a bit of a hot topic in today’s business environment, especially with high-profile hacks and ransomware attacks emerging and putting organizations at risk. In particular, the emerging concept of “privacy engineering” has a lot of businesses thinking about how they can secure their organization and future-proof their data privacy infrastructures.

The first half of this year has seen its fair share of ups and downs, especially on a global scale. With a global pandemic still taking the world by storm, it’s despicable that hackers would take advantage of the opportunity to make a quick buck using phishing tactics. Yet, here we are. Let’s take a look at how hackers have turned the world’s great misfortune into a boon, as well as how you can keep a lookout for these threats.

Today, employees have to be a major part of every business’ cybersecurity attempts. The reasoning is simple: attacks are more likely to come in the form of end user correspondence than on a direct assault of the network. As a result, it is important that cybersecurity is more than just another line item on a task list, it has to be built into the culture. Let’s discuss a few ways to get your employees to care about cybersecurity.

Passwords are probably the most important part of keeping accounts secure. That’s why it is so important to follow industry best practices when creating them. Today, we’ll take a look at the standards outlined by the National Institute of Standards and Technology (NIST) in creating the best and most secure passwords.

You’ve probably heard by now, a Russia-based hacking collective by the name of DarkSide targeted Colonial Pipeline, a company that supplies nearly 45 percent of the fuel used along the Eastern Seaboard of the United States, with a ransomware attack. Not only does this hack have an effect on fuel prices and availability, it highlights just how vulnerable much of the nation’s energy infrastructure is. Let’s discuss the details of the hack and the raging discussion about cybersecurity that’s happening as a result. 

Cybersecurity is critically important to businesses of all sizes, which means that all businesses need to put forth a concerted effort to ensure their security is locked down. This, in turn, will require someone to take point on developing a cybersecurity-focused internal culture.

Who better to do this than the boss?

Software runs our lives. It certainly runs your business. What if I told you that this essential cog in your business’ operations can also be the thing that is most susceptible to being exposed by outside attackers? It’s true, software can be the very door that hackers and scammers need to get into your network and run amok. Let’s take a look at the unsung service that is patch management and why it is so important. 

Data breaches have a tendency to destabilize relationships. With so many data-related problems befalling businesses nowadays, it is important that each side of every data-driven relationship understands their role in the protection of other organizations’ data. Today, we’ll take a look at the issue and how to determine if your partners are putting in the effort required to keep your data secure. 

There is an entire litany of stereotypes that are commonly linked to the term “hacker”… too many for us to dig into here, especially since they do little but form a caricature of just one form that today’s cybercriminal can take. Let’s go into the different varieties that are covered nowadays under the blanket term of “hacker,” and the threat that each pose to businesses today.

I’m not sure we need to tell you how important passwords are: they are the front-line defense to most of the accounts you create. What is often overlooked is the strategy of how to use a password to successfully protect accounts and data. Today, we will discuss best practices   when creating and managing your passwords and how you are likely approaching your password strategy improperly. 

As one of the biggest cybersecurity considerations the modern business has to make, how to combat phishing has to be at the top of any business’ cybersecurity strategy. Let’s take a look at phishing and why it’s such a big problem for today’s business.