<img src="https://secure.ruth8badb.com/159098.png" alt="" style="display:none;">

Cadre Blog

Never miss the latest in IT Security! Subscribe Now.

Is this Critical Mistake Hurting Your Cybersecurity Risk Posture?

One of the great ironies of IT is that so many IT and security departments are built on two basic falsities: 

    1. The demands of the IT and security department are often greater than the funding allocated to execute them (ultimately a budget problem).
Read More

The Biggest Security Awareness Misconceptions – Part 1

There’s a conversation that has been playing on repeat about Security Awareness. It usually goes something like this…

Risk Assessor: “Do you have a Security Awareness Program?”

IT Director: “Yes, we run phishing tests regularly.”

Risk Assessor:...

Read More

NEW PODCAST: Security Awareness is More Than Just Phishing Training

Security Awareness is a critical tool in an organization's toolkit. Yet, it tends to be a lower budget priority than other technical controls. According to recent research, 98% of organizations have a Security Awareness program, but only 23% use a...

Read More

Minimize Security Incidents with a Strong Security Awareness Program

News of companies getting hacked is omnipresent. The fear, uncertainty, and doubt as a result of these reports can make you want to give up. But don’t let that dissuade you—there’s still hope and it resides in an unusual fact: more than 99% of...

Read More

How to Develop an Effective Security Awareness Program

Security Awareness is well known for being the “best bang for the buck” out of all the risk mitigation techniques, but is it really? For Security Awareness to be effective, it must change the behaviors of employees and ideally lead to a mature...

Read More

The Worst Things to Share on Social Media

As a business professional, why should you care what your employees post on social media?

Even before COVID-19 caused the mass migration to a remote workforce, many successful hacks into organizations originated from an employee’s personal device...

Read More

The Latest Smart Phone Hacking Update

New security concern: Malware that can copy all the physical keys on your keychain! 

Read More

Winning Bug Wars: From Volkswagen Beetles to Million Dollar Bug Bounties

Bugs have been wreaking havoc in humanity long before the rise of information technology, but the bugs we know today have hefty bounties, as companies tap the global community of ethical hackers to scour code for security vulnerabilities before...

Read More

A Pen Testing Expert Shares the Secret Ways He Gains Access to Businesses

Steve Stasiukonis’ company, Secure Network Technologies, does all kinds of pen testing. When we say all, we mean it—Secure Network has even successfully “shipped” a person in a FedEx box to demonstrate the vulnerabilities of a company being...

Read More

The Biggest Threats to Businesses from a Pen Testing Expert

Steve Stasiukonis started doing pen testing professionally in 1997, when a former classmate of his confided that his company was struggling to identify network vulnerabilities. Steve had been employed in document management and information security...

Read More

Best Practices When Trying to Protect Your Information While Working Remotely

Asaf Lerner’s work in the identity and access management (IAM) space has spanned 20 years and two countries. His first job was on the R&D side with a small Israeli startup called Aladdin. In that job and others, he designed many PKI and...

Read More

How to Enable Your Employees to Work Remotely Without Compromising Security

With the current economic and social uncertainty in today’s landscape and the rush to transition staff to remote workers, great opportunities arise for attackers to target businesses and employees for financial gain.

Read More

How to Transition to Working Remotely During a Crisis

Jim Hebler has worked in cybersecurity for nearly 18 years. He started out covering technology as a journalist for two daily newspapers, The Detroit News and USA Today, then got into private sector communications. After that, he trained with HP...

Read More

Little-known Facts About Remote Worker Security that Could Damage Your Business

With the ongoing rush to transition staff to remote workers, great opportunities open for con artists and evil hackers to exploit the situation. We in IT and even IS often think that software controls such as VPNs, DLP and Cloud technologies will...

Read More

Five Tips to Ensure Your Company's Bluetooth Security Policies are Up to Date

Urban Legend Becomes Real

Several years ago some reports came to information security experts from black hat chat sites (evil hacker online groups). The reports said that thieves were stealing high-profile mobile devices left in cars using Bluetooth...

Read More

5 Cyber Security Recaps from the Past Decade—And 5 Predictions for the Next One

While there's a heated debate about whether a new decade is actually beginning, the beginning of a new year is always a great time to look back, assess what has happened, and make predictions about the future. That's why we at Cadre conducted an...

Read More

When the Next Recession Comes, Will Your Security be Ready?

Recessions stink. Business contracts, companies pull back and attempt to shrink inventories, employees lose their jobs. As revenues decline, it’s harder to fund the key aspects of the business. But recessions also embody the creative destruction...

Read More

The Fact and Fiction of the Business Risks Posed by IOT Devices

A casino hacked through an aquarium heater* sounds like fiction—but this recent headline news was an all-too-real demonstration of the risk that Internet of Things (IOT) devices bring to organizations of all sizes. 

However, take heart! There are...

Read More

How to Prevent 4 Network Security Threats that Cost Financial Services Millions

The Capital One breach exposed over 100 million customers’ sensitive information.In 2017, 147.9 million consumers were affected by the Equifax Breach.Over the past few years, data breaches have affected over 1 trillion user accounts and the...

Read More

Myth Busted: Small Organizations are at Low Risk of Hacking Because they are not Desirable Targets For Hackers

All of these are common myths, but only one has dangerous misinformation. Can you figure it out?

  1. George Washington chopped down a cherry tree. 
  2. After you die, your fingernails continue to grow. 
  3. You don’t have to worry about your small business...
Read More

A Former CTO of the FBI Cyber Division on the State of Cybersecurity

Part 3 of a three-part series

Milan Patel, current chief client officer at BlueVoyant and former CTO of the FBI Cyber Division, keeps up with the latest in cybercrime and cybersecurity.  (If you missed his great tale of his first FBI vehicle—not to...

Read More

9 Questions You Should Ask When Considering Cloud-Based Tech

To paraphrase Zoolander, cloud-based technology is so hot right now. There are good reasons for that—cost, scalability, and convenience—but if you haven’t asked the right questions, you may face an unpleasant surprise later on. It sounds dramatic,...

Read More

How to Improve Your IT Security for the Upcoming Elections

Small governments seem to be stuck between a rock and several hard places.

Read More

New Tools to Protect Credit Cards at Gas Stations But Who Gets to Use Them?

If you live in the U.S. and have ever noticed false charges on your credit card statement and had to call your bank to have your card canceled, chances are that you are the victim of skimming.  

Read More

If Your Healthcare Data is Leaked Chances are Your Doctor’s Office, not an Evil Hacker, is to Blame

New research from Michigan State and Johns Hopkins Universities show that failed internal information handling and negligence at healthcare providers’ offices accounts for more than half of personal health information (PHI) breaches.

Read More

New Advances Show Evil Hackers can use Cell Phone Apps to Capture your Information by Sound

Evil hackers and corporate spies have had the ability to record the loud tap-tap-tap of computer keyboards to decipher a log of keystrokes for years. The risk of losing your credentials to such a hack has been low because the attacker would have to...

Read More

5 Mistakes Made In the Capital One Breach and How to Avoid Them

If an amateur hacker could bring down a Fortune 500 company, how can your company hope to avoid the same fate? Take heart - from what we know at this point, it seems that Capital One overlooked some very obvious safeguards and there are a number...
Read More

What Data Breaches and the Notre Dame Cathedral Fire Have in Common

On April 15, 2019, a flame ignited Notre Dame Cathedral in Paris and many watched as roughly 500 firefighters struggled to contain the fire. The cause of the flame still remains unclear. According to a recent report, the security guard in charge of...

Read More

5 Lesser Known Impacts of Poor Security

You wouldn’t leave the doors to your business unlocked, would you? Of course you wouldn’t. In the same vein, companies go to great lengths – installing alarms and cameras and hiring security – to ensure their locations are physically secure. Yet too...

Read More

Security Trends and Takeaways for the Second Half of 2019

So much has happened in terms of information security and breaches in 2018 that it can be a little overwhelming. Now that we’ve had time to reflect on 2018, we can summarize important lessons and takeaways as we head into the second half of...

Read More

5 Ways to be Sure You’re not Over- or Under-Solving for Security

Remember the story of Goldilocks breaking into the three bears’ cottage and wreaking havoc? Goldilocks was eager to eat the porridge left by the bears, so she tried the first bowl and soon realized it was too hot. The next bowl was too cold, but the...

Read More

Grab-n-Go Baldr Malware: A Stunning New Type of Malware

A revolutionary new type of malware toolset is starting to show up in dark web hacking forums. The new malware architecture is being called “Grab-n-Go”.

Until now, malware was designed to infect a computer, network or mobile device and stay resident...

Read More

Why the Citrix Breach Happened and 6 Steps You Can Take to Protect Your Company

What happened?

Citrix, an American software company, disclosed a security breach in which hackers potentially exposed customer data. On March 6, 2019, the FBI contacted Citrix to advise they had reason to believe that cyber criminals had gained...

Read More

Security Awareness Training FAQs

We receive a number of questions regarding security awareness training. Below are some common questions. What’s the best way to convince my management team to implement a security awareness program?                A lunch and learn presentation on...

Read More

5 Things to keep in mind when Implementing a Security Awareness Program

What are the 5 most important things to keep in mind when implementing a security awareness program?1. Adult Learning. A security awareness program is a waste of time and money if information is not retained and a positive culture change is not...

Read More

Cadre’s Security Awareness Services Meet Requirements for Major Compliance Standards

Cadre’s Security Awareness class, course design and consulting services are now able to meet requirements for all major compliance standards.

Cadre’s cutting-edge security awareness offerings leverage fun adult-learning and neuroscience techniques...

Read More

How to Create an Effective Security Awareness Program

"Social engineering bypasses all technologies, including firewalls." -Kevin MitnickSocial engineering is often regarded as the most effective and powerful skill used by black-hat hackers and, until recently, it is one of the least addressed...

Read More

How to Legally Practice Social Engineering

Social Engineering is without question the most powerful and successful hacker skill of all time, but how can you become fluent enough in this skill to learn and defend against it if the practice is illegal?

If you want to learn a skill to protect...

Read More

Should we Fear the Amazon Echo or Other Smart Speakers in our Home?

Author: Tim O’Connor

I am a cyber security professional and when I tell some of my peers that I have several Amazon Echo smart speakers in my home and workshop they sometimes look at me like I just said Edward Snowden was my roommate or that I just...

Read More

Don't Lose Face with your Friends over Facebook

Author: Tim O'Connor

You have likely been hearing about the personal privacy leakage court cases involving data mining your Facebook account and maybe even its link to “spy vs. spy” stuff like Russian election influence. You might have even heard...

Read More

Security Awareness Evaluation - Don't Fall for the "Streetlight Effect!"

A policeman sees a drunk man searching for something under a streetlight and asks what the drunk has lost. He says he lost his keys and they both look under the streetlight together. After a few minutes the policeman asks if he is sure he lost them...

Read More

Building CyberSecurity Awareness

October is National CyberSecurity Awareness Month (NCSAM)

This campaign was created as an effort to ensure Americans have the resources and information they need to be safe and more secure online. 

There's been a massive number of cyberattacks...

Read More