MANAGEMENT: Cyber Experts Consider Agency Leaders’ Responsibility Ahead of Trump’s Cyber EO. President Donald Trump’s cybersecurity executive order is moving along, according to private sector advisers, and could be signed by the middle of March — or not. Sam Palmisano, former IBM CEO and vice chairman of the Commission on Enhancing National Cybersecurity, told an audience gathered for a March 6 event at the Center for Strategic and International Studies (CSIS) that his sense was maybe “within a week or so we could see something.” “But I would have said that two or three weeks ago as well, so I don’t want to set a bar for them,” Palmisano said when asked about the EO’s publication. “They’re working through the process.” Find out more
EMPLOYMENT: Cybersecurity Skills Shortage Holding Steady. In 2017, 45 percent of organizations say they have a “problematic shortage” of cybersecurity skills. This is right in line with 2016 (46 percent), but these last two years represented a big increase. In 2015, 28 percent of organizations said they had a “problematic shortage” of cybersecurity skills, 25 percent in 2014, 23 percent in 2013, and 24 percent in 2012. Find out why this increase over the past two years is concerning. Find out more
IoT: Consumer Reports to Grade Products on Cybersecurity. The non-profit consumer ratings group Consumer Reports plans to evaluate cybersecurity and privacy when ranking products, Reuters says. It is currently working with organizations to create methodologies for doing this. This decision was made following a recent increase in cyberattacks on IoT devices, many of which contain vulnerabilities easily exploited by hackers. Researchers believe these attacks are unlikely to cease because manufacturers do not want to spend on securing connected products. Find out more
CISO: Building a Cybersecurity Culture Around Layer 8. The term “layer 8” is often used pejoratively by IT professionals to refer to employees’ lack of awareness and a weak overall cybersecurity culture. While organizations continue to purchase and deploy technical controls, not much has been done to focus on the human side of cybersecurity. Today, it is just as important to secure human assets – layer 8 – as it to secure layers 1 through 7. Find out more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems February 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-february-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.