NSA: Shadow Brokers Leak Just Revealed How The NSA Broke American-Made Encryption. If the Shadow Brokers’ leak of NSA files is legit, as is now all but confirmed, they have offered a glimpse into how the intelligence agency exploited security systems created by American tech vendors. And one of the vulnerabilities has offered proof of just how the US’ finest digital spies were able to snoop on encrypted communications, in particular those provided by Virtual Private Networks (VPNs). Read more
APPLE: Researchers Find Another Flaw in Apple’s iMessage Encryption. Cryptography researchers at John Hopkins University have found another flaw in the encryption used by Apple’s iMessage. The good news? The flaw has already been patched; you just need to update iOS. Find out more
DoD: Pentagon Relying on a Different Kind of FBI to Fight Cyber Attacks. The Defense Department’s big data approach to cybersecurity is paying big dividends. Through better analytics, DoD’s cyber experts have seen a 500 percent increase in the number of counter measures they can apply to thwart hackers. What’s different for DoD isn’t the data, but the tools on top of the information, and the military’s cyber experts’ ability to use them in near real-time. According to Dave Mihelcic, the chief technology officer at the Defense Information Systems Agency, “One of the biggest applications today is called Fight by Indicator (FBI). FBI gives our analysts the ability to not only take the data about that attack and compare it against all known data and then be able to pick the best cybersecurity mitigation mechanism and actually directly task that mechanism. It has improved our effectiveness in being able to detect, diagnose and mitigate attacks by 500 percent.” Read more
HOSPITALITY TECH: Ensuring Privacy Through Security Best Practices. Increasingly, hotels are collecting, analyzing, using, and storing guest data, including personally identifiable data (PII), to facilitate guest engagement and great service. Personal data is being harnessed in conjunction with loyalty, CRM, PMS, and other technology—and the more it is leveraged, the more vulnerable it becomes. Here are six keys to not sacrificing security while leveraging customer data for improved service and operations. Find out more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-july-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.