IT SECURITY
SURVEY SAYS: SANS Institute reports that organizations of all sizes are facing high-profile security breaches and attacks that require incident response capabilities. In a recent survey, only 9% of survey respondents labeled their incident response capabilities as very effective, and 26% were dissatisfied, citing lack or time to review and practice procedures (62%) and lack of budget (60%) as key impediments to effective response. Read more
[SYS-CON]
TRAVELING WITH DATA: The safest way to protect confidential information is to not take it with you. OK. We know. It’s impossible when traveling for business. According to the New York Times, there are some simple steps you can take to help you reduce the risk of your info being stolen when you are on the road. Read the rest
[NYTIMES]
NIST & 3D PRINTERS: Defense companies that manufacture parts with three-dimensional printers using metal powders need to heed forthcoming National Institute of Standards and Technology (NIST) draft guidelines for avoiding 3-D printer breaches. Read more
[NEXTGOV]
CRITICAL PATCHES REQUIRED
INTERNET EXPLORER: Fix zero day vulnerability CVE-2013-7331 that allows attackers to determine remotely through a webpage the existence of local pathnames, UNC share pathnames, intranet hostnames, and intranet IP addresses by examining error codes. Read more here
[PCWORLD]
ADOBE FLASH: Flaw can be exploited through a malicious web page or possibly through malicious Microsoft Office files to allow the attacker to remotely execute code on the affected system. Read more here
[PCWORLD]
CLOUD
GOOGLE: Brian Stevens, who led Red Hat into the cloud era, takes the helm of the Google Cloud platform Read more
[COMPUTERWORLD]
AMAZON: Its Amazon Web Services platform has been given provisional authorization from the Defense Information Systems Agency to hold Defense Department data above a level 2 security impact clearance. The authorization makes Amazon’s GovCloud the first cloud service to hold every level of unclassified DOD data. Read more
[FEDSCOOP]
MICROSOFT: Microsoft has two new Azure services: Its DocumentDB NoSQL service and its full-text search service built on Elasticsearch. Read more
[ZDNET]
MANAGEMENT
YOUR NEXT CYBER WHIZ: Why CIOs and chief security officers should consider internships as a viable option for building their workforces. Read more
[STATETECHMAG]
FEDERAL GOVERNMENT’S CUSTOMERS: 3 Steps to Keep Customers Happy During Times of Change Read More
[DIGITALGOV]
MICHELANGELOS WANTED: Did you know that Michelangelo may have been autistic, and appeared ‘weird’ to his peers. The critical lesson: “Weirdness can look like a problem but, in fact, it’s quite often the solution.” Martin Davidson explains The Case for Recruiting Weirdos.
[BUSINESSWEEK]
FEDERAL AGENCIES
COMMERCE: What is the Economic Development Administration? Find out more
[FEDERALNEWSRADIO]
HHS: HealthCare.gov Hack: Americans Got Lucky This Time Read more
[INFOSECURITYMAG]
GSA: Did you know GSA’s .75% Schedule fee is built in to the price? Learn more at agency FAQs.
[@usgsa]
LIFE
JUST GO TO SLEEP: Why you should stop using your smartphone right before bed Read more
[INC]
IT SUPPORT: Call Blue Mountain Data Systems for Security and Vulnerability Management and Compliance: 703-502-3416.
