CYBERSECURITY
FEDERAL CYBERSECURITY: Not Even Good Enough for Government Work. On June 4, OPM revealed that hackers (most likely backed by the Chinese government) had ransacked its computers for months, stealing the personally identifiable information of between 4 million to 18 million federal government applicants and employees. Read more
[REASON.COM]
APPLICATION SECURITY: What Do You Mean My Security Tools Don’t Work on APIs?!! SAST and DAST scanners haven’t advanced much in 15 years. But the bigger problem is that they were designed for web apps, not to test the security of an API. Read more
[DARKREADING.COM]
EDWARD SNOWDEN: NSA, British Counterpart Targeted Cybersecurity Firms. The U.S. and United Kingdom have been trying to find ways around anti-virus and security software by surreptitiously studying the products and the companies that make them, according to various published reports. Moscow-based security software maker Kaspersky Lab is one of the prime targets of the effort, according to a report at ZDNet.com. Read more
[C4ISRNET.COM]
NEW EXCHANGE TICKER: Cybersecurity Fund Boosted By A Rise In Data Breaches. A new exchange-traded fund that taps into the cybersecurity market has skyrocketed to $1-billion (U.S.) in assets under management in just seven months. With the crafty ticker name HACK, the PureFunds ISE Cyber Security ETF mimics the ISE Cyber Security Index, which tracks the performance of companies actively engaged in providing services for cybersecurity… Read more
[GLOBEANDMAIL.COM]
FEDERAL, STATE, AND LOCAL IT
GAO AUDIT: CDM, NIST Framework Help Remedy Federal Cybersecurity Challenges Identified. A recent GAO audit report states that, “federal and contractor systems face an evolving array of cyber-based threats” which “can be unintentional–for example, from equipment failure, careless or poorly trained employees; or intentional-targeted or untargeted attacks from criminals, hackers adversarial nations or terrorists, among others.” Read more
[HSTODAY.COM]
A CASE FOR PIV: U.S. Government Emails, Passwords Found On Web. Almost everybody reuses passwords. With so many accounts to keep track of the password might have slight variations — 06 instead of 05 or @ instead of a — but a 2014 study stated that 63% of U.S. business owners reuse the same passwords to log in to different systems. Some 73% of full-time workers also admit to reusing the same batch of passwords online. Read more
[SECUREIDNEWS.COM]
CLOUD SURVEY: DOD Wants to Build in the Cloud. Going forward, technology professionals inside the Department of Defense would rather build new applications in the cloud than migrate existing applications, according to a new report from MeriTalk, underwritten by General Dynamics Information Technology (GDIT). Read more
[FEDTECHMAGAZINE.COM]
RADIO NEWS PROGRAM: Ron Ross – New Guidance From NIST. The National Institute of Standards and Technology finalized its guidance for contractors, research centers and other organizations that handle sensitive federal information. Ron Ross is a fellow at NIST. He reviewed the guidelines for the information called “controlled unclassified information” on In Depth with Francis Rose. Read more
[FEDERALNEWSRADIO.COM]
==========
APPLICATION DEVELOPMENT: Blue Mountain Data Systems is dedicated to Application Development and Systems Integration for Federal Civilian Agencies, Document Management Systems that help in the preparation, scanning, indexing, categorizing and quality control of millions of pages of paper documents to electronic format and the Automation of Workflow Processes. Call us at 703-502-3416.
==========
