FOR THE CTO, CIO & CISO
LOOKING BACK: 7 Times Technology Transformed Government. Federal Times just wrapped up its 50th year publishing the news and information that matters to federal employees. One thing is certain: in that time, technology drove a number of government transformations. Among all of the possible examples, a few stand out as key moments. Here are the seven most important technology innovations and events — in chronological order — that have shaped the way government operates today. Read more
[FEDERALTIMES.COM]
ENCRYPTION DEBATE: 8 Things CIOs Should Know. Governments want access to encrypted communications to prevent terrorist attacks, but IT professionals and tech vendors say any weakening of encryption is a threat to privacy and data security. Read more
[INFORMATIONWEEK.COM]
CYBERSECURITY: Year of ‘Fairly Unsophisticated Breaches’ Underscores Need for Cyber Hygiene, According to CISOs. After a year of high-profile breaches, organizations should concentrate on reinforcing crumbling security foundations rather than adopting complex new software, said 25 chief information security officers in a recent survey. Read more
[FEDSCOOP.COM]
FEDERAL GOVT CTO: 6 Predictions for Federal IT in 2016. 1) Cyber crime legislation goes global. 2) Intelligence officers go rogue. 3) Increased attacks on critical infrastructure. 4) Cloud gets less scary. Read the rest
[FEDERALTIMES.COM]
SECURITY PATCHES
GOOGLE: Google Patches Five Critical Android Security Flaws. Almost all devices running a modern version of Android are affected by at least one of the five critical flaws. Of the highest-rated vulnerabilities in its sixth monthly release, Google said one nasty flaw could allow an attacker to remotely execute code — such as malware — by exploiting a flaw in how Android processes some media files. Read more
[ZDNET.COM]
ADOBE: Adobe Flash Releases Back-to-Back Critical Patches. On Dec. 28, Adobe released an update correcting 19 critical bugs that could allow an attacker to take control of affected systems. At that time, it reported that at least one of the flaws was being exploited in the wild. On Jan. 1, another critical patch was released that corrected problems loading Flash in embedded applications. Adobe recommends that those who do not have automatic updates enabled install the new version as soon as possible. Read more
[BUSINESS.FINANCIALPOST.COM]
JUNIPER: Patches Firewall Backdoor Risk. Older-model Juniper ScreenOS-based firewalls are patched for vulnerabilities that could leave organizations exposed to risk. During a recent internal code review, Juniper discovered unauthorized code in ScreenOS that could allow a knowledgeable attacker who can monitor VPN [virtual private network] traffic to decrypt that traffic. Read more
[EWEEK.COM]
SOFTWARE SECURITY: In Patches We Trust: Why Software Updates Have to Get Better. All too often, security patches are breaking the devices they set out to protect, and trust in the software companies to protect those devices is wearing thin. Read more
[ZDNET.COM]
==========
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
CALL BLUE MOUNTAIN FOR IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems December 2015 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-december-2015.
==========
