VULNERABILITIES: Throw Out the Playbooks to Win at Incident Response. Four reasons why enterprises that rely on playbooks give hackers an advantage. Read more
BANKS: The Methodology of Improving Incident Response. AusCERT is one of the oldest CERT’s in the world, and Phil Cole says the independent organization is now laser-focused on helping enterprises across sectors to fundamentally improve their strategies and solutions for incident response. Read the rest
TSA: Paul Morris – Incident Response is All About Speed, Speed, Speed. As one, albeit large, component in Homeland Security, the Transportation Security Administration works in concert with other components as it also worked to ensure its own mission continuity. Namely, keeping the nation’s airports and hundreds of thousands of daily passengers moving. Paul Morris, TSA’s chief information security officer and executive director of its Information Assurance and Cybersecurity Division, says the agency learned a lot responding to recent threats like Heartbleed. “It tested tools we had, the processes we exercised.” Find out more
INSIDER THREATS: Just 18% Have Incident Response Plans. Global organizations finally understand that insider cyber threats are potentially the most damaging of all, but are doing little to quantify or respond to the threat, according to new SANS Institute research. The study, sponsored by Dtex, Rapid7 and Haystax, revealed that the largest plurality of respondents (40%) rate malicious insiders as the most damaging threat vector they face, followed by accidental or negligent staff (36%). Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-june-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.