CYBER PAIN POINTS: Failure to Get Buy-In for Incident Response Plan (IRP) in the Top 10! A recent report indicated that IRPs “are frequently developed from within departmental silos, for example, within the organization’s IT security function, and do not address the considerations of business units or cross functional areas needed to coordinate and operate together during a response.” Read the Top 10 Incident Pain Points in Delta Risk’s April 2016 report. Read more
FEDERAL GOVERNMENT: U.S. Government Announces Framework for Responding to Critical Infrastructure Cyber Incidents. On July 26, 2016, the White House issued the United States Cyber Incident Coordination Directive (Presidential Policy Directive PPD-41, including an Annex). The Directive sets forth the principles governing the Federal Government’s response to cyber incidents, including incidents affecting private entities that are part of U.S. critical infrastructure. The Directive is designed to improve coordination between government agencies and to clarify inter-departmental involvement in response to a cyber incident. Find out more
MANAGEMENT: Why Cybersecurity Is a Management Problem for Campaigns. Republicans have made hay out of the Democrats’ recent hacking woes, but the GOP isn’t immune from cybersecurity breaches. Last week there were reports of Russian hackers dumping emails from Republican campaigns and operatives. The campaign community should follow that lead and demand that cybersecurity receive real consideration by the candidates, mangers and chairmen and chairwomen, and top aids and advisors. Read more
SOLUTION: Orchestrating Security Intelligence for Faster and More Effective Incident Response. Today’s sophisticated, targeted attacks, coupled with increasing network complexity, mobility and the phenomenal growth of non-traditional devices can present incredibly difficult challenges. Nobody can afford to have an incident response system that isn’t using all of its intelligence and powers of communication. A new type of cyber security solution is required – one that goes well beyond traditional network access control (NAC) capabilities. Find out more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-july-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.