NEWS: Positioning Security Intelligence in Front of Incident Response. With recent announcement of IBM’s $200 million commitment to expanding its security leadership position in the incident response (IR) market, IBM is working to help clients address the challenges in adopting a more proactive approach to IR. As part of the initiative, IBM established a new global incident response team. The mandate for IBM X-Force Incident Response and Intelligence Services (IRIS) is to deliver the next evolution in incident response management. Read more
US-CERT: Updates Cybersecurity Incident Notification Guidelines. New cybersecurity incident reporting guidelines will go into effect on April 1, 2017, designed to help federal, state, and local organizations. Find out more
DHS: Georgia Incident Was Legitimate Work, Not a Hack. The Department of Homeland Security told Georgia’s Office of Secretary of State that the IP address associated with an attempted breach of the state agency’s firewall was tracked to an office in U.S. Customs and Border Protection, a revelation that has DHS “deeply concerned.” According to DHS, someone on the federal department’s security network was conducting legitimate business on the state office’s website, verifying a professional license administered by the state. The state office manages information about corporate licenses and certificates on its website. Find out more
LEARN: 10 Tips for Planning, Leading and Learning From a Cybersecurity Tabletop Exercise. The National Institute of Standards and Technology (NIST) recommends that organizations not only develop incident response plans, but also maintain them in a “state of readiness” and engage in exercises to “validate their content.” The potential vehicles for such tests can take many forms, but one of the most common and easy to implement is a “tabletop exercise.” Read the rest
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems November 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-november-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.