LEARN: Four Major Obstacles Preventing Effective Incident Response. When it comes to modern cyber security, an effective first response is critical but not always easy. Ryan Benson, Senior Threat Researcher at Exabeam, examines four of the most common challenges facing incident responders today and discusses how they can be mitigated. Read more
ENTERPRISE: 4 Reasons to Rethink Incident Response Playbooks. For enterprise security teams, playbooks have long been a staple of the incident response strategy. The common opinion is, the better your playbooks, the more protected you’ll be in the event of a security incident. Teams lean on these documents to guide them through the response tactics of multiple threat scenarios, from ransomware to malware infection to the penetration of privileged user accounts. But there is a downside to playbooks that can also make them a major liability. Because playbooks are only useful against known threats, using known tactics against known adversaries, they can give a false sense of security. Read more
OPINION: A Sustained, Practical Approach is Needed for Incident Response. In 2017, numerous security breaches have come to light with some of the largest companies falling prey to cyberattacks – TNT Express, BUPA, Equifax, Deloitte, Three, Sports Direct, NHS and the list goes on. The impact of the security incidents has been materially significant. The recent NotPetya attack has cost big companies millions of dollars in lost revenue. These companies have at their disposal a fair amount of resources, capital, people and capabilities. So, why can’t organizations get it right when mitigating the effects of security breaches? Read more.
DHS: Plans to Step Up Cyber Agreements with Private Companies. The Department of Homeland Security is looking to step up its engagement with private sector entities in the wake of the May 2017 WannaCry attack. During a Dec. 19 briefing attributing the attacks to North Korea, Jeanette Manfra, assistant secretary for the office of cybersecurity and communications at DHS, signaled that the department was ready to enter a new phase of cybersecurity cooperation with companies that provide essential services to the U.S. economy. Find out more
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems November 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-november-2017.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.