ENTERPRISE IMPERATIVE: Five Tips for Improving Incident Response. While there’s no silver bullet for incident response, Christopher Scott, global remediation lead for IBM’s X-Force Incident Response and Intelligence Services (IRIS) team, argues that the right processes and people make all the difference. Ultimately, that’s what executives are looking for: ways to bridge the gap between existing response efforts and best-of-breed solutions. Here’s what Scott names as the five key tips for improving enterprise incident response. Read more
TUTORIAL: Incident Response: A Quick Way To Gather Lots of Files. Using PowerShell, finding infected files can take just a few minutes to complete. Read more
OPINION: The New DHS Breach Illustrates What’s Wrong with Today’s Cybersecurity Practices. This month, the Department of Homeland Security notified affected employees about a 2014 breach of 247,167 employee records. There are many interesting details in the department’s disclosure, including the fact that there was six-month privacy investigation between the discovery of the breach and the notification, and the fact that the records were uncovered during a criminal investigation. DHS even revealed that the records were found in the possession of a former DHS Office of Inspector General employee. But the part that jumped out the most was how explicit DHS was about characterizing this as a “privacy incident.” In its public statement, the department made no mention of the incident as an insider threat issue, despite the records being found in the possession of a former employee. Read more.
FERC: Proposes Cybersecurity Incident Reporting Rule. On December 21, 2017 the Federal Energy Regulatory Commission (FERC) proposed a rule to direct the North American Electric Reliability Corporation (NERC) to clarify and expand the scope of cyber incident reporting. The rule envisions that the NERC will require reporting of cyber incidents when there is a compromise of or even an attempt to compromise certain network infrastructure. If the rule is finalized, cyber incidents would have to be reported to both the Electricity Information Sharing and Analysis Center (E-ISAC), which is required under the current standard, and the Industrial Control Systems Cyber Emergency Response Team (ICS-CERT), which is an office within the Department of Homeland Security (DHS). Read more.
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems December 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-december-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.