DHS: New National Cyber Incident Response Plan. DHS recently released the refreshed National Cyber Incident Response Plan (NCIRP). Since the last version of the NCIRP was released in 2010, the nation has increasingly faced more complex cyber incidents. Every day, incidents across the United States necessitate that jurisdictions and organizations work together to share resources, integrate tactics and take actions to meet the needs of communities before, during, and after cyber incidents. The NCIRP provides a consistent and common approach and vocabulary to enable the whole community to work together to manage cyber incidents seamlessly. Find out more
SECURITY: Maturing Incident Response Through a Knowledge-based Approach. What’s missing from the current discussion around incident response is the acknowledgment that security professionals still have to make decisions based on incomplete information. This is not due to a lack of data. On the contrary, there is so much data created in a typical enterprise that there are no simple ways to make sense of the mountains of it. Find out more
READ: Detect, Protect and Survive. Incident response has become one of those areas of cybersecurity that people think they could do better, but how often do they test it and how well could they actually act in the event of an incident occurring? According to the Global Information Security Survey, released this week by EY, which used responses from 1735 C-suite leaders and IT executives and managers, 57% of respondents rate business continuity and disaster recovery as a high priority, 42% do not have an agreed communications strategy or plan in place in the event of a significant attack and 39% are planning to invest more in it in the coming year. Find out more
CLOUD PLATFORM: Breach Analytics Platform Speeds Up Incident Response. Some experts say that data breaches are now a matter of when rather than if. Being able to respond quickly is therefore vital for companies to minimize damage and disruption. Cybersecurity solutions and breach analytics cloud platform Eastwind Networks is launching an enhanced Breach Analytics Cloud platform to provide complete visibility across the entire attack surface. Find out more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems February 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-february-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.