CYBERSECURITY: Finalizing Cyber Incident Response Might Be Easier Than Deciding When to Use It. One of the provisions of Presidential Policy Directive 41 is updating the interim National Cyber Incident Response Plan drafted in 2010. The revised plan is on target to be completed by the end of the year, but one question it cannot clearly address is the circumstances under which it should be put into action. Read more
PHISHING: 4 Strategies for Foiling Phishing Attacks. Organizations can throw more technology at the problem but some phishing emails will still evade the filters. Despite repeated warnings, employees continue to open email attachments or click on links from unfamiliar sources. Here are four strategies for securing organizations against phishing attacks. Find out more
HEALTH IT SECURITY: HIMSS Praises DHS National Cybersecurity Response Plan. The recent National Cyber Incident Response Plan from the Department of Homeland Security is a critical step forward, but could be strengthened in a few areas. Understanding the dimensions of potential cyber threats and providing better clarification on what equates a significant cyber incident are two suggestions the Healthcare Information Management Systems Society (HIMSS) provided to the Department of Homeland Security (DHS) on its recent cybersecurity response plan. Find out more
DHS: Races to Get Obama’s Signature on Cyber Response Plan. The Homeland Security Department wants to make sure an updated plan for how the government responds to major cyberattacks is set in stone before President Barack Obama leaves office. “The alternative is leaving the country with a 6-year-old interim plan while a new presidential administration settles in and forcing final approval of the new plan to battle for attention with hundreds of other priorities facing a new administration,” said Bridgette Walsh, a cyber branch chief with DHS’ National Protection and Programs Directorate. Read the rest
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems October 2016 http://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-october-2016.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.