CYBERSECURITY: More Detail on Why DHS Banned Kaspersky. A pair of filings in the Kaspersky Labs’ ongoing legal battle with the U.S. government fills in some blanks regarding justification for the governmentwide ban on the company’s products. Read more
FEDERAL NETWORKS: Agencies Faced 14 Percent More Cyber Incidents Last year, but Security is Improving. Sen. Heidi Heitkamp (D-N.D.) wants the Homeland Security Department to be a center of excellence (CoE) for cybersecurity for the entire country. She told Chris Krebs, during his confirmation hearing to be the Under Secretary of Homeland Security last week, that DHS should be the lead on all things cyber that impact the nation’s defense and national security. If confirmed, Krebs will be the head of the National Protection and Programs Directorate. Read more
SECURE NETWORKS: National Cyber Strategy Coming Soon From White House. An updated national strategy that will guide how the Trump administration handles cyber defense and threats is being debated at the White House and “should be forthcoming in the near future,” a Pentagon official told lawmakers Wednesday. That strategy, in turn, will inform a Defense Department cyber posture document that will likely come out in August, Assistant Secretary of Defense Kenneth Rapuano said. Rapuano attributed the document’s delay to “evolving dynamics,” “a relatively new administration” and “competing views.” Read more
NIST: Updates Cybersecurity Framework to Tackle Supply Chain Threats, Vulnerability Disclosure and More. Four years after the initial iteration was released, the National Institute of Standards and Technology (NIST) has released version 1.1 of the Framework for Improving Critical Infrastructure Cybersecurity. The framework was developed to be a voluntary, risk-based framework to improve cybersecurity for critical infrastructure in the United States. It’s the result of a President Obama-issued executive order calling for the development of a set of standards, guidelines and practices to help organizations charged with providing the nation’s financial, energy, health care and other critical systems better protect their information and physical assets from cyberattack. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems April 2018 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-april-2018.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.