RISK MANAGEMENT: Eight Myths Not to Believe About Penetration Testing. Penetration testing – the process of trying to break into one’s own system to find vulnerabilities before cybercriminals do – is an integral part of information security. The data gleaned from these evaluations can help companies remediate flaws in their security infrastructure before fraudsters have a chance to expose them. Penetration testing is critical for organizations across all verticals, especially those that are subject to data privacy laws and regulations. Before investing in the personnel and resources required to conduct penetration tests, however, it is important to dispel several myths about the practice. Read more
PEN TESTING: How Far Should You Let White Hat Hackers Go? Penetration tests can reveal holes in an organization’s security. But framing the scope of a penetration test can be challenging, and good results don’t necessarily mean 100 percent security, says attorney Kay Lam-MacLeod. Read the rest
DESTRUCTION OF SERVICE: How Ransomware Attacks Have Changed. New ransomware variants have introduced another threat to enterprises. Rob Shapland explains what destruction of service attacks are and how organizations should prepare for them. Find out more
EMAIL: Why Everyone Still Falls for Fake Emails. What do nuclear submarines, top secret military bases and private businesses have in common? They are all vulnerable to a simple slice of cheddar. This was the clear result of a “pen testing” exercise, otherwise known as penetration testing, at the annual Cyber Security Summer School in Tallinn, Estonia, in July. Read more
NOW ON SLIDESHARE: Tech Update Summary from Blue Mountain Data Systems July 2017 https://www.slideshare.net/BMDS3416/tech-update-summary-from-blue-mountain-data-systems-july-2017.
IT SECURITY SUPPORT: Blue Mountain Data Systems is actively involved in implementing FISMA and NIST standards with Federal Civilian Agencies. Due to our extensive experience in this area, Blue Mountain has developed processes and organizational techniques to help ensure security deliverables are completed on time, and performed in the most efficient manner possible. We ensure that NIST-800-53 control requirements are treated consistently during definition, analysis, implementation, auditing, and reporting phases of a system. Find out more about Blue Mountain Data Systems IT Security Support Services. Call us at 703-502-3416.
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.