Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Tech Update Summary from Blue Mountain Data Systems December 2015

3,380 views

Published on

For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

Published in: Software
  • Login to see the comments

  • Be the first to like this

Tech Update Summary from Blue Mountain Data Systems December 2015

  1. 1. Tech Update Summary December 2015 Blue Mountain Data Systems
  2. 2. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  3. 3. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for December 2015. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  4. 4. Databases
  5. 5. Databases & Storage SCALABILITY: . In a new research report, Gartner advises clients to consider the “avant-garde” of new relational databases from vendors like MemSQL, NuoDB, and VoltDB when projects call for large amounts of scalability and elasticity on industry-standard hardware, while retaining the precepts of relational tables and SQL. Read moreScale, Flexibility Place New Demands on Databases [ENTERPRISETECH.COM] BIG DATA: Success Stories Beyond Hadoop. John Schroeder, co-founder and CEO of MapR, is one of the big names of the Big Data revolution and a key provider and enabler of many of its biggest success stories. In a recent interview, Schroeder talks about the big data industry, their business, the most interesting use cases and his views on the future. Read more [FORBES.COM]
  6. 6. Databases & Storage DOCUMENT DATABASES: Making NoSQL Scale Better On Hadoop. Document databases are an integral part of the application stack, but they often have scalability issues and they tend to end up off to the side of the Hadoop systems that are increasingly being used as a the repository of record for all kinds of data. Ideally, customers want an analytics system that can store data in various formats, all on the same Hadoop cluster and all with the same underlying scalability of Hadoop. Read more [NEXTPLATFORM.COM] ENTERPRISE APPS: What are Oracle and SAP’s Vision of the Future of Enterprise Apps? Despite considerable headwinds, Oracle and SAP have their own strategies for the future of applications. Here’s how the two giants are approaching enterprise apps. Read more [ZDNET.COM]
  7. 7. Databases & Storage MongoDB: Over 680TB of Data Exposed in MongoDB Databases. There are at least 35,000 publicly accessible and insecure MongoDB databases on the Internet, and their number appears to be growing. Combined they expose 684.8 terabytes of data to potential theft. This is the result of a scan performed over the past few days by John Matherly, the creator of the Shodan search engine for Internet- connected devices. Read more [COMPUTERWORLD.COM] EXCEL 2016: Meet Excel 2016: 9 of Its Best New Features, from Databases to Handwriting Tools. The database enhancements alone – which include merging some of the previous Add-On programs such as Power Pivot and Power Query— more than justify the upgrade. You’ll find options for Power Queries; Data Models; Reports; Pivot Tables; One-Click Forecasting; and some new, one-button workbook sharing through Power BI for creating and using interactive reports and dashboards. Read more [PCWORLD.COM]
  8. 8. Databases & Storage SHAREPOINT: Avoiding Ginormous Transaction Logs with SharePoint Databases. Find out how organizations avoid extremely large transaction log (.ldf) files. Read more [COMPUTERWORLD.COM] GRAPH DATABASES: Graph Databases Enable New Data-Driven Applications. Popular consumer web properties such as LinkedIn, Facebook, and Google all use proprietary versions of graph technology. They pioneered its use to help continuously deliver relevant information through easy-to-use interfaces, while continuing to astound and amaze with new features and functionality at a rate unmatched by traditional enterprise-class applications. So it comes as no surprise to see the increased use of graphs in a new generation of enterprise data-driven applications. Read more [DATA-INFORMED.COM]
  9. 9. BYOD
  10. 10. BYOD FIRSTNET: FirstNet to Support Personal Devices Through BYOD Policy That Complements Network. The nationwide public safety broadband network, or NPSBN, will support personal devices once it is operational, said the First Responder Network Authority, or FirstNet, the group tasked with standing up the new communications network. Read more [FIERCEGOVERNMENTIT.COM] FOR THE CIO: Maximize Productivity While Maintaining Security. Surveys of thousands of BYOD users across the world have shown an average productivity boost of one hour per week for employees. However, many of the positive stories about BYOD are found only in the marketing of vendors selling a BYOD product or solution. Often these stories are in the form of customer case studies or “dogfood” stories where the vendor has embraced and benefited from its own BYOD solution. Read more [ITBUSINESSEDGE.COM]
  11. 11. BYOD SURVEY: Half of U.S. Businesses Have No Formal BYOD Policy for Security. Years after the widespread adoption of workplace smartphones, more than half of U.S. companies said they have no formal BYOD (bring your own device) policy to safeguard their enterprises, according to a survey. Read more [COMPUTERWORLD.COM] CSO: Is It Time to Re-evaluate Your BYOD Policy? The rise in BYOD has left businesses struggling to manage the growing number of access points across their systems. A recent study conducted by Bitglass found that 57 percent of employees and 38 percent of IT professionals don’t participate in their company’s BYOD program due to privacy concerns, that corporate leadership would have too much visibility into the end user’s personal data. Read more [CSOONLINE.COM]
  12. 12. Open Source CIOs: What Does the Trend Toward Open Source Mean for CIOs? CIOs are wise to evaluate how open source products might help them. One advantage is greater transparency not only of the source code itself, but also of all the design deliberations, etc. That’s a significant contrast to the secretive processes often used by proprietary vendors. Read more [CIODIVE.COM] SECURITY: The Insecurity of Platforms and How Open Source Overcomes. No platform is immune. But how does Linux and open source manage to overcome issues like Linux.encoder.1 with such efficiency? Read more [TECHREPUBLIC.COM]
  13. 13. Open Source CONTINUOUS INTEGRATION: Git, Docker, and Continuous Integration for TeX Documents. The power of Git, Docker, and continuous integration (CI) can be leveraged to make TeX document compilation easy while keeping track of different variants and versions. On the top of these technologies, a flexible workflow can be developed to reflect successive changes in TeX documents in each PDF. Here’s the tutorial. Read more [OPENSOURCE.COM] MICROSOFT: Microsoft to Open Source A Key Piece of Its Web Browser. Microsoft will publish the source code for Chakra, the part of the Edge browser responsible for running JavaScript code, next month on the code sharing and collaboration site GitHub. The company will accept code contributions from developers outside of Microsoft. Read more [WIRED.COM]
  14. 14. Security Patches
  15. 15. Security Patches MICROSOFT: Issues a Flood of Security Fixes in Time for the Holidays. This week the software giant released an even dozen security updates. The company deemed eight of those “critical,” meaning that IT staffs are supposed to apply them immediately. All-in-all, the fixes addressed 71 issues – and that means a tough day (or two) at the office for Windows administrators. Read more [FORTUNE.COM] ADOBE: Final Patch Update This Year: 78 Bugs Squashed. Adobe has issued the company’s last 2015 security update which patches a total of 78 CVE vulnerabilities in Flash Player, seven of which are deemed high-risk. The software giant has recently renamed its Flash Professional product to Animate, no doubt to distance the product from the bug-riddled and somewhat untrustworthy Flash Player, but a simple renaming of the product family, unfortunately, does not erase security flaws. Read more [ZDNET.COM]
  16. 16. Security Patches ANDROID: Google has released a new Android 6.0.1 Marshmallow update that’s currently available for a few Nexus devices. This new update comes with the build number MMB28M and it can be downloaded on the following Nexus devices: Nexus 5, Nexus 6, Nexus 6P, Nexus 5X, Nexus Player, Nexus 7 2013 Wi-Fi & SIM variants, Nexus 9 LTE & Wi-Fi variants. Read more [NEUROGADGET.COM] NODE.js : Security Patches Delayed by OpenSSL Updates. The Node.js Foundation was to have posted patches but wants to release them with the OpenSSL upgrades included. Read more [INFOWORLD.COM]
  17. 17. Application Development
  18. 18. Application Development AGILE: Comes with Pressure and Pain. Agile development often takes federal employees out of their comfort zones, which is precisely why it’s so beneficial, IT leaders say. During a panel discussion sponsored by the Association for Federal Information Resources Management, Environmental Protection Agency CTO Greg Godbout said agile’s short delivery cycles require regular meetings and demand accountability. “You know you will see them every two weeks,” he said, and “the group will ask, ‘Who didn’t deliver?'” Read more [FCW.COM]
  19. 19. Application Development MOBILE APPS: Microsoft’s PowerApps Aim To Disrupt Enterprise Mobile App Development Market. Microsoft launched a new enterprise service called PowerApps that empowers users (employees of businesses) to create mobile apps (they need), connect to existing business systems in a secure way and easily share newly developed apps with coworkers. This is significant considering that over 2.1 billion mobile units will be sold by 2019 and that enterprise mobile apps market is expected to grow with more companies and users relying on enterprise apps for productivity. Learn how this service will disrupt the enterprise mobile app development industry and add to Microsoft’s revenues. Read more [FORBES.COM] PYTHON: Scales New Heights in Language Popularity. Python is increasingly in use as a first language in high school and universities, propelling it to its highest spot ever on the Tiobe index as well as a high ranking on the PyPL index. Read more [INFOWORLD.COM]
  20. 20. Application Development RED HAT SURVEY: Ninety Percent of Respondents to Red Hat Survey Plan to Increase Mobile App Development Investments in 2016. Red Hat, Inc., the world’s leading provider of open source solutions, today announced results from a recent mobile maturity survey, which revealed that 90 percent of respondents anticipate increasing investment in mobile application development within the next 12 months. The 2015 Red Hat mobile maturity survey also finds that these same respondents predict their organization’s investment for mobile application development increasing at an average growth rate of 24 percent during the same period. Read more [SDTIMES.COM]
  21. 21. Penetration Testing
  22. 22. Penetration Testing DHS: Giving Firms Free Penetration Tests. The U.S. Department of Homeland Security (DHS) has been quietly launching stealthy cyber attacks against a range of private U.S. companies — mostly banks and energy firms. These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are part of a little-known program at DHS designed to help “critical infrastructure” companies shore up their computer and network defenses against real-world adversaries. And it’s all free of charge (well, on the U.S. taxpayer’s dime). Read more [KREBSONSECURITY.COM]
  23. 23. Penetration Testing ATTACK SIMULATION: Startup Offers Free Cyberattack Simulation Service. First came penetration testing, then the tabletop exercise, and now attack simulation — the relatively nascent practice of war-gaming attacks on your network to gauge how prepared (or not) you are, and where your weaknesses reside. Unlike pen-testing, attack simulation doesn’t run exploit code. It’s more about simulating the way attackers do their dirty work, from composing a phishing email and infecting a machine to the path the take to access and then pilfer credit-card data out of company. Attack simulation startup vThreat announced free access to its software-as-a-service based applications. The concept of simulating and providing a detailed postmortem of how an attacker could hack you is capturing some venture capital interest. Read more [DARKREADING.COM]
  24. 24. Penetration Testing SECURITY THINK TANK: Pen Testing Must Be Followed by Action. How can an organization ensure they get value from penetration and security testing services? What role can penetration and security testing play in improving the security of an organization? If the testing is comprehensive, carried out regularly and any issues found quickly corrected then the overall picture of an organization’s security is greatly improved, although it must be said that testing is not sufficient on its own. Read more [COMPUTERWEEKLY.COM] AGENCIES: As hackers and other malicious actors become more sophisticated and agile in their attacks, federal agencies need to be proactive about cybersecurity. “Don’t wait to be hunted,” Linus Barloon, IT security branch manager for the U.S. Senate Office of the Sergeant at Arms, told attendees at the Public Sector Cybersecurity Summit hosted by Raytheon | Websense on Dec. 1. “Start hunting,” he said. Read more [FEDERALTIMES.COM]
  25. 25. Big Data
  26. 26. Big Data INSURANCE: How Big Data Is Changing Insurance Forever. Big Data is a buzzword which refers to the ever increasing amount of digital information being generated and stored, and the advanced analytics procedures which are being developed to help make sense of this data. Some of the more recent developments in the insurance industry have become available thanks to our increasing ability to record, store and analyze data. Read more [FORBES.COM] IoT: 14 Ways IoT Will Change Big Data And Business Forever. The Internet of Things (IoT) has gained momentum. Sensors are now small and cheap enough to embed in all kinds of devices, and more companies are leveraging the vast data generated. Here are some key drivers your company needs to remember as you jump into IoT. Read more [INFORMATIONWEEK.COM]
  27. 27. Big Data CIO: Proving the Business Value of Big Data. Just organizations are getting more precise in their decision making through analytics, they must now get more precise in measuring ROI from big data investments. Here are four things you can do to forge stronger connections between analytics and business outcomes. Read more [CIO.COM] GAO: Facing a Big Data Gap, GAO Kicks Off Agencywide Effort. The Government Accountability Office is closing some of its biggest gaps in how it uses data to make decisions. Comptroller General Gene Dodaro is asking the agency to develop a long- term road map to expand and improve its use of big data. Howard Williams, the GAO’s chief information officer, said the audit agency is “lagging a little bit” when it comes to taking full advantage of big data tools and analyses. Read more [FEDERALNEWSRADIO.COM]
  28. 28. Big Data CUSTOMER SERVICE: What Big Data Can Do For Your Contact Center. Almost two- third of contact center operations depends on voice services. But the future of contact centers is no more limited to just voice calls. A recent survey suggests that in the next couple of years, a larger number of users will choose digital interactions over voice-based interactions for connecting with contact centers. Read more [INSIDEBIGDATA.COM] ANALYTICS: Fighting Evil AI, IBM Opens Watson IoT HQ: Big Data Roundup. Elon Musk invests in AI to benefit humanity. Microsoft is acquiring SQL queries for all data by all users. IBM is connecting Watson with IoT via APIs. Read more [INFORMATIONWEEK.COM]
  29. 29. Big Data QUALITY CONTROL: Big Data’s Billion-Dollar Quality Problem: 3 Tips for Sidestepping It. The costs of working with dirty data are staggering. Save money and time by following these tips on how to improve the quality of your company data. Read more [TECHREPUBLIC.COM] 2016: 6 Predictions For Big Data Analytics And Cognitive Computing In 2016. The larger market for business analytics software and business intelligence solutions which now includes the new disciplines of data science and cognitive computing, is at least 5 times bigger. But a much larger market, which may indeed approach a trillion dollar sometime in the not-distance future, includes the revenues companies in any industry will generate from “monetizing” their data and algorithms. Read more [FORBES.COM]
  30. 30. Project Management
  31. 31. Project Management MICROSOFT: Offers Preview of New Planner Project Management Tool. Microsoft released its project management tool, Office 365 Planner, as a preview to Office 365 First Release customers. With Planner, users can create new plans, organize tasks, assign team members to those tasks, share files and chat about workflow. Planner also offers updates on progress as people work through tasks. Workers can use the platform in many ways, including event planning, customer visits, product brainstorming and more. Read more [FIERCECIO.COM] THE CLOUD: Project Management & Cloud Computing: Your Strategic Weapon for Success. We are therefore not far away from that day when IT professionals will solely depend on cloud for improved productivity and ROI. And it is not just IT professionals. Project managers have already started leveraging the benefits of a cloud-based efficiency upgrade. Read more [SMARTDATACOLLECTIVE.COM]
  32. 32. Project Management REMOTE: Does Remote Project Management Really work? Remote project management may be a great alternative to traditional project management for most organizations, project managers and team members, but is it realistic? There are tangible advantages here, but this is not for the faint-hearted. Read more [CIO.COM] AGILE: How Project Managers Can be a Positive Agent for Agile. How does agile impact the role of project managers? Is there still a need for project managers when organizations transition to agile? How can you deal with project managers who are oppose to agile? How can project managers be a positive agent for change? Read more [INFOQ.COM]
  33. 33. Search Engines & Technology
  34. 34. Search Engines & Technology ELASTICSEARCH: Elasticsearch Servers Targeted by Linux-Based Botnet Operators. A honeypot experiment ran by AlientVault has shown that the recent security vulnerabilities discovered in Elasticsearch servers over the summer are now actively being used by botnet operators. Read more [NEWS.SOFTPEDIA.COM] SEO: Is Google’s Search Market Share Actually Dropping? In a followup to his 2014 survey, contributor Eli Schwartz shares his data on search engine market share and looks at how it’s changing over time. Read more [SEARCHENGINELAND.COM]
  35. 35. Search Engines & Technology ARTIFICIAL INTELLIGENCE: Google’s Tough Search — A Quantum Leap in Computing Power. A computer that’s millions of times faster than the most powerful machine available today could improve everything from climate and disease research to understanding the contents of every YouTube video. That’s the promise of another ambitious, long-term Google project that the Internet giant opened up about this week. Like other so-called moonshots, this one could take a decade or more to produce anything of tangible value, according to experts in the field. But Google is hopeful. Read more [BLOGS.WSJ.COM]
  36. 36. Search Engines & Technology BIG DATA SEARCH: 9 Useful Open Source Big Data Tools. Hadoop is not the end-all, be-all of Big Data. There are lots of other Big Data platforms and tools, many of which are open source. Apache Solr is designed to be highly reliable, scalable and fault tolerant, providing distributed indexing, replication and load-balanced querying, automated failover and recovery, centralized configuration and other features. Read more [ENTERPRISEAPPSTODAY.COM]
  37. 37. For the CTO, CIO & CISO
  38. 38. For the CTO, CIO & CISO CTO ADVICE: Stretch, Tackle and Question: One CTO’s Career Advice. Dr. Darlene Solomon, CTO of Agilent, discusses taking risks, finding work that you enjoy, collaboration and compassion. Read more [COMPUTERWORLD.COM] CIO: 5 Reasons 2016 Will Be the Year of the ‘New IT’. Digital transformation is rewriting the rules of IT, and CIOs need to revamp their approaches if they want their companies to survive and thrive. Here are five predictions for what 2016 will bring under the ‘new IT.’ Read more [CIO.COM]
  39. 39. For the CTO, CIO & CISO CISO: The Ripple Effect of the CISO in the C-Suite. War games aren’t just for movies. In fact, they have a place in every business, up through the C-suite. When our experts from IBM Emergency Response Services (ERS) reported on the top developments they’d seen in 2015 engagements in the recent IBM X-Force Threat Intelligence Quarterly, the rise in prominence of the CISO role and the prevalence of security concerns in the boardroom was one of the biggest trends for the year. Read more [SECURITYINTELLIGENCE.COM] INTERVIEW: Rackspace CTO John Engates On Why Hybrid Cloud Matters. As businesses opt for a combination of public and private cloud applications, chief technology officer John Engates says Rackspace’s aim is to remove complexity and make it easier for customers to deploy cloud technology. Read more COMPUTERWEEKLY.COM]
  40. 40. For the CTO, CIO & CISO SECURITY: How the Internet of Things Got Hacked. There was once a time when people distinguished between cyberspace, the digital world of computers and hackers, and the flesh-and-blood reality known as meatspace. Anyone overwhelmed by the hackable perils of cyberspace could unplug and retreat to the reliable, analog world of physical objects. But today, cheap, radio-connected computers have invaded meatspace. They’re now embedded in everything from our toys to our cars to our bodies. And this year has made clearer than ever before that this Internet of Things introduces all the vulnerabilities of the digital world into our real world. Read more [WIRED.COM]
  41. 41. For the CTO, CIO & CISO HACKS: The Most Innovative and Damaging Hacks of 2015. Not a week went by in 2015 without a major data breach, significant attack campaign, or serious vulnerability report. Many of the incidents were the result of disabled security controls, implementation errors, or other basic security mistakes, highlighting how far organizations have to go in nailing down IT security basics. The year’s most significant attacks highlight how hackers are changing tactics — and how security must evolve in the year ahead. Read more [PCWORLD.COM] JUNIPER HACK: Researchers Say The Juniper Hack Could Be The Work Of Government— But Which One? As researchers uncover more about two vulnerabilities recently patched in some Juniper Networks firewalls, the security community continues to speculate about who inserted what Juniper called “unauthorized code” into the company’s firewall operating system ScreenOS. Security experts suggested that one of the security holes in particular, which Juniper warns could allow eavesdroppers to decrypt VPN traffic to some of its NetScreen firewalls, could be the work of the National Security Agency or another spy agency overseas. Read more [FASTCOMPANY.COM]
  42. 42. For the CTO, CIO & CISO PREDICTIONS: Federal Tech Predictions for 2016. From DevOps to cloud computing, the speed at which the technology sphere is currently evolving is only going to increase in the coming year. It is important for agencies to accept this and welcome it into their daily work. That’s according to Joel Dolisy, chief information officer and chief technology officer for technology company SolarWinds. Dolisy’s advice for federal agencies navigating the IT space in 2016? Embrace the change. Read more [NEXTGOV.COM]
  43. 43. For the CTO, CIO & CISO STATE CIOs: Push Accessibility and User Experience Standards. Nearly one in five citizens need some kind of accommodation when accessing digital government services – and ensuring that every citizen has equal access to those services is the focus behind a new guidelines initiative of the National Association of State CIOs (NASCIO) calling for increased understanding and use of accessibility standards. Read more [GOVTECHWORKS.COM] CTOs: The Lasting Power Of Incremental Innovation. Guy Duncan, Chief Technology Officer at PayU, discusses the importance of innovation that isn’t just a “big bang,” but “fuel that powers the future.” Read more [PYMNTS.COM]
  44. 44. For the CTO, CIO & CISO CISOs: Déjà vu for the CISO. Rising chief information security officers, like CIOs before them, need to start thinking like business people. Read more [FEDSCOOP.COM] FEDERAL CISOs: The US Government Wants In On the Public Cloud, but Needs More Transparency. The U.S. federal government is trying to move more into the cloud, but service providers’ lack of transparency is harming adoption, according to Arlette Hart, the FBI’s chief information security officer. Read more [CIO.COM]
  45. 45. Incident Response
  46. 46. Incident Response INTERVIEW: How to Structure Cyber Incident Response. At a recent cyber war game simulation, executives across various corporate functions worked through a major cyber security breach at a fictitious company. The simulation underscored the need to continually review cyber incident response plans and command structures to ensure organizations can handle cyber incidents and return to normal operations as quickly as possible, say war game participants Deborah Golden, a Deloitte & Touche LLP principal and Deloitte Advisory’s Federal Cyber leader, and retired U.S. Navy Captain John Gelinne, a Deloitte Advisory director with Deloitte & Touche LLP. In a post-simulation interview, Golden and Gelinne discuss how federal agencies can look to military readiness planning to structure cyber incident responses to mitigate risk and protect mission-critical assets. Read more [DELOITTE.WSJ.COM]
  47. 47. Incident Response PRIVATE SECTOR: Cyber Security Demands Early Detection and Rapid Response. Attackers are more sophisticated and striking a broader set of companies. Like the construction company that suddenly discovered more than $4 million in payroll for its 1,000 employees had been covertly transferred to who knows where. Or the CEO of a big tech firm who awoke one day to discover that all the company’s computer hard drives had been solidly encrypted and an anonymous hacker was offering to sell him the key to unfreeze them for thousands of dollars. And the biotech conglomerate that learned – via a call from the FBI – that a criminal cyber sleuth had accessed its network for more than six months looking for regulatory documents that could tip off Wall Street traders about the status of its developing drugs. Read more [BOSTONGLOBE.COM]
  48. 48. Incident Response STRATEGY: If You Haven’t Begun Cybersecurity Incident Response Planning, is it Already Too Late? The question is no longer whether we will be breached but when we will be breached. Cybersecurity is a C-suite and board-level issue requiring a comprehensive risk management strategy, intelligent investment and integration across the organization. Read more [DAILY.FINANCIALEXECUTIVES.ORG] SECURITY: When APIs and DevOps Meet Cybersecurity. Center of gravity will flow to middleware and cybersecurity process expertise as software integration proliferates in the enterprise cybersecurity market. Read more [NETWORKWORLD.COM]
  49. 49. Programming & Scripting Development Client & Server-Side
  50. 50. Programming & Scripting Development Client & Server-Side PHP: PHP 7.0 Boosts Speed and Security: What You Need to Know. The release of PHP 7.0 and Zend Engine 3 bring a wide variety of speed improvements and modernization to the popular server-side scripting language. Here’s what you need to know. Read more [TECHREPUBLIC.COM] JAVA: The Missing Features. A look at some of the “missing features” of Java, as well as the work, if any, to remediate those. Read more [INFOQ.COM]
  51. 51. Programming & Scripting Development Client & Server-Side ANGULAR: Upgrading Apps to Angular 2 Using ngUpgrade. Earlier this year the Angular team made an official announcement in which they talk about upgrade strategies. First implementations of ngUpgrade have now landed in the code base. Find out what you can do to prepare for an upgrade, and how to use ngUpgrade to upgrade an application to Angular 2. Read more [BLOG.THOUGHTRAM.IO]
  52. 52. Programming & Scripting Development Client & Server-Side WORDPRESS: WordPress.com Gets a New Face and Joins the JavaScript Age. In late November, the popular blogging site WordPress.com unveiled a new admin interface for managing blogs, posting content, and reading other people’s sites. If you’re a regular user, you’ll notice a new look and feel. If you’re a code geek, you’ll notice something more remarkable below the surface: JavaScript instead of PHP. If you run the open source version of WordPress on your own server, you can activate the new interface on your own site through the plugin Jetpack. Automattic, the company behind WordPress.com – the commercial version of WordPress – also released a WordPress application for Macintosh OS X. And it made available the code that powers the new interface as open source software for everyone. Read more [WIRED.COM]
  53. 53. Programming & Scripting Development Client & Server-Side SWIFT & IBM: IBM’s Swift Sandbox Lets Coders Try Apple’s Programming Language Easily. IBM announced its free, browser-based Swift Sandbox, which lets developers write in Apple’s programming language and execute their code in a server environment — on top of Linux. Read more [INFORMATIONWEEK.COM] MICROSOFT: Treads on Node.js’s Turf with Chakra JavaScript Engine. Microsoft’s plan to open-source its Chakra JavaScript engine has far-reaching implications. Most of all, it shows that Microsoft wants to become a player in the JavaScript ecosystem that has ambitions to be a near-universal runtime for every kind of software. Read more [INFOWORLD.COM]
  54. 54. Programming & Scripting Development Client & Server-Side TYPESCRIPT: Version 1.7 is Here with Async/Await as Default for ES6. A new version of TypeScript has been unveiled with long awaited support for async functions for ECMAScript 6 (ES6). Future support plans are already in place for ES3 and ES5, too. TypeScript 1.7 also includes polymorphic this typing plus some breaking changes. Read more [JAXENTER.COM] SPRING BOOT 1.3: Version 1.3 Released Featuring DevTools and ASCII Art. Spring custodian Pivotal has released Spring Boot 1.3, which adds hot reload support of Java classes/Spring configuration (using a new spring-boot-devtools module), cache auto-configuration (for EhCache, Hazelcast, Infinispan, JCache, Redis and Guava), and fully executable archives for Linux/Unix. The release has extensive release notes detailing all of the changes. Read more [INFOQ.COM]
  55. 55. Programming & Scripting Development Client & Server-Side C#: How to Use the Facade Design Pattern in C#. Take advantage of the facade design pattern to provide a simplified interface to a set of sub systems and hence reduce the dependencies and complexities in your designs. Read more [INFOWORLD.COM] CISCO: Bitten by Java Deserialisation Bug, Working on Patch. November’s high- profile Java deserialisation bug has bitten Cisco, with the company announcing vulnerabilities across the board in its huge product line. The problem is so pervasive that it reaches into the most trivial activities of the sysadmin, such as serial number assessment services. Read more [THEREGISTER.CO.UK]
  56. 56. Programming & Scripting Development Client & Server-Side SWIFT: Why Non-Apple Developers Should Care About Swift. Now open source with Linux support, Swift has a great deal to offer cross-platform and server-side developers. Read more [INFOWORLD.COM] JAVASCRIPT: Red Hat Pursues Java-Node.js Connection. Red Hat envisions a world in which the two environments co-exist, and the company wants to drive the integration. Read more [INFOWORLD.COM]
  57. 57. Programming & Scripting Development Client & Server-Side THREATS: The Programming Languages That Spawn The Most Software Vulnerabilities. PHP, ASP Web scripting languages breed more vulnerabilities than Java, .NET programming platforms, Veracode’s new state of software security report says. Read more [DARKREADING.COM] SWIFT: After One Week as Open Source, Swift Is the Most Popular Programming Language on Github. According to statistics provided by GitHub, in terms of “stars,” the equivalent of a Facebook like or Twitter fave (heart), Swift already has over 21,000 stars, beating Mozilla’s Rust programming language, the former leader of this ranking, which only has 14,400 stars. Read more [MAC.SOFTPEDIA.COM]
  58. 58. Programming & Scripting Development Client & Server-Side JAVASCRIPT: 2015 in Review. JavaScript had a remarkable year. Despite reaching the grand age of twenty in May, news, projects and interest in the language continue to grow exponentially. Can’t think of another technology which moves at a similar pace. It’s becoming increasingly difficult to keep up so hope this summary helps. Read more [SITEPOINT.COM] APIs: Composing APIs with Node-RED and JavaScript. As the Node-RED website says “Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways”. It has been possible to use Node-RED for Internet of Things scenarios on Bluemix for quite some time. With the new Connect and Compose (beta) service you can now also use Node-RED to compose complex APIs via flow editor and JavaScript. Learn how to make APIs with JavaScrips and Node-RED in this tutorial. Read more [DZONE.COM]
  59. 59. Programming & Scripting Development Client & Server-Side ADOBE: Finally Tells Developers to Stop Using Flash. Once the primary means of making animation, browser games and interactive visualisations for the web, Adobe Flash has been ailing for a long time. And now — after almost everyone else recognised the massive security and performance problems with the proprietary tech — its makers Adobe have announced that it will be moving away from the platform. Adobe said that it would now encourage developers to “build with new web standards”, primarily HTML 5. Read more [WIRED.CO.UK] ANGULAR 2: Up Close with Google’s Angular 2 JavaScript Framework. Here’s all you need to know about Angular 2, the exciting new successor to Google’s wildly popular JavaScript framework, AngularJS. Read more [INFOWORLD.COM]
  60. 60. Programming & Scripting Development Client & Server-Side GOOGLE: Confirms Next Android Version Won’t Implement Oracle’s Proprietary Java APIs. Google is replacing its implementation of the Java application programming interfaces (APIs) in Android with OpenJDK, the open source version of Oracle’s Java Development Kit (JDK). The news first came by a “mysterious Android codebase commit” from last month submitted to Hacker News. Google confirmed to VentureBeat that Android N will rely solely on OpenJDK, rather Android’s own implementation of the Java APIs. Read more [VENTUREBEAT.COM] FTC: Ruling Against Oracle Shows Why It’s Time to Dump Java. The FTC says Oracle hasn’t been uninstalling older, insecure versions of Java. It’s time for users to ditch client-side Java altogether. Read more [INFOWORLD.COM]
  61. 61. Cloud Computing
  62. 62. Cloud Computing SURVEY: 7 Insights And Predictions From IDG’s 2015 Enterprise Cloud Computing Survey. Enterprises surveyed are predicting they will invest an average of $2.87M in cloud computing technologies in 2016. 90% of enterprises are relying on APIs in their cloud integration plans for 2016. 25% of total IT budgets will be allocated to cloud computing in 2016. Security continues to be the biggest challenge enterprises face in adopting cloud computing. Read the rest [FORBES.COM] STORAGE: Primary Storage Shifts To The Cloud. Hybrid cloud is popular, but slow WAN connections ultimately make it an interim step towards moving all stored data to public cloud. Many companies are planning a hybrid approach to the cloud where some computing and storage is in a public cloud and the rest, including much of their primary storage, is kept in-house in a private cloud. Hybrid clouds are just a stop-gap measure. The migration of storage — including primary storage — to the public cloud is inevitable. Read more [NETWORKCOMPUTING.COM]
  63. 63. Cloud Computing FEDERAL AGENCIES: How Open Source Can Bring Agencies to the Cloud. Cloud computing has fundamentally changed how the world works, innovates and connects .From businesses and governments to individuals, we are all finding ourselves interacting in new and meaningful ways. Yet, according to IDC, only 6 percent of federal government applications run in the cloud. Read more [FEDERALTIMES.COM] GOOGLE: Google Hires VMware Co-founder Diane Greene as Cloud Chief, Aims for Enterprise Adoption. Diane Greene will oversee all of Google’s cloud businesses, including its Cloud Platform and Apps productivity suite. Greene, who has been on the company’s board of directors for three years, took the position as the technology giant agreed to acquire Bebop, a stealthy startup that she co-founded. In a blog post announcing the news, Google CEO Sundar Pichai called the company’s product “a new development platform that makes it easy to build and maintain enterprise applications.” Read more [COMPUTERWORLD.COM]
  64. 64. Cloud Computing GOOGLE: Upgrades Cloud SQL, Promises Managed MySQL Offerings. Google has announced the beta availability of a new improved Cloud SQL for Google Cloud Platform – and an alpha version of its much anticipated Content Delivery Network offering. Brett Hesterberg, Product Manager for Google’s Cloud Platform, says the second generation of Cloud SQL will aim to give better performance and more ‘scalability per dollar’. In Google’s internal testing, the second generation Cloud SQL proved seven times faster than the first generation and it now scales to 10TB of data, 15,000 IOPS and 104GB of RAM per instance, Hesterberg said. Read more [BUSINESSCLOUDNEWS.COM]
  65. 65. Cloud Computing DOCUMENT MANAGEMENT: Still Dreaming of the Paperless Office? According to AIIM’s latest study, ‘Paper-Free Progress: measuring outcomes’, many companies still have desks piled high with paper. Only 17% of respondents said they work in what can be described as a paper-free office. A staggering 40% still use paper for filing “important stuff”, and 56% are wedded to signatures on paper for contracts and order forms. This is despite around half of organisations (49%) saying they are decreasing paper consumption. Read more [CTOVISION.COM] SECURITY FIXES: Cloud Users Should Prep For a New Wave of Security Fixes. Some cloud providers – thus far IBM SoftLayer and Linode – have alerted customers about hurried-but-planned updates to their cloud infrastructure to come this week. The culprit appears to be another vulnerability to the Xen hypervisor that many cloud providers rely on to pack lots of workloads onto shared computer servers. Read more [FORTUNE.COM]
  66. 66. Cloud Computing CIOs: 3 CIO Insights on Cloud, Security and Mobile. At a recent Government Technology Research Alliance Summit, one of the most discussed topics was the adoption of new technology like cloud computing and mobile applications, and the dire need for the federal government to share and collaborate on security data governmentwide. The consensus seemed to be that without that collaboration, there is no united front, and some agencies are always going to be falling behind. Read more [NEXTGOV.COM]
  67. 67. Encryption
  68. 68. Encryption CYBERSECURITY: Privacy Groups Discuss Encryption with White House. White House officials met Dec. 10 with multiple civil liberties groups behind a petition urging the Obama administration to support strong encryption. Administration officials told representatives from the American Civil Liberties Union, the Center for Democracy and Technology, Human Rights Watch, Access Now and New America’s Open Technology Institute that they planned to issue a formal response over the holidays. Read more [FCW.COM]
  69. 69. Encryption FBI: Renews Warnings on Terror and Encryption, With No Clear Solution in Sight. Lawmakers face dueling security concerns as tech companies warn any backdoor access to encrypted data will pave the way for cyber attacks. In the wake of the Paris and San Bernardino terror attacks, a long-simmering debate over the security risks of terrorists using encryption has come to a boil. Speaking before Congress last week, FBI Director James Comey reiterated warnings that popular encrypted communication apps are making it difficult for law enforcement officials to monitor suspected criminals and terrorists. Read more [FASTCOMPANY.COM]
  70. 70. Encryption SSL: Testing Your SSL Encryption Can Provide Important Security Insights. Since the Heartbleed vulnerability of 2014, more IT managers have been concerned about the integrity of their SSL encryption, TLS services and associated supporting code libraries. And while most SSL technology vendors have patched their servers since then, there are still many ways to take advantage of this encryption protocol that you should be aware of. A new series of free SSL server tests from High-Tech Bridge can help highlight any problems and potentially show you what is going on with how you encrypt your Internet traffic. Read more [SECURITYINTELLIGENCE.COM]
  71. 71. Encryption SECURITY: The Government Really Doesn’t Seem to Like Encryption. Cryptographers, civil libertarians, and privacy advocates have spoken loud and clear about how weakening encryption will make online communications and e- commerce more vulnerable (and make tech companies less competitive economically). But the war against crypto rages on in the wake of terrorist attacks in Paris and San Bernardino. Read more [WIRED.COM]
  72. 72. Business Intelligence
  73. 73. Business Intelligence TRENDS: Ten Top Business Intelligence Trends to Expect in 2016. Business intelligence continues to be one of the fastest-moving areas in the enterprise, and the techniques that organizations are using to drive adoption and get value from their data are multiplying. Those are among the conclusions of a new report from Tableau Software. Read more [INFORMATION-MANAGEMENT.COM] STRATEGY: How to Make Your Business Intelligence More Mobile-Intelligent. We need to move beyond traditional desk-based analytics software to solutions that can intelligently adapt on the fly. Read more [INFORMATION-AGE.COM]
  74. 74. Business Intelligence SaaS TECHNOLOGY: Put the ‘Intelligence’ Back in Business Intelligence. Our ability to disseminate all types of government data has become much more efficient, and one would think local and state institutions would take advantage of this technology for their business intelligence projects. But, unfortunately, many of these organizations are still relying on cumbersome, expensive tools rather than embracing the benefits of cloud-based software-as-a-service (SaaS) tech solutions. Read more [AMERICANCITYANDCOUNTY.COM] MICROSOFT BI: Brings Cortana, Quick Insights to Power BI for Better Business Intelligence. Microsoft’s Convergence conference for business professionals is being held this week in Barcelona, Spain. It has been bringing us a number of business oriented announcements, including a new Office 365 E5 tier, Power Apps, and more. Now today, more news around its business intelligence platform, Power BI. Read more [WINBETA.ORG]
  75. 75. Business Intelligence CLOUD: Is Cloud-powered Business Intelligence Genuinely Useful or Mere Hype? All hail democratised data. Until recently, business intelligence (BI) software was all on- premise and then only for analysts who knew how to code, or those that had the support of data science and IT staff. But with infrastructure quickly shifting to a cloud model, new cloud-powered BI software is appearing that promises to empower everyone and anyone within an organisation to work with data directly, in real-time. Is cloud BI really the democratisation of data, or too good to be true? . Read more [TECHRADAR.COM] DATA ACT: Pressures Mount to Deliver on DATA Act Promises. Pressure is building for federal agencies to not only develop new financial data reporting systems in time to meet a May 2017 deadline, but to also make sure the job gets done right, according to federal IT officials. Read more [FEDSCOOP.COM]
  76. 76. Business Intelligence FUTURE OF THE CLOUD: Moving Up the Value Chain. Cloud technology is becoming ubiquitous in the federal government. For agencies that have already unplugged their traditional data centers and shifted their computing models, that move has brought dramatic value — in well-documented savings of money, time and resources. But what about the future? As cloud technology advances, will the value of being in a cloud environment continue to increase? More important, as budgets shrink and security risks grow, will the cloud provide a way to enhance innovation and tackle increasingly complex technology challenges? Read more [FCW.COM] CORTANA: Taps Power BI, Wikipedia Leans On AI: Big Data Roundup. Updates on some very cool use cases of machine learning, how Wikipedia is leveraging artificial intelligence (AI) to improve its anti-vandalism efforts, Microsoft’s Cortana getting integration with Power BI, and more. Read more [INFORMATIONWEEK.COM]
  77. 77. Federal Government
  78. 78. Federal Government U.S. STATE DEPARTMENT: The U.S. State Department is About to Take Away Your Extra Passport Pages. For frequent travelers, there’s nothing more impressive than a well-stamped passport, with every page filled with multicolored inks, dates and destinations. But if you’re down to your last blank page, you probably want to add “request new visa insert” to your December to-do list. As of January 1, 2016, the U.S. State Department will no longer issue additional passport pages due to its own security concerns. Read more [ROADWARRIORVOICES.COM] CIOs: How to Help Federal CIOs Do More for Accessible Tech. According to Karen S. Evans, national director of the U.S. Cyber Challenge, the Obama administration should seize the opportunity to align regulations currently under review, giving federal CIOs the tools they need to champion accessible technology and the policies that govern it. Read more [FEDERALTIMES.COM]
  79. 79. Federal Government CYBERSECURITY: Asking DHS to Hack Your Systems. The Department of Homeland Security is home to a broad range of cybersecurity missions — including, apparently, network assessments and penetration testing for certain private-sector companies. Brian Krebs, author of the popular Krebs on Security blog, reported on Dec. 1 that DHS’ National Cybersecurity Assessment and Technical Services (NCATS) have been “quietly launching stealthy cyberattacks against a range of private U.S. companies — mostly banks and energy firms. These digital intrusion attempts, commissioned in advance by the private sector targets themselves, are … designed to help ‘critical infrastructure’ companies shore up their computer and network defenses against real-world adversaries.” Read more [GCN.COM]
  80. 80. Federal Government DEPARTMENT OF TREASURY: Seeing Fruits of IT Reforms Ahead of FITARA Implementation. The true gauge of the Treasury Department’s IT reform efforts can’t only be measured by the “D” grade on the report card recently issued by the House Oversight and Government Reform Committee. But the fact is Treasury has spent the better part of the last year preparing for the changes that came with the new Federal IT Acquisition Reform Act (FITARA). Sonny Bhagowalia, Treasury’s chief information officer, said he’s taking an approach that is part governance and part operational improvements. Read more [FEDERALNEWSRADIO.COM]
  81. 81. Federal Government ANALYTICS: Why the Federal Government Tracks Visitors to Dot-Govs. For the past several months, the government has been publicly tracking how many visitors come to certain agency websites, and what devices and Web browsers they use to get there. Analytics.usa.gov, unveiled in March, uses Google Analytics to monitor Web traffic. Earlier this month, the General Services Administration debuted new dashboards showing the general geographic location of visitors to federal sites – 84.6 percent of visitors come from the U.S. and 4.5 percent of that from Washington – and logs showing the most downloaded public documents. Currently the most-clicked is a notification letter from the Office of Personnel and Management alerting victims of the recent cyber hack. Read more [NEXTGOV.COM]
  82. 82. Federal Government COSTS: Federal Paper Pushing Costs Taxpayers Millions. The federal government is the nation’s largest disburser—$600 billion a year in checks go out to suppliers from civilian agencies alone, according to the Treasury Department. So it may surprise some in this digital age that only 38 percent of the 19 million invoices filed by agencies in fiscal 2013 were submitted electronically. That left a pile of 12 million supplier invoices on old-fashioned paper, costing taxpayers an estimated $230 million yearly to process. Read more [GOVEXEC.COM]
  83. 83. Federal Government NIST: Tech Licensing Revenues Grow for Agency Labs. The federal government brought in more money from licensing its own technology to the private sector and increased the number of research and development partnerships it has forged, according a report from the National Institute of Standards and Technology. Read more [FEDSCOOP.COM] TECH LAB: What the Government Should’ve Learned About Backdoors from the Clipper Chip. In the face of a Federal Bureau of Investigation proposal requesting backdoors into encrypted communications, a noted encryption expert urged Congress not to adopt the requirements due to technical faults in the plan. The shortcomings in question would allow anyone to easily defeat the measure with little technical effort. Read more [ARSTECHNICA.COM]
  84. 84. Federal Government ANALYSIS: What Does Federal Spending in 2016 Mean for the Cybersecurity Sector? President Barak Obama included $14 billion for cyber security spending in his 2016 budget. A look at some key numbers and trends for 2016 reveals big opportunities for vendors who provide cyber products and services to federal agencies, and big challenges for federal agencies around recruiting and retaining cybersecurity staff. Read more [CSOONLINE.COM] NIST: A Conversation With The Most Influential Cybersecurity Guru To The U.S. Government. Ron Ross is a Fellow at the National Institute of Standards and Technology, or NIST, a non-regulatory agency of the U.S. Department of Commerce. NIST’s mission is to promote U.S. innovation and industrial competitiveness by advancing measurement science, standards, and technology in ways that enhance economic security and improve our quality of life. Check out his comprehensive approach to data security. Read more [FORBES.COM]
  85. 85. Federal Government SURVEY: Majority of Agencies Follow NIST Cybersecurity Framework. A recent survey found that 82 percent of 150 IT and security professionals in the federal government said their agencies are either fully or partially implementing the NIST Framework for Improving Critical Infrastructure Cybersecurity. When broken down further, 53 percent are fully implementing, with 29 percent partially implementing the guidance. Read more [GCN.COM] ENCRYPTION: Why Federal Encryption Regulations Could Put Cybersecurity At Risk. Efforts to pass regulations in response to new security technology could, however, run into legal and constitutional roadblocks. End-to-end encryption may be defended under the Fourth Amendment right to privacy against unreasonable search, as wiretapping often occurs without proper warrants on civilians who are not suspected of being involved in criminal activity. Read more [BROWNPOLITICALREVIEW.ORG]
  86. 86. IT - State & Local Governments
  87. 87. IT - State & Local Governments SEATTLE: Begins Three-Year IT Consolidation. Over the next three years, Seattle will consolidate its disparate IT departments into a new agency, called Seattle IT, and city officials expect big things from the change. Read more [GOVTECH.COM] US COUNTIES: New Interactive Tool Provides Key County Info. The NACo County Explorer is a web-based visualization tool that provides key information on a wide variety of topics that are summarized at the county-level. An interactive map allows users to explore a variety of indicators, such as population density, median household income, and number of endangered and threatened species. County profiles are provided to highlight data and information related to key federal policies and legislation. Read more [COAST.NOAA.GOV]
  88. 88. IT - State & Local Governments LOCAL BANKS: These Cyberthreats May Be Coming to a Local Bank Near You. A common consumer of news might assume that financial services hacking incidents are just a big-bank problem. Cyberintrusions of the largest institutions by sophisticated criminals and potentially foreign governments are well documented. But community banks of every stripe should be on alert for a genus of attacks meant more for smaller institutions than bigger ones. On Nov. 3, the Federal Financial Institutions Examination Council issued a joint statement intended for community banks warning of the “increasing frequency and severity of cyberattacks involving extortion.” Read more [AMERICANBANKER.COM]
  89. 89. IT - State & Local Governments BIG BANKS: S&P Downgrades Holding Companies of Eight U.S. Banks. Standard & Poor’s cut its nonoperating holding company (NOHC) ratings on eight U.S. “global systemically important banks” by one notch, citing uncertainty about the U.S. government’s willingness to provide support to the banking system if it came under stress. Read more [REUTERS.COM] DHS: House Bill Lets State, Local Take Advantage of DHS Cyber Tools. New legislation requires DHS to open the National Cybersecurity and Communications Integration Center (NCCIC) to state and local governments that request assistance, either in shoring up cybersecurity posture or help investigating a specific incident. Read more [FEDERALTIMES.COM]
  90. 90. IT - State & Local Governments MICHIGAN: Report Rips Security of State Computer Systems. Hundreds of state computer servers are vulnerable to hacking and failure because of outdated operating systems, ineffective security configurations, poor password control, failure to install security patches and a lack of timely scanning to detect vulnerabilities, according to a report released Thursday by Michigan Auditor General Doug Ringler. Read more [FREEP.COM] INDUSTRY PERSPECTIVE: 4 Critical Challenges to State and Local Government Cybersecurity Efforts. While the federal government works on big-picture solutions, state and local government agencies are under tremendous pressure to secure critical data, infrastructure and services. In fact, cybersecurity is the No. 1 strategic IT priority in 2015 for state and local agencies, according to the National Association of State Chief Information Officers. Read more [GOVTECH.COM]
  91. 91. IT - State & Local Governments VOTING SECURITY: Outdated Voting Machine Technology Poses Security and Election Risks. A new report highlights the looming crisis state and local governments face with aging voting machine technology ahead of the 2016 election. A recent report by the Brennan Center for Justice at New York University School of Law found that the expected lifespan of core components in electronic voting machines purchased since 2000 is between 10 and 20 years, and for most systems it is probably closer to 10 than 20. Experts surveyed by the Brennan Center agree that the majority of machines in use today are either “perilously close to or exceed these estimates.” Read more [STATETECHMAGAZINE.COM]
  92. 92. IT Security | Cybersecurity
  93. 93. IT Security | Cybersecurity RISK MANAGEMENT: Moody’s Warns Cyber Risks Could Impact Credit Ratings. Credit rating agency Moody’s Corp. warns that cyber defenses as well as breach detection, prevention and response will be higher priorities in its analysis of the creditworthiness of companies across all sectors, including healthcare and financial services. Read more [GOVINFOSECURITY.COM] HIRING: OMB, OPM Chart Helps Agencies Identify Cyber Talent Gaps. With just five weeks to go before the deadline for civilian agencies to submit their job codes for specialty cyber roles, the Office of Management and Budget has added a resource chart to its MAX site to help organize cyber talent gaps as they are identified. Read more [FEDERALNEWSRADIO.COM]
  94. 94. IT Security | Cybersecurity CSO: Five Reasons Why Hackers Easily Get In. Vulnerable web application is just one of the great gifts left for hackers, as it significantly reduces their time, cost and efforts to get into corporate network. Why do companies fail to secure their web apps? Read more [CSOONLINE.COM] STUDY: Financial Advisors Still Have a Long Way to Go on Cybersecurity. Since the infamous cyberattack on Sony Pictures Entertainment a year ago, business leaders have noticed an increase in hacks both externally and internally, according to a survey conducted by the auditor PwC. Globally, the cost of cybercrime is estimated to be upwards of $385 billion and those attacks can and do happen in every type of industry, including financial services. Cyberattacks against financial advisors are growing and getting more sophisticated. A new white paper by External IT, which provides cloud computing to financial services companies, found that advisors are vulnerable in three areas. Find out more [CNBC.COM]
  95. 95. IT Security | Cybersecurity LOCKHEED LEAVES: Lockheed Martin Corp. To Exit Commercial Cybersecurity, Double-Down On Helicopters And Combat Jets. Lockheed Martin Corp. has been planning to sell off or spin off its roughly $4 billion government information technology business since earlier this year. That would include its Cybersecurity unit. “The cyber programs that will remain with the company are mostly focused on defense and intelligence customers and will be realigned into the Corporation’s other four business segments,” says Dan Nelson, Vice President, Corporation Communications at Lockheed. Read more [FORBES.COM] PREDICTION: The Cybersecurity Startup Boom Will End in 2016. Too many companies are selling similar tools. Read more [FORTUNE.COM]
  96. 96. IT Security | Cybersecurity INDUSTRY INSIGHT: Cybersecurity is a Team Sport, but it’s No Game. We can all do something to address the growing cybersecurity challenge. Individual users, small departments and large agencies alike can take steps to improve our individual and collective cybersecurity posture. It is estimated that roughly 80 percent of exploitable vulnerabilities in cyberspace are a result of poor or nonexistent cyber hygiene — the basic, fundamental protection measures that improve defense while making it more difficult and more expensive for the bad guys to perpetrate an intrusion. Read more [GCN.COM]
  97. 97. IT Security | Cybersecurity FLORIDA: Builds New Cybersecurity Framework. Since the re-launch of Florida’s IT agency last year, Chief Information Security Officer Danielle Alvarez has been working to build up a cybersecurity framework for the state. Alvarez said the biggest threat currently facing the state is “lacking that foundation” for how to effectively handle information security, and she’s now in the midst of laying down those guidelines. Read more [STATESCOOP.COM]
  98. 98. Tech Vulnerabilities
  99. 99. Tech Vulnerabilities THREATS: BackStab Attack Takes Indirect Route To Mobile Data. Attack technique takes advantage of weak protections around mobile user’s backup files. While there are plenty of mobile device vulnerabilities just waiting for bad guys to pick up on, some of the lowest hanging fruit for mobile-oriented attackers isn’t on the device itself. Instead, the softest target comes in the form of insecure back-ups stored on a traditional desktop or laptop. Read more [DARKREADING.COM] COMPUTER SUPPORT: Vulnerabilities Found in Lenovo, Toshiba, Dell Support Software. The number of vulnerabilities discovered in technical support applications installed on PCs by manufacturers keeps piling up. New exploits have been published for flaws in Lenovo Solution Center, Toshiba Service Station and Dell System Detect. The most serious flaws appear to be in Lenovo Solution Center and could allow a malicious Web page to execute code on Lenovo Windows-based computers with system privileges. Read more [CIO.COM]
  100. 100. Tech Vulnerabilities GOOGLE: Patches Critical Media Processing and Rooting Vulnerabilities in Android. Google has released a new batch of security fixes for its Nexus smartphones and tablets, addressing flaws that could allow attackers to compromise the Android devices via rogue emails, Web pages, and MMS messages. Firmware updates are being rolled out to supported Nexus devices as an over-the-air update and the patches will be added the Android Open Source Project over the next 48 hours. Builds LMY48Z and Android Marshmallow with a Dec. 1, 2015, Security Patch Level contain these fixes, Google said in its security bulletin. Read more [INFOWORLD.COM] CLOUD: Security Worries Hamper Adoption of Cloud Technology. Companies migrating to the cloud plan to enforce internal security policies: 56 percent plan to improve identity and authentication management. Read more [EWEEK.COM]
  101. 101. From the Blue Mountain Data Systems Blog Three-Dimensional Governance for the CIO https://www.bluemt.com/three-dimensional-governance-for-the-cio 7 Reasons to Take Control of IT Incidents https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/ Breach Mitigation Response Time Too Long, Survey Says https://www.bluemt.com/breach-mitigation-response-time-too-long-survey- says/ Six Tactics for Cyberdefense https://www.bluemt.com/six-tactics-for-cyberdefense/
  102. 102. From the Blue Mountain Data Systems Blog Feds Report Mixed Responses to Shared Services https://www.bluemt.com/feds-report-mixed-responses-to-shared-services Federal Employees Are Not Security Experts https://www.bluemt.com/federal-employees-are-not-security-experts Survival Guide for Network Administrators https://www.bluemt.com/survival-guide-for-network-administrators DBaaS: OpenStack Trove Changes DB Management https://www.bluemt.com/dbaas-openstack-trove-changes-db-management
  103. 103. From the Blue Mountain Data Systems Blog Help Wanted: Certified Cybersecurity Professionals https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals Cyber Threat Intelligence Integration Center Preview https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/ Cloud Moves in 1-2-3 https://www.bluemt.com/cloud-moves-in-1-2-3/ Change Management for Disaster Recovery https://www.bluemt.com/change-management-for-disaster-recovery/
  104. 104. From the Blue Mountain Data Systems Blog Jeffersonian Advice For C-Suite Career Advancement https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/ Ways To Survive The “Mobile-Pocalypse” https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/ Microsoft Cloud Services Receive FedRAMP Authority to Operate https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority- to-operate/ Hiring Pentesters? Here Are 10 Things You Need to Know https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to- know/
  105. 105. From the Blue Mountain Data Systems Blog Home Router Malware Alert https://www.bluemt.com/home-router-malware-alert/ Threat Model Deconstruction https://www.bluemt.com/threat-model-deconstruction/ Business Email Scam Nets $214 Million https://www.bluemt.com/business-email-scam-nets-214-million/ How to Prevent Unauthorized Software from Taking Over Your Organization https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/
  106. 106. From the Blue Mountain Data Systems Blog Digital Marketing Predictions for 2015 https://www.bluemt.com/digital-marketing-predictions-for-2015/ SDN: Network Administrator’s Friend or Foe? https://www.bluemt.com/sdn-network-administrators-friend-or-foe/ Mobile Payments: A Must for Federal Agencies https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/ Soft Skills Are A Must-Have For Careers In IT https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/
  107. 107. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  108. 108. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  109. 109. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  110. 110. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  111. 111. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  112. 112. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  113. 113. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  114. 114. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com

×