Tech Update Summary from Blue Mountain Data Systems June 2016

1. Tech Update Summary June 2016 Blue Mountain Data Systems

3. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com

4. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for June 2016. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.

5. Network Security

6. Network Security SWIFT: Launches Plan to Brace Network’s Security. SWIFT is stepping up efforts to share information among global financial institutions and develop security audit frameworks for customers. The Society for Worldwide Interbank Financial Telecommunication has unveiled a five-point plan to reinforce the security of SWIFT’s payments system in the wake of the Bangladesh Bank heist. Read more [CFO.COM] SECURITY SUCCESS: 5 Secret Habits Of Highly Successful Network Security Programs. The key ingredients to network cybersecurity success and how they improve security results. A new report shows that when IT organizations are segmented by security success factors, the top performers share a number of network security best practices. Read the rest [DARKREADING.COM]

7. Network Security INDUSTRY INSIGHT: Next-gen Networks Call for Strategic Security. Government networks face an environment of escalating risk from cyberattacks, a painful reality in the digital world. Protecting sensitive government and constituent information is unquestionably the most serious challenge agencies face. Modernizing networks is one way agencies can address these challenges, but they must be skeptical when evaluating new networking solutions — particularly when it comes to their security capabilities. Adoption of managed broadband, together with security improvements to existing legacy technologies, offers a hybrid approach to network modernization that is cost-effective and delivers results. Find out more [GCN.COM]

8. Network Security ARMY: Tests Upgraded NetOps Toolset for WIN-T Network Security. The U.S. Army has demonstrated an updated tactical network operations toolset as part of the Warfighter Information Network-Tactical Increment 3 limited user test during the Network Integration Evaluation 16.2 event at Fort Bliss, Texas. Read more [EXECUTIVEGOV.COM]

9. Encryption

10. Encyption MOBILE: 7 Reasons Mobile Payments Still Aren’t Mainstream. Though mobile payments and wallets are increasingly popular, they’re still nowhere near mainstream. A set of experts and finance-industry watchers weigh in on what’s holding mobile payments back, as well what will need to happen for the systems to hit the big time. Read more [CIO.COM] ANDROID: Android Patch: Samsung Fixes Galaxy Flaw That Lets Crooks into Stolen Phones. Samsung has issued a patch to shut down a bypass for ‘factory reset protection’, which is meant to stop thieves from setting up a stolen device. Find out more [ZDNET.COM]

11. Encyption GOVERNMENT AGENCIES: Protecting Data Means Balancing Security vs. Convenience. Most people use encryption every day, unaware that their phones and Internet browsers invisibly translate their data as it moves from point to point on the internet or that their mobile apps use the technology to obscure their data in the cloud. Yet many government agencies are still struggling to deploy encryption across all their systems.Only 44 percent of non-defense Federal web sites employ the secure HTTPS Internet protocol, according to pulse.cio.gov, a government transparency project of the General Services Administration (GSA). Read the rest [GOVTECHWORKS.COM]

12. Encyption CLOUD: Microsegmentation & The Need For An Intelligent Attack Surface. There is a fundamental difference in the security posture and technology for protecting the White House versus a Social Security office in California. So, too, for the critical apps and systems that are likely targets in your enterprise. Read more [DARKREADING.COM]

13. Databases

14. Databases BIG DATA: Why Some of the Fastest Growing Databases Are Also the Most Experimental. Everyone has heard about MongoDB and Cassandra, but what other databases are making big gains against Oracle and Microsoft? Read more [TECHREPUBLIC.COM] GOOGLE: Rolls Out New Features for BigQuery. As the internet giant looks to bolster its enterprise business, it’s making its data analysis service more compatible with traditional big data workflows. Read the rest [ZDNET.COM]

15. Databases MICROSOFT: Review – SQL Server 2016 Boosts Speed, Analytics. SQL Server 2016 shines with stretch database to Azure, queries against Hadoop, internal R, better security, and higher performance. Find out more [INFOWORLD.COM] MYSQL: Using MySQL 5.7 Document Store With IoT. MySQL 5.7 includes a document store designed for storing JSON documents and querying against them without pre-defining the document structure. Read more [DZONE.COM]

16. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.

17. Security Patches

18. Security Patches GOOGLE: Android Security: Google’s June Update Splats Dozens of Critical, High- Severity Bugs. Google rolls out the June security update for Nexus and Android — but will your device be among those getting the fixes? Read more [ZDNET.COM] NETWORKS: NTP Patches Flaws That Enable DDoS. The network time protocol, at the center of a number of high-profile DDoS attacks in 2014, was updated last Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities, including one rated high-severity. NTP, specifically the NTP daemon, synchronizes system clocks with time servers. Read more [THREATPOST.COM]

19. Security Patches JENKINS: Jenkins Security Patches Could Break Plug-Ins. The latest security update for Jenkins changed how build parameters are handled, impacting multiple plug-ins. The latest version changes how plug-ins use build parameters, though, so developers will need to adapt to the new process. The vulnerabilities affect all previous releases, including the mainline releases up to and including 2.2, and LTS releases up to and including 1.651.1. Administrators should update their Jenkins installations to mainline release Jenkins 2.3 or LTS 1.651.2. Read the rest [INFOWORLD.COM]

20. Security Patches SYMANTEC & CISCO: Symantec Security Flaw and Cisco Web Security Patches – Security News IT Leaders Need to Know. A Google Project Zero researcher has discovered several remote code execution vulnerabilities in Symantec anti- malware software, the most serious of which was a flaw in the core scanning engine that required no user interaction for exploitation. CERT reports that Cisco has released fixes for four flaws in its web security appliance, any of which could allow a remote attacker to cause denial of service. Find out more [BUSINESS.FINANCIALPOST.COM]

21. Incident Response

22. Incident Response SECURITY: The Five Ws (and One H) of Effective Incident Response. Good incident response always starts with answering six key questions. Read more [INFORMATION-AGE.COM] FEDERAL RESERVE: House Committee Investigates Federal Reserve Cyber-Attacks. A Reuters report into cybersecurity at the Federal Reserve triggers a House committee investigation into the Federal Reserve’s security protections. Read the rest [PCMAG.COM]

23. Incident Response ENTERPRISES: Enterprises Are Investing in Network Security Analytics. Dangerous threats and new requirements persuading organizations to collect, process, and analyze more and more network telemetry and threat intelligence. Find out more [NETWORKWORLD.COM] RANSOMWARE: Beware the Rise of Ransomware. The use of ransomware is on the rise. Hackers and bad actors ranging from independent amateurs to sophisticated, organized cartels are using the latest malware techniques, strong encryption and secure online payment systems to extort millions of dollars from people and organizations who just want their data back. These attacks are hitting organizations in every sector, and the federal government is by no means immune. Read more [FEDERALTIMES.COM]

24. Program Management

25. Program Management MICROSOFT: Microsoft Launches Planner, a Project-Management Tool Part of Office 365. Microsoft has launched Office 365 Planner, a new project- management tool for teams. The company will be rolling out Planner worldwide to Office 365 users, including Office 365 Enterprise E1–E5, Business Essentials, Premium, and Education subscription plans. The Planner tile will appear in your Office 365 app launcher, meaning Office 365 admins don’t need to take any action. Read more [VENTUREBEAT.COM]

26. Program Management NASA: When Project Management Really is Rocket Science: A Lesson from NASA. A recent GAO assessment of major NASA projects shows that 18 of the organization’s biggest projects received very positive reviews – with project management receiving credit for some of that success. What has proven to be extremely effective for NASA is utilizing standards and adapting tools and processes to the needs of the agency, while satisfying considerations of such leading practices as EVM, project costing, baseline establishment and blending of engineering disciplines into projects. Read the rest [FEDERALTIMES.COM]

27. Program Management ADVICE: 6 Ways to Be a Better Project Manager. Project management is a complex — and critical — function. Here are six pieces of advice to help project managers improve their craft. Find out more [CIO.COM] IT CAREERS: What’s Going On with IT Hiring? Analysts have been generally cautious this year about IT hiring trends. Although the unemployment rate for IT professionals is about half the national average of 4.7%, said CompTIA, some analysts use terms ranging from “modest” to “pre-recession” to describe IT hiring. Read more [COMPUTERWORLD.COM]

28. For the CIO, CTO & CISO

29. For the CIO, CTO & CISO CIO: AstraZeneca CIO Dave Smoley’s 6-Point Cloud Toolkit. Early adopter of enterprise cloud applications AstraZeneca CIO Dave Smoley passes on lessons learned. Here’s a 6-point cloud adoption toolkit. Read more [DIGINOMICA.COM] CTO: Culture Change Critical as Agencies Try to Innovate. Several federal IT execs at the Federal Innovation Summit touted unique programs their agencies are spearheading – including a virtual reality program for a USDA office’s training team. Read the rest [FEDSCOOP.COM]

30. For the CIO, CTO & CISO CISO: How to Survive in the CISO Hot-Seat. The CISO is a precarious job. Research studies indicate that CISOs typically survive just 18 months to two years in a job which is increasingly complex and multi-skilled. How can you be successful in a post where security incidents and management feuds can result in losing your job? Find out more [CSOONLINE.COM] IoT: VMware CIO Commands IoT Effort. The software company releases to open source an SDK intended to let developers build Internet of Things applications that run on any network device, OS or infrastructure. Read more [CIO.COM]

31. Application Development

32. Application Development STRATEGY: Choosing Your Application Development Strategy. Which is more effective: the top-down or bottom-up application strategy? Discover why choosing one requires an in-depth understanding of application requirements. Read the rest [SEARCHSOA.TECHTARGET.COM] CLOUD: Why Amazon and OpenStack Continue to Thrive in a Complex Cloud World. Amazon announcing AWS hitting a $10B annual run rate and OpenStack’s 13th release—lead some to wonder who is winning. Both are. Read more [EWEEK.COM]

33. Application Development MICROSOFT: Power BI Hits 5M Subscribers, Adds Deeper Excel Integration. Microsoft has a ton of new features planned for its cloud-based BI service. Microsoft’s cloud-based business intelligence service is celebrating a major user growth milestone with a handful of new features, including the ability to import data from an Excel spreadsheet and turn it into live-updating charts and graphs. Power BI now has more than 5 million subscribers, who are using the service to take in business data and create dashboards they can use to better understand their businesses. Subscribers will be able to use an Excel connector to easily “pin” live-updating data from the Excel desktop app to a Power BI dashboard. Both that feature, and one that allows users to analyze data from Power BI in Excel, were previously available for beta testing and are now generally available. Read more [PCWORLD.COM]

34. Application Development NODE.js: Top Reasons to Use Node.js for Web Application Development. There are many reasons why developers (regardless of experience level) should use Node.js for web application development, starting with its speed and ending with its proficiency at multi-user, real-time web applications. Not to mention that three years ago Nodejitsu reached out to the npm community for help running the public npm servers and raised over $300,000 for the project, proving that the community is both active and generous. Read more [JAXENTER.COM]

35. BYOD

36. BYOD MOBILE SECURITY: BYOD Can Pose Privacy Risks to Employees. Companies using MDM to oversee employee devices are collecting more information than employees realize. Read more [CSOONLINE.COM] EDUCATION: What Are the Best BYOD Tools for Presentation, Collaboration and More? Besides simply having technology in the classroom through BYOD programs or others, schools are increasingly being pushed to use it well and limit the “digital use” gap that exists between students from low-income families and their wealthier peers. Active tech use, while challenging, is critical for the next phase of K-12 education technology. Read the rest [EDUCATIONDIVE.COM]

37. BYOD ENTERPRISE: Dude, Where’s My Phone? BYOD Means Enterprise Security Exposure. You should be worried, very worried, if an employee loses a smartphone or tablet— especially if that employee accesses any enterprise resources using that device. Find out more [NETWORKWORLD.COM] OPINION: BYOD? More Like “Bring Your Own Divide”. There is no way around it: the modern workforce is mobile and relies on CXOs to deliver enterprise security in the clearest way possible – no matter where they find themselves. CXOs need to embrace their businesses operational models and define strategies to secure critical data. Read more [INFOSECURITY-MAGAZINE.COM]

38. Big Data

39. Big Data TECH: Building Your Big Data Infrastructure: 4 Key Components Every Business Needs To Consider. Big data can bring huge benefits to businesses of all sizes. However, as with any business project, proper preparation and planning is essential, especially when it comes to infrastructure. Until recently it was hard for companies to get into big data without making heavy infrastructure investments (expensive data warehouses, software, analytics staff, etc.). But times have changed. Cloud computing in particular has opened up a lot of options for using big data, as it means businesses can tap into big data without having to invest in massive on-site storage and data processing facilities. Read more [FORBES.COM]

40. Big Data TERROR: Now Can Big Data Fight Terror? Why don’t officials know when an Omar Mateen buys a mass-murder weapon? What are we getting from government investment in big data? Read the rest [WSJ.COM] SECURITY: Big Data Will Fix Internet Security…Eventually. Security analytics have been with us for a while, but with the latest tech, it’s much easier to detect malicious attacks. Find out more [INFOWORLD.COM] PRIVACY: iPhone, AI and Big Data: Here’s How Apple Plans to Protect Your Privacy. Can Apple take the ‘big brother’ out of big data? Read more [ZDNET.COM]

41. Mobile Applications

42. Mobile Applications STUDY ON USAGE: Nearly 1 in 4 People Abandon Mobile Apps After Only One Use. Apple’s iTunes App Store is home to over 1.5 million apps and Google Play hosts over 2 million, but the number of apps that actually get installed and used on consumers’ devices is still quite small. We already knew that people only interacted with a small handful of third-party apps on a regular basis, and now, according to a new study on mobile app usage, we learn that about one in four mobile users only use an app once. Read the rest [TECHCRUNCH.COM]

43. Mobile Applications DEVOPS: Mobile App Development – 8 Best Practices. Creating great mobile enterprise apps isn’t necessarily easy, but it can be easier if you follow these eight critical tips. Find out more [INFORMATIONWEEK.COM] RED HAT: Takes Application Development to the Bank. The open source juggernaut’s remarkably steady growth depends less on Linux every year. Read more [INFOWORLD.COM]

44. Mobile Applications CONSUMER TECHNOLOGY: Facebook, Google Dominate List of Top 15 Mobile Apps. Tech behemoths Facebook and Google own more than half of the 15 most popular mobile applications used by U.S. adults — the reach of other well-liked apps such as Snapchat and Apple Maps doesn’t even compare. Read more [CIO.COM]

45. Personnel Management

46. Personnel Management WORKFORCE: Millennials Want to Stay, If Government Grasps the New Reality. Many “millennials” in government say their agencies haven’t yet understood what makes them tick. And their generation isn’t drastically different than the ones that have come before it. Though a majority of federal employees under the age of 35 indicated their interest in staying within the federal government, many millennials said their decision depends on several different factors. Read the rest [FEDERALNEWSRADIO.COM] OPM: Office of Personnel Management Hires First CISO. Following one of the largest data breaches on record, the Office of Personnel Management hires a chief information security officer. The new CISO is Cord Chase, former senior adviser on Cyber and National Security to the White House and Office of Management and Budget, and technology head and engineer at the U.S. Department of Agriculture. Find out more [GOVTECH.COM]

47. Personnel Management DOD: The 4 Big Takeaways from Ash Carter’s New Push for Military Personnel Reform. The plan to overhaul the military personnel system that Defense Secretary Ash Carter announced Thursday would end the “one-size-fits-all” promotion system for military officers and clear the way for far more diverse options in military career tracks. Read more [MILITARYTIMES.COM] FEDERAL CIVIL SERVICE: Report Says Top Civil-Service Rank Needs Urgent Boost. The Senior Executive Service, the highest rank of the nation’s federal civil service, carries a certain prestige. But that is not enough to convince many lower-ranking employees that the status is worth the headache. Read more [WASHINGTONPOST.COM]

48. Programming & Scripting Development Client & Server-Side

49. Programming & Scripting Development Client & Server-Side JAVASCRIPT: F# Functional Programming Comes to JavaScript. The Fable compiler gives developers the opportunity to unite the realms of F# functional programming and JavaScript. In a beta stage of development, Fable leverages F# and uses Babel compilers to generate source maps. A 1.0 release is due soon. Read more [INFOWORLD.COM] JAVA: Google Wins Java Copyright Case Against Oracle. Federal jury finds Google’s use of Java software was “fair use”. A federal jury found Google’s use of Oracle Corp.’s Java software in its mobile products didn’t violate copyright law, a verdict cheered by many in Silicon Valley who believe it will protect how they write and use software. The decision, which Oracle said it would appeal, marked the latest chapter in a six-year legal battle in which Oracle sought as much as $9 billion from Google for using 11,000 lines of Java software code in its Android software. Read the rest [WSJ.COM]

50. Programming & Scripting Development Client & Server-Side C#: Mads Torgersen and Dustin Campbell on the future of C#. How has open source changed it – and can it survive Windows PC decline? This is a moment of change for Microsoft’s development tools, as the company transitions from focusing entirely on Windows, to creating cross-platform tools that it hopes will push developers towards its Azure cloud services, either as a back-end for mobile applications, or as a deployment platform for server applications irrespective of the operating system. Find out more [THEREGISTER.CO.UK]

51. Programming & Scripting Development Client & Server-Side HTML5: HTML5 by Default: Google’s Plan to Make Chrome’s Flash Click-to-Play. Top 10 sites will be whitelisted, everything else will default to HTML5. Google will be taking another step towards an HTML5-only Web later this year, as the systematic deprecation and removal of Flash continues. In a plan outlined last month, Flash will be disabled by default in the fourth quarter of this year. Embedded Flash content will not run, and JavaScript attempts to detect the plugin will not find it. Whenever Chrome detects that a site is trying to use the plugin, it will ask the user if they want to enable it or not. It will also trap attempts to redirect users to Adobe’s Flash download page and similarly offer to enable the plugin. Read more [ARSTECHNICA.COM]

52. Programming & Scripting Development Client & Server-Side JAVA: Java’s Spring Framework Gets a New Competitor. Datamill, an open source framework that leverages Java 8 and lambdas, is bringing functional programming to Java-based web development. Read more [INFOWORLD.COM] JAVASCRIPT: New Ransomware Strain Coded Entirely in Javascript. Security researchers have discovered a new strain of ransomware coded entirely in Javascript, which could increase its chances of being activated. Read the rest [BBC.COM]

53. Programming & Scripting Development Client & Server-Side HTML5: W3C’s Rejected HTML5 Proposal Imperils Security Researchers. The World Wide Web Consortium (W3C) is embroiled in an ongoing dispute over digital rights management for HTML5. In the latest development of the dispute, W3C digital rights management (DRM) working group chairman Paul Cotton vetoed a proposal to discuss HTML5 standards before renewing the group’s charter. Find out more [SCMAGAZINE.COM] PROGRAMMING: The 9 Most In-Demand Programming Languages to Learn. With the help of this list from Codingdojo, here are the nine most in-demand coding languages that you should learn, no matter what profession you’re in. Read more [TECH.CO]

54. Cloud Computing

55. Cloud Computing CLOUD EXPO: Conference Short On Innovation, Still Provides Value. Jason Bloomberg has attended Sys-Con’s Cloud Expo conference several times both in New York and Silicon Valley over the last few years, but last week’s installment at Manhattan’s Javits Convention Center seemed a mere shell of its former self. Why the drop-off this year? Read more [FORBES.COM] STORAGE WARS: How the Federal Government is Tackling Data Growth. With more devices collecting data, agencies find themselves with larger amounts of data than ever before. To manage that growth, and avoid letting it overwhelm them, federal IT leaders leverage storage solutions that can securely host large volumes of data without overburdening the budget. Find out more [FEDTECHMAGAZINE.COM]

56. Cloud Computing AWS: Cloud Computing Ops, Data Centers, 1.3 Million Servers Creating Efficiency Flywheel. Oppenheimer is betting that Amazon shares can get to $930. The primary reason: AWS is a profit machine that’ll deliver 2023 revenue topping $57 billion. In a nutshell, Oppenheimer concludes that AWS’ capital spending won’t need to be as high as expected. Why? “AWS’ competitive advantages in procuring, designing and architecting datacenters and compute/storage resources are driving even higher profitability and lower capital intensity than previously expected.” Read the rest [ZDNET.COM]

57. Cloud Computing FEDERAL CIOs: Need Help with Legacy-to-Cloud Transition. Government IT leaders stress value in private-sector partnerships, repeatable contracting provisions as they look to incremental modernization strategies. “Modernization” was one of the watchwords in President Obama’s proposal for the federal IT budget in fiscal 2017, and while that broad effort might sound anything but controversial, updating legacy systems entails a host of challenges that agency CIOs are only beginning to work through. Read more [CIO.COM]

58. Cloud Computing GOOGLE: Google Reportedly Looking to Commercialize Its Spanner Database. The company wants to see if it can use its massive database technology to compete better with Amazon Web Services and Microsoft Azure. One of the biggest obstacles facing the company as it embarks on its mission is finding a way to decouple Spanner from Google’s proprietary hardware and network technology and building a version that will work just as well on other infrastructures. Read the rest [EWEEK.COM] BREXIT: Brexit Spells Turbulence for Cloud Computing: 6 Stormy Scenarios. The fallout from the U.K. leaving the EU is just starting. Here’s a look at how large cloud computing vendors may be affected. Get ready for the pause in U.K. data center build-outs. Find out more [ZDNET.COM]

59. Cloud Computing AMAZON: Gets High-Level U.S. Government Clearance For Cloud Computing. Amazon has received high-level authorization for its Amazon Web Services, opening the door for U.S. government agencies to store highly sensitive but unclassified data on its cloud computing platform. The authorization is known as the Federal Risk and Authorization Management Program (FedRAMP) high baseline, a standard set of security requirements for cloud services. It covers more than 400 security controls and gives U.S. government agencies the ability to leverage AWS for highly sensitive workloads, including patient records, financial data, law enforcement data and other controlled-but-unclassified information. Read more [INVESTORS.COM]

60. Cloud Computing SAMSUNG: Snaps Up Joyent, the Best-Kept Secret in Cloud Computing. One of the best-kept secrets in cloud computing has just found a new home. Samsung Electronics announced Wednesday that it will acquire Joyent, a vital but lesser- known player the cloud hosting market – and one with quite a history behind it. Read more [WIRED.COM]

61. Business Intelligence

62. Business Intelligence OPEN SOURCE: Top 7 Open Source Business Intelligence and Reporting Tools. In economies where the role of big data and open data are ever-increasing, where do you turn in order to have data analysed and presented in a precise and readable format? Here’s a list of top open source business intelligence (BI) and reporting tools that can help. Read the rest [OPENSOURCE.COM] HADOOP: Hadoop Public Cloud Service. BlueData of Santa Clara, California specializes in enabling big data-as-a-service, letting organizations spin up virtual Hadoop or Spark clusters and providing on-demand access to applications, data, and infrastructure to data scientists and data analysts. This week BlueData announced that the enterprise edition of its BlueData EPIC software will run on Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and other public cloud services. Find out more [INFORMATIONWEEK.COM]

63. Business Intelligence NoSQL: Database Technology Finds Use Cases, But Still Minority Sport. From managing water meter data, through Bitcoin and video data, to web publishing, NoSQL database technology is finding real use cases. But it’s likely to be stuck at 10% of the market for some time. Read more [COMPUTERWEEKLY.COM] DATA: Techniques for Moving Computation to Where the Data Lives. Building in- memory data structure stores helps achieve operational intelligence. Read more [DZONE.COM]

64. IT Security | Cybersecurity

65. IT Security | Cybersecurity STATE CIOS: State CIOs Struggle with Cybersecurity, Cloud Computing Amid Rampant Workforce Changes. For the U.S. to effectively digitize their infrastructure, the National Association of State CIOs said a stable and talented workforce is needed. Doug Robinson, NASCIO executive director, pinpointed cybersecurity, evolving service delivery models, workforce renewal, and the prevalence of data as the key challenges facing governments. Robinson also put forth measures to address them. Read more [HEALTHCAREITNEWS.COM]

66. IT Security | Cybersecurity WHY: Car-Hacking Could Threaten the Federal Government. The latest Government Accountability Office vehicle cybersecurity report found that modern cars, especially those made in 2015 or later, are highly susceptible to hacking that could allow for the remote takeover of the vehicle. The problem, according to the report, is that new systems and features, some of them for safety and some for comfort, are constantly being added to new models. Given that the federal government is the owner of one of the largest fleets of vehicles in the world, the cybersecurity health of such a valuable asset pool should probably be a priority. Read the rest [NEXTGOV.COM]

67. IT Security | Cybersecurity FEDERAL BUDGETS: Cybersecurity Goals to Guide Federal Software Spending. The U.S. government is on track to significantly boost spending on cybersecurity solutions. However, evolving requirements to greatly improve federal protection of information technology resources will shape that spending. In fact, federal cyberprotection goals should be augmented and significantly modified, according to recent studies of the federal market. The linkage between increased federal investing in cybersecurity and the requirements for bolstering IT protection are portrayed in two newly released reports. Find out more [ECOMMERCETIMES.COM]

68. IT Security | Cybersecurity CISO: Leading By Example: the Federal CISO and Cybersecurity Collaboration. In 2015, there were 781 known data breaches in the United States, according to the Identity Theft Resource Center, exposing a staggering 169 million records. Records described as government/military accounted for 20.2 percent of those that were exposed via data breach, while healthcare accounted for 66.7 percent of compromised records. And given that many organizations do not report data breaches for fear of damaging their reputations, we know the true numbers are significantly higher. The new federal CISO will have their work cut out for them. We, as a nation, seem to be fighting a losing battle. Yet, with every challenge comes opportunity to disrupt the status quo. As the new CISO enters the volatile cybersecurity landscape, there are multiple areas in which he or she can have an impact through industry collaborations offering new technologies and innovations. Read more [FCW.COM]

69. IT Security | Cybersecurity PATCHES: Microsoft Acknowledges Permission Problems with MS16-072 Patches. The patches all aimed at fixing Group Policy, but in the end they break Group Policy. Problems are being reported with the MS16-072/KB 3163622 patch. Admins are saying it breaks some Group Policy settings: drives appear on domain systems that should be hidden, mapping drives don’t work, and other typical GPO settings aren’t getting applied. Read more [INFOWORLD.COM]

70. IT Security | Cybersecurity DOD: Bug Bounty Hunters Discover Over 100 Security Flaws During DOD Contest. Participants in the first-ever “Hack the Pentagon” bug bounty contest found more than 100 vulnerabilities in the Defense Department’s computer systems. The program, the first-ever of its kind offered by the federal government, invited hackers to test the cybersecurity of some public U.S. Department of Defense websites. A total of 1,400 certified hackers participated in the contest. Read the rest [CIODIVE.COM] FEDERAL: Federal Cybersecurity Boondoggle: The Software Assurance Marketplace (SWAMP). Well-intended DHS program suffers from a lack of relevant features, internal mismanagement, and few actual users. Find out more [NETWORKWORLD.COM]

71. IT Security | Cybersecurity INDUSTRY INSIGHT: Extending Cybersecurity to Fraud Analytics. Information security leaders often defend against cyber threats by focusing on traditional IT tools and techniques — firewalls, intrusion detection and prevention systems, malware detection and analysis and the like. As organizations have locked down systems with more sophisticated defense-in-depth technical controls, adversaries have evolved to take advantage of information systems by impersonating regular users. While there are some similarities between cybersecurity and fraud, traditional cybersecurity monitoring and analytics must evolve in order to identify the fraudulent use of IT systems that may otherwise go unnoticed. Read more [GCN.COM]

72. From the Blue Mountain Data Systems Blog Three-Dimensional Governance for the CIO https://www.bluemt.com/three-dimensional-governance-for-the-cio 7 Reasons to Take Control of IT Incidents https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/ Breach Mitigation Response Time Too Long, Survey Says https://www.bluemt.com/breach-mitigation-response-time-too-long-survey- says/ Six Tactics for Cyberdefense https://www.bluemt.com/six-tactics-for-cyberdefense/

73. From the Blue Mountain Data Systems Blog Feds Report Mixed Responses to Shared Services https://www.bluemt.com/feds-report-mixed-responses-to-shared-services Federal Employees Are Not Security Experts https://www.bluemt.com/federal-employees-are-not-security-experts Survival Guide for Network Administrators https://www.bluemt.com/survival-guide-for-network-administrators DBaaS: OpenStack Trove Changes DB Management https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

74. From the Blue Mountain Data Systems Blog Help Wanted: Certified Cybersecurity Professionals https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals Cyber Threat Intelligence Integration Center Preview https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/ Cloud Moves in 1-2-3 https://www.bluemt.com/cloud-moves-in-1-2-3/ Change Management for Disaster Recovery https://www.bluemt.com/change-management-for-disaster-recovery/

75. From the Blue Mountain Data Systems Blog Jeffersonian Advice For C-Suite Career Advancement https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/ Ways To Survive The “Mobile-Pocalypse” https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/ Microsoft Cloud Services Receive FedRAMP Authority to Operate https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority- to-operate/ Hiring Pentesters? Here Are 10 Things You Need to Know https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to- know/

76. From the Blue Mountain Data Systems Blog Home Router Malware Alert https://www.bluemt.com/home-router-malware-alert/ Threat Model Deconstruction https://www.bluemt.com/threat-model-deconstruction/ Business Email Scam Nets $214 Million https://www.bluemt.com/business-email-scam-nets-214-million/ How to Prevent Unauthorized Software from Taking Over Your Organization https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

77. From the Blue Mountain Data Systems Blog Digital Marketing Predictions for 2015 https://www.bluemt.com/digital-marketing-predictions-for-2015/ SDN: Network Administrator’s Friend or Foe? https://www.bluemt.com/sdn-network-administrators-friend-or-foe/ Mobile Payments: A Must for Federal Agencies https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/ Soft Skills Are A Must-Have For Careers In IT https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

78. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/

79. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/

80. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/

81. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

82. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience

83. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.

84. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.

85. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com

Tech Update Summary from Blue Mountain Data Systems June 2016

Tech Update Summary from Blue Mountain Data Systems June 2016

Recommended

More Related Content

Viewers also liked

Viewers also liked(8)

More from BMDS3416

More from BMDS3416(7)

Recently uploaded

Recently uploaded(20)

Tech Update Summary from Blue Mountain Data Systems June 2016