SlideShare a Scribd company logo
Blue Mountain Data Systems
Tech Update Summary
August 2018
Tech Update Summary from Blue Mountain Data Systems August 2018
For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com
For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for August 2018. Hope the information and ideas prove
useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.
Network Security
Network Security
IT WATCH: Finding and Fixing Security On Your Network Perimeter. Networks
need multiple layers of security. However, with the complexity inherent in the
internal layers, many folks pay short shrift to the perimeter. That’s a mistake and
here’s why. Read more
[PCMAG.COM]
SOFTWARE: Linux Kernel 4.18: Better Security, Leaner Code. The latest version of
the Linux kernel cleans out nearly 100K lines of code, adds file encryption and the
Berkeley Packet Filter, plus makes a nod to gamers and mobile devices. Read more
[NETWORKWORLD.COM]
Network Security
NETWORK DESIGN: Machine Learning Is Becoming a Must in Data Center
Network Security. The volume of data traveling on networks and sophistication of
attack tools are outpacing human experts’ capabilities. Read more
[DATACENTERKNOWLEDGE.COM]
SECURITY: Think Like an Attacker…Three Network Security Points to Identify and
Protect. Pulling the plug on the Internet is often jokingly referred to as the best
solution for network security. All kidding aside, anything you can do to make it
harder for the bad guys to gain access to your network can have a positive impact
on your overall security posture. That begs the question: with so many cyber
security threats and attack methods to worry about – and so many hardware and
software solutions to consider – where should you focus? Read more
[SECURITYBOULEVARD.COM]
Encryption
Encyption
OPINION: There is No Such Thing as a ‘Safe Backdoor’ in Encryption. federal
officials are now pressuring tech companies to create so-called “backdoors” that
allow law enforcement to work around encrypted devices. These backdoors would
grant them access to Americans’ personal data through a supposedly secure
channel. In theory, a backdoor would be available only to the government and law
enforcement agencies. But technology experts warn that tech companies cannot
build a backdoor that would guarantee only law-abiding officials have access. If you
create a way in, somebody you don’t want to get in will find it. Read more
[THEHILL.COM]
Encyption
THE PAINS OF ENCRYPTION KEY MANAGEMENT: Why Manual Processes Are So
Hard. In its 2018 Global Encryption Trends Study, Thales along with Venafi and
Geobridge sponsored Ponemon Institute to survey 5,252 IT and security
professionals in 12 different countries about their organizations’ encryption use.
Their responses revealed that many enterprises continue to struggle when it
comes to balancing encryption with their security posture. Read more
[SECURITYBOULEVARD.COM]
POPULAR ENCRYPTION SOFTWARE: Researchers Help Close Security Hole.
Cybersecurity researchers at the Georgia Institute of Technology have helped close
a security vulnerability that could have allowed hackers to steal encryption keys
from a popular security package by briefly listening in on unintended “side
channel” signals from smartphones. Read more
[SCIENCEDAILY.COM]
Encyption
FYI: Oracle’s Transparent Data Encryption. Security. Each day it seems another
breach is reported, another hack revealed, more personal user information is
stolen, apparently despite the best efforts to thwart such attacks. It’s becoming
increasingly obvious that guarding against break-ins is simply not enough; one
must be prepared for the maliciously inclined to succeed at hacking their way into
‘secure’ systems. For the Oracle DBA this may not be as daunting a task as it first
appears. Read more
[DATABASEJOURNAL.COM]
Databases
Databases
LEGACY: When It Comes to Databases, Why ‘I Can’t Quit You, Baby’. Leaving
legacy RDMSs is hard, but eventually enterprises will break free of Oracle’s and
others’ last grip on their data infrastructure. Read more
[INFOWORLD.COM]
ORACLE: Oracle Launches Autonomous Database for Online Transaction
Processing. Oracle executive chairman and CTO Larry Ellison first introduced the
company’s autonomous database at Oracle Open World last year. The company
later launched an autonomous data warehouse. Now it announced the next step
with the launch of the Oracle Autonomous Transaction Processing (ATP) service.
Read more
[TECHCRUNCH.COM]
Databases
MICROSOFT: SQL Server 2008 Support Extended for Cloud Migrations. Microsoft
is adding an addition three years of support for SQL Server 2008 customers that
migrate to the Azure Cloud. Read more
[EWEEK.COM]
GET STARTED: Quick Start Tips for Using the New MSSQL-CLI SQL Query Tool. The
new MSSQL-CLI command-line tool provides many enhancements over SQLCMD
CLI that enable you to quickly write and run T-SQL queries across Linux, macOS and
Windows. Read more
[SEARCHSQLSERVER.TECHTARGET.COM – REGISTRATION REQUIRED FOR ACCESS]
More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.
Federal Tech
Federal Tech
FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape,
Modernize Government Technology. The size and scope of the
federal government’s information technology landscape only
continues to grow and in a way that makes it incredibly difficult to
change. In the Federal Chief Information Officers Council’s latest
study, the current state of government IT is described as monolithic.
And, it is not meant as a compliment. Read more
[FEDERALNEWSRADIO.COM]
Federal Tech
OPINION: Government Efforts to Weaken Privacy are Bad for Business and
National Security. The federal government’s efforts to require technology and
social media companies to relax product security and consumer privacy standards
– if successful – will ultimately make everyone less safe and secure. Read the rest
[INFOSECURITY-MAGAZINE.COM]
PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your
DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies
had to send DNA samples to government labs and wait for it to get tested, which
could take days or even weeks. Find out more
[GOVTECH.COM]
Federal Tech
MODERNIZATION: Making Modernization Happen. Now more than ever before,
comprehensive IT modernization for federal agencies is a real possibility. The
question that remains is whether President Donald Trump’s words and actions
during his first months in office will be sustained by the administration and
Congress in the months and years ahead. Read more
[FCW.COM]
State Tech
State Tech
SURVEY: Cybersecurity Concerns May Keep One in Four Americans
from Voting. Cybersecurity concerns may prevent one in four
Americans from heading to the polls in November, according to a
new survey by cybersecurity firm Carbon Black. The company
recently conducted a nationwide survey of 5,000 eligible US voters to
determine whether reports of cyberattacks targeting election-related
systems are impacting their trust in the US electoral process. The
results revealed that nearly half of voters believe the upcoming
elections will be influenced by cyberattacks. Consequently, more
than a quarter said they will consider not voting in future elections.
Read more
[HSTODAY.US.COM]
State Tech
ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is
centralizing IT operations under Alaska’s newly created Office of
Information Technology. But consolidating IT in a sprawling state like
Alaska offers challenges not found in other environments, says the
state’s new CIO Bill Vajda. Read the rest
[GCN.COM]
ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter
State IT. Jim Purcell wasn’t expecting a call from Alabama’s new
governor, Kay Ivey, and he certainly wasn’t expecting her to ask him
to head up the Office of Information Technology (OIT) – but that’s
exactly what happened last week. Find out more
[GOVTECH.COM]
State Tech
ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of
Illinois, sought to become the nation’s first Smart State – a process that required
reorganizing its 38 IT departments into one, improving government services, and
finding new sources of innovation to apply to its revenue model. Within 18
months, Illinois rose in national rankings from the bottom fourth of state
governments to the top third. Read more
[ENTERPRISERSPROJECT.COM]
Electronic Document Management
Electronic Document Management
CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer
Financial Protection Bureau wants to move to a public cloud setup for some of its
core enterprise apps. The financial watchdog agency recently sent out a Request
for Information (RFI) on the process, technical requirements and costs of moving to
cloud services in fiscal year 2017. CFPB wants to establish a more complete
understanding on the costs associated with moving fully to a cloud solution for
email and office applications (e.g., documents, spreadsheets, presentations,
SharePoint and more).Read the rest
[FEDTECHMAGAZINE.COM]
Electronic Document Management
ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa
Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about
the many ways business document management can save your company time,
space, and more importantly, loads of money. Here are the four most obvious ways
these tools provide excellent return-on-investment. Read more
[PCMAG.COM]
Section 508 Compliance & WCAG 2.0
Section 508 Compliance & WCAG 2.0
HIRING: Blind Workers Test Limitations of Online Hiring Systems. Hard Rock Cafe.
GameStop. Dart Container. Albertsons. What do the theme-restaurant chain,
gaming retailer, foam cup maker, and grocery store chain have in common? All are
accused of having online job application systems that blind workers can’t access
fully. And all four companies face lawsuits in California federal court alleging
discrimination against blind and visually impaired job seekers at the very outset of
the job search process. And they’re not alone. Since April, seven other employers
have similarly been sued under California law in state court. The cases draw
attention to “huge” problems for many visually impaired Americans: accessing
online job sites and unemployment, the American Foundation for the Blind’s
Megan Dodd told Bloomberg Law. Read more
[BNA.COM]
Section 508 Compliance & WCAG 2.0
APPLE: Sued Over Claims Website is Inaccessible to Visually Impaired Users.
Apple has become the target of a new lawsuit, one that claims the iPhone
producer’s website is violating the Americans with Disabilities Act (ADA) by not
being fully accessible to blind or visually-impaired consumers, due to the way the
website itself is coded. Read more
[APPLEINSIDER.COM]
AGILE: How USCIS Ensures Section 508 Compliance in Agile Development. Many
people ask how U.S. Citizenship and Immigration Services (USCIS) ensures Section
508 compliance in Agile projects – especially when Section 508 testing is still
largely manual. The short answer is that they do this the same way they ensure the
code works or that it meets security requirements: they test. And they do this as
early in the process as possible. Then, they do whatever else works. Read more
[HSTODAY.US]
Section 508 Compliance & WCAG 2.0
POLICY & ISSUES: 19 State AGs Write Sessions Sharing CUNA’s ADA Concerns.
Attorneys General from nineteen states have written Attorney General Jeff
Sessions calling for clarity about how the Americans With Disabilities Act applies to
websites. Several of the attorneys general signed onto the letter as a direct result
of advocacy by state credit union leagues. CUNA continues its work to find a
solution on the regulatory and legislative arenas, as uncertainty over how the ADA
applies to websites has led to lawsuits against credit unions. Read more
[NEWS.CUNA.ORG]
Security Patches
Security Patches
FYI: Patch Tuesday, August 2018 Edition. Adobe and Microsoft each released
security updates for their software on Tuesday. Adobe plugged five security holes
in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60
vulnerabilities in Windows and other software, including two “zero-day” flaws that
attackers were already exploiting before Microsoft issued patches to fix them.
Read more
[KREBSONSECURITY.COM]
ORACLE: Apply Out-of-Band Patch for Database Flaw ASAP. Flaw in the Java VM
component of Oracle’s Database Server is easily exploitable, security experts warn.
Read more
[DARKREADING.COM]
Security Patches
INTEL: Beyond Spectre – Foreshadow, a New Intel Security Problem. Researchers
have broken Intel’s Software Guard Extensions, System Management Mode, and
x86-based virtual machines. Read more
[ZDNET.COM]
CISCO: Patches Router OS Against New Crypto Attack on Business VPNs. New
attack threatens enterprise VPN and could enable target networks to be
impersonated or allow a man-in-the-middle attack. Read more
[ZDNET.COM]
CIO, CTO & CISO
For the CIO, CTO & CISO
SECURITY: CIOs Reveal Their Security Philosophies. Global IT leaders describe their
approaches to cybersecurity application and communication. Read more
[CIO.COM]
NGA: On the Hunt for a New CTO. The National Geospatial-Intelligence Agency is
looking for a new chief technology officer to be the agency’s “authoritative expert
for technology.” Whoever ends up filling this role will be NGA’s second CTO — Dr.
Anthony Vinci, the agency’s first CTO, was appointed to the role in February 2018
and stepped down this month. Read more
[FEDSCOOP.COM]
CIO, CTO & CISO
CISO: Election Security Insights From Former Federal CISO. Retired Brigadier
General Gregory Touhill, who was appointed by President Obama as the first
CISO of the federal government, spells out what he sees as the essential steps
for fighting against Russian meddling in this year’s midterm elections. Read more
[BANKINFOSECURITY.COM]
WATCHDOG: Agency CIOs Still Don’t Have Mandated Authorities. The onus to
improve the use and management of technology in the federal government has
been put squarely on the shoulders of agency chief information officers.
However, across government, CIOs still don’t have the requisite authorities to
lead IT transformation, according to a recent report from the Government
Accountability Office. Read more
[NEXTGOV.COM]
Penetration Testing
Penetration Testing
SKILLS: That a ‘Next-Level’ Pentester Should Have. Top tier penetration testers
are a breed of their own. Here is how to make sure your pentester is topnotch.
Read more
[THREATPOST.COM]
DHS: Census CIO Says DHS Penetration Tests Confirm Data Security. U.S. Census
Bureau CIO Kevin Smith said that the Department of Homeland Security
performed penetration tests this year that were unable to break through Census’
data safeguards, confirming the strength of Census’ cybersecurity programs for
both its self-response website and in-field mobile devices. Read more
[MERITALK.COM]
Penetration Testing
NEW RESEARCH: To Identify a Hacker, Treat Them Like a Burglar. Imagine
someone robs your house. The savvy culprit didn’t leave behind fingerprints, shoe
prints, or any other discrete, identifying details. Still, police manage to link the
crime to a series of burglaries that happened the next town over, because of the
criminal’s behavior. Each robbery occurred in the same way, and in each case, the
perpetrator stole many of the same items. Now, new research indicates that the
techniques law enforcement use to tie crimes together through behavioral
patterns might help in the digital world too. Read more
[WIRED.COM]
FEDERAL GOVERNMENT: What Solutions and Services Can Best Support Federal
IT Modernization? Cutting-edge technologies move agencies toward their goals
for efficiency, productivity and security. Read more
[FEDTECHMAGAZINE.COM]
Open Source
Open Source
UI DEV: Getting to Know Grommet, an Open Source UI Dev Tool. While
Grommet has been around since 2016, it is not among the best-known open
source development tools. The library of reusable UI components helps
developers create web applications. This overview explains what Grommet can
do, the problems it addresses, and what makes it appealing. Read more
[LINUX.COM]
DART 2: Open Source Dart 2 Revamp Focuses on Mobile, Web Development.
After a nearly eight-month pre-release preview, the open source Dart 2
programming language has emerged as a stable release that includes many
breaking changes in a revamp that focuses on mobile and Web client-side
development. Along with that Web focus, creator Google has shipped a
complete rewrite of the Dart Web platform. Read more
[ADTMAG.COM]
Open Source
SPOT THE BOT: Researchers Open-Source Tools to Hunt Twitter Bots. Their goal?
To create a means of differentiating legitimate from automated accounts and detail
the process so other researchers can replicate it. Read more
[DARKREADING.COM]
GSA: Offers Overview of How It’s Redesigning CAMEO. The General Services
Administration is getting ready to overhaul the system it uses as the federal
government’s buyer of IT solutions, and it provided industry stakeholders with a
sneak peek. Officials from the agency’s Federal Acquisition Service, including
Commissioner Alan Thomas, detailed their strategy to redesign the backend of the
CIO Application Maintenance, Enhancements, and Operations (CAMEO) system.
They plan to issue a follow-on contract that emphasizes commercial-off-the-shelf
(COTS) applications, an open-source data layer that works across technologies and a
whole lot of industry engagement. Read more
[FEDSCOOP.COM]
Business Intelligence
Business Intelligence
B2B: Self Service Business Intelligence Isn’t Here, Artificial Intelligence May Be The
Missing Piece. BI tools are still the arena of the analyst. Line managers are able to
look at visualizations in a dashboard, they even have a limited ability to investigate
the data underneath it, but a “what if?” thought almost always requires a loop back
to an analyst or a developer. While too many people in the industry continue to say
the solution to the problem is to get the managers to “think like data scientists”,
there will continue to be barriers to acceptance. It’s not the line manager’s job to be
a programmer or analyst any more than it is the programmer’s or analyst’s job do
deal with managing the business. What’s needed is to assist the manager. There are
two main technical problems to doing that. Read more
[FORBES.COM]
Business Intelligence
HR: Turning the Tide on Business Intelligence Failure. When does business
information become a business disadvantage? Using today’s Business Intelligence
(BI) tools can be a bit like trying to drink from a fire hydrant – too much information,
from all directions, with no control. Far too often the very business driver a
company set out to find and monitor gets lost in the melee. Read more
[BLEEPINGCOMPUTER.COM]
MICROSOFT: Updates Power BI Report URL Filter, Report Server Update.
Microsoft’s Power BI application has been given a number of feature updates aimed
at improving enterprise business intelligence reporting and improving the
performance of Power BI for users. Read more
[EWEEK.COM]
Business Intelligence
FEDERAL GOVERNMENT: Microsoft Says It Has Found a Russian Operation
Targeting U.S. Political Institutions. A group affiliated with the Russian government
created phony versions of six websites – including some related to public policy and
to the U.S. Senate – with the apparent goal of hacking into the computers of people
who were tricked into visiting, according to Microsoft, which said Monday night that
it discovered and disabled the fake sites. Read more
[WASHINGTONPOST.COM]
Operating Systems
Operating Systems
GOOGLE: Chrome 69 Rolling Out ‘Material Design refresh’ Next Month ‘Across All
Operating Systems’. Even before the Google Material Theme was showcased at I/O
2018, the Chrome team has been working on a big redesign for the browser that
shares many similarities like rounded corners and stark white backgrounds.
Available on both desktop and mobile, this “Material Design refresh” is now
scheduled to begin rolling out in September with Chrome 69. Read more
[9TO5GOOGLE.COM]
CISCO: Patches Its Operating Systems Against New IKE Crypto Attack. Cisco
released security updates today to patch a vulnerability in the IOS and IOS XE
operating systems that run the vast majority of its devices. The vulnerability is
tracked as CVE-2018-0131 and is one of four CVE identifiers for a new
Bleichenbacher oracle cryptographic attack against the IKE (Internet Key Exchange)
protocol. Read more
[BLEEPINGCOMPUTER.COM]
Operating Systems
SECURITY: Securing the Server, Inside and Out. Computing is hard enough, but the
sophistication and proliferation of attacks on IT infrastructure, from the firewall
moat surrounding the corporate network all the way down into the guts of the
operating system kernel and deep into the speculative execution units on the
physical processor, make the task of computing – with confidence – doubly difficult.
It hasn’t helped that applications have become increasingly distributed and
virtualized, spread across networked machines and propped up on various layers of
software abstraction. Read more
[THENEXTPLATFORM.COM]
Operating Systems
FYI: SUSE Builds a Custom Linux Kernel to Boost Microsoft Azure Performance.
SUSE added a performance boost for enterprises running its Linux Enterprise Server
15 platform on the Microsoft Azure cloud. That boost comes from a custom-tailored
Linux kernel that provides up to 25 percent faster network throughput and a 23
percent drop in average latency for on-demand instances. Read more
[SDXCENTRAL.COM]
BYOD
BYOD
SECURITY: Why BYOD Authentication Struggles to be Secure. A recent Bitglass
study pointed out some interesting statistics: Over a quarter (28%) of organizations
rely solely on user-generated passwords to secure BYOD, potentially exposing
countless endpoints to credential guessing, cracking and theft. 61% of respondents
also had reservations about Apple’s Face ID technology. Given that the general
concept in security has always been to eliminate passwords and use MFA, the
results are surprising, so why the disconnect? Read more
[INFOSECURITY-MAGAZINE.COM]
BYOD
DOD: ‘Wrong Trajectory’ in Mobile Strategy Stifles Marines’ BYOD Ambitions. The
Marine Corps has been talking about implementing a bring-your-own-device
strategy for more than three years as one way to cut costs and speed up its
adoption of commercial smartphone technology. But the service’s chief information
officer says the goal is still a long way off, and the Marines are still struggling to
bring aboard the most modern mobile devices, even when they’re owned by the
government. Read more.
[FEDERALNEWSRADIO.COM]
TEXTBOOKS OPTIONAL: What Unbundling and BYOD Mean for Learning
Technology. Today, schools across the country look to educators to customize
learning for their unique classrooms. Here is how educators are accomplishing this
through unbundling and BYOD. Find out more
[ESCHOOLNEWS.COM]
BYOD
FEDERAL GOVERNMENT BYOD: The Mobile Security Conundrum. There are
currently more than 7.7 billion mobile connections around the world. Thanks to the
Internet of Things, it is predicted that the number of connected devices will reach
an astounding 20.8 billion by 2020. With the average number of mobile devices
owned per person currently estimated at 3.64, those devices are becoming
necessary equipment for today’s workers. Yet while the private sector has been
quick to establish Bring-your-own-device policies, the public sector has lagged
behind because of security and privacy concerns. Despite several initiatives —
including a White House-issued BYOD toolkit and two National Institute of
Standards and Technology documents (800-124 and 800-164) giving guidance on
securing devices that connect with government networks — many federal agencies
are still reluctant to establish BYOD policies. Read more
[GCN.COM]
Incident Response
Incident Response
PODCAST: Gain an Edge Over BEC and Account Compromise With Intelligent
Incident Response. As Black Hat heats up in Las Vegas, host Lorielle Paulk, product
marketing manager at IBM X-Force Incident Response and Intelligence Services
(IRIS), sits down with Nick Rossmann, research and operations lead at X-Force IRIS,
and Jordan Rogers, principal consultant at X-Force IRIS, to discuss the hottest
threats in today’s security landscape and the critical advantage of intelligent
incident response. Read more
[SECURITYINTELLIGENCE.COM]
ENDPOINT: 4 Reasons Why Companies Are Failing at Incident Response. When it
comes to containing the business impacts of a security breach, proper planning is
often the difference between success and failure. Read more
[DARKREADING.COM]
Incident Response
GDPR: Incident Response Under GDPR – What to Do Before, During and After a
Data Breach. The European Union (EU)’s General Data Protection Regulation (GDPR)
is in full effect, but many organizations still don’t have the processes in place to be
compliant. According to an IBM survey, only 36 percent of executives said they
expect to be GDPR-compliant by the enforcement date. For many organizations,
one of the top challenges is complying with the GDPR’s tight 72-hour data breach
notification window. To help organizations accelerate their incident response times
and meet this deadline, we’ve outlined steps privacy teams can take before, during
and after a data breach to help them comply with the GDPR and improve their
overall privacy and security processes. Read more
[SECURITYINTELLIGENCE.COM]
Incident Response
CIRP: Ten Considerations for a Cybersecurity Incident Response Plan. If you ask a
group of cybersecurity experts what should be included in a Cybersecurity Incident
Response Plan (“CIRP”), you will get a wide variety of answers. Happily, many of
those answers contain similar themes including these ten important considerations
your organization should be aware of when creating and managing a CIRP. Read
more
[LEXOLOGY.COM]
Cybersecurity
Cybersecurity
DNC: Says Hack Attack Was Actually Just a Cybersecurity Test. The Democratic
National Committee now believes its database of voters was the target of a third-
party test of its cybersecurity and not a cyber-attack, according to party officials.
Read more
[TIME.COM]
FYI: The Most Effective Defense is Proactive Cybersecurity. Your network is under
siege. If you’ve been working in IT or IT security for more than 15 minutes, you
should be aware that there’s a seemingly endless array of attackers and exploits
trying to infiltrate your network, compromise your servers and applications, and
steal your data every day. The thing that separates effective cybersecurity from
poor cybersecurity is just how proactive your network defenses are—do you
respond to threats, or react? Read more
[SECURITYBOULEVARD.COM]
Cybersecurity
CHRONICLE: One of Google’s Newest Sister Companies is Almost Ready to Go
After the $96 Billion Cybersecurity Industry on a ‘Planet Scale’. Chronicle is one of
Alphabet’s newest “Other Bets,” the group of Google’s sister companies that are
hoping to stumble on the next big thing in tech, such as self-driving cars (Waymo) or
high-speed internet access in remote areas (Loon). And cybersecurity is a
potentially massive opportunity for Alphabet. Research firm Gartner predicts
cybersecurity spending will hit $96 billion in 2018, and only increase from there.
Read more
[CNBC.COM]
Cybersecurity
FINANCIAL SERVICES: Cybersecurity Compliance Deadline Looming, Says NY
Regulator. Financial companies regulated by New York State Department of
Financial Services have less than a month to comply with another round of
cybersecurity rules, the agency’s head warned Wednesday. Read more
[AMERICANBANKER.COM]
WORK FORCE: Cybersecurity’s Insidious New Threat – Workforce Stress. The
thousands of cybersecurity professionals gathering at Black Hat, a massive
conference held in the blistering heat of Las Vegas every summer, are encountering
a different type of session this year. A new “community” track is offering talks on a
range of workplace issues facing defenders battling to protect the world from a
hacking onslaught. With titles like “Mental Health Hacks: Fighting Burnout,
Depression and Suicide in the Hacker Community” and “Holding on for Tonight:
Addiction in Infosec,” several of the sessions will address pressures on security
teams and the negative impact these can have on workers’ wellbeing. Read more
[TECHNOLOGYREVIEW.COM]
Cybersecurity
NNSA: Banning Software Isn’t the Route to Cybersecurity, Nuclear Security Agency
Official Says. The government should be focused on mitigating the danger any
software can pose, rather than banning software from China and elsewhere, the
NNSA CIO says. Read more https://fedtechmagazine.com/article/2018/
[NEXTGOV.COM]
IoT: Continental Offers Cyber Security Solutions from Argus and Elektrobit for All
Connected Vehicle Electronics. Technology company Continental recently
announced it is offering end-to-end cyber security and wireless software update
solutions integrated into connected vehicle electronics including telematics units,
infotainment systems, gateways and more from Argus Cyber Security (Argus) and
Elektrobit (EB). Read more
[DARKREADING.COM]
Cybersecurity
THE CYBERSECURITY 202: Trump Team Isn’t Doing Enough to Deter Russian
Cyberattacks. The Trump administration isn’t doing enough to deter Russian
cyberattacks, according to an overwhelming 94 percent of cybersecurity experts
surveyed by the Cybersecurity 202. Read more
[WASHINGTONPOST.COM]
GOOGLE: Doesn’t Want You to Have to Think About Cybersecurity. Your safety
online shouldn’t be your problem — it should be the tech giants’. Parisa Tabriz,
nicknamed “Google’s Security Princess” and the company’s director of engineering,
delivered the keynote speech at the Black Hat cybersecurity conference Wednesday
in Las Vegas, where she discussed issues with the state of cybersecurity. Read more
[CNET.COM]
Project Management
Project Management
BEST PRACTICES: 6 Project Management Skills All Managers Should Adopt. Here
are six vital project management skills that you can adopt in your managerial
career to ensure better business outcomes for your organization. Read more
[SILICONREPUBLIC.COM]
CXO: 5 Things to Know About Remote Project Management. As the workforce
gets more spread out, managers need to acquire a few new skills, to keep everyone
on task. Read more
[TECHREPUBLIC.COM]
Project Management
DEVOPS: 8 Things They Don’t Teach You in Project Management School. Project
management is about more than shepherding software through the
development process. Don’t forget the humans and the team dynamic. Read
more
[INFORMATIONWEEK.COM]
FYI: Why Everyone is Now a Project Manager. A report from Planview detailed
the five biggest challenges to effective project management and the top tools in
the profession. Read more
[TECHREPUBLICAN.COM]
Application Development
Application Development
INFOGRAPHIC: The Time and Cost of Mobile Application Development. A great
website is a necessity for just about any business, and ensuring that website works
well on mobile is also vital. But is your mobile website up to giving your customers a
stellar experience? If you’re unsure, check out these factors to determine whether
a mobile site or a mobile app is right for your business. If you decide your business
is ready for an app, then you’ll want to start thinking about cost. Read more
[MARKETINGPROFS.COM]
CIOs: 5 Things CIOs Misunderstand About Application Development. Do you have
a blind spot or two regarding the daily realities of your application developers?
Here’s what IT execs sometimes don’t “get” about modern application
development. Read more
[ENTERPRISERSPROJECT.COM]
Application Development
DEFENSE: New Application Development Standards Will Reduce Risk to
Commanders. The Navy is “moving out to enforce” this fall a new approach to
developing applications meant to rapidly push software to the fleet and reduce the
burden on operational commanders when software is problematic, according to a
senior Navy officer. Read more
[INSIDEDEFENSE.COM]
CLOUD: Best Practices for Your SaaS Laravel Application on AWS. It is not easy to
subsist in a modern cloud ecosystem. However, there are solid principles that will
help you to build a perfect AWS architecture for your Laravel application, including
the 12-factor methodology, design applications with a stateless approach and
decoupling service components. Read more
[DEVOPS.COM]
Big Data
Big Data
SEARCH ACQUISITION: Twitter Kills Off Third-Party App Features. Twitter has
restricted access to APIs, which effectively kills off certain key features in popular
third-party apps. Most notably, third-party apps have lost the ability to deliver push
notifications and refresh the timeline automatically. Read more
[SEARCHENGINEJOURNAL.COM]
BIG DATA AND AI: Eight Ways Big Data And AI Are Changing The Business World.
By the end of 2018, it is predicted that 70% of enterprises (paywall) will implement
artificial intelligence (AI). This is up from 40% in 2016 and 51% in 2017. There’s one
thing that these statistics make crystal clear — big data and AI are here to stay.
Read more
[FORBES.COM]
Big Data
HEALTHCARE: How AI, Blockchain Combine to Fuel Healthcare Big Data Analytics.
Artificial intelligence and blockchain have quickly become the tools of choice for
developers, providers, and payers looking to bulk up their health IT infrastructure
with innovative, effective data management capabilities. Read more
[HEALTHITANALYTICS.COM]
FYI: Big Data Pros and Cons. These days every enterprise makes use of big data. Big
data analytics offers a veritable gold mine of potential benefits, but it also poses
significant challenges that could offset any potential gains. Read more
[DATAMATION.COM]
Internet of Things (IoT)
Internet of Things (IoT)
CITIES: 6 Ways The Internet Of Things Is Improving The Quality Of Urban Life. So
how are cities currently leveraging IoT to improve urban life and boost the
happiness of city dwellers? Here are six examples. Read more
[FORBES.COM]
READ: The Internet of Things Era: 6 Ways to Stay Safe. While the Internet of Things
(IoT) is full of promise and can, in many ways, make our lives easier, it comes at a
cost. The devices that we carry around in our pockets and place in our homes
control access to our possessions, and our most intimate personal details. In the
wrong hands, those gadgets have the power to put our physical safety at risk. You
need to stay safe. Read more
[REUTERS.COM]
Internet of Things (IoT)
SLIDESHOW: 10 Ways the Internet of Things Will Make Our Lives Better. The
Internet of Things (IoT) links a wide range of devices — including wearables, smart
appliances, and driverless cars — to each other and the cloud. This market could
grow from $171 billion in 2017 to $561 billion by 2022, according to market
research firm Reportlinker. Intel (NASDAQ:INTC) estimates that 200 billion devices
could be connected across the IoT market by 2020. Those bullish forecasts sparked
an IoT land grab in recent years, as many companies rushed to produce connected
devices. Here are 10 ways those products can improve our lives. Read more
[FOOL.COM]
Internet of Things (IoT)
COMMENT: Data Behaving Badly. The private sector, especially consumer-facing
organizations, are betting big on data-intensive technologies like artificial
intelligence and the internet of things. The trend is accelerating worldwide, with
private sector investments in AI projected to reach $12.5 billion in 2017 alone, and
IoT investments expected to top $800 billion. Although slower to embrace AI and
IoT, government is now pursuing them aggressively. Read more
[FCW.COM]
Personal Tech
Personal Tech
GOOGLE: Make Several Gmail Addresses Out of One. Thanks to the way Google
processes your mail, you can modify part of your address for different situations
and still get all your messages. Read more
[NYTIMES.COM]
SURVEY: Faculty Members Voice Concerns About Student Reliance on Tech.
Personal technology use on campus is not expected to slow down. That has
presented several concerns among faculty and administrators regarding the impact
of technology dependence on student learning and on the reliability and security of
the related infrastructure. Read more
[EDUCATIONDIVE.COM]
Personal Tech
HOW TO: Give Your Old Computer New Life. If you’re not ready to buy a whole new
system, you might be able to add new parts and upgrade your aging machine for
less than a few hundred dollars. Read more
[NYTIMES.COM]
APPLE: Help a Fellow Mac User With Remote Tech Support. Just like Windows
users, Mac owners have ways to share and control another computer over the
internet to give a quick assist online. Read more
[NYTIMES.COM]
Mobile Applications
Mobile
NIST: Updating Recommendations for Mobile App Security. The National Institute
of Standards and Technology is working on updating its recommendations for how
organizations and developers can keep mobile applications secure. The updated
recommendations are being made to the Special Publication (SP) 800-163, Vetting
the Security of Mobile Applications document that was initially released in January
2015. The 50-page draft revision includes additional clarity and details on how to
minimize mobile app risks. Read more
[EWEEK.COM]
OUR HISTORY WITH MOBILE: A Prescient Steve Jobs Predicted Our Obsession with
Mobile Apps. Though even he might have undersold it a little. Read more
[ENGADGET.COM]
Mobile
SECURITY: Team Finds Many Mobile Applications Are Open to Web API Hijacking.
Smartphones, tablets, iPads—mobile devices have become invaluable to the
everyday consumer. But few consider the security issues that occur when using
these devices. Modern mobile applications or “apps” use cloud-hosted HTTP-based
application programming interface (API) services and heavily rely on the internet
infrastructure for data communication and storage. To improve performance and
leverage the power of the mobile device, input validation and other business logic
required for interfacing with web API services are typically implemented on the
mobile client. However, when a web service implementation fails to thoroughly
replicate input validation, it gives rise to inconsistencies that could lead to attacks
that can compromise user security and privacy. Developing automatic methods of
auditing web APIs for security remains challenging. Read more
[PHYS.ORG]
Mobile
CYBERSECURITY: Risky Mobile Apps No Fun for Entertainment Sector. In case it’s
not already on your risk radar, it’s time to add mobile apps to the growing list of
threat vectors. Mobile apps are risky across all sectors, but more specifically, those
that come from media and entertainment businesses are putting users at risk.
BitSight recently released the results of its research that looked at data from more
than 1,000 companies offering apps on iOS and Google Play and found
vulnerabilities across the board. Read more
[SECURITYBOULEVARD.COM]
Programming & Scripting Development
Client & Server-Side
Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: Is JavaScript Destined to Be Usurped by TypeScript? Year after year
JavaScript features among the top 10 most widely used programming languages
worldwide, but is a challenger emerging to the venerable web favorite? An analysis
by TIOBE, which counts the number of hits for each programming language
returned by major search engines, suggests that Microsoft’s TypeScript is enjoying
an explosive growth in popularity and encroaching on areas previously dominated
by JavaScript. Read more
[TECHREPUBLIC.COM]
JAVA: Kotlin and Java Go Well Together, Report Shows. Kotlin is only seven years
old but it is already playing in the big leagues. Its massive success can be traced
back to the moment when Google announced Kotlin support in Android last year
but that was just the tip of the iceberg. According to Pusher’s State of Kotlin 2018
research report, great things are coming Kotlin’s way. Read more
[JAXENTER.COM]
Programming & Scripting Development
Client & Server-Side
GOOGLE: Google Debuts Jib, a Tool to Make Software Containers and Java Work
Better Together. Google LLC has released Jib, a new open-source tool that aims to
make software containers and the Java programming language work more
seamlessly together. Read more
[SILICONANGLE.COM]
PYTHON: GitHub Now Warns You About Flaws Affecting Your Python Code.
Python has joined Ruby and JavaScript on GitHub’s list of coding languages it scans
for security vulnerabilities. Developers using Python can now get security alerts for
any new bugs the code repository platform spots, as well as some recent
vulnerabilities Python has had. Read more
[ITPRO.CO.UK]
Cloud Computing
Cloud Computing
OPINION: Serverless Computing Is a Paradigm Shift for Cloud Computing. The
serverless revolution is akin to delivery companies moving away from owning large
trucks to managing a fleet of leased vans, and from there, to outsourcing
transportation to a third-party fleet of scooters. Read more
[CALCALISTECH.COM]
MICROSOFT: Catching Up to Amazon in Security Clearances for Cloud. That could
give Microsoft an edge over other potential bidders in the Pentagon’s winner-take-all
competition for a multibillion-dollar cloud computing contract. Read more
[SEATTLETIMES.COM]
Cloud Computing
BUSINESS TRANSFORMATION: Five Ways to Make the Most of the Move to On-
Demand. Cloud computing can’t fix everything but it can be a key element of
business transformation if handled well. Read more
[ZDNET.COM]
LINUX: How Red Hat Morphed From Linux Pioneer Into Cloud-Computing Player.
Red Hat’s reinvention is tied to the rise of cloud computing. Like many traditional
suppliers of information technology, it has been pressured to adapt. Read more
[INVESTORS.COM]
Announcement
Announcement
Blue Mountain Data Systems DOL Contract Extended Another Six Months
The Department of Labor has extended Blue Mountain Data Systems Inc. contract
DOLOPS16C0017 for 6 months for network administration and application
support.
U.S. Dept. of Labor, Employee Benefits Security Administration
1994 to Present Responsible to the Office of Technology and Information Systems
for information systems architecture, planning, applications development,
networking, administration and IT security, supporting the enforcement of Title I
of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.
IT Security | Cybersecurity
IT Security | Cybersecurity
SECURITY: 5 Things You Need to Know About the Future of Cybersecurity. Terrorism
researchers, AI developers, government scientists, threat-intelligence specialists,
investors and startups gathered at the second annual WIRED conference to discuss
the changing face of online security. These are the people who are keeping you safe
online. Their discussions included Daesh’s media strategy, the rise of new forms of
online attacks, how to protect infrastructure, the threat of pandemics and the
dangers of hiring a nanny based on her Salvation Army uniform. Read more
[WIRED.CO.UK]
IT MANAGEMENT: Top 5 Cybersecurity Mistakes IT Leaders Make, and How to Fix
Them. Cybersecurity teams are largely understaffed and underskilled. Here’s how to
get the most out of your workers and keep your business safe. Read more.
[TECHREPUBLIC.COM]
IT Security | Cybersecurity
FEDERAL GOVERNMENT: Rep. Hurd Champions Modernizing Federal Cybersecurity.
The federal government is and will continue to be a target of cyber crimes.
According to the Identity Theft Resource Center, U.S. companies and government
agencies suffered a total of 1,093 data breaches in 2016. Mid-year numbers for 2017
show 791 incidents as of the end of June – a 29 percent increase over the same
period in 2016. With that said, is the government doing enough to prepare for cyber
threats? On this episode of CyberChat, host Sean Kelley, former Environmental
Protection Agency chief information security officer and former Veterans Affairs
Department deputy chief information officer, spoke with Rep. Will Hurd (R-Texas)
about initiatives to modernize the federal cybersecurity space. Read more
[FEDERALNEWSRADIO.COM]
IT Security | Cybersecurity
STATE GOVERNMENT: To Simplify Cybersecurity Regulations, State Groups Ask
Federal Government for Help. A letter to the Office of Management and Budget
says that today’s regulatory environment “hampers” states in their pursuit of cost
savings and IT optimization. Find out more
STATESCOOP.COM]
From the Blue Mountain Data Systems Blog
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
29-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/
Business Intelligence
https://www.bluemt.com/business-intelligence-daily-tech-update-september-15-
2017/
Mobile Applications
https://www.bluemt.com/mobile-applications-daily-tech-update-september-11-
2017/
From the Blue Mountain Data Systems Blog
Personal Tech
https://www.bluemt.com/personal-tech-daily-tech-update-september-28-2017/
Databases
https://www.bluemt.com/databases-daily-tech-update-september-21-2017/
Penetration Testing
https://www.bluemt.com/penetration-testing-daily-tech-update-september-26-
2017/
Incident Response
https://www.bluemt.com/incident-response-daily-tech-update-september-14-
2017/
From the Blue Mountain Data Systems Blog
Security Patches
https://www.bluemt.com/security-patches-daily-tech-update-september-22-
2017/
Operating Systems
https://www.bluemt.com/operating-systems-daily-tech-update-september-20-
2017/
Encryption
https://www.bluemt.com/encryption-daily-tech-update-september-19-2017/
Cloud Computing
https://www.bluemt.com/cloud-computing-daily-tech-update-september-18-
2017/
From the Blue Mountain Data Systems Blog
Open Source
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/
CTO, CIO and CISO
https://www.bluemt.com/cio-cto-ciso-daily-tech-update-september-6-2017/
Programming & Scripting
https://www.bluemt.com/programming-scripting-daily-tech-update-september-
5-2017/
From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/
From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/
From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/
From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience
Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.
MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.
CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com

More Related Content

Recently uploaded

BITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
BITCOIN HEIST RANSOMEWARE ATTACK PREDICTIONBITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
BITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
ssuser2b426d1
 
Google ML-Kit - Understanding on-device machine learning
Google ML-Kit - Understanding on-device machine learningGoogle ML-Kit - Understanding on-device machine learning
Google ML-Kit - Understanding on-device machine learning
VishrutGoyani1
 
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
josephinedrea942
 
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech
 
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
Srinivas Dukka
 
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Deliverybangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
sunilverma7884
 
Attendance Tracking From Paper To Digital
Attendance Tracking From Paper To DigitalAttendance Tracking From Paper To Digital
Attendance Tracking From Paper To Digital
Task Tracker
 
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
OnePlan Solutions
 
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
ThousandEyes
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
Nextskill Technologies
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
rachitkumar09887
 
Leading Project Management Tool Taskruop.pptx
Leading Project Management Tool Taskruop.pptxLeading Project Management Tool Taskruop.pptx
Leading Project Management Tool Taskruop.pptx
taskroupseo
 
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
ashiklo9823
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
Jersey (CHE-PING) Su
 
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction InnovationNYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS Construction ERP Software
 
Artificial intelligence in customer services or chatbots
Artificial intelligence  in customer services or chatbotsArtificial intelligence  in customer services or chatbots
Artificial intelligence in customer services or chatbots
kayash1656
 
GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
attueb
 
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
bhumivarma35300
 
To Avoid Mistakes When Using Online Attendance Sheets
To Avoid Mistakes When Using Online Attendance SheetsTo Avoid Mistakes When Using Online Attendance Sheets
To Avoid Mistakes When Using Online Attendance Sheets
Task Tracker
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
confluent
 

Recently uploaded (20)

BITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
BITCOIN HEIST RANSOMEWARE ATTACK PREDICTIONBITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
BITCOIN HEIST RANSOMEWARE ATTACK PREDICTION
 
Google ML-Kit - Understanding on-device machine learning
Google ML-Kit - Understanding on-device machine learningGoogle ML-Kit - Understanding on-device machine learning
Google ML-Kit - Understanding on-device machine learning
 
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
HIRE A HACKER FOR CHEATING HUSBAND/WIFE)
 
Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.Mobile App Development Company in Noida - Drona Infotech.
Mobile App Development Company in Noida - Drona Infotech.
 
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
AWS DevOps-Tutorial CHANAKYA SRIYAN DUKKA.
 
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Deliverybangalore Girls call  👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
bangalore Girls call 👀 XXXXXXXXXXX 👀 Rs.9.5 K Cash Payment With Room Delivery
 
Attendance Tracking From Paper To Digital
Attendance Tracking From Paper To DigitalAttendance Tracking From Paper To Digital
Attendance Tracking From Paper To Digital
 
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
Maximizing Efficiency and Profitability: Optimizing Data Systems, Enhancing C...
 
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
Cisco Live Announcements: New ThousandEyes Release Highlights - July 2024
 
ERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in CoimbatoreERP Software Solutions Provider in Coimbatore
ERP Software Solutions Provider in Coimbatore
 
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
Agra Girls Call Agra 0X0000000X Unlimited Short Providing Girls Service Avail...
 
Leading Project Management Tool Taskruop.pptx
Leading Project Management Tool Taskruop.pptxLeading Project Management Tool Taskruop.pptx
Leading Project Management Tool Taskruop.pptx
 
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
Vip Girls Call ServiCe Hyderabad 0000000000 Pooja Best High Class Hyderabad A...
 
當測試開始左移
當測試開始左移當測試開始左移
當測試開始左移
 
NYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction InnovationNYGGS 360: A Complete ERP for Construction Innovation
NYGGS 360: A Complete ERP for Construction Innovation
 
Artificial intelligence in customer services or chatbots
Artificial intelligence  in customer services or chatbotsArtificial intelligence  in customer services or chatbots
Artificial intelligence in customer services or chatbots
 
GT degree offer diploma Transcript
GT degree offer diploma TranscriptGT degree offer diploma Transcript
GT degree offer diploma Transcript
 
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
Independent Girls call Service Pune 000XX00000 Provide Best And Top Girl Serv...
 
To Avoid Mistakes When Using Online Attendance Sheets
To Avoid Mistakes When Using Online Attendance SheetsTo Avoid Mistakes When Using Online Attendance Sheets
To Avoid Mistakes When Using Online Attendance Sheets
 
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
Unleashing the Future: Building a Scalable and Up-to-Date GenAI Chatbot with ...
 

Featured

Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
Chiara Aliotta
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
OECD Directorate for Financial and Enterprise Affairs
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
SocialHRCamp
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
Marius Sescu
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
Expeed Software
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
Pixeldarts
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
ThinkNow
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
marketingartwork
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
Skeleton Technologies
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
Neil Kimberley
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
contently
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
Albert Qian
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
Kurio // The Social Media Age(ncy)
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
Search Engine Journal
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
SpeakerHub
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
Tessa Mero
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Lily Ray
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
Rajiv Jayarajah, MAppComm, ACC
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
Christy Abraham Joy
 

Featured (20)

Storytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design ProcessStorytelling For The Web: Integrate Storytelling in your Design Process
Storytelling For The Web: Integrate Storytelling in your Design Process
 
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
Artificial Intelligence, Data and Competition – SCHREPEL – June 2024 OECD dis...
 
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
How to Leverage AI to Boost Employee Wellness - Lydia Di Francesco - SocialHR...
 
2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot2024 State of Marketing Report – by Hubspot
2024 State of Marketing Report – by Hubspot
 
Everything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPTEverything You Need To Know About ChatGPT
Everything You Need To Know About ChatGPT
 
Product Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage EngineeringsProduct Design Trends in 2024 | Teenage Engineerings
Product Design Trends in 2024 | Teenage Engineerings
 
How Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental HealthHow Race, Age and Gender Shape Attitudes Towards Mental Health
How Race, Age and Gender Shape Attitudes Towards Mental Health
 
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdfAI Trends in Creative Operations 2024 by Artwork Flow.pdf
AI Trends in Creative Operations 2024 by Artwork Flow.pdf
 
Skeleton Culture Code
Skeleton Culture CodeSkeleton Culture Code
Skeleton Culture Code
 
PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024PEPSICO Presentation to CAGNY Conference Feb 2024
PEPSICO Presentation to CAGNY Conference Feb 2024
 
Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)Content Methodology: A Best Practices Report (Webinar)
Content Methodology: A Best Practices Report (Webinar)
 
How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024How to Prepare For a Successful Job Search for 2024
How to Prepare For a Successful Job Search for 2024
 
Social Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie InsightsSocial Media Marketing Trends 2024 // The Global Indie Insights
Social Media Marketing Trends 2024 // The Global Indie Insights
 
Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024Trends In Paid Search: Navigating The Digital Landscape In 2024
Trends In Paid Search: Navigating The Digital Landscape In 2024
 
5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary5 Public speaking tips from TED - Visualized summary
5 Public speaking tips from TED - Visualized summary
 
ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd ChatGPT and the Future of Work - Clark Boyd
ChatGPT and the Future of Work - Clark Boyd
 
Getting into the tech field. what next
Getting into the tech field. what next Getting into the tech field. what next
Getting into the tech field. what next
 
Google's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search IntentGoogle's Just Not That Into You: Understanding Core Updates & Search Intent
Google's Just Not That Into You: Understanding Core Updates & Search Intent
 
How to have difficult conversations
How to have difficult conversations How to have difficult conversations
How to have difficult conversations
 
Introduction to Data Science
Introduction to Data ScienceIntroduction to Data Science
Introduction to Data Science
 

Tech Update Summary from Blue Mountain Data Systems August 2018

  • 1. Blue Mountain Data Systems Tech Update Summary August 2018
  • 3. For CTOs, CIOs & CISOs Visit Blue Mountain Data Systems https://www.bluemt.com
  • 4. For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information. You can also receive these updates via email. Click here to subscribe. Here’s the summary of the Daily Tech Updates for August 2018. Hope the information and ideas prove useful. Best, Paul Vesely President and Principal Architect Blue Mountain Data Systems Inc.
  • 6. Network Security IT WATCH: Finding and Fixing Security On Your Network Perimeter. Networks need multiple layers of security. However, with the complexity inherent in the internal layers, many folks pay short shrift to the perimeter. That’s a mistake and here’s why. Read more [PCMAG.COM] SOFTWARE: Linux Kernel 4.18: Better Security, Leaner Code. The latest version of the Linux kernel cleans out nearly 100K lines of code, adds file encryption and the Berkeley Packet Filter, plus makes a nod to gamers and mobile devices. Read more [NETWORKWORLD.COM]
  • 7. Network Security NETWORK DESIGN: Machine Learning Is Becoming a Must in Data Center Network Security. The volume of data traveling on networks and sophistication of attack tools are outpacing human experts’ capabilities. Read more [DATACENTERKNOWLEDGE.COM] SECURITY: Think Like an Attacker…Three Network Security Points to Identify and Protect. Pulling the plug on the Internet is often jokingly referred to as the best solution for network security. All kidding aside, anything you can do to make it harder for the bad guys to gain access to your network can have a positive impact on your overall security posture. That begs the question: with so many cyber security threats and attack methods to worry about – and so many hardware and software solutions to consider – where should you focus? Read more [SECURITYBOULEVARD.COM]
  • 9. Encyption OPINION: There is No Such Thing as a ‘Safe Backdoor’ in Encryption. federal officials are now pressuring tech companies to create so-called “backdoors” that allow law enforcement to work around encrypted devices. These backdoors would grant them access to Americans’ personal data through a supposedly secure channel. In theory, a backdoor would be available only to the government and law enforcement agencies. But technology experts warn that tech companies cannot build a backdoor that would guarantee only law-abiding officials have access. If you create a way in, somebody you don’t want to get in will find it. Read more [THEHILL.COM]
  • 10. Encyption THE PAINS OF ENCRYPTION KEY MANAGEMENT: Why Manual Processes Are So Hard. In its 2018 Global Encryption Trends Study, Thales along with Venafi and Geobridge sponsored Ponemon Institute to survey 5,252 IT and security professionals in 12 different countries about their organizations’ encryption use. Their responses revealed that many enterprises continue to struggle when it comes to balancing encryption with their security posture. Read more [SECURITYBOULEVARD.COM] POPULAR ENCRYPTION SOFTWARE: Researchers Help Close Security Hole. Cybersecurity researchers at the Georgia Institute of Technology have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended “side channel” signals from smartphones. Read more [SCIENCEDAILY.COM]
  • 11. Encyption FYI: Oracle’s Transparent Data Encryption. Security. Each day it seems another breach is reported, another hack revealed, more personal user information is stolen, apparently despite the best efforts to thwart such attacks. It’s becoming increasingly obvious that guarding against break-ins is simply not enough; one must be prepared for the maliciously inclined to succeed at hacking their way into ‘secure’ systems. For the Oracle DBA this may not be as daunting a task as it first appears. Read more [DATABASEJOURNAL.COM]
  • 13. Databases LEGACY: When It Comes to Databases, Why ‘I Can’t Quit You, Baby’. Leaving legacy RDMSs is hard, but eventually enterprises will break free of Oracle’s and others’ last grip on their data infrastructure. Read more [INFOWORLD.COM] ORACLE: Oracle Launches Autonomous Database for Online Transaction Processing. Oracle executive chairman and CTO Larry Ellison first introduced the company’s autonomous database at Oracle Open World last year. The company later launched an autonomous data warehouse. Now it announced the next step with the launch of the Oracle Autonomous Transaction Processing (ATP) service. Read more [TECHCRUNCH.COM]
  • 14. Databases MICROSOFT: SQL Server 2008 Support Extended for Cloud Migrations. Microsoft is adding an addition three years of support for SQL Server 2008 customers that migrate to the Azure Cloud. Read more [EWEEK.COM] GET STARTED: Quick Start Tips for Using the New MSSQL-CLI SQL Query Tool. The new MSSQL-CLI command-line tool provides many enhancements over SQLCMD CLI that enable you to quickly write and run T-SQL queries across Linux, macOS and Windows. Read more [SEARCHSQLSERVER.TECHTARGET.COM – REGISTRATION REQUIRED FOR ACCESS]
  • 15. More About Blue Mountain BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S. Dept. of Labor, Employee Benefits Security Administration. Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support. Read more.
  • 17. Federal Tech FEDERAL GOVERNMENT: APIs, Shared Services Can Reshape, Modernize Government Technology. The size and scope of the federal government’s information technology landscape only continues to grow and in a way that makes it incredibly difficult to change. In the Federal Chief Information Officers Council’s latest study, the current state of government IT is described as monolithic. And, it is not meant as a compliment. Read more [FEDERALNEWSRADIO.COM]
  • 18. Federal Tech OPINION: Government Efforts to Weaken Privacy are Bad for Business and National Security. The federal government’s efforts to require technology and social media companies to relax product security and consumer privacy standards – if successful – will ultimately make everyone less safe and secure. Read the rest [INFOSECURITY-MAGAZINE.COM] PUBLIC SAFETY: Rapid DNA Technology Gives Law Enforcement Access to Your DNA in 90 Minutes. Before recently-passed legislation, law enforcement agencies had to send DNA samples to government labs and wait for it to get tested, which could take days or even weeks. Find out more [GOVTECH.COM]
  • 19. Federal Tech MODERNIZATION: Making Modernization Happen. Now more than ever before, comprehensive IT modernization for federal agencies is a real possibility. The question that remains is whether President Donald Trump’s words and actions during his first months in office will be sustained by the administration and Congress in the months and years ahead. Read more [FCW.COM]
  • 21. State Tech SURVEY: Cybersecurity Concerns May Keep One in Four Americans from Voting. Cybersecurity concerns may prevent one in four Americans from heading to the polls in November, according to a new survey by cybersecurity firm Carbon Black. The company recently conducted a nationwide survey of 5,000 eligible US voters to determine whether reports of cyberattacks targeting election-related systems are impacting their trust in the US electoral process. The results revealed that nearly half of voters believe the upcoming elections will be influenced by cyberattacks. Consequently, more than a quarter said they will consider not voting in future elections. Read more [HSTODAY.US.COM]
  • 22. State Tech ALASKA: Unique Challenges in IT Consolidation. The Last Frontier is centralizing IT operations under Alaska’s newly created Office of Information Technology. But consolidating IT in a sprawling state like Alaska offers challenges not found in other environments, says the state’s new CIO Bill Vajda. Read the rest [GCN.COM] ALABAMA: Acting CIO Jim Purcell Is a Man on a Mission for Smarter State IT. Jim Purcell wasn’t expecting a call from Alabama’s new governor, Kay Ivey, and he certainly wasn’t expecting her to ask him to head up the Office of Information Technology (OIT) – but that’s exactly what happened last week. Find out more [GOVTECH.COM]
  • 23. State Tech ILLINOIS: Inside a State Digital Transformation. Hardik Bhatt, CIO of the State of Illinois, sought to become the nation’s first Smart State – a process that required reorganizing its 38 IT departments into one, improving government services, and finding new sources of innovation to apply to its revenue model. Within 18 months, Illinois rose in national rankings from the bottom fourth of state governments to the top third. Read more [ENTERPRISERSPROJECT.COM]
  • 25. Electronic Document Management CFPB: Looks to Embrace Cloud for Email, Office Application Needs. The Consumer Financial Protection Bureau wants to move to a public cloud setup for some of its core enterprise apps. The financial watchdog agency recently sent out a Request for Information (RFI) on the process, technical requirements and costs of moving to cloud services in fiscal year 2017. CFPB wants to establish a more complete understanding on the costs associated with moving fully to a cloud solution for email and office applications (e.g., documents, spreadsheets, presentations, SharePoint and more).Read the rest [FEDTECHMAGAZINE.COM]
  • 26. Electronic Document Management ROI: 4 Ways Business Document Management Software Can Save You Money. Lisa Croft, Group Product Marketing Manager at Adobe Document Cloud, talks about the many ways business document management can save your company time, space, and more importantly, loads of money. Here are the four most obvious ways these tools provide excellent return-on-investment. Read more [PCMAG.COM]
  • 28. Section 508 Compliance & WCAG 2.0 HIRING: Blind Workers Test Limitations of Online Hiring Systems. Hard Rock Cafe. GameStop. Dart Container. Albertsons. What do the theme-restaurant chain, gaming retailer, foam cup maker, and grocery store chain have in common? All are accused of having online job application systems that blind workers can’t access fully. And all four companies face lawsuits in California federal court alleging discrimination against blind and visually impaired job seekers at the very outset of the job search process. And they’re not alone. Since April, seven other employers have similarly been sued under California law in state court. The cases draw attention to “huge” problems for many visually impaired Americans: accessing online job sites and unemployment, the American Foundation for the Blind’s Megan Dodd told Bloomberg Law. Read more [BNA.COM]
  • 29. Section 508 Compliance & WCAG 2.0 APPLE: Sued Over Claims Website is Inaccessible to Visually Impaired Users. Apple has become the target of a new lawsuit, one that claims the iPhone producer’s website is violating the Americans with Disabilities Act (ADA) by not being fully accessible to blind or visually-impaired consumers, due to the way the website itself is coded. Read more [APPLEINSIDER.COM] AGILE: How USCIS Ensures Section 508 Compliance in Agile Development. Many people ask how U.S. Citizenship and Immigration Services (USCIS) ensures Section 508 compliance in Agile projects – especially when Section 508 testing is still largely manual. The short answer is that they do this the same way they ensure the code works or that it meets security requirements: they test. And they do this as early in the process as possible. Then, they do whatever else works. Read more [HSTODAY.US]
  • 30. Section 508 Compliance & WCAG 2.0 POLICY & ISSUES: 19 State AGs Write Sessions Sharing CUNA’s ADA Concerns. Attorneys General from nineteen states have written Attorney General Jeff Sessions calling for clarity about how the Americans With Disabilities Act applies to websites. Several of the attorneys general signed onto the letter as a direct result of advocacy by state credit union leagues. CUNA continues its work to find a solution on the regulatory and legislative arenas, as uncertainty over how the ADA applies to websites has led to lawsuits against credit unions. Read more [NEWS.CUNA.ORG]
  • 32. Security Patches FYI: Patch Tuesday, August 2018 Edition. Adobe and Microsoft each released security updates for their software on Tuesday. Adobe plugged five security holes in its Flash Player browser plugin. Microsoft pushed 17 updates to fix at least 60 vulnerabilities in Windows and other software, including two “zero-day” flaws that attackers were already exploiting before Microsoft issued patches to fix them. Read more [KREBSONSECURITY.COM] ORACLE: Apply Out-of-Band Patch for Database Flaw ASAP. Flaw in the Java VM component of Oracle’s Database Server is easily exploitable, security experts warn. Read more [DARKREADING.COM]
  • 33. Security Patches INTEL: Beyond Spectre – Foreshadow, a New Intel Security Problem. Researchers have broken Intel’s Software Guard Extensions, System Management Mode, and x86-based virtual machines. Read more [ZDNET.COM] CISCO: Patches Router OS Against New Crypto Attack on Business VPNs. New attack threatens enterprise VPN and could enable target networks to be impersonated or allow a man-in-the-middle attack. Read more [ZDNET.COM]
  • 34. CIO, CTO & CISO
  • 35. For the CIO, CTO & CISO SECURITY: CIOs Reveal Their Security Philosophies. Global IT leaders describe their approaches to cybersecurity application and communication. Read more [CIO.COM] NGA: On the Hunt for a New CTO. The National Geospatial-Intelligence Agency is looking for a new chief technology officer to be the agency’s “authoritative expert for technology.” Whoever ends up filling this role will be NGA’s second CTO — Dr. Anthony Vinci, the agency’s first CTO, was appointed to the role in February 2018 and stepped down this month. Read more [FEDSCOOP.COM]
  • 36. CIO, CTO & CISO CISO: Election Security Insights From Former Federal CISO. Retired Brigadier General Gregory Touhill, who was appointed by President Obama as the first CISO of the federal government, spells out what he sees as the essential steps for fighting against Russian meddling in this year’s midterm elections. Read more [BANKINFOSECURITY.COM] WATCHDOG: Agency CIOs Still Don’t Have Mandated Authorities. The onus to improve the use and management of technology in the federal government has been put squarely on the shoulders of agency chief information officers. However, across government, CIOs still don’t have the requisite authorities to lead IT transformation, according to a recent report from the Government Accountability Office. Read more [NEXTGOV.COM]
  • 38. Penetration Testing SKILLS: That a ‘Next-Level’ Pentester Should Have. Top tier penetration testers are a breed of their own. Here is how to make sure your pentester is topnotch. Read more [THREATPOST.COM] DHS: Census CIO Says DHS Penetration Tests Confirm Data Security. U.S. Census Bureau CIO Kevin Smith said that the Department of Homeland Security performed penetration tests this year that were unable to break through Census’ data safeguards, confirming the strength of Census’ cybersecurity programs for both its self-response website and in-field mobile devices. Read more [MERITALK.COM]
  • 39. Penetration Testing NEW RESEARCH: To Identify a Hacker, Treat Them Like a Burglar. Imagine someone robs your house. The savvy culprit didn’t leave behind fingerprints, shoe prints, or any other discrete, identifying details. Still, police manage to link the crime to a series of burglaries that happened the next town over, because of the criminal’s behavior. Each robbery occurred in the same way, and in each case, the perpetrator stole many of the same items. Now, new research indicates that the techniques law enforcement use to tie crimes together through behavioral patterns might help in the digital world too. Read more [WIRED.COM] FEDERAL GOVERNMENT: What Solutions and Services Can Best Support Federal IT Modernization? Cutting-edge technologies move agencies toward their goals for efficiency, productivity and security. Read more [FEDTECHMAGAZINE.COM]
  • 41. Open Source UI DEV: Getting to Know Grommet, an Open Source UI Dev Tool. While Grommet has been around since 2016, it is not among the best-known open source development tools. The library of reusable UI components helps developers create web applications. This overview explains what Grommet can do, the problems it addresses, and what makes it appealing. Read more [LINUX.COM] DART 2: Open Source Dart 2 Revamp Focuses on Mobile, Web Development. After a nearly eight-month pre-release preview, the open source Dart 2 programming language has emerged as a stable release that includes many breaking changes in a revamp that focuses on mobile and Web client-side development. Along with that Web focus, creator Google has shipped a complete rewrite of the Dart Web platform. Read more [ADTMAG.COM]
  • 42. Open Source SPOT THE BOT: Researchers Open-Source Tools to Hunt Twitter Bots. Their goal? To create a means of differentiating legitimate from automated accounts and detail the process so other researchers can replicate it. Read more [DARKREADING.COM] GSA: Offers Overview of How It’s Redesigning CAMEO. The General Services Administration is getting ready to overhaul the system it uses as the federal government’s buyer of IT solutions, and it provided industry stakeholders with a sneak peek. Officials from the agency’s Federal Acquisition Service, including Commissioner Alan Thomas, detailed their strategy to redesign the backend of the CIO Application Maintenance, Enhancements, and Operations (CAMEO) system. They plan to issue a follow-on contract that emphasizes commercial-off-the-shelf (COTS) applications, an open-source data layer that works across technologies and a whole lot of industry engagement. Read more [FEDSCOOP.COM]
  • 44. Business Intelligence B2B: Self Service Business Intelligence Isn’t Here, Artificial Intelligence May Be The Missing Piece. BI tools are still the arena of the analyst. Line managers are able to look at visualizations in a dashboard, they even have a limited ability to investigate the data underneath it, but a “what if?” thought almost always requires a loop back to an analyst or a developer. While too many people in the industry continue to say the solution to the problem is to get the managers to “think like data scientists”, there will continue to be barriers to acceptance. It’s not the line manager’s job to be a programmer or analyst any more than it is the programmer’s or analyst’s job do deal with managing the business. What’s needed is to assist the manager. There are two main technical problems to doing that. Read more [FORBES.COM]
  • 45. Business Intelligence HR: Turning the Tide on Business Intelligence Failure. When does business information become a business disadvantage? Using today’s Business Intelligence (BI) tools can be a bit like trying to drink from a fire hydrant – too much information, from all directions, with no control. Far too often the very business driver a company set out to find and monitor gets lost in the melee. Read more [BLEEPINGCOMPUTER.COM] MICROSOFT: Updates Power BI Report URL Filter, Report Server Update. Microsoft’s Power BI application has been given a number of feature updates aimed at improving enterprise business intelligence reporting and improving the performance of Power BI for users. Read more [EWEEK.COM]
  • 46. Business Intelligence FEDERAL GOVERNMENT: Microsoft Says It Has Found a Russian Operation Targeting U.S. Political Institutions. A group affiliated with the Russian government created phony versions of six websites – including some related to public policy and to the U.S. Senate – with the apparent goal of hacking into the computers of people who were tricked into visiting, according to Microsoft, which said Monday night that it discovered and disabled the fake sites. Read more [WASHINGTONPOST.COM]
  • 48. Operating Systems GOOGLE: Chrome 69 Rolling Out ‘Material Design refresh’ Next Month ‘Across All Operating Systems’. Even before the Google Material Theme was showcased at I/O 2018, the Chrome team has been working on a big redesign for the browser that shares many similarities like rounded corners and stark white backgrounds. Available on both desktop and mobile, this “Material Design refresh” is now scheduled to begin rolling out in September with Chrome 69. Read more [9TO5GOOGLE.COM] CISCO: Patches Its Operating Systems Against New IKE Crypto Attack. Cisco released security updates today to patch a vulnerability in the IOS and IOS XE operating systems that run the vast majority of its devices. The vulnerability is tracked as CVE-2018-0131 and is one of four CVE identifiers for a new Bleichenbacher oracle cryptographic attack against the IKE (Internet Key Exchange) protocol. Read more [BLEEPINGCOMPUTER.COM]
  • 49. Operating Systems SECURITY: Securing the Server, Inside and Out. Computing is hard enough, but the sophistication and proliferation of attacks on IT infrastructure, from the firewall moat surrounding the corporate network all the way down into the guts of the operating system kernel and deep into the speculative execution units on the physical processor, make the task of computing – with confidence – doubly difficult. It hasn’t helped that applications have become increasingly distributed and virtualized, spread across networked machines and propped up on various layers of software abstraction. Read more [THENEXTPLATFORM.COM]
  • 50. Operating Systems FYI: SUSE Builds a Custom Linux Kernel to Boost Microsoft Azure Performance. SUSE added a performance boost for enterprises running its Linux Enterprise Server 15 platform on the Microsoft Azure cloud. That boost comes from a custom-tailored Linux kernel that provides up to 25 percent faster network throughput and a 23 percent drop in average latency for on-demand instances. Read more [SDXCENTRAL.COM]
  • 51. BYOD
  • 52. BYOD SECURITY: Why BYOD Authentication Struggles to be Secure. A recent Bitglass study pointed out some interesting statistics: Over a quarter (28%) of organizations rely solely on user-generated passwords to secure BYOD, potentially exposing countless endpoints to credential guessing, cracking and theft. 61% of respondents also had reservations about Apple’s Face ID technology. Given that the general concept in security has always been to eliminate passwords and use MFA, the results are surprising, so why the disconnect? Read more [INFOSECURITY-MAGAZINE.COM]
  • 53. BYOD DOD: ‘Wrong Trajectory’ in Mobile Strategy Stifles Marines’ BYOD Ambitions. The Marine Corps has been talking about implementing a bring-your-own-device strategy for more than three years as one way to cut costs and speed up its adoption of commercial smartphone technology. But the service’s chief information officer says the goal is still a long way off, and the Marines are still struggling to bring aboard the most modern mobile devices, even when they’re owned by the government. Read more. [FEDERALNEWSRADIO.COM] TEXTBOOKS OPTIONAL: What Unbundling and BYOD Mean for Learning Technology. Today, schools across the country look to educators to customize learning for their unique classrooms. Here is how educators are accomplishing this through unbundling and BYOD. Find out more [ESCHOOLNEWS.COM]
  • 54. BYOD FEDERAL GOVERNMENT BYOD: The Mobile Security Conundrum. There are currently more than 7.7 billion mobile connections around the world. Thanks to the Internet of Things, it is predicted that the number of connected devices will reach an astounding 20.8 billion by 2020. With the average number of mobile devices owned per person currently estimated at 3.64, those devices are becoming necessary equipment for today’s workers. Yet while the private sector has been quick to establish Bring-your-own-device policies, the public sector has lagged behind because of security and privacy concerns. Despite several initiatives — including a White House-issued BYOD toolkit and two National Institute of Standards and Technology documents (800-124 and 800-164) giving guidance on securing devices that connect with government networks — many federal agencies are still reluctant to establish BYOD policies. Read more [GCN.COM]
  • 56. Incident Response PODCAST: Gain an Edge Over BEC and Account Compromise With Intelligent Incident Response. As Black Hat heats up in Las Vegas, host Lorielle Paulk, product marketing manager at IBM X-Force Incident Response and Intelligence Services (IRIS), sits down with Nick Rossmann, research and operations lead at X-Force IRIS, and Jordan Rogers, principal consultant at X-Force IRIS, to discuss the hottest threats in today’s security landscape and the critical advantage of intelligent incident response. Read more [SECURITYINTELLIGENCE.COM] ENDPOINT: 4 Reasons Why Companies Are Failing at Incident Response. When it comes to containing the business impacts of a security breach, proper planning is often the difference between success and failure. Read more [DARKREADING.COM]
  • 57. Incident Response GDPR: Incident Response Under GDPR – What to Do Before, During and After a Data Breach. The European Union (EU)’s General Data Protection Regulation (GDPR) is in full effect, but many organizations still don’t have the processes in place to be compliant. According to an IBM survey, only 36 percent of executives said they expect to be GDPR-compliant by the enforcement date. For many organizations, one of the top challenges is complying with the GDPR’s tight 72-hour data breach notification window. To help organizations accelerate their incident response times and meet this deadline, we’ve outlined steps privacy teams can take before, during and after a data breach to help them comply with the GDPR and improve their overall privacy and security processes. Read more [SECURITYINTELLIGENCE.COM]
  • 58. Incident Response CIRP: Ten Considerations for a Cybersecurity Incident Response Plan. If you ask a group of cybersecurity experts what should be included in a Cybersecurity Incident Response Plan (“CIRP”), you will get a wide variety of answers. Happily, many of those answers contain similar themes including these ten important considerations your organization should be aware of when creating and managing a CIRP. Read more [LEXOLOGY.COM]
  • 60. Cybersecurity DNC: Says Hack Attack Was Actually Just a Cybersecurity Test. The Democratic National Committee now believes its database of voters was the target of a third- party test of its cybersecurity and not a cyber-attack, according to party officials. Read more [TIME.COM] FYI: The Most Effective Defense is Proactive Cybersecurity. Your network is under siege. If you’ve been working in IT or IT security for more than 15 minutes, you should be aware that there’s a seemingly endless array of attackers and exploits trying to infiltrate your network, compromise your servers and applications, and steal your data every day. The thing that separates effective cybersecurity from poor cybersecurity is just how proactive your network defenses are—do you respond to threats, or react? Read more [SECURITYBOULEVARD.COM]
  • 61. Cybersecurity CHRONICLE: One of Google’s Newest Sister Companies is Almost Ready to Go After the $96 Billion Cybersecurity Industry on a ‘Planet Scale’. Chronicle is one of Alphabet’s newest “Other Bets,” the group of Google’s sister companies that are hoping to stumble on the next big thing in tech, such as self-driving cars (Waymo) or high-speed internet access in remote areas (Loon). And cybersecurity is a potentially massive opportunity for Alphabet. Research firm Gartner predicts cybersecurity spending will hit $96 billion in 2018, and only increase from there. Read more [CNBC.COM]
  • 62. Cybersecurity FINANCIAL SERVICES: Cybersecurity Compliance Deadline Looming, Says NY Regulator. Financial companies regulated by New York State Department of Financial Services have less than a month to comply with another round of cybersecurity rules, the agency’s head warned Wednesday. Read more [AMERICANBANKER.COM] WORK FORCE: Cybersecurity’s Insidious New Threat – Workforce Stress. The thousands of cybersecurity professionals gathering at Black Hat, a massive conference held in the blistering heat of Las Vegas every summer, are encountering a different type of session this year. A new “community” track is offering talks on a range of workplace issues facing defenders battling to protect the world from a hacking onslaught. With titles like “Mental Health Hacks: Fighting Burnout, Depression and Suicide in the Hacker Community” and “Holding on for Tonight: Addiction in Infosec,” several of the sessions will address pressures on security teams and the negative impact these can have on workers’ wellbeing. Read more [TECHNOLOGYREVIEW.COM]
  • 63. Cybersecurity NNSA: Banning Software Isn’t the Route to Cybersecurity, Nuclear Security Agency Official Says. The government should be focused on mitigating the danger any software can pose, rather than banning software from China and elsewhere, the NNSA CIO says. Read more https://fedtechmagazine.com/article/2018/ [NEXTGOV.COM] IoT: Continental Offers Cyber Security Solutions from Argus and Elektrobit for All Connected Vehicle Electronics. Technology company Continental recently announced it is offering end-to-end cyber security and wireless software update solutions integrated into connected vehicle electronics including telematics units, infotainment systems, gateways and more from Argus Cyber Security (Argus) and Elektrobit (EB). Read more [DARKREADING.COM]
  • 64. Cybersecurity THE CYBERSECURITY 202: Trump Team Isn’t Doing Enough to Deter Russian Cyberattacks. The Trump administration isn’t doing enough to deter Russian cyberattacks, according to an overwhelming 94 percent of cybersecurity experts surveyed by the Cybersecurity 202. Read more [WASHINGTONPOST.COM] GOOGLE: Doesn’t Want You to Have to Think About Cybersecurity. Your safety online shouldn’t be your problem — it should be the tech giants’. Parisa Tabriz, nicknamed “Google’s Security Princess” and the company’s director of engineering, delivered the keynote speech at the Black Hat cybersecurity conference Wednesday in Las Vegas, where she discussed issues with the state of cybersecurity. Read more [CNET.COM]
  • 66. Project Management BEST PRACTICES: 6 Project Management Skills All Managers Should Adopt. Here are six vital project management skills that you can adopt in your managerial career to ensure better business outcomes for your organization. Read more [SILICONREPUBLIC.COM] CXO: 5 Things to Know About Remote Project Management. As the workforce gets more spread out, managers need to acquire a few new skills, to keep everyone on task. Read more [TECHREPUBLIC.COM]
  • 67. Project Management DEVOPS: 8 Things They Don’t Teach You in Project Management School. Project management is about more than shepherding software through the development process. Don’t forget the humans and the team dynamic. Read more [INFORMATIONWEEK.COM] FYI: Why Everyone is Now a Project Manager. A report from Planview detailed the five biggest challenges to effective project management and the top tools in the profession. Read more [TECHREPUBLICAN.COM]
  • 69. Application Development INFOGRAPHIC: The Time and Cost of Mobile Application Development. A great website is a necessity for just about any business, and ensuring that website works well on mobile is also vital. But is your mobile website up to giving your customers a stellar experience? If you’re unsure, check out these factors to determine whether a mobile site or a mobile app is right for your business. If you decide your business is ready for an app, then you’ll want to start thinking about cost. Read more [MARKETINGPROFS.COM] CIOs: 5 Things CIOs Misunderstand About Application Development. Do you have a blind spot or two regarding the daily realities of your application developers? Here’s what IT execs sometimes don’t “get” about modern application development. Read more [ENTERPRISERSPROJECT.COM]
  • 70. Application Development DEFENSE: New Application Development Standards Will Reduce Risk to Commanders. The Navy is “moving out to enforce” this fall a new approach to developing applications meant to rapidly push software to the fleet and reduce the burden on operational commanders when software is problematic, according to a senior Navy officer. Read more [INSIDEDEFENSE.COM] CLOUD: Best Practices for Your SaaS Laravel Application on AWS. It is not easy to subsist in a modern cloud ecosystem. However, there are solid principles that will help you to build a perfect AWS architecture for your Laravel application, including the 12-factor methodology, design applications with a stateless approach and decoupling service components. Read more [DEVOPS.COM]
  • 72. Big Data SEARCH ACQUISITION: Twitter Kills Off Third-Party App Features. Twitter has restricted access to APIs, which effectively kills off certain key features in popular third-party apps. Most notably, third-party apps have lost the ability to deliver push notifications and refresh the timeline automatically. Read more [SEARCHENGINEJOURNAL.COM] BIG DATA AND AI: Eight Ways Big Data And AI Are Changing The Business World. By the end of 2018, it is predicted that 70% of enterprises (paywall) will implement artificial intelligence (AI). This is up from 40% in 2016 and 51% in 2017. There’s one thing that these statistics make crystal clear — big data and AI are here to stay. Read more [FORBES.COM]
  • 73. Big Data HEALTHCARE: How AI, Blockchain Combine to Fuel Healthcare Big Data Analytics. Artificial intelligence and blockchain have quickly become the tools of choice for developers, providers, and payers looking to bulk up their health IT infrastructure with innovative, effective data management capabilities. Read more [HEALTHITANALYTICS.COM] FYI: Big Data Pros and Cons. These days every enterprise makes use of big data. Big data analytics offers a veritable gold mine of potential benefits, but it also poses significant challenges that could offset any potential gains. Read more [DATAMATION.COM]
  • 75. Internet of Things (IoT) CITIES: 6 Ways The Internet Of Things Is Improving The Quality Of Urban Life. So how are cities currently leveraging IoT to improve urban life and boost the happiness of city dwellers? Here are six examples. Read more [FORBES.COM] READ: The Internet of Things Era: 6 Ways to Stay Safe. While the Internet of Things (IoT) is full of promise and can, in many ways, make our lives easier, it comes at a cost. The devices that we carry around in our pockets and place in our homes control access to our possessions, and our most intimate personal details. In the wrong hands, those gadgets have the power to put our physical safety at risk. You need to stay safe. Read more [REUTERS.COM]
  • 76. Internet of Things (IoT) SLIDESHOW: 10 Ways the Internet of Things Will Make Our Lives Better. The Internet of Things (IoT) links a wide range of devices — including wearables, smart appliances, and driverless cars — to each other and the cloud. This market could grow from $171 billion in 2017 to $561 billion by 2022, according to market research firm Reportlinker. Intel (NASDAQ:INTC) estimates that 200 billion devices could be connected across the IoT market by 2020. Those bullish forecasts sparked an IoT land grab in recent years, as many companies rushed to produce connected devices. Here are 10 ways those products can improve our lives. Read more [FOOL.COM]
  • 77. Internet of Things (IoT) COMMENT: Data Behaving Badly. The private sector, especially consumer-facing organizations, are betting big on data-intensive technologies like artificial intelligence and the internet of things. The trend is accelerating worldwide, with private sector investments in AI projected to reach $12.5 billion in 2017 alone, and IoT investments expected to top $800 billion. Although slower to embrace AI and IoT, government is now pursuing them aggressively. Read more [FCW.COM]
  • 79. Personal Tech GOOGLE: Make Several Gmail Addresses Out of One. Thanks to the way Google processes your mail, you can modify part of your address for different situations and still get all your messages. Read more [NYTIMES.COM] SURVEY: Faculty Members Voice Concerns About Student Reliance on Tech. Personal technology use on campus is not expected to slow down. That has presented several concerns among faculty and administrators regarding the impact of technology dependence on student learning and on the reliability and security of the related infrastructure. Read more [EDUCATIONDIVE.COM]
  • 80. Personal Tech HOW TO: Give Your Old Computer New Life. If you’re not ready to buy a whole new system, you might be able to add new parts and upgrade your aging machine for less than a few hundred dollars. Read more [NYTIMES.COM] APPLE: Help a Fellow Mac User With Remote Tech Support. Just like Windows users, Mac owners have ways to share and control another computer over the internet to give a quick assist online. Read more [NYTIMES.COM]
  • 82. Mobile NIST: Updating Recommendations for Mobile App Security. The National Institute of Standards and Technology is working on updating its recommendations for how organizations and developers can keep mobile applications secure. The updated recommendations are being made to the Special Publication (SP) 800-163, Vetting the Security of Mobile Applications document that was initially released in January 2015. The 50-page draft revision includes additional clarity and details on how to minimize mobile app risks. Read more [EWEEK.COM] OUR HISTORY WITH MOBILE: A Prescient Steve Jobs Predicted Our Obsession with Mobile Apps. Though even he might have undersold it a little. Read more [ENGADGET.COM]
  • 83. Mobile SECURITY: Team Finds Many Mobile Applications Are Open to Web API Hijacking. Smartphones, tablets, iPads—mobile devices have become invaluable to the everyday consumer. But few consider the security issues that occur when using these devices. Modern mobile applications or “apps” use cloud-hosted HTTP-based application programming interface (API) services and heavily rely on the internet infrastructure for data communication and storage. To improve performance and leverage the power of the mobile device, input validation and other business logic required for interfacing with web API services are typically implemented on the mobile client. However, when a web service implementation fails to thoroughly replicate input validation, it gives rise to inconsistencies that could lead to attacks that can compromise user security and privacy. Developing automatic methods of auditing web APIs for security remains challenging. Read more [PHYS.ORG]
  • 84. Mobile CYBERSECURITY: Risky Mobile Apps No Fun for Entertainment Sector. In case it’s not already on your risk radar, it’s time to add mobile apps to the growing list of threat vectors. Mobile apps are risky across all sectors, but more specifically, those that come from media and entertainment businesses are putting users at risk. BitSight recently released the results of its research that looked at data from more than 1,000 companies offering apps on iOS and Google Play and found vulnerabilities across the board. Read more [SECURITYBOULEVARD.COM]
  • 85. Programming & Scripting Development Client & Server-Side
  • 86. Programming & Scripting Development Client & Server-Side JAVASCRIPT: Is JavaScript Destined to Be Usurped by TypeScript? Year after year JavaScript features among the top 10 most widely used programming languages worldwide, but is a challenger emerging to the venerable web favorite? An analysis by TIOBE, which counts the number of hits for each programming language returned by major search engines, suggests that Microsoft’s TypeScript is enjoying an explosive growth in popularity and encroaching on areas previously dominated by JavaScript. Read more [TECHREPUBLIC.COM] JAVA: Kotlin and Java Go Well Together, Report Shows. Kotlin is only seven years old but it is already playing in the big leagues. Its massive success can be traced back to the moment when Google announced Kotlin support in Android last year but that was just the tip of the iceberg. According to Pusher’s State of Kotlin 2018 research report, great things are coming Kotlin’s way. Read more [JAXENTER.COM]
  • 87. Programming & Scripting Development Client & Server-Side GOOGLE: Google Debuts Jib, a Tool to Make Software Containers and Java Work Better Together. Google LLC has released Jib, a new open-source tool that aims to make software containers and the Java programming language work more seamlessly together. Read more [SILICONANGLE.COM] PYTHON: GitHub Now Warns You About Flaws Affecting Your Python Code. Python has joined Ruby and JavaScript on GitHub’s list of coding languages it scans for security vulnerabilities. Developers using Python can now get security alerts for any new bugs the code repository platform spots, as well as some recent vulnerabilities Python has had. Read more [ITPRO.CO.UK]
  • 89. Cloud Computing OPINION: Serverless Computing Is a Paradigm Shift for Cloud Computing. The serverless revolution is akin to delivery companies moving away from owning large trucks to managing a fleet of leased vans, and from there, to outsourcing transportation to a third-party fleet of scooters. Read more [CALCALISTECH.COM] MICROSOFT: Catching Up to Amazon in Security Clearances for Cloud. That could give Microsoft an edge over other potential bidders in the Pentagon’s winner-take-all competition for a multibillion-dollar cloud computing contract. Read more [SEATTLETIMES.COM]
  • 90. Cloud Computing BUSINESS TRANSFORMATION: Five Ways to Make the Most of the Move to On- Demand. Cloud computing can’t fix everything but it can be a key element of business transformation if handled well. Read more [ZDNET.COM] LINUX: How Red Hat Morphed From Linux Pioneer Into Cloud-Computing Player. Red Hat’s reinvention is tied to the rise of cloud computing. Like many traditional suppliers of information technology, it has been pressured to adapt. Read more [INVESTORS.COM]
  • 92. Announcement Blue Mountain Data Systems DOL Contract Extended Another Six Months The Department of Labor has extended Blue Mountain Data Systems Inc. contract DOLOPS16C0017 for 6 months for network administration and application support. U.S. Dept. of Labor, Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  • 93. IT Security | Cybersecurity
  • 94. IT Security | Cybersecurity SECURITY: 5 Things You Need to Know About the Future of Cybersecurity. Terrorism researchers, AI developers, government scientists, threat-intelligence specialists, investors and startups gathered at the second annual WIRED conference to discuss the changing face of online security. These are the people who are keeping you safe online. Their discussions included Daesh’s media strategy, the rise of new forms of online attacks, how to protect infrastructure, the threat of pandemics and the dangers of hiring a nanny based on her Salvation Army uniform. Read more [WIRED.CO.UK] IT MANAGEMENT: Top 5 Cybersecurity Mistakes IT Leaders Make, and How to Fix Them. Cybersecurity teams are largely understaffed and underskilled. Here’s how to get the most out of your workers and keep your business safe. Read more. [TECHREPUBLIC.COM]
  • 95. IT Security | Cybersecurity FEDERAL GOVERNMENT: Rep. Hurd Champions Modernizing Federal Cybersecurity. The federal government is and will continue to be a target of cyber crimes. According to the Identity Theft Resource Center, U.S. companies and government agencies suffered a total of 1,093 data breaches in 2016. Mid-year numbers for 2017 show 791 incidents as of the end of June – a 29 percent increase over the same period in 2016. With that said, is the government doing enough to prepare for cyber threats? On this episode of CyberChat, host Sean Kelley, former Environmental Protection Agency chief information security officer and former Veterans Affairs Department deputy chief information officer, spoke with Rep. Will Hurd (R-Texas) about initiatives to modernize the federal cybersecurity space. Read more [FEDERALNEWSRADIO.COM]
  • 96. IT Security | Cybersecurity STATE GOVERNMENT: To Simplify Cybersecurity Regulations, State Groups Ask Federal Government for Help. A letter to the Office of Management and Budget says that today’s regulatory environment “hampers” states in their pursuit of cost savings and IT optimization. Find out more STATESCOOP.COM]
  • 97. From the Blue Mountain Data Systems Blog Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-september- 29-2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-september-18- 2017/ Business Intelligence https://www.bluemt.com/business-intelligence-daily-tech-update-september-15- 2017/ Mobile Applications https://www.bluemt.com/mobile-applications-daily-tech-update-september-11- 2017/
  • 98. From the Blue Mountain Data Systems Blog Personal Tech https://www.bluemt.com/personal-tech-daily-tech-update-september-28-2017/ Databases https://www.bluemt.com/databases-daily-tech-update-september-21-2017/ Penetration Testing https://www.bluemt.com/penetration-testing-daily-tech-update-september-26- 2017/ Incident Response https://www.bluemt.com/incident-response-daily-tech-update-september-14- 2017/
  • 99. From the Blue Mountain Data Systems Blog Security Patches https://www.bluemt.com/security-patches-daily-tech-update-september-22- 2017/ Operating Systems https://www.bluemt.com/operating-systems-daily-tech-update-september-20- 2017/ Encryption https://www.bluemt.com/encryption-daily-tech-update-september-19-2017/ Cloud Computing https://www.bluemt.com/cloud-computing-daily-tech-update-september-18- 2017/
  • 100. From the Blue Mountain Data Systems Blog Open Source https://www.bluemt.com/programming-scripting-daily-tech-update-september- 5-2017/ CTO, CIO and CISO https://www.bluemt.com/cio-cto-ciso-daily-tech-update-september-6-2017/ Programming & Scripting https://www.bluemt.com/programming-scripting-daily-tech-update-september- 5-2017/
  • 101. From the Blue Mountain Data Systems Blog Security Risks Most Prevalent in Younger Workers https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/ The Security World’s Maturation https://www.bluemt.com/the-security-worlds-maturation/ Data Breach Concerns Keep CISOs Up At Night https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/ Personalized Govt Equals Instant Gratification for Citizens https://www.bluemt.com/personalized-govt-equals-instant-gratification-for- citizens/
  • 102. From the Blue Mountain Data Systems Blog People-Centric Security https://www.bluemt.com/people-centric-security/ Pentagon Tries BYOD To Strike Work/Life Balance https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/ Open Source Model Considered for MS Windows https://www.bluemt.com/open-source-model-considered-for-ms-windows/ Open Internet: To Be or Not to Be? https://www.bluemt.com/open-internet-to-be-or-not-to-be/
  • 103. From the Blue Mountain Data Systems Blog Malware Stays A Step Ahead Infecting One Third of Websites https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of- websites/ Machine-Generated Data: Potential Goldmine for the CIO https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the- cio/ Government Legacy Programs: Reuse vs. Replacement https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/ It Takes a Whole Village to Protect Networks and Systems https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and- systems/
  • 104. From the Blue Mountain Data Systems Blog Governance For the CIO https://www.bluemt.com/governance-for-the-cio/ Help Desk Consolidation – Lessons Learned https://www.bluemt.com/help-desk-consolidation-lessons-learned/ One Year Later, Companies Still Vulnerable to Heartbleed https://www.bluemt.com/one-year-later-companies-still-vulnerable-to- heartbleed/ Federal Projects Cultivate Worker Passion https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/
  • 105. ABOUT US Blue Mountain Data Systems Inc. Blue Mountain Data Systems Inc. is dedicated to application and systems development, electronic document management, IT security support, and the automation of workflow processes. Read more about our experience here: >> http://bluemt.com/experience
  • 106. Recent Experience U.S. Dept. of Labor Employee Benefits Security Administration 1994 to Present Responsible to the Office of Technology and Information Systems for information systems architecture, planning, applications development, networking, administration and IT security, supporting the enforcement of Title I of the Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for design, development and support for its various enforcement database management systems, as well as all case tracking and customer service inquiry systems. Blue Mountain also provides IT security services to the EBSA, in the form of FISMA Assessment and Authorization, System Security Plans, Risk and vulnerability assessments, monitoring and investigation support.
  • 107. MANAGEMENT Paul T. Vesely Founder, President, CEO and Principal Architect Mr. Vesely is a recognized thought leader in systems architecture and delivery, having designed and delivered many enterprise wide information and document management solutions. Mr. Vesely’s history includes 33 years experience in the information systems industry, with Unisys, Grumman, PRC and a host of clients in both government and private sectors.
  • 108. CONTACT US Contact Us Today to Discuss Your Next IT Project HEADQUARTERS 366 Victory Drive Herndon, VA 20170 PHONE 703-502-3416 FAX 703-745-9110 EMAIL paul@bluemt.com WEB https://www.bluemt.com