Posts Tagged ‘data’

Cyber Security Survey

Last fall, the InfraGard National Capital Region Members Alliance (INCRMA), FBI-Washington Field Office, and the Government Technology & Services Coalition (GTSC) co-hosted a cyber security program at which we announced our intention to develop a survey for companies to share their experience with cyber security “incidents,” hacking, viruses, spear phishing, malware, and other suspicious activity, in addition to asking about what kinds of tools and resources could be most valuable to help industry be more prepared.

The survey collects data on the type and frequency of computer security incidents in which a computer was used as the means of committing a crime against the company or as a conduit through which other intrusion and/or criminal activity was perpetrated. It also collects data about the type and size of the company, cyber security practices, and computer infrastructure.

The results will provide the basis for enhancing or initiating efforts to strengthen the information sharing and awareness to inform our public private partnerships and create meaningful programming and tools to combat the cyber threat.

Initial results will be reviewed at our Cyber Security Awareness Month program on October 23 with Dr. Phyllis Schneck, the new Deputy Under Secretary of Cyber Security at DHS. The full results will be released this fall. The questions have been developed by GTSC from a previously issued DOJ survey, in combination with input from FBI-WFO’s Cyber Branch and the INCRMA’s Cyber Special Interest Group. Please feel free to share the link with others who you believe would be appropriate respondents.

Removable Media: Do You Know Where That’s Been?

Steer clear of portable malware by using only secure removable media

Admit it. You can’t resist plugging those cute little USB thumb drives, miniature CD ROMS and other removable media devices into your computer. They’re easy to use, portable, convenient and they hold lots of data.

But my hacker friends and I discovered that those nifty memory devices are a great way to get into your computer and your network — especially if you don’t know where they came from. We hand them out everywhere we go. Everybody wants one. We pre-infect them with malware or spyware. The second you plug them into your USB port, presto! I’m running around your computer, free and easy.

Sure, it’s handy to download files onto a thumb drive and take them home with you instead of lugging your laptop around. But humans have a propensity to lose things. People misplace their thumb drives or CD ROMS all the time. Because they are so small, it’s pretty easy to steal them, too.

But you can protect yourself, your computer and your network. Just follow these easy tips:

If you don’t know where it came from, don’t put it in your computer.
Safeguard your memory sticks. Keep them in a safe place.
Use encryption. Protect sensitive data on your thumb drives.
Print hard copies of documents and back up data on removable media.

Remember, losing a memory stick that contains important data could have severe consequences. Protect, don’t neglect! For more information, check out www.us-cert.gov.

Lisa Martin
CEO
LeapFrog Solutions, Inc.

LeapFrog Solutions (LFS) is a certified woman owned small business based in Fairfax, Virginia. Founded in 1996, we are a trusted source for commercial businesses and federal agencies seeking full spectrum creative solutions and exceptional program management. This blogpost is brought to you by GTSC in partnership with LeapFrog Solutions. For more information on cyber awareness campaigns contact Anjali Dighe at 703.539.6127 or adighe@leapfrogit.com.

Is Your Data Disaster-Proof?

Information Week, a leading IT industry news source, estimates $26.5 billion in revenue is lost annually due to network and system interruptions. Despite the potential for depleted earnings, angry customers, tarnished reputations, and lost data, over 50% of businesses don’t have an IT disaster recovery plan.

Build a Strong Foundation

Your IT systems support your business, making it is essential to design a solid infrastructure that aligns with your business goals, secures your data, and is resilient. Here are a few simple tips that many organizations neglect.

Schedule maintenance for off-hours. Like your car, information systems need maintenance to operate consistently and at peak efficiency.
Keep software up-to-date. You don’t need to be on the cutting edge, but falling too far behind can cause you more problems and leave you vulnerable to attacks.
Define a password policy and disable old employee accounts. These two best practices are easy to overlook, but the results of negligence can be disastrous, leaving the door open for hostile hackers and disgruntled former employees.

Secure Your Digital Borders

The 2013 Data Breach Investigations Report from Verizon found 68% of attacks required very little skill on the part of attackers. This means that most networks are vulnerable to simple hacks by opportunistic individuals. With so many boxes to check and settings to configure, it’s easy to overlook minor flaws that create big security holes.

Experts can help you close the back doors that hurried employees or loose security guidelines leave open. In the end, the cost of an attack, measured in lost data or downtime, is much higher than the cost of a secure infrastructure.

Plan for Failure

Developing an IT Disaster Recovery Plan ensures your business can get back to work as quickly as possible after a service interruption, natural disaster, hardware failure, or anything cyberspace can throw at you. Make your IT DRP part of a larger, comprehensive Business Continuity Plan and you’ll be ready for anything. To start developing an IT DRP, follow these steps.

Gather stakeholders from various departments to determine which systems, software and data they must have to operate.
Assign priority levels to the most critical systems. You may want to consider generators that can provide power during storms or utilizing an off-site, secure data center.
Estimate the amount of time it will take to restore offline systems after an outage.
Test and reassess your IT DRP yearly or quarterly, depending on your business needs, to account for changes and updates to systems.

Enjoy the Benefits

You may not find your business in the path of a hurricane or tornado tomorrow, but your systems are vulnerable to attacks in ways that your physical structures and employees are not. IT DRP prepares you to deal with data failures, hacking, connectivity outages, theft, and a host of other IT-specific threats and crises.

Avoid the high cost of IT infrastructure failures by investing in a solid plan today.

Lilly Harris
CEO
MSA, Inc.

Lilly Harris is the President and CEO of Man-Machine Systems Assessment. MSA is an Economically Disadvantaged Woman-Owned Small Business with 23 years of government contracting experience. MSA is passionate about our Warfighters and the preparedness of our nation. MSA works diligently to evaluate defense systems, ensure continuity of operations and support mission critical programs that are aligned with our passion and mission.

Visit: www.msaincorp.com

Follow: @MSAincorp