Text/HTML

Cybersecurity Tip of the Week

Shopping Online

When shopping online, always use your credit cards instead of a debit card. If any fraud happens, it is far easier to recover your money from a credit card transaction. Gift cards and one-time-use credit card numbers are even more secure. Learn more in this OUCH! newsletter

Text/HTML

Red exclamation point in a red circle

Information Security Alerts and Advisories

CIS Advisory 2015-102 - Vulnerability in Microsoft Internet Explorer Could Allow Remote Code Execution

CIS Advisory 2015-101 - Vulnerability in Lenovo Service Engine (LSE) Could Allow Remote Code Execution

CIS Advisory 2015-100 - Multiple Vulnerabilites in Apple Products Could Allow Remote Code Execution

CIS Advisory 2015-099 - Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution

CIS Advisory 2015-098 - Multiple Vulnerabilties in Adobe Flash Player Could Allow for Remote Code Execution

CIS Advisory 2015-097 - Cumulative Security Update for Microsoft Edge

Security Alert Archive

Text/HTML

 


    Information Security News   

Text/HTML

Text/HTML

Information Security Training Available

Looking for information security training for your technical staff? The Enterprise Security Program has several opportunities for both free and paid training.

SANS Securing the Human Developer Training

The STH Developer training is an extension of the Securing the Human End User training most state employees have completed the past two years. It focuses on the OWASP top ten web vulnerabilities and the system development life cycle.  There are 18 7-10 minute modules in the program. During the discount purchase period licenses are $250 per person. We need to purchase a minimum of 10 seats. For more information and samples of the modules visit:

http://www.securingthehuman.org/developer/

SANS Online Training and Certification

SANS offers a variety of long courses, most of which prepare students for security certifications. During the discount purchase period courses are $2,330 each, with a minimum of three courses (all agencies combined). Certification exam vouchers can be purchased at the same time for $629 each. Courses can be taken either through SANS OnDemand or SANS vLive. For more information about available courses visit:

www.sans.org/ondemand/courses

www.sans.org/vlive/sessions

The current discount purchase window for SANS courses ends on July 31, 2015. If you are interested, but this timing doesn’t work, there will be another discount purchase period this winter – usually from December until the end of January. 

Federal Virtual Training Environment (FedVTE)

Just when you thought we were teasing about the FREE courses available, we’ll tell you about the FedVTE cybersecurity training system.  Courses range from beginner to advanced levels and are available at no cost to users. Sign up is easy at: www.Fedvte.usalearning.gov and a catalog of available courses is on the site.

If you’d like to purchase any of the SANS courses or have questions, please contact lisa vasa

 

Text/HTML

Text/HTML

    Hyperlink Information Security Home
    Hyperlink Information Security Alerts
    Hyperlink Information Security Training
    Hyperlink Information Security Incident Reports
    Hyperlink SITSD Disaster Recovery Services
    Hyperlink About Information Security
    Hyperlink Information Security Resources

 

Text/HTML

SIGN THE CYBER PLEDGE

It's up to each of us to take responsibility for staying safe online. Simple things like strong passwords, updated software, anti-malware solutions, and paying attention to what you do and share online all make a big difference to your security. The Center for Internet Security has kicked off a new campaign to encourage the practice of good Cyber Hygiene. Take the pledge to do your part today!

Text/HTML

From the Desk of 

Lynne Pizzini, CISO

Keep Calm and Think Security logo

Sun, Sand, and Cyber Security

Every summer, vacationers put their house lights on timers and their mail on hold when they travel away from home. It’s just as important when taking a vacation to take similar precautions with good cyber habits. Many cyber criminals specifically target travelers…

Criminals often set online lures to sell fake vacations or tickets. These may be just simple advertisements or sophisticated scams using realistic websites, complete with phone operators that will “assist” you.

Home Alone

Social media posts with pictures of tourist attractions may update your friends and family, but they also tell criminals that you’re on vacation and your house is empty. Other older posts may contain personal details or pictures of your home, telling thieves what items of value are in the house or how to circumvent security systems.

Stolen “Keys”

Sensitive data, such as login names and passwords, are especially valuable to criminals. One way criminals obtain such data is by installing a “keylogger” on hotel public computers. The keylogger records every keystroke typed on the computer and then transmits that information to the criminal.

Continue reading...

 

Text/HTML

Today's Cyber Alert Level