Cybersecurity Tip of the Week

Use Care With Apps On Mobile Devices

  • Download from safe, trusted sources.
  • Avoid apps that are brand new or those that only a few people have downloaded.
  • Ask yourself, "Do I really need this app?"
  • Double check the privacy settings to make sure you're not giving away too much information.
  • Keep the app updated.

For more information, check out the SANS Ouch! newsletter.


Red exclamation point in a red circle

Information Security Alerts and Advisories

CIS Advisory 2015-086 - Multiple Vulnerabilities In Google Chrome Could Allow for Arbitrary Code Execution

CIS Advisory 2015-085 - Multiple Vulnerabilities In Internet Explorer Could Allow Remote Code Execution

CIS Advisory 2015-083 / ISB Advisory - Out-of-band Microsoft Update - Vulnerability in Microsoft Font Driver Could Allow Remote Code Execution

CIS Advisory 2015-082 - Vulnerability in VBScript Scripting Engine Could Allow Remote Code Execution

CIS Advisory 2015-081 - Cumulative Security Update for Internet Explorer

CIS Advisory 2015-080 - Vulnerability in Microsoft Office Could Allow Remote Code Execution

CIS Advisory 2015-079 - Vulnerability in Microsoft Remote Desktop Could Allow Remote Code Execution

Security Alert Archive



    Information Security News   



Information Security Training Available

Looking for information security training for your technical staff? The Enterprise Security Program has several opportunities for both free and paid training.

SANS Securing the Human Developer Training

The STH Developer training is an extension of the Securing the Human End User training most state employees have completed the past two years. It focuses on the OWASP top ten web vulnerabilities and the system development life cycle.  There are 18 7-10 minute modules in the program. During the discount purchase period licenses are $250 per person. We need to purchase a minimum of 10 seats. For more information and samples of the modules visit:


SANS Online Training and Certification

SANS offers a variety of long courses, most of which prepare students for security certifications. During the discount purchase period courses are $2,330 each, with a minimum of three courses (all agencies combined). Certification exam vouchers can be purchased at the same time for $629 each. Courses can be taken either through SANS OnDemand or SANS vLive. For more information about available courses visit:



The current discount purchase window for SANS courses ends on July 31, 2015. If you are interested, but this timing doesn’t work, there will be another discount purchase period this winter – usually from December until the end of January. 

Federal Virtual Training Environment (FedVTE)

Just when you thought we were teasing about the FREE courses available, we’ll tell you about the FedVTE cybersecurity training system.  Courses range from beginner to advanced levels and are available at no cost to users. We’ve attached a training catalog for the FedVTE program. Sign up is easy at: www.Fedvte.usalearning.gov

If you’d like to purchase any of the SANS courses or have questions, please contact lisa vasa




    Hyperlink Information Security Home
    Hyperlink Information Security Alerts
    Hyperlink Information Security Training
    Hyperlink Information Security Incident Reports
    Hyperlink SITSD Disaster Recovery Services
    Hyperlink About Information Security
    Hyperlink Information Security Resources




It's up to each of us to take responsibility for staying safe online. Simple things like strong passwords, updated software, anti-malware solutions, and paying attention to what you do and share online all make a big difference to your security. The Center for Internet Security has kicked off a new campaign to encourage the practice of good Cyber Hygiene. Take the pledge to do your part today!


From the Desk of 

Lynne Pizzini, CISO

Keep Calm and Think Security logo

Sun, Sand, and Cyber Security

Every summer, vacationers put their house lights on timers and their mail on hold when they travel away from home. It’s just as important when taking a vacation to take similar precautions with good cyber habits. Many cyber criminals specifically target travelers…

Criminals often set online lures to sell fake vacations or tickets. These may be just simple advertisements or sophisticated scams using realistic websites, complete with phone operators that will “assist” you.

Home Alone

Social media posts with pictures of tourist attractions may update your friends and family, but they also tell criminals that you’re on vacation and your house is empty. Other older posts may contain personal details or pictures of your home, telling thieves what items of value are in the house or how to circumvent security systems.

Stolen “Keys”

Sensitive data, such as login names and passwords, are especially valuable to criminals. One way criminals obtain such data is by installing a “keylogger” on hotel public computers. The keylogger records every keystroke typed on the computer and then transmits that information to the criminal.

Continue reading...



Today's Cyber Alert Level