Cybersecurity Tip of the Week

Watch Out for these common scams

Benjamin Franklin used to say that in this world nothing is certain, except death and taxes. If he were alive today, he would most likely add social scams to the list.
Three common tricks you may come across in the digital world:
- Shocking news or fake celebrity news - Remember the saying “Curiosity killed the cat”? Cyber criminals will use anything that’s hot right then in the media, in order to capture your attention.
- Free stuff. Free mobile phones, free trips, free flight tickets, free beauty products. Always works!
- Urgency. Click here now, the discount is only available today, download this now or never, etc.




    Information Security News   


Montana Information Security Is On Social Media!

Follow @MontanaSecurity on Twitter and like the Montana Information Security page on Facebook for cybersecurity news and tips.



EVENTS for CyberSecurity Month!

Wednesday, October 12th in the Cogswell Building, RM C205 & C207 from 1:30PM to 3:30PM

Wednesday, October 26th in the Mitchell Building, RM 7 from 1:30PM to 3:30PM


Governor Bullock Supports National Cyber Security Awareness Month

Governor Steve Bullock has signed a letter of support for October 2015 as National Cyber Security Awareness Month.

"I am pleased to recognize October as "National Cyber Security Awareness Month" in the State of Montana.

I commend the U.S. Department of Homeland Security (DHS), the Center for Internet Security (CIS)/Multi-State Information Sharing and Analysis Center (MSISAC), the National Association of State Chief Information Officers (NASCIO), and the National Cyber Security Alliance (NCSA) for promoting cyber awareness through guidance for government and businesses, and promoting innovation, strengthening cybersecurity investment and enhancing resilience across all sectors. Maintaining the security of cyberspace is a shared responsibility in which each of us has a critical role to play, and awareness of computer security essentials will improve the security of Montana's information infrastructure and economy. 

To being putting this knowledge into practice in our homes, schools, workplaces, and businesses, please visit the Stop.Think.Connect website: www.dhs.gov/stopthinkconnect or www.stopthinkconnect.org. Thank you for all your hard work and I encourage Montanans to acknowledge October 2015 as "National Cyber Security Awareness Month".

The letter can be viewed here.


Information Security Training Available

Looking for information security training for your technical staff? The Enterprise Security Program has several opportunities for both free and paid training.

SANS Securing the Human Developer Training

The STH Developer training is an extension of the Securing the Human End User training most state employees have completed the past two years. It focuses on the OWASP top ten web vulnerabilities and the system development life cycle.  There are 18 7-10 minute modules in the program. During the discount purchase period licenses are $250 per person. We need to purchase a minimum of 10 seats. For more information and samples of the modules visit:


SANS Online Training and Certification

SANS offers a variety of long courses, most of which prepare students for security certifications. During the discount purchase period courses are $2,330 each, with a minimum of three courses (all agencies combined). Certification exam vouchers can be purchased at the same time for $629 each. Courses can be taken either through SANS OnDemand or SANS vLive. For more information about available courses visit:



The current discount purchase window for SANS courses ends on July 31, 2015. If you are interested, but this timing doesn’t work, there will be another discount purchase period this winter – usually from December until the end of January. 

Federal Virtual Training Environment (FedVTE)

Just when you thought we were teasing about the FREE courses available, we’ll tell you about the FedVTE cybersecurity training system.  Courses range from beginner to advanced levels and are available at no cost to users. Sign up is easy at: www.Fedvte.usalearning.gov and a catalog of available courses is on the site.

If you’d like to purchase any of the SANS courses or have questions, please contact lisa vasa




    Hyperlink Information Security Home
    Hyperlink SITSD Disaster Recovery Services
    Hyperlink About Information Security
    Hyperlink Information Security Resources



It's up to each of us to take responsibility for staying safe online. Simple things like strong passwords, updated software, anti-malware solutions, and paying attention to what you do and share online all make a big difference to your security. The Center for Internet Security has kicked off a new campaign to encourage the practice of good Cyber Hygiene. Take the pledge to do your part today!



From the Desk of 

Lynne Pizzini, CISO

Yellow road sign with text "Stay Safe on the Information Highway"

New Credit Card Chip Technology

Maybe you’ve gotten a new credit or debit card in the mail or heard something about the U.S. moving to the “Chip and Signature” or “Chip and PIN” standard. The U.S. is moving toward adopting these standards, and October 1st, 2015, is a major deadline for U.S. payment companies and merchants.

What is Chip and Signature/Chip and PIN?

The Europay, MasterCard, Visa(EMV) standard uses payment cards with a chip and requires either a PIN (Chip and PIN) or a signature (Chip and Signature) to authorize a payment. The chip is a small metal square, typically silver or gold, on the payment card that stores encrypted, dynamic data. After payment approval during a transaction, the data on the chip will change. This is different from the older magnetic strip cards, where the data on the magnetic strip never changed, which made it easy for malicious actors to copy. With the new chips, it will be more much difficult for malicious actors to read the data on the chip and then, because it constantly changes, to counterfeit it.

Chip and Signature/Chip and PIN cards are only new to the United States. Many countries around the world already uses these new technologies because they help to reduce credit card fraud through the use of authentication, verification, and authorization.

  • Authenticating a card through its chip helps to prevent counterfeit cards.
  • Verifying the card holder through the signature/PIN helps protect against lost or stolen cards.
  • Authorization of the transaction indicates that both the merchant and buyer agree to the transaction.

Continue reading...



Today's Cyber Alert Level