Text/HTML

Cybersecurity Tip of the Week

Keep Your Devices Updated

It seems like nearly every day a new alert or advisory comes out telling us that there's a vulnerability in our devices' operating systems or in applications we use. To lessen your chances of having your device compromised, keep a clean machine:

  • Keep security software current: Having the latest security software, web browser, and operating system are the best defenses against viruses, malware, and other online threats.
  • Automate software updates: Many software programs will automatically connect and update to defend again known risks. Turn on automatic updates if that's an available option.
  • Protect all devices that connect to the Internet: Along with computers, smart phones, gaming systems, other web-enabled devices also need protection from viruses and malware.
  • Plug and scan: USB devices and other external devices can be infected by viruses and malware. Use your security software to scan them.

Read more online safety tips at Stay Safe Online.

Text/HTML

Red exclamation point in a red circle

Information Security Alerts and Advisories

CIS Advisory 2015-102 - Vulnerability in Microsoft Internet Explorer Could Allow Remote Code Execution

CIS Advisory 2015-101 - Vulnerability in Lenovo Service Engine (LSE) Could Allow Remote Code Execution

CIS Advisory 2015-100 - Multiple Vulnerabilites in Apple Products Could Allow Remote Code Execution

CIS Advisory 2015-099 - Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution

CIS Advisory 2015-098 - Multiple Vulnerabilties in Adobe Flash Player Could Allow for Remote Code Execution

CIS Advisory 2015-097 - Cumulative Security Update for Microsoft Edge

Security Alert Archive

Text/HTML

 


    Information Security News   

Text/HTML

Text/HTML

Information Security Training Available

Looking for information security training for your technical staff? The Enterprise Security Program has several opportunities for both free and paid training.

SANS Securing the Human Developer Training

The STH Developer training is an extension of the Securing the Human End User training most state employees have completed the past two years. It focuses on the OWASP top ten web vulnerabilities and the system development life cycle.  There are 18 7-10 minute modules in the program. During the discount purchase period licenses are $250 per person. We need to purchase a minimum of 10 seats. For more information and samples of the modules visit:

http://www.securingthehuman.org/developer/

SANS Online Training and Certification

SANS offers a variety of long courses, most of which prepare students for security certifications. During the discount purchase period courses are $2,330 each, with a minimum of three courses (all agencies combined). Certification exam vouchers can be purchased at the same time for $629 each. Courses can be taken either through SANS OnDemand or SANS vLive. For more information about available courses visit:

www.sans.org/ondemand/courses

www.sans.org/vlive/sessions

The current discount purchase window for SANS courses ends on July 31, 2015. If you are interested, but this timing doesn’t work, there will be another discount purchase period this winter – usually from December until the end of January. 

Federal Virtual Training Environment (FedVTE)

Just when you thought we were teasing about the FREE courses available, we’ll tell you about the FedVTE cybersecurity training system.  Courses range from beginner to advanced levels and are available at no cost to users. Sign up is easy at: www.Fedvte.usalearning.gov and a catalog of available courses is on the site.

If you’d like to purchase any of the SANS courses or have questions, please contact lisa vasa

 

Text/HTML

Text/HTML

    Hyperlink Information Security Home
    Hyperlink Information Security Alerts
    Hyperlink Information Security Training
    Hyperlink Information Security Incident Reports
    Hyperlink SITSD Disaster Recovery Services
    Hyperlink About Information Security
    Hyperlink Information Security Resources

 

Text/HTML

SIGN THE CYBER PLEDGE

It's up to each of us to take responsibility for staying safe online. Simple things like strong passwords, updated software, anti-malware solutions, and paying attention to what you do and share online all make a big difference to your security. The Center for Internet Security has kicked off a new campaign to encourage the practice of good Cyber Hygiene. Take the pledge to do your part today!

Text/HTML

From the Desk of 

Lynne Pizzini, CISO

Keep Calm and Think Security logo

Sun, Sand, and Cyber Security

Every summer, vacationers put their house lights on timers and their mail on hold when they travel away from home. It’s just as important when taking a vacation to take similar precautions with good cyber habits. Many cyber criminals specifically target travelers…

Criminals often set online lures to sell fake vacations or tickets. These may be just simple advertisements or sophisticated scams using realistic websites, complete with phone operators that will “assist” you.

Home Alone

Social media posts with pictures of tourist attractions may update your friends and family, but they also tell criminals that you’re on vacation and your house is empty. Other older posts may contain personal details or pictures of your home, telling thieves what items of value are in the house or how to circumvent security systems.

Stolen “Keys”

Sensitive data, such as login names and passwords, are especially valuable to criminals. One way criminals obtain such data is by installing a “keylogger” on hotel public computers. The keylogger records every keystroke typed on the computer and then transmits that information to the criminal.

Continue reading...

 

Text/HTML

Today's Cyber Alert Level