Search

If you are an enterprise technologist in or out of the Federal Government, please take time to watch the entire presentation below. It captures the entirety of the presentations and majority of the conversations at the White House Forum on Information Technology Management Reform. I recommend you watch the entire presentation for several reasons. If you are a student of IT and its governance, you will see what a good strategy looks like. If you are a student of federal policy, you will gain insights into what may be some of the most important shifts underway in the federal space today. If you are an integrator or technology vendor who served federal users you will learn a bit more about how your customer will be shifting in the future and how you can better position to help. And if you are an enterprise technologist you will learn of some very important things under way that will make your life easier and more productive.

I know some guys who are really good at external validation of enterprise security posture. There are some folks so good that nothing will totally stop them. The history of computer science makes me think world-class-best folks like that will always be with us and there will never be a system that is perfectly defendable. But still, there are steps you can take to dramatically enhance the security of your enterprise. I've reviewed some of these before, like ensuring endpoints are protected from malware, using defense in depth to enhance your security posture, mitigating IPv6 security threats, and studying the threat. With this post I'd like to mention another capability that belongs in your defense in depth tool suite: the Microsoft Security news, products, updates and tools site at http://microsoft.com/security The security site at Microsoft is a way for enterprise and home users to tap into three key security centers: The Microsoft Security Engineering Center, The Microsoft Security Response Center, and The Microsoft Malware Protection Center. It is good to know all three of those, but the best way to interface with them, in my opinion, is through the security site...

New Years is always a good time for top ten stories so I thought I would go this way for the January edition of Mazz-INT. I quickly realized, however, there is little new I that could add to stories such as Wikileaks, the failed jihadist bomb attacks, intelligence issues in Afghanistan, budgetary pressures on the IC, or the swap out of Clapper for Blair as DNI that would pique this readership's interest.

In coordination with cybersecurity agencies worldwide, CISA released an advisory warning of advanced persistent threats originated from state-sponsored actors.