For CTOs, CIOs & CISOs Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue Mountain Data Systems Blog. We hope you will visit our blog for the latest information >> https://bluemt.com/blog/

1. Tech Update Summary
June 2016
Blue Mountain Data Systems

3. For CTOs, CIOs & CISOs
Visit Blue Mountain Data Systems
https://www.bluemt.com

4. For CTOs, CIOs & CISOs
Every business day, we publish a Daily Tech Update for Federal & State CTOs ,CIOs & CISOs on the Blue
Mountain Data Systems Blog. We hope you will visit our blog for the latest information.
You can also receive these updates via email. Click here to subscribe.
Here’s the summary of the Daily Tech Updates for June 2016. Hope the information and ideas prove
useful.
Best,
Paul Vesely
President and Principal Architect
Blue Mountain Data Systems Inc.

5. Network Security

6. Network Security
SWIFT: Launches Plan to Brace Network’s Security. SWIFT is stepping up efforts to
share information among global financial institutions and develop security audit
frameworks for customers. The Society for Worldwide Interbank Financial
Telecommunication has unveiled a five-point plan to reinforce the security of
SWIFT’s payments system in the wake of the Bangladesh Bank heist. Read more
[CFO.COM]
SECURITY SUCCESS: 5 Secret Habits Of Highly Successful Network Security
Programs. The key ingredients to network cybersecurity success and how they
improve security results. A new report shows that when IT organizations are
segmented by security success factors, the top performers share a number of
network security best practices. Read the rest
[DARKREADING.COM]

7. Network Security
INDUSTRY INSIGHT: Next-gen Networks Call for Strategic Security. Government
networks face an environment of escalating risk from cyberattacks, a painful reality
in the digital world. Protecting sensitive government and constituent information is
unquestionably the most serious challenge agencies face. Modernizing networks is
one way agencies can address these challenges, but they must be skeptical when
evaluating new networking solutions — particularly when it comes to their security
capabilities. Adoption of managed broadband, together with security
improvements to existing legacy technologies, offers a hybrid approach to network
modernization that is cost-effective and delivers results. Find out more
[GCN.COM]

8. Network Security
ARMY: Tests Upgraded NetOps Toolset for WIN-T Network Security. The U.S. Army
has demonstrated an updated tactical network operations toolset as part of the
Warfighter Information Network-Tactical Increment 3 limited user test during the
Network Integration Evaluation 16.2 event at Fort Bliss, Texas. Read more
[EXECUTIVEGOV.COM]

9. Encryption

10. Encyption
MOBILE: 7 Reasons Mobile Payments Still Aren’t Mainstream. Though mobile
payments and wallets are increasingly popular, they’re still nowhere near
mainstream. A set of experts and finance-industry watchers weigh in on what’s
holding mobile payments back, as well what will need to happen for the systems to
hit the big time. Read more
[CIO.COM]
ANDROID: Android Patch: Samsung Fixes Galaxy Flaw That Lets Crooks into Stolen
Phones. Samsung has issued a patch to shut down a bypass for ‘factory reset
protection’, which is meant to stop thieves from setting up a stolen device. Find
out more
[ZDNET.COM]

11. Encyption
GOVERNMENT AGENCIES: Protecting Data Means Balancing Security vs.
Convenience. Most people use encryption every day, unaware that their phones
and Internet browsers invisibly translate their data as it moves from point to point
on the internet or that their mobile apps use the technology to obscure their data
in the cloud. Yet many government agencies are still struggling to deploy
encryption across all their systems.Only 44 percent of non-defense Federal web
sites employ the secure HTTPS Internet protocol, according to pulse.cio.gov, a
government transparency project of the General Services Administration (GSA).
Read the rest
[GOVTECHWORKS.COM]

12. Encyption
CLOUD: Microsegmentation & The Need For An Intelligent Attack Surface. There is
a fundamental difference in the security posture and technology for protecting the
White House versus a Social Security office in California. So, too, for the critical
apps and systems that are likely targets in your enterprise. Read more
[DARKREADING.COM]

13. Databases

14. Databases
BIG DATA: Why Some of the Fastest Growing Databases Are Also the Most
Experimental. Everyone has heard about MongoDB and Cassandra, but what other
databases are making big gains against Oracle and Microsoft? Read more
[TECHREPUBLIC.COM]
GOOGLE: Rolls Out New Features for BigQuery. As the internet giant looks to
bolster its enterprise business, it’s making its data analysis service more
compatible with traditional big data workflows. Read the rest
[ZDNET.COM]

15. Databases
MICROSOFT: Review – SQL Server 2016 Boosts Speed, Analytics. SQL Server 2016
shines with stretch database to Azure, queries against Hadoop, internal R, better
security, and higher performance. Find out more
[INFOWORLD.COM]
MYSQL: Using MySQL 5.7 Document Store With IoT. MySQL 5.7 includes a
document store designed for storing JSON documents and querying against them
without pre-defining the document structure. Read more
[DZONE.COM]

16. More About Blue Mountain
BLUE MOUNTAIN DATA SYSTEMS HAS THE EXPERIENCE: 1994 to Present – U.S.
Dept. of Labor, Employee Benefits Security Administration. Responsible to the
Office of Technology and Information Systems for information systems
architecture, planning, applications development, networking, administration and
IT security, supporting the enforcement of Title I of the Employee Retirement
Income Security Act — ERISA. Within the EBSA, Blue Mountain is responsible for
design, development and support for its various enforcement database
management systems, as well as all case tracking and customer service inquiry
systems. Blue Mountain also provides IT security services to the EBSA, in the form
of FISMA Assessment and Authorization, System Security Plans, Risk and
vulnerability assessments, monitoring and investigation support. Read more.

17. Security Patches

18. Security Patches
GOOGLE: Android Security: Google’s June Update Splats Dozens of Critical, High-
Severity Bugs. Google rolls out the June security update for Nexus and Android —
but will your device be among those getting the fixes? Read more
[ZDNET.COM]
NETWORKS: NTP Patches Flaws That Enable DDoS. The network time protocol, at
the center of a number of high-profile DDoS attacks in 2014, was updated last
Thursday to ntp-4.2.8p8. The latest version includes patches for five vulnerabilities,
including one rated high-severity. NTP, specifically the NTP daemon, synchronizes
system clocks with time servers. Read more
[THREATPOST.COM]

19. Security Patches
JENKINS: Jenkins Security Patches Could Break Plug-Ins. The latest security
update for Jenkins changed how build parameters are handled, impacting
multiple plug-ins. The latest version changes how plug-ins use build parameters,
though, so developers will need to adapt to the new process. The vulnerabilities
affect all previous releases, including the mainline releases up to and including
2.2, and LTS releases up to and including 1.651.1. Administrators should update
their Jenkins installations to mainline release Jenkins 2.3 or LTS 1.651.2. Read the
rest
[INFOWORLD.COM]

20. Security Patches
SYMANTEC & CISCO: Symantec Security Flaw and Cisco Web Security Patches –
Security News IT Leaders Need to Know. A Google Project Zero researcher has
discovered several remote code execution vulnerabilities in Symantec anti-
malware software, the most serious of which was a flaw in the core scanning
engine that required no user interaction for exploitation. CERT reports that Cisco
has released fixes for four flaws in its web security appliance, any of which could
allow a remote attacker to cause denial of service. Find out more
[BUSINESS.FINANCIALPOST.COM]

21. Incident Response

22. Incident Response
SECURITY: The Five Ws (and One H) of Effective Incident Response. Good incident
response always starts with answering six key questions. Read more
[INFORMATION-AGE.COM]
FEDERAL RESERVE: House Committee Investigates Federal Reserve Cyber-Attacks. A
Reuters report into cybersecurity at the Federal Reserve triggers a House
committee investigation into the Federal Reserve’s security protections. Read the
rest
[PCMAG.COM]

23. Incident Response
ENTERPRISES: Enterprises Are Investing in Network Security Analytics. Dangerous
threats and new requirements persuading organizations to collect, process, and
analyze more and more network telemetry and threat intelligence. Find out more
[NETWORKWORLD.COM]
RANSOMWARE: Beware the Rise of Ransomware. The use of ransomware is on the
rise. Hackers and bad actors ranging from independent amateurs to sophisticated,
organized cartels are using the latest malware techniques, strong encryption and
secure online payment systems to extort millions of dollars from people and
organizations who just want their data back. These attacks are hitting organizations
in every sector, and the federal government is by no means immune. Read more
[FEDERALTIMES.COM]

24. Program Management

25. Program Management
MICROSOFT: Microsoft Launches Planner, a Project-Management Tool Part of
Office 365. Microsoft has launched Office 365 Planner, a new project-
management tool for teams. The company will be rolling out Planner worldwide
to Office 365 users, including Office 365 Enterprise E1–E5, Business Essentials,
Premium, and Education subscription plans. The Planner tile will appear in your
Office 365 app launcher, meaning Office 365 admins don’t need to take any
action. Read more
[VENTUREBEAT.COM]

26. Program Management
NASA: When Project Management Really is Rocket Science: A Lesson from NASA.
A recent GAO assessment of major NASA projects shows that 18 of the
organization’s biggest projects received very positive reviews – with project
management receiving credit for some of that success. What has proven to be
extremely effective for NASA is utilizing standards and adapting tools and
processes to the needs of the agency, while satisfying considerations of such
leading practices as EVM, project costing, baseline establishment and blending
of engineering disciplines into projects. Read the rest
[FEDERALTIMES.COM]

27. Program Management
ADVICE: 6 Ways to Be a Better Project Manager. Project management is a
complex — and critical — function. Here are six pieces of advice to help project
managers improve their craft. Find out more
[CIO.COM]
IT CAREERS: What’s Going On with IT Hiring? Analysts have been generally
cautious this year about IT hiring trends. Although the unemployment rate for IT
professionals is about half the national average of 4.7%, said CompTIA, some
analysts use terms ranging from “modest” to “pre-recession” to describe IT
hiring. Read more
[COMPUTERWORLD.COM]

28. For the CIO, CTO & CISO

29. For the CIO, CTO & CISO
CIO: AstraZeneca CIO Dave Smoley’s 6-Point Cloud Toolkit. Early adopter of
enterprise cloud applications AstraZeneca CIO Dave Smoley passes on lessons
learned. Here’s a 6-point cloud adoption toolkit. Read more
[DIGINOMICA.COM]
CTO: Culture Change Critical as Agencies Try to Innovate. Several federal IT execs at
the Federal Innovation Summit touted unique programs their agencies are
spearheading – including a virtual reality program for a USDA office’s training team.
Read the rest
[FEDSCOOP.COM]

30. For the CIO, CTO & CISO
CISO: How to Survive in the CISO Hot-Seat. The CISO is a precarious job. Research
studies indicate that CISOs typically survive just 18 months to two years in a job
which is increasingly complex and multi-skilled. How can you be successful in a post
where security incidents and management feuds can result in losing your job? Find
out more
[CSOONLINE.COM]
IoT: VMware CIO Commands IoT Effort. The software company releases to open
source an SDK intended to let developers build Internet of Things applications that
run on any network device, OS or infrastructure. Read more
[CIO.COM]

31. Application Development

32. Application Development
STRATEGY: Choosing Your Application Development Strategy. Which is more
effective: the top-down or bottom-up application strategy? Discover why choosing
one requires an in-depth understanding of application requirements. Read the rest
[SEARCHSOA.TECHTARGET.COM]
CLOUD: Why Amazon and OpenStack Continue to Thrive in a Complex Cloud World.
Amazon announcing AWS hitting a $10B annual run rate and OpenStack’s 13th
release—lead some to wonder who is winning. Both are. Read more
[EWEEK.COM]

33. Application Development
MICROSOFT: Power BI Hits 5M Subscribers, Adds Deeper Excel Integration.
Microsoft has a ton of new features planned for its cloud-based BI service.
Microsoft’s cloud-based business intelligence service is celebrating a major user
growth milestone with a handful of new features, including the ability to import
data from an Excel spreadsheet and turn it into live-updating charts and graphs.
Power BI now has more than 5 million subscribers, who are using the service to
take in business data and create dashboards they can use to better understand
their businesses. Subscribers will be able to use an Excel connector to easily “pin”
live-updating data from the Excel desktop app to a Power BI dashboard. Both that
feature, and one that allows users to analyze data from Power BI in Excel, were
previously available for beta testing and are now generally available. Read more
[PCWORLD.COM]

34. Application Development
NODE.js: Top Reasons to Use Node.js for Web Application Development. There are
many reasons why developers (regardless of experience level) should use Node.js
for web application development, starting with its speed and ending with its
proficiency at multi-user, real-time web applications. Not to mention that three
years ago Nodejitsu reached out to the npm community for help running the public
npm servers and raised over $300,000 for the project, proving that the community
is both active and generous. Read more
[JAXENTER.COM]

35. BYOD

36. BYOD
MOBILE SECURITY: BYOD Can Pose Privacy Risks to Employees. Companies using
MDM to oversee employee devices are collecting more information than employees
realize. Read more
[CSOONLINE.COM]
EDUCATION: What Are the Best BYOD Tools for Presentation, Collaboration and
More? Besides simply having technology in the classroom through BYOD programs or
others, schools are increasingly being pushed to use it well and limit the “digital use”
gap that exists between students from low-income families and their wealthier
peers. Active tech use, while challenging, is critical for the next phase of K-12
education technology. Read the rest
[EDUCATIONDIVE.COM]

37. BYOD
ENTERPRISE: Dude, Where’s My Phone? BYOD Means Enterprise Security Exposure.
You should be worried, very worried, if an employee loses a smartphone or tablet—
especially if that employee accesses any enterprise resources using that device. Find
out more
[NETWORKWORLD.COM]
OPINION: BYOD? More Like “Bring Your Own Divide”. There is no way around it: the
modern workforce is mobile and relies on CXOs to deliver enterprise security in the
clearest way possible – no matter where they find themselves. CXOs need to
embrace their businesses operational models and define strategies to secure critical
data. Read more
[INFOSECURITY-MAGAZINE.COM]

38. Big Data

39. Big Data
TECH: Building Your Big Data Infrastructure: 4 Key Components Every Business
Needs To Consider. Big data can bring huge benefits to businesses of all sizes.
However, as with any business project, proper preparation and planning is essential,
especially when it comes to infrastructure. Until recently it was hard for companies
to get into big data without making heavy infrastructure investments (expensive
data warehouses, software, analytics staff, etc.). But times have changed. Cloud
computing in particular has opened up a lot of options for using big data, as it
means businesses can tap into big data without having to invest in massive on-site
storage and data processing facilities. Read more
[FORBES.COM]

40. Big Data
TERROR: Now Can Big Data Fight Terror? Why don’t officials know when an Omar
Mateen buys a mass-murder weapon? What are we getting from government
investment in big data? Read the rest
[WSJ.COM]
SECURITY: Big Data Will Fix Internet Security…Eventually. Security analytics have
been with us for a while, but with the latest tech, it’s much easier to detect
malicious attacks. Find out more
[INFOWORLD.COM]
PRIVACY: iPhone, AI and Big Data: Here’s How Apple Plans to Protect Your Privacy.
Can Apple take the ‘big brother’ out of big data? Read more
[ZDNET.COM]

41. Mobile Applications

42. Mobile Applications
STUDY ON USAGE: Nearly 1 in 4 People Abandon Mobile Apps After Only One Use.
Apple’s iTunes App Store is home to over 1.5 million apps and Google Play hosts
over 2 million, but the number of apps that actually get installed and used on
consumers’ devices is still quite small. We already knew that people only interacted
with a small handful of third-party apps on a regular basis, and now, according to a
new study on mobile app usage, we learn that about one in four mobile users only
use an app once. Read the rest
[TECHCRUNCH.COM]

43. Mobile Applications
DEVOPS: Mobile App Development – 8 Best Practices. Creating great mobile
enterprise apps isn’t necessarily easy, but it can be easier if you follow these eight
critical tips.
Find out more
[INFORMATIONWEEK.COM]
RED HAT: Takes Application Development to the Bank. The open source
juggernaut’s remarkably steady growth depends less on Linux every year.
Read more
[INFOWORLD.COM]

44. Mobile Applications
CONSUMER TECHNOLOGY: Facebook, Google Dominate List of Top 15 Mobile Apps.
Tech behemoths Facebook and Google own more than half of the 15 most popular
mobile applications used by U.S. adults — the reach of other well-liked apps such as
Snapchat and Apple Maps doesn’t even compare. Read more
[CIO.COM]

45. Personnel Management

46. Personnel Management
WORKFORCE: Millennials Want to Stay, If Government Grasps the New Reality. Many
“millennials” in government say their agencies haven’t yet understood what makes
them tick. And their generation isn’t drastically different than the ones that have
come before it. Though a majority of federal employees under the age of 35
indicated their interest in staying within the federal government, many millennials
said their decision depends on several different factors. Read the rest
[FEDERALNEWSRADIO.COM]
OPM: Office of Personnel Management Hires First CISO. Following one of the largest
data breaches on record, the Office of Personnel Management hires a chief
information security officer. The new CISO is Cord Chase, former senior adviser on
Cyber and National Security to the White House and Office of Management and
Budget, and technology head and engineer at the U.S. Department of Agriculture.
Find out more [GOVTECH.COM]

47. Personnel Management
DOD: The 4 Big Takeaways from Ash Carter’s New Push for Military Personnel
Reform. The plan to overhaul the military personnel system that Defense Secretary
Ash Carter announced Thursday would end the “one-size-fits-all” promotion system
for military officers and clear the way for far more diverse options in military career
tracks. Read more
[MILITARYTIMES.COM]
FEDERAL CIVIL SERVICE: Report Says Top Civil-Service Rank Needs Urgent Boost. The
Senior Executive Service, the highest rank of the nation’s federal civil service, carries
a certain prestige. But that is not enough to convince many lower-ranking employees
that the status is worth the headache. Read more
[WASHINGTONPOST.COM]

48. Programming & Scripting Development
Client & Server-Side

49. Programming & Scripting Development
Client & Server-Side
JAVASCRIPT: F# Functional Programming Comes to JavaScript. The Fable compiler
gives developers the opportunity to unite the realms of F# functional programming
and JavaScript. In a beta stage of development, Fable leverages F# and uses Babel
compilers to generate source maps. A 1.0 release is due soon. Read more
[INFOWORLD.COM]
JAVA: Google Wins Java Copyright Case Against Oracle. Federal jury finds Google’s
use of Java software was “fair use”. A federal jury found Google’s use of Oracle
Corp.’s Java software in its mobile products didn’t violate copyright law, a verdict
cheered by many in Silicon Valley who believe it will protect how they write and
use software. The decision, which Oracle said it would appeal, marked the latest
chapter in a six-year legal battle in which Oracle sought as much as $9 billion from
Google for using 11,000 lines of Java software code in its Android software.
Read the rest [WSJ.COM]

50. Programming & Scripting Development
Client & Server-Side
C#: Mads Torgersen and Dustin Campbell on the future of C#. How has open source
changed it – and can it survive Windows PC decline? This is a moment of change
for Microsoft’s development tools, as the company transitions from focusing
entirely on Windows, to creating cross-platform tools that it hopes will push
developers towards its Azure cloud services, either as a back-end for mobile
applications, or as a deployment platform for server applications irrespective of
the operating system. Find out more
[THEREGISTER.CO.UK]

51. Programming & Scripting Development
Client & Server-Side
HTML5: HTML5 by Default: Google’s Plan to Make Chrome’s Flash Click-to-Play. Top
10 sites will be whitelisted, everything else will default to HTML5. Google will be
taking another step towards an HTML5-only Web later this year, as the systematic
deprecation and removal of Flash continues. In a plan outlined last month, Flash
will be disabled by default in the fourth quarter of this year. Embedded Flash
content will not run, and JavaScript attempts to detect the plugin will not find it.
Whenever Chrome detects that a site is trying to use the plugin, it will ask the user
if they want to enable it or not. It will also trap attempts to redirect users to
Adobe’s Flash download page and similarly offer to enable the plugin. Read more
[ARSTECHNICA.COM]

52. Programming & Scripting Development
Client & Server-Side
JAVA: Java’s Spring Framework Gets a New Competitor. Datamill, an open source
framework that leverages Java 8 and lambdas, is bringing functional programming
to Java-based web development. Read more
[INFOWORLD.COM]
JAVASCRIPT: New Ransomware Strain Coded Entirely in Javascript. Security
researchers have discovered a new strain of ransomware coded entirely in
Javascript, which could increase its chances of being activated. Read the rest
[BBC.COM]

53. Programming & Scripting Development
Client & Server-Side
HTML5: W3C’s Rejected HTML5 Proposal Imperils Security Researchers. The World
Wide Web Consortium (W3C) is embroiled in an ongoing dispute over digital rights
management for HTML5. In the latest development of the dispute, W3C digital
rights management (DRM) working group chairman Paul Cotton vetoed a proposal
to discuss HTML5 standards before renewing the group’s charter. Find out more
[SCMAGAZINE.COM]
PROGRAMMING: The 9 Most In-Demand Programming Languages to Learn. With
the help of this list from Codingdojo, here are the nine most in-demand coding
languages that you should learn, no matter what profession you’re in. Read more
[TECH.CO]

54. Cloud Computing

55. Cloud Computing
CLOUD EXPO: Conference Short On Innovation, Still Provides Value. Jason Bloomberg
has attended Sys-Con’s Cloud Expo conference several times both in New York and
Silicon Valley over the last few years, but last week’s installment at Manhattan’s Javits
Convention Center seemed a mere shell of its former self. Why the drop-off this
year? Read more
[FORBES.COM]
STORAGE WARS: How the Federal Government is Tackling Data Growth. With more
devices collecting data, agencies find themselves with larger amounts of data than
ever before. To manage that growth, and avoid letting it overwhelm them, federal IT
leaders leverage storage solutions that can securely host large volumes of data
without overburdening the budget. Find out more
[FEDTECHMAGAZINE.COM]

56. Cloud Computing
AWS: Cloud Computing Ops, Data Centers, 1.3 Million Servers Creating Efficiency
Flywheel. Oppenheimer is betting that Amazon shares can get to $930. The primary
reason: AWS is a profit machine that’ll deliver 2023 revenue topping $57 billion. In a
nutshell, Oppenheimer concludes that AWS’ capital spending won’t need to be as
high as expected. Why? “AWS’ competitive advantages in procuring, designing and
architecting datacenters and compute/storage resources are driving even higher
profitability and lower capital intensity than previously expected.” Read the rest
[ZDNET.COM]

57. Cloud Computing
FEDERAL CIOs: Need Help with Legacy-to-Cloud Transition. Government IT leaders
stress value in private-sector partnerships, repeatable contracting provisions as they
look to incremental modernization strategies. “Modernization” was one of the
watchwords in President Obama’s proposal for the federal IT budget in fiscal 2017,
and while that broad effort might sound anything but controversial, updating legacy
systems entails a host of challenges that agency CIOs are only beginning to work
through. Read more
[CIO.COM]

58. Cloud Computing
GOOGLE: Google Reportedly Looking to Commercialize Its Spanner Database. The
company wants to see if it can use its massive database technology to compete
better with Amazon Web Services and Microsoft Azure. One of the biggest obstacles
facing the company as it embarks on its mission is finding a way to decouple
Spanner from Google’s proprietary hardware and network technology and building a
version that will work just as well on other infrastructures. Read the rest
[EWEEK.COM]
BREXIT: Brexit Spells Turbulence for Cloud Computing: 6 Stormy Scenarios. The
fallout from the U.K. leaving the EU is just starting. Here’s a look at how large cloud
computing vendors may be affected. Get ready for the pause in U.K. data center
build-outs. Find out more
[ZDNET.COM]

59. Cloud Computing
AMAZON: Gets High-Level U.S. Government Clearance For Cloud Computing.
Amazon has received high-level authorization for its Amazon Web Services, opening
the door for U.S. government agencies to store highly sensitive but unclassified data
on its cloud computing platform. The authorization is known as the Federal Risk and
Authorization Management Program (FedRAMP) high baseline, a standard set of
security requirements for cloud services. It covers more than 400 security controls
and gives U.S. government agencies the ability to leverage AWS for highly sensitive
workloads, including patient records, financial data, law enforcement data and other
controlled-but-unclassified information. Read more
[INVESTORS.COM]

60. Cloud Computing
SAMSUNG: Snaps Up Joyent, the Best-Kept Secret in Cloud Computing. One of the
best-kept secrets in cloud computing has just found a new home. Samsung
Electronics announced Wednesday that it will acquire Joyent, a vital but lesser-
known player the cloud hosting market – and one with quite a history behind it.
Read more
[WIRED.COM]

61. Business Intelligence

62. Business Intelligence
OPEN SOURCE: Top 7 Open Source Business Intelligence and Reporting Tools. In
economies where the role of big data and open data are ever-increasing, where
do you turn in order to have data analysed and presented in a precise and
readable format? Here’s a list of top open source business intelligence (BI) and
reporting tools that can help. Read the rest
[OPENSOURCE.COM]
HADOOP: Hadoop Public Cloud Service. BlueData of Santa Clara, California
specializes in enabling big data-as-a-service, letting organizations spin up virtual
Hadoop or Spark clusters and providing on-demand access to applications, data,
and infrastructure to data scientists and data analysts. This week BlueData
announced that the enterprise edition of its BlueData EPIC software will run on
Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform, and other
public cloud services. Find out more
[INFORMATIONWEEK.COM]

63. Business Intelligence
NoSQL: Database Technology Finds Use Cases, But Still Minority Sport. From
managing water meter data, through Bitcoin and video data, to web publishing,
NoSQL database technology is finding real use cases. But it’s likely to be stuck at 10%
of the market for some time. Read more
[COMPUTERWEEKLY.COM]
DATA: Techniques for Moving Computation to Where the Data Lives. Building in-
memory data structure stores helps achieve operational intelligence. Read more
[DZONE.COM]

64. IT Security | Cybersecurity

65. IT Security | Cybersecurity
STATE CIOS: State CIOs Struggle with Cybersecurity, Cloud Computing Amid Rampant
Workforce Changes. For the U.S. to effectively digitize their infrastructure, the
National Association of State CIOs said a stable and talented workforce is needed.
Doug Robinson, NASCIO executive director, pinpointed cybersecurity, evolving
service delivery models, workforce renewal, and the prevalence of data as the key
challenges facing governments. Robinson also put forth measures to address them.
Read more
[HEALTHCAREITNEWS.COM]

66. IT Security | Cybersecurity
WHY: Car-Hacking Could Threaten the Federal Government. The latest Government
Accountability Office vehicle cybersecurity report found that modern cars, especially
those made in 2015 or later, are highly susceptible to hacking that could allow for
the remote takeover of the vehicle. The problem, according to the report, is that
new systems and features, some of them for safety and some for comfort, are
constantly being added to new models. Given that the federal government is the
owner of one of the largest fleets of vehicles in the world, the cybersecurity health
of such a valuable asset pool should probably be a priority. Read the rest
[NEXTGOV.COM]

67. IT Security | Cybersecurity
FEDERAL BUDGETS: Cybersecurity Goals to Guide Federal Software Spending. The
U.S. government is on track to significantly boost spending on cybersecurity
solutions. However, evolving requirements to greatly improve federal protection of
information technology resources will shape that spending. In fact, federal
cyberprotection goals should be augmented and significantly modified, according to
recent studies of the federal market. The linkage between increased federal
investing in cybersecurity and the requirements for bolstering IT protection are
portrayed in two newly released reports. Find out more
[ECOMMERCETIMES.COM]

68. IT Security | Cybersecurity
CISO: Leading By Example: the Federal CISO and Cybersecurity Collaboration. In
2015, there were 781 known data breaches in the United States, according to the
Identity Theft Resource Center, exposing a staggering 169 million records. Records
described as government/military accounted for 20.2 percent of those that were
exposed via data breach, while healthcare accounted for 66.7 percent of
compromised records. And given that many organizations do not report data
breaches for fear of damaging their reputations, we know the true numbers are
significantly higher. The new federal CISO will have their work cut out for them. We,
as a nation, seem to be fighting a losing battle. Yet, with every challenge comes
opportunity to disrupt the status quo. As the new CISO enters the volatile
cybersecurity landscape, there are multiple areas in which he or she can have an
impact through industry collaborations offering new technologies and innovations.
Read more
[FCW.COM]

69. IT Security | Cybersecurity
PATCHES: Microsoft Acknowledges Permission Problems with MS16-072 Patches.
The patches all aimed at fixing Group Policy, but in the end they break Group Policy.
Problems are being reported with the MS16-072/KB 3163622 patch. Admins are
saying it breaks some Group Policy settings: drives appear on domain systems that
should be hidden, mapping drives don’t work, and other typical GPO settings aren’t
getting applied. Read more
[INFOWORLD.COM]

70. IT Security | Cybersecurity
DOD: Bug Bounty Hunters Discover Over 100 Security Flaws During DOD Contest.
Participants in the first-ever “Hack the Pentagon” bug bounty contest found more
than 100 vulnerabilities in the Defense Department’s computer systems. The
program, the first-ever of its kind offered by the federal government, invited hackers
to test the cybersecurity of some public U.S. Department of Defense websites. A
total of 1,400 certified hackers participated in the contest. Read the rest
[CIODIVE.COM]
FEDERAL: Federal Cybersecurity Boondoggle: The Software Assurance Marketplace
(SWAMP). Well-intended DHS program suffers from a lack of relevant features,
internal mismanagement, and few actual users. Find out more
[NETWORKWORLD.COM]

71. IT Security | Cybersecurity
INDUSTRY INSIGHT: Extending Cybersecurity to Fraud Analytics. Information
security leaders often defend against cyber threats by focusing on traditional IT tools
and techniques — firewalls, intrusion detection and prevention systems, malware
detection and analysis and the like. As organizations have locked down systems with
more sophisticated defense-in-depth technical controls, adversaries have evolved to
take advantage of information systems by impersonating regular users. While there
are some similarities between cybersecurity and fraud, traditional cybersecurity
monitoring and analytics must evolve in order to identify the fraudulent use of IT
systems that may otherwise go unnoticed. Read more
[GCN.COM]

72. From the Blue Mountain Data Systems Blog
Three-Dimensional Governance for the CIO
https://www.bluemt.com/three-dimensional-governance-for-the-cio
7 Reasons to Take Control of IT Incidents
https://www.bluemt.com/7-reasons-to-take-control-of-it-incidents/
Breach Mitigation Response Time Too Long, Survey Says
https://www.bluemt.com/breach-mitigation-response-time-too-long-survey-
says/
Six Tactics for Cyberdefense
https://www.bluemt.com/six-tactics-for-cyberdefense/

73. From the Blue Mountain Data Systems Blog
Feds Report Mixed Responses to Shared Services
https://www.bluemt.com/feds-report-mixed-responses-to-shared-services
Federal Employees Are Not Security Experts
https://www.bluemt.com/federal-employees-are-not-security-experts
Survival Guide for Network Administrators
https://www.bluemt.com/survival-guide-for-network-administrators
DBaaS: OpenStack Trove Changes DB Management
https://www.bluemt.com/dbaas-openstack-trove-changes-db-management

74. From the Blue Mountain Data Systems Blog
Help Wanted: Certified Cybersecurity Professionals
https://www.bluemt.com/help-wanted-certified-cybersecurity-professionals
Cyber Threat Intelligence Integration Center Preview
https://www.bluemt.com/cyber-threat-intelligence-integration-center-preview/
Cloud Moves in 1-2-3
https://www.bluemt.com/cloud-moves-in-1-2-3/
Change Management for Disaster Recovery
https://www.bluemt.com/change-management-for-disaster-recovery/

75. From the Blue Mountain Data Systems Blog
Jeffersonian Advice For C-Suite Career Advancement
https://www.bluemt.com/jeffersonian-advice-for-c-suite-career-advancement/
Ways To Survive The “Mobile-Pocalypse”
https://www.bluemt.com/ways-to-survive-the-mobile-pocalypse/
Microsoft Cloud Services Receive FedRAMP Authority to Operate
https://www.bluemt.com/microsoft-cloud-services-receive-fedramp-authority-
to-operate/
Hiring Pentesters? Here Are 10 Things You Need to Know
https://www.bluemt.com/hiring-pentesters-here-are-10-things-you-need-to-
know/

76. From the Blue Mountain Data Systems Blog
Home Router Malware Alert
https://www.bluemt.com/home-router-malware-alert/
Threat Model Deconstruction
https://www.bluemt.com/threat-model-deconstruction/
Business Email Scam Nets $214 Million
https://www.bluemt.com/business-email-scam-nets-214-million/
How to Prevent Unauthorized Software from Taking Over Your Organization
https://www.bluemt.com/the-cios-guide-to-happy-end-users-2/

77. From the Blue Mountain Data Systems Blog
Digital Marketing Predictions for 2015
https://www.bluemt.com/digital-marketing-predictions-for-2015/
SDN: Network Administrator’s Friend or Foe?
https://www.bluemt.com/sdn-network-administrators-friend-or-foe/
Mobile Payments: A Must for Federal Agencies
https://www.bluemt.com/mobile-payments-a-must-for-federal-agencies/
Soft Skills Are A Must-Have For Careers In IT
https://www.bluemt.com/soft-skills-are-a-must-have-for-careers-in-it/

78. From the Blue Mountain Data Systems Blog
Security Risks Most Prevalent in Younger Workers
https://www.bluemt.com/security-risks-most-prevalent-in-younger-workers/
The Security World’s Maturation
https://www.bluemt.com/the-security-worlds-maturation/
Data Breach Concerns Keep CISOs Up At Night
https://www.bluemt.com/data-breach-concerns-keep-cisos-up-at-night/
Personalized Govt Equals Instant Gratification for Citizens
https://www.bluemt.com/personalized-govt-equals-instant-gratification-for-
citizens/

79. From the Blue Mountain Data Systems Blog
People-Centric Security
https://www.bluemt.com/people-centric-security/
Pentagon Tries BYOD To Strike Work/Life Balance
https://www.bluemt.com/pentagon-tries-byod-to-strike-worklife-balance/
Open Source Model Considered for MS Windows
https://www.bluemt.com/open-source-model-considered-for-ms-windows/
Open Internet: To Be or Not to Be?
https://www.bluemt.com/open-internet-to-be-or-not-to-be/

80. From the Blue Mountain Data Systems Blog
Malware Stays A Step Ahead Infecting One Third of Websites
https://www.bluemt.com/malware-stays-a-step-ahead-infecting-one-third-of-
websites/
Machine-Generated Data: Potential Goldmine for the CIO
https://www.bluemt.com/machine-generated-data-potential-goldmine-for-the-
cio/
Government Legacy Programs: Reuse vs. Replacement
https://www.bluemt.com/government-legacy-programs-reuse-vs-replacement/
It Takes a Whole Village to Protect Networks and Systems
https://www.bluemt.com/it-takes-a-whole-village-to-protect-networks-and-
systems/

81. From the Blue Mountain Data Systems Blog
Governance For the CIO
https://www.bluemt.com/governance-for-the-cio/
Help Desk Consolidation – Lessons Learned
https://www.bluemt.com/help-desk-consolidation-lessons-learned/
One Year Later, Companies Still Vulnerable to Heartbleed
https://www.bluemt.com/one-year-later-companies-still-vulnerable-to-
heartbleed/
Federal Projects Cultivate Worker Passion
https://www.bluemt.com/federal-projects-cultivate-worker-passion-2/

82. ABOUT US
Blue Mountain Data Systems Inc.
Blue Mountain Data Systems Inc. is dedicated to application
and systems development, electronic document management,
IT security support, and the automation of workflow processes.
Read more about our experience here:
>> http://bluemt.com/experience

83. Recent Experience
U.S. Dept. of Labor
Employee Benefits Security Administration
1994 to Present
Responsible to the Office of Technology and Information Systems for information
systems architecture, planning, applications development, networking,
administration and IT security, supporting the enforcement of Title I of the
Employee Retirement Income Security Act — ERISA. Within the EBSA, Blue
Mountain is responsible for design, development and support for its various
enforcement database management systems, as well as all case tracking and
customer service inquiry systems. Blue Mountain also provides IT security services
to the EBSA, in the form of FISMA Assessment and Authorization, System Security
Plans, Risk and vulnerability assessments, monitoring and investigation support.

84. MANAGEMENT
Paul T. Vesely
Founder, President, CEO and Principal Architect
Mr. Vesely is a recognized thought leader in systems
architecture and delivery, having designed and
delivered many enterprise wide information and
document management solutions. Mr. Vesely’s history
includes 33 years experience in the information
systems industry, with Unisys, Grumman, PRC and a
host of clients in both government and private sectors.

85. CONTACT US
Contact Us Today to Discuss Your Next IT Project
HEADQUARTERS
366 Victory Drive
Herndon, VA 20170
PHONE 703-502-3416
FAX 703-745-9110
EMAIL
paul@bluemt.com
WEB
https://www.bluemt.com