FOSE 2011 Report: Continuous Monitoring – More than technical controls.
Author: TalaTek; Published: Aug 2, 2011; Category: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management, Security; Tags: Compliance, Continuous Monitoring, Data Security, Federal law, Risk Management; No Comments
TalaTek began delivering FISMA continuous monitoring risk management services to its clients in 2008. At that time, this was something very few paid much attention to, and for the most part compliance efforts ended by signing the certification document. Customers were not interested in Continuous Monitoring services beyond that and instead waited for the annual or tri-annual anniversary to start the process all over again. More Info»
Sandbox Technology Can Make Browsing Safer.
Author: TalaTek; Published: Mar 24, 2011; Category: Cloud Computing, Continuous Monitoring, Risk Management, Security; Tags: Browsers, Continuous Monitoring, Risk Management; No Comments
The Emerging IT Conference, presented by the National Capital Area Chapter of ISACA on March 15, 2011, showcased a variety of topics presented by speakers with extensive experience applying technology initiatives in the public and private sectors. Topics included “Managing Data in an Information-Centric Environment,” “Smart Cities” using technology to improve the quality of life, “Mobiles, Tablets, Cloud and Education,” and “Emerging Issues and Approaches in Cybercrime and Digital Evidence.” More Info»
It was inevitable: the WikiLeaks fallout has led to a White House-ordered review of classified data security.
Author: TalaTek; Published: Dec 1, 2010; Category: Compliance, Data Security, Risk Management, Security, Uncategorized, WikiLeaks; Tags: Compliance, Data loss prevention, Data Security, Risk Management, WikiLeaks; No Comments
In a Nov 30, 2010 Federal Computer Week story, it was announced that the White House has instructed federal agencies to immediately evaluate their security practices. The objective: to determine if they have adequate restrictions in place on employees’ access to classified data and their ability to copy classified documents onto mobile devices. More Info»
A costly, dangerous security breach can come from anywhere – but most often from the inside.
Author: TalaTek; Published: Nov 9, 2010; Category: Compliance, Continuous Monitoring, CUI, Data Security, Risk Management, Security; Tags: Compliance, Continuous Monitoring, CUI, Data loss prevention, Data Security; No Comments
On November 6, 2010, The NY Times ran an article about a security breach at the General Services Agency (GSA). It was not a small breach. One of the GSA’s employees had sent the names and Social Security numbers of the agency’s entire staff to a private email address. More Info»
TalaTek’s approach is validated at CyberSecurity Seminar.
Author: TalaTek; Published: Nov 3, 2010; Category: Compliance, Continuous Monitoring, Data Security, Risk Management, Security; Tags: Compliance, Continuous Monitoring, Data loss prevention, Data Security; No Comments
We couldn’t agree more.
Last month, TalaTek team members attended a conference offered by CyberSecurity Seminars in partnership with Crowell & Moring LLP. It had the intriguing title “FISMA – A New Path Forward.” What we heard was that others were beginning to use the approach we have been advocating since 2006. More Info»
We’ve come a long way since 2006.
Author: TalaTek; Published: Sep 29, 2010; Category: Compliance, Data Security, Risk Management, Security; Tags: Compliance, Data Security, GISLA; No Comments
In 2006, we recognized the need for an entirely new approach to risk management, security and compliance in federal IT implementations. That’s how TalaTek was born.
On the second of September, 2010, we learned that the Government Information Security Leadership (GISLA) Judges Committee had chosen our firm as a finalist in the Federal Contractor category (www.isc2.org/aboutgisla/default.aspx). More Info»
Defense in Depth: The Way to Stronger Security.
Author: Baan Alsinawi; Published: Jul 22, 2010; Category: Compliance, Data Security, Risk Management, Security; Tags: Data Security, Risk Management; No Comments
Layered protection through security design, policies and processes
As regulatory compliance and audits increase in frequency and complexity, organizations are motivated to address security now rather than later. Many an IT professional has begun to fret about the latest network or application incident, whether the last security fix broke something, and which assets have been left unattended in the complex world of today’s mobile environments. More Info»