Cybersecurity Controls Assessment

July 22, 2019

DAS is the state’s central administrative agency. It supports state agencies by providing management frameworks and infrastructure for information systems and services, procurement, and other functions. Responsibility for cybersecurity is split between DAS, the Office of the State CIO, and the Enterprise Security Office. This audit assessed critical security controls and the information technology (IT) security management practices at the Department of Administrative Services (DAS). We concluded the agency does not have a security management program that identifies necessary actions to ensure systems are appropriately secure, and lacks basic foundational IT controls for all six cybersecurity controls we reviewed. As a result, DAS systems and data may be at risk for unauthorized use, disclosure, or modification.

Spotlight

10Pearls

10Pearls is an award winning digital transformation company, helping businesses with product design, development and technology acceleration. We specialize in mobile apps, cyber security, web applications, and enterprise solutions. We blend high-value stateside contributors (UX/UI, Product Managers, Architects, Security) with our global development work force to provide value to our customers. We have partnered with a range of growing companies and large enterprises across the US to help accelerate product development. Our clients include some great brands and start-ups, including: Time Warner Cable, Nextel International, Discovery, Johnson & Johnson, Zubie, Blackboard, National Geographic, JK Moving, etc. We are known for delivering some of the most innovative and high quality, yet cost effective solutions for businesses.

OTHER WHITEPAPERS
news image

The Trusted Data Security Solution for Cyber Recovery

whitePaper | December 30, 2022

Digital transformation has brought significant benefits to organizations, including increased agility and flexibility, but it has also led to a rise in cyber attack vectors. 66% of organizations were hit with ransomware within the last year, according to a 2022 Sophos survey. The widespread adoption of cloud services and Software-as-aService (SaaS) applications has expanded the attack surface, making it more challenging to manage and secure data. Additionally, the increased use of mobile devices and remote work have made it easier for cybercriminals to launch attacks from anywhere, at any time.

Read More
news image

Security Protocol and Data Model (SPDM) Architecture White Paper

whitePaper | September 26, 2022

This white paper presents an overview of the SPDM architecture, its goals, and a high-level summary of its use within a larger solution. The intended target audience for this white paper includes readers interested in understanding the use of SPDM to facilitate security of the communications among components of platform management subsystems.

Read More
news image

Fujitsu PRIMERGY Server Security Overview

whitePaper | May 22, 2023

During the last few years server security has become a key building block for end-to-end security. We see strongly increasing cyber-attacks on server infrastructure, which results in an intense need for server security. This whitepaper presents an overview of the security features which are available for PRIMERGY server.

Read More
news image

Cyber Security After the Pandemic

whitePaper | April 29, 2021

The cyber security industry has faced two major sets of challenges over the last twelve months. The attacks and exploits affecting Solar Winds, Accellion, Microsoft and their customers have focused attention on supply chain risk, but the impact of the coronavirus pandemic has been felt more broadly across cyber security domains and disciplines.

Read More
news image

Reveal Risk Whitepaper: Measuring And Managing Cyber Resilience

whitePaper | March 3, 2023

Cyber Resilience (according to NIST) is “the ability to anticipate, withstand, recover from, and adapt to adverse conditions, stresses, attacks, or compromises on systems that use or are enabled by cyber resources.” Resiliency in cybersecurity is not a new concept. It has long been postulated as a goal or used to convey that a business needs to be ready for the unpredictable that can and will arise in a volatile cyber-risk climate. However, we have seen that there is a disconnect between current practices for evaluating & leading cyber programs, and understanding, measuring, & building true cyber resiliency.

Read More
news image

The Trellix Approach to Effective Cloud Security

whitePaper | October 27, 2022

In many ways, the cloud1 is more secure than a traditional data center. Asset management, inventory, audit logging, two-factor access controls, connectivity redundancy and firewalls are built into the cloud provider platform. Servers are easier to patch and won’t become outdated within a few years; there aren’t any forgotten boxes sitting in a dark corner with a note reading, “DO NOT TURN OFF.” However, assets on the cloud continue to be compromised, just as those stored in traditional data centers.

Read More

Spotlight

10Pearls

10Pearls is an award winning digital transformation company, helping businesses with product design, development and technology acceleration. We specialize in mobile apps, cyber security, web applications, and enterprise solutions. We blend high-value stateside contributors (UX/UI, Product Managers, Architects, Security) with our global development work force to provide value to our customers. We have partnered with a range of growing companies and large enterprises across the US to help accelerate product development. Our clients include some great brands and start-ups, including: Time Warner Cable, Nextel International, Discovery, Johnson & Johnson, Zubie, Blackboard, National Geographic, JK Moving, etc. We are known for delivering some of the most innovative and high quality, yet cost effective solutions for businesses.

Events