DFARS pre-assessment questionnaire

Los Angeles, CA - Tonight I am reviewing our new DFARS Pre-Assessment Questionnaire that has just been updated for 2017. It is a very compact 30 questions in a four page document. It of course is not a full DFARS assessment, but it is step one of your process you must do before anything else on your DFARS compliance journey.

DFARS is the Defense Federal Acquisition Regulation Supplement. It is a supplement to the FAR that provides DoD-specific acquisition regulations that DoD government acquisition officials – and those contractors doing business with DoD – must follow in the procurement process for goods and services.

If you are an aerospace company, Department of Defense contractor or another type of organization that falls under....

DFARS pre-assessment questionnaire 2017-11-13T07:24:21+00:00

What are your unexpected risks from the Yahoo billion account breach?

The big cyber-security news today is the billion account breach at Yahoo!  Some experts are recommending the immediate closing of your Yahoo! account. I am not fully on board with that recommendation. If you have highly sensitive information in your Yahoo! account then I agree. If the account is used for some club activities or e-mail in Yahoogroups.com, etc. then at minimum you need to change your password.

At minimum, all Yahoo! users need to change their passwords today. If you have helper/challenge questions for your passwords those questions and answers need to be changed, too. If your Yahoo! login name, password and challenge questions & answers have been used on other websites you need to change those, too, immediately.

Here is the advice Alvaka has for you:

·         Beware that Yahoo! is a partner of AT&T so you may have exposure there, too. At minimum change the password or close the account and move your information elsewhere.

·         If you have employees who check their Yahoo account at work you need block Yahoo! at your firewall and filtering defenses you have.

Here are some good tips I saw posted by the CEO of KnowBe4 and I agree with them. He says:

What are your unexpected risks from the Yahoo billion account breach? 2017-06-27T15:53:40+00:00

I’m a security monitor

Irvine, CA - I have become somewhat enamored by the LifeLock commercial titled, “Fix it.” In that commercial, bank robbers come storming into a bank breaking a display and yelling, “Everybody on the floor.” As everyone hits the floor a man in a security uniform remains standing and one of the customers whispers, “Do something!” He replies, “Oh, I’m not a security guard. I’m a security monitor. I only notify people if there is a robbery.” After a brief glance around he passively says, “There’s a robbery.” The commercial narrator then says, “Why monitor a problem if you don’t fix it?”

You can view that video here.

I’m a security monitor 2017-06-28T10:31:02+00:00