Welcome!

News Feed Item

Lunarline Advises Organizations to Adopt NIST's Critical Infrastructure Cybersecurity Recommendations

COO Keith Mortier asks: "How much longer will this remain voluntary?"

ARLINGTON, Va., March 11, 2014 /PRNewswire/ -- Following NIST's final release of the much-discussed Framework for Improving Critical Infrastructure Cybersecurity, Lunarline is strongly advising critical infrastructure owners and operators to adopt these recommendations.

Lunarline logo

Taking direction from a 2013 executive order for improving critical infrastructure cyber security, NIST partnered with key stakeholders in the public and private sectors to design a voluntary framework for reducing cyber risks. The agency published its plan for this framework in October 2013, followed by a final release on February 12. Both events were met with significant discussion among cyber security professionals.

Lunarline's COO Keith Mortier endorsed the framework's design.

"I think it provides an excellent, balanced approach to critical infrastructure security," he said. "It is a great example of government and industry working together to provide enough guidance – not too much, but just enough – to ensure that everyone is working together to protect our nation's critical infrastructure."

"However, industry needs to be careful," he added. "This program is currently voluntary. But the Government isn't shy about compelling compliance, especially not when national security is at stake."  

According to Mr. Mortier, there are several critical features to this framework. These include:   

  • A flexible design that allows organizations to adapt the platform to meet their unique security requirements.
  • An emphasis on risk-management, allowing organizations to establish risk tolerances and make informed decisions on acceptable risk.
  • A technology agnostic design that enables organizations to continue using existing technologies while driving continuous improvement in security posture.
  • Specific implementation examples to help providers review and improve existing cyber security practice.
  • A foundation in industry accepted approaches, allowing organizations to continue using existing standards (e.g. COBIT, SOC, ISO, FISMA), while building in additional controls.

"If I were a critical infrastructure owner or operator, I'd pay pretty close attention to these developments," said Spence Witten, Lunarline's Director of Federal Sales. "As we've seen with FISMA, FedRAMP and DIACAP, security compliance can go from voluntary to mandatory with the stroke of a pen. Vendors that prepare in advance reap the benefits. The rest get left behind."     

About Lunarline
Lunarline is a leading provider of cyber security services, training and products to the DoD, intelligence, civilian and private-sector communities. Lunarliners keep pretty busy, battling advanced persistent threats, dissecting the latest cyber attacks and flying around the world in support of rapid incident response. But every now and then we find time to put out a press release or two – just to let the world know how awesome we are.

For more information about Lunarline, please visit www.Lunarline.com

For press inquires, please contact Michelle Payne, Mischa Communications, Inc., at [email protected] or 202-596-7804.

Logo - http://photos.prnewswire.com/prnh/20110622/PH24580LOGO

SOURCE Lunarline

More Stories By PR Newswire

Copyright © 2007 PR Newswire. All rights reserved. Republication or redistribution of PRNewswire content is expressly prohibited without the prior written consent of PRNewswire. PRNewswire shall not be liable for any errors or delays in the content, or for any actions taken in reliance thereon.

Latest Stories
What happens when the different parts of a vehicle become smarter than the vehicle itself? As we move toward the era of smart everything, hundreds of entities in a vehicle that communicate with each other, the vehicle and external systems create a need for identity orchestration so that all entities work as a conglomerate. Much like an orchestra without a conductor, without the ability to secure, control, and connect the link between a vehicle’s head unit, devices, and systems and to manage the ...
"Once customers get a year into their IoT deployments, they start to realize that they may have been shortsighted in the ways they built out their deployment and the key thing I see a lot of people looking at is - how can I take equipment data, pull it back in an IoT solution and show it in a dashboard," stated Dave McCarthy, Director of Products at Bsquare Corporation, in this SYS-CON.tv interview at @ThingsExpo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
In his session at Cloud Expo, Robert Cohen, an economist and senior fellow at the Economic Strategy Institute, provideed economic scenarios that describe how the rapid adoption of software-defined everything including cloud services, SDDC and open networking will change GDP, industry growth, productivity and jobs. This session also included a drill down for several industries such as finance, social media, cloud service providers and pharmaceuticals.
In IT, we sometimes coin terms for things before we know exactly what they are and how they’ll be used. The resulting terms may capture a common set of aspirations and goals – as “cloud” did broadly for on-demand, self-service, and flexible computing. But such a term can also lump together diverse and even competing practices, technologies, and priorities to the point where important distinctions are glossed over and lost.
Data is the fuel that drives the machine learning algorithmic engines and ultimately provides the business value. In his session at Cloud Expo, Ed Featherston, a director and senior enterprise architect at Collaborative Consulting, discussed the key considerations around quality, volume, timeliness, and pedigree that must be dealt with in order to properly fuel that engine.
All clouds are not equal. To succeed in a DevOps context, organizations should plan to develop/deploy apps across a choice of on-premise and public clouds simultaneously depending on the business needs. This is where the concept of the Lean Cloud comes in - resting on the idea that you often need to relocate your app modules over their life cycles for both innovation and operational efficiency in the cloud. In his session at @DevOpsSummit at19th Cloud Expo, Valentin (Val) Bercovici, CTO of Soli...
Enterprise IT has been in the era of Hybrid Cloud for some time now. But it seems most conversations about Hybrid are focused on integrating AWS, Microsoft Azure, or Google ECM into existing on-premises systems. Where is all the Private Cloud? What do technology providers need to do to make their offerings more compelling? How should enterprise IT executives and buyers define their focus, needs, and roadmap, and communicate that clearly to the providers?
SYS-CON Events announced today that Dataloop.IO, an innovator in cloud IT-monitoring whose products help organizations save time and money, has been named “Bronze Sponsor” of SYS-CON's 20th International Cloud Expo®, which will take place on June 6-8, 2017, at the Javits Center in New York City, NY. Dataloop.IO is an emerging software company on the cutting edge of major IT-infrastructure trends including cloud computing and microservices. The company, founded in the UK but now based in San Fran...
Join Impiger for their featured webinar: ‘Cloud Computing: A Roadmap to Modern Software Delivery’ on November 10, 2016, at 12:00 pm CST. Very few companies have not experienced some impact to their IT delivery due to the evolution of cloud computing. This webinar is not about deciding whether you should entertain moving some or all of your IT to the cloud, but rather, a detailed look under the hood to help IT professionals understand how cloud adoption has evolved and what trends will impact th...
In his session at 19th Cloud Expo, Claude Remillard, Principal Program Manager in Developer Division at Microsoft, contrasted how his team used config as code and immutable patterns for continuous delivery of microservices and apps to the cloud. He showed how the immutable patterns helps developers do away with most of the complexity of config as code-enabling scenarios such as rollback, zero downtime upgrades with far greater simplicity. He also demoed building immutable pipelines in the cloud ...
"We are the public cloud providers. We are currently providing 50% of the resources they need for doing e-commerce business in China and we are hosting about 60% of mobile gaming in China," explained Yi Zheng, CPO and VP of Engineering at CDS Global Cloud, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
Businesses and business units of all sizes can benefit from cloud computing, but many don't want the cost, performance and security concerns of public cloud nor the complexity of building their own private clouds. Today, some cloud vendors are using artificial intelligence (AI) to simplify cloud deployment and management. In his session at 20th Cloud Expo, Ajay Gulati, Co-founder and CEO of ZeroStack, will discuss how AI can simplify cloud operations. He will cover the following topics: why clou...
"We are a custom software development, engineering firm. We specialize in cloud applications from helping customers that have on-premise applications migrating to the cloud, to helping customers design brand new apps in the cloud. And we specialize in mobile apps," explained Peter Di Stefano, Vice President of Marketing at Impiger Technologies, in this SYS-CON.tv interview at 19th Cloud Expo, held November 1-3, 2016, at the Santa Clara Convention Center in Santa Clara, CA.
IoT solutions exploit operational data generated by Internet-connected smart “things” for the purpose of gaining operational insight and producing “better outcomes” (for example, create new business models, eliminate unscheduled maintenance, etc.). The explosive proliferation of IoT solutions will result in an exponential growth in the volume of IoT data, precipitating significant Information Governance issues: who owns the IoT data, what are the rights/duties of IoT solutions adopters towards t...
As data explodes in quantity, importance and from new sources, the need for managing and protecting data residing across physical, virtual, and cloud environments grow with it. Managing data includes protecting it, indexing and classifying it for true, long-term management, compliance and E-Discovery. Commvault can ensure this with a single pane of glass solution – whether in a private cloud, a Service Provider delivered public cloud or a hybrid cloud environment – across the heterogeneous enter...