The Law Offices of Mary N. Chaney, P.L.L.C.
The Cyber Security Law Firm of Texas

Mary's Blog

The Breach Whisperer

About Mary....

Mary N. Chaney, Esq., CISSP® is a former Special Agent for the FBI where she investigated cybercrime, a seasoned corporate executive that built and operated information security teams and now a cybersecurity attorney.

As a self-described “Breach Whisperer” our firm can train your company to properly prepare for your eventual breach!

The overall goal of our firm is to use our wealth of knowledge and expertise to help support, translate and advise, Boards of Directors, CIO's, CISO's and General Counsel's on how to legally protect their company from cyber related risk.

Blog Entries


 

U.S. Ballistic Missile Sites Lacks Physical and Cyber Security

See Article Here

A DoD report “found that the U.S.' ballistic missile system lacked data encryption, antivirus programs and multifactor authentication methods. The report also found that some 28-year-old vulnerabilities remain unresolved.” WHAT?!!? 28 years! Here you thought your vulnerability management program was deficient!

The report is interesting because I remember being the Information Systems Security Officer and Associate Chief Security Officer for the FBI in Los Angeles and going through audits, there would be no way this would pass muster and we didn't have missiles on site! I can guess that the systems were old and outdated, maybe not even connected to the internet… maybe. However, one of the most troubling findings was that employees at the site just let the auditors walk around without asking for any type of credentials or secret handshakes. So even if the missile systems were old and offline, the gaps in physical security could allow someone access.

An overall security program needs to address cyber and physical security and the best programs marry both because they understand that threats in the cyber world can also be performed in the physical world!