SDVOSB Logo
-

ALERT: Due to the global COVID - 19 pandemic, the United States cybersecurity risk exposure is at a "GUARDED" alert level

-

ALERT: Due to the global COVID - 19 pandemic & employees remotely working, the risk of corporate espionage &  cybersecurity risk exposure is at an "ELEVATED" alert level

-

ALERT: The Department of Homeland Security CISA has issued IT security risks related to the Russian APT 29 "Cozy Bear" hacking group and SolarWinds SunBurst Malware "ELEVATED" alert level

Ready to find out more?

Select link for US - CERT CISA Report

Click Here

ALERT: The Department of Homeland Security has issued IT security risks related to the Chinese Communist Party (CCP) and the Peoples Republic of China (PRC) "ELEVATED" alert level

Ready to find out more?

Select link for DHS Report

Click Here
MISSION "defined" --- MISSION "secured" ---
with the leadership & insight from
MISSION INSIGHT

MISSION INSIGHT will move your CyberSecurity Governance maturity from the "REACTIVE & PROACTIVE" maturity levels to

"PREDICTIVE & OFFENSIVE" maturity levels!

Capture

POA&M Actions To Secure Your Infrastructure ---

Select Fix
MS ISAC Related Resource CIS Control3

Ready to find out more about this CIS Control to improve your security profile?

Review the CIS Control 3: Continuous Vulnerability Assessment & Remediation

Click Here
The current CYBERTHREAT level of the United States based on MS-ISAC and other alerting agencies - JANUARY 2021
MS ISAC Last Mnt Alert Level May 2019

On December 30, the Cyber Threat Alert Level was evaluated and is remaining at Blue (Guarded) due to vulnerabilities in SolarWinds and ArubaNetworks products. On December 28, the MS-ISAC released an updated advisory for multiple vulnerabilities in SolarWinds Orion, the most severe of which could allow for arbitrary code execution. This update described a newly discovered vulnerability that was also fixed in the latest patches for the Orion platform. On December 29, the MS-ISAC released an advisory for multiple vulnerabilities in ArubaNetworks ArubaOS and SD-WAN, which could allow for arbitrary code execution. Organizations and users are advised to update and apply all appropriate vendor security patches to vulnerable systems and to continue to update their antivirus signatures daily. Another line of defense includes user awareness training regarding the threats posed by attachments and hypertext links contained in emails especially from un-trusted sources.

BLUE or GUARDED indicates a general risk of increased hacking, virus, or other malicious activity. The potential exists for malicious cyber activities, but no known exploits have been identified, or known exploits have been identified but no significant impact has occurred.

Examples:

A critical vulnerability is discovered but no exploits are reported.

A critical vulnerability is being exploited but there has been no significant impact.

A new virus is discovered with the potential to spread quickly.

There are credible warnings of increased probes or scans.

A compromise of non-critical system(s) did not result in loss of data.

Actions:

Continue recommended actions from previous level.

Identify vulnerable systems.

Implement appropriate countermeasures to protect vulnerable systems.

When available, test and implement patches, install anti-virus updates, etc., in the next regular cycle.

Notification:

Notification via our website will be done concurrently with the Alert Level change.

Ready to find out more?

What is your CyberSecurity Governance & support operations maturity levels?
Click Here
"Battlefields to Boardrooms" MISSION INSIGHT provides the "insight" to your strategic "mission"

Interested in joining our MI team?

MISSION INSIGHT is currently looking for highly skilled  CyberSecurity Governance, AWS Cloud IT support & training professionals to support the MD THINK program in Linthicum Maryland.
Do you have the skills to support the MISSION? 
Open Positions

Ready to find out more?

Select link for US - CERT CISA Report

Click Here
-
-
-
-
logo-web

CyberService: GRC Management

MI will lead the implementation of a comprehensive, measured & scalable governance, risk, and compliance (GRC) program that will enable organizations to address & measure with KPIs, KGIs, & KRIs the multiple factors that are essential in managing and controlling your enterprise risk.

Learn More

CyberService: Cyber Maturity Management

MI will design, implement & manage a comprehensive and measured CyberResiliency Baseline & Improvement Assessment program that aligns with the NIST CSF and COBIT frameworks and will drive process innovation throughout your enterprise.

Learn More

CyberService: Cyber Risk Management

MI delivers on identifying risk & will support your enterprise Cyber Risk objectives with our Cyber Risk Management services. We help organizations identify, define & measure the many security challenges they face in their 'day-2-day" operations — supporting risk-based decisions and improved cybersecurity, reducing costs related to managing security risk, and improving their overall cybersecurity posture.

Learn More

IntelService: Competitive Intelligence

A critical component of risk for any organization is the unknown risk of the market landscape your business operates in. Are you ware of your true competitors or the known cyber threats that target your unique industry? MI can assess your current state market & competitive posture, identify known cyber vulnerabilities & threat remediation with detailed Plans of Action & Milestones (POA&Ms) and will provide a defined market landscape road-map that identifies your risk, known threats related to both cybersecurity & competition to drive your unique selling proposition (USP) & strategies through the implementation of actionable & quantitative key performance indicators (KPIs), key risk indicators (KRIs) & key goal indicators (KGIs).

Learn More

MISSION INSIGHT

MISSION INSIGHT is a certified "Veterans Owned Small Business" (VOSB) with a "reach-out" mission to transform our Veterans that have served our country into highly valued business consultants. MISSION INSIGHT focuses on securing insight to drive operational improvements to your CyberIntelligence & MarketIntelligence models for your business mission.

MISSION INSIGHT can assess your current state Security Governance functionality & work with your Security Team to mature to a new Capability Maturity Model level.

MISSION INSIGHT can construct a Security Governance that is built on the business foundation of the CyberSecurity Framework (CSF) and the technical foundation of the Risk Management Framework (RMF) to maximize your effectiveness in the identification of the few vulnerabilities that have the highest probability of exploitation.

MISSION INSIGHT is presently engaged with the State of Maryland in a support role providing a process driven Security Governance capability maturity model assessment to ensure the highest standards are met in securing the IT AWS infrastructure for the cutting-edge State of Maryland DHS MD THINK initiative that will serve as a model for the nation.

cyber-security-1805246__340

RSS SANS Institute Security Awareness Tip of the Day

  • Anti-Virus
    Make sure you have anti-virus software installed on your computer and that it is automatically updating. However, keep in mind that no anti-virus can catch all malware; your computer can still be infected. That is why it's so important you use common sense and be wary of any messages that seem odd or suspicious.
  • Hosting a Video Conference
    When hosting a video conference, make sure you password protect the conference so only authorized individuals can join. If there are any strangers or people who you do not recognize on the call, remove them.
  • Unique Passwords
    Make sure each of your accounts has a separate, unique password. Can't remember all of your passwords/passphrases? Consider using a password manager to securely store all of them for you.
  • Two-Step Verification
    Two-step verification (also called two-factor authentication or 2FA) is one of the best steps you can take to secure any account. Two-step verification is when you require both a password and code sent to or generated by your mobile device. At a minimum enable two-step verification for your most important accounts such as email, financial […]
  • Major News Events
    When a major news event happens, cyber criminals will take advantage of the incident and send phishing emails with a subject line related to the event. These phishing emails often include a link to malicious websites, an infected attachment or are a scam designed to trick you out of your money.

Ready to protect your business...

MISSION INSIGHT can provide a 30 minute consultation to assess your cybersecurity or market intelligence risks and provide an "Insight" strategy road-map on how to drive operation improvements to your expanding "Mission".

Call to Action
VOSB3