CMMC Specific Resources
The CMMC will be the law of the land and compliance for DoD manufacturers will be mandatory. MISI is a leader in helping small and medium sized businesses prepare for compliance. Our test and evaluation of solutions and best practices occurs in our labs but also in the field. We leverage a broad array of technology solutions and conduct preparedness audits using the least of amount of friction. We strive in automating the process to reduce the risk.
Defense Industrial Base Cybersecurity Maturity Model (CMMC) Conference (For videos of the conference, click on the Resources Video tab.)
Resources for Manufacturers
Manufacturers are increasingly under cyber attacks that are targeted at IT, OT and IIoT systems. The age old adage of air gap is no longer a reliable answer to securing manufacturing networks. Smart robots such as COBOTS used in small and medium sized manufacturing operations while cost effective, reduce the complexity of the cyber attack challenge for a hacker. MISI specializes in the securing small and medium sized manufacturers.
Cybersecurity for Building Automation
Today's connected buildings utilize a wide range of connected technologies that integrate with IT, OT and IoT systems. Vital operations such as environmental controls for data centers can be disabled by a cyber attack and render useless the investments deployed as part of traditional cyber for IT.
Remote Automated Penetration Testing
Traditional penetration testing is labor intensive and replete with solutions that produce standardized reports. MISI leverages remote automated penetration testing that reduces the cost and accelerates the time needed to understand potential threats to your environment. Penetration testing provides an independent assessment of solutions and processes you have already invested in to determine just how compliant and cyber resilient your organization is. The DoD CMMC requires pentesting as do other policies such as PCI DSS, HIPAA, GLBA/FFIEC, and U.S. laws and policies. A pentest differs from a vulnerability assessment in that it proves to a greater extent that a known or unknown vulnerability discovered by the testing organization can be exploited. A vulnerability assessment or scan can discover what is known but does not verify the risk of exploitation that is fully possible. A pentest passively proves how a vulnerability can be exploited and the techniques that that ban be used to exploit a vulnerability. A pentest is a great way to verify that vulnerabilities have been mitigated.
CATO is a world-class tool used by multiple industries to trust but verify the cyber resiliency of the organization against external or internal cyber attacks.
Knowledge and assessments are the beginning of the journey to cyber resilience. But to ensure the ability to maximize cyber resilience, expertise is needed to mitigate vulnerabilities is needed. Find the knowledge needed to understand current threats and mitigation in our knowledge base.
Insider Threat and Anomaly Detection
The human is typically the wakes link in any organization. The employee with weak cyber hygiene, poor configuration management, credential theft, data exfiltration are all insder threats to the organization. MISI conducts test and evaluations of insider threats and in this knowledge base we provide links and information on solutions we have tested in our labs or in the field.
Cybersecurity Executive Roundtable: Selling to the Federal Government
Defense Industrial Base CMMC Conference Recap
What is the Process Towards Compliance?
Why You Should Join the CMMC Testing & Evaluation Program
Videos of the Defense Industrial Base Cybersecurity Maturity Model (CMMC) Conference
Defense Industrial Base CMMC Conference Opening and Keynote
Defense Industrial Base CMMC Conference Panel Discussion
If you have or want to have a contract with the Department of Defense containing sensitive information such as Controlled Unclassified Information (CUI), then you must follow the clauses of the Defense Federal Acquisition Regulation Supplement (DFARS).
DOD Officials Discuss Cybersecurity Standards
The Virtual CISO Podcast: CMMC What You Need to Know About DoD Cybersecurity Regulation
Virtual CISO talks with Katie Arrington about CMMC and discusses MISI and DreamPort. Click here or image below to listen.
'CMMC Made Easy' | GovCon Chamber of Commerce (20 Mar 2020)
DoD's Arrington on Game-Changing Cybersecurity Maturity Model Certification
Nozomi Networks Asset Intelligence™ continuously updates Guardian™ appliances with rich OT and IoT device data so you can identify and respond to the most important security alerts faster.
Supervisory Control and Data Acquisition (SCADA) Systems, Distributed Control Systems (DCS), and Other Control System Configurations such as Programmable Logic Controllers (PLC)
CATO matches the operational cadence of real-world attacks by executing proven campaigns, operations, and tasks honed over eight years and a million hours protecting CyberPoint's customers. The results, or CATO Findings, are automatically generated by our expert system or manually created by our experienced operators and presented to the customer through dashboard service tiles.