Carousel Template for Bootstrap

What is MI:COP?

Executive Dashboard

The concept of a cyber common operating picture (COP) is changing the game of information security. Now an “industry best practice” in Federal government and industry, implementing a cyber COP marks a shift from the traditional “snapshot in time” assessment process, to assessing and monitoring networks, systems, threats, and controls in “near real-time”. This fresh approach to information security is focused on maintaining situational awareness of enterprise-wide information security controls and threats based on key effectiveness measures; and presenting/scoring those measures in a way that drives individuals to change their behavior – to focus more on managing risk based on impact to the mission.

Mission Innovate's MI:COP solution focuses on the following six areas:

“As-Is” Continuous Monitoring Capability Assessment
Determining the existing information security capability, asset inventory, and types/sensitivity of data are the crucial first steps towards developing or validating a MI:COP solution.
Key Effectiveness Measures
Defining the measures/metrics and specific data feeds/types (e.g., controls, threats, etc.) ensure that the MI:COP solution is monitoring what is most critical based on the mission of the organization.
Security Tools Analysis
We maintain an awareness of the security monitoring tools gaining traction in the marketplace and conduct research to determine the tools that “best fit” an organization and enable the capture of the defined measures.
SCAP Identification/Aggregation
SCAP content enables the integration of different data feeds and helps automate effectiveness measure checking and remediation.
Visualization and Scoring
Data reporting and the supporting analytics enables the prioritization of identified risks to the program. The dashboard is critical to arming the decision-makers with the information needed enable effective decision-making.
Change Management, Communications and Outreach
We understand the importance of communicating information, and know how that information is presented to different stakeholders is key to driving the appropriate behavior change.

How does it work?

Dashboard Tiers

The success of MI:COP is focused around the aggregation of disparate data feeds and the presentation of that data in one intuitive user interface. It is configured to receive inputs from the cybersecurity tools that an organization already has in place, collect the most useful information from each tool, and translate that data into a dashboard that allows the tracking of custom metrics defined by the organization to best monitor the organization's security posture.

To further assist with maintaining enterprise-wide situational awareness, the MI:COP dashboards are built on a multi-tiered system where each tier corresponds to a different level of the organizational structure. From the tier-1 Enterprise-Wide Executive Dashboard, users can see a broad view of the organization's risk profile. On tier-3 dashboards, users can see details of specific security trends for particular business units within the organization.

How do we make it work for you?

The development of a MI:COP solution involves a customization process meant to tailor the solution to the specific needs of each organization. First, we conduct a business impact assessment (BIA) to identify the critical business functions of your organization, as well as develop an understanding of how specific IT assets support those functions. Based on the results, we determine the key effectiveness measures that best suit your mission and aggregate the data feeds necessary for monitoring those measures.

Once all the expected data feeds are captured in a central database, customized algorithms (or scripts) will need to be developed to query (and organize) the dataset. These algorithms (combined with the actual database design) are where the “secret sauce” of the COP program resides. How the data feeds are organized, parsed, or prioritized is based on the design of the queries. Ultimately, the right custom queries will enable access to actionable data and improved risk decision-making.

Once the dashboard is up and running and the MI:COP solution is operational, it needs to be continuously managed and tweaked to evolve with your organization. As new IT systems, business processes, and organizational priorities arise, the different components of the MI:COP solution architecture (e.g., metrics, tools, analytics/data queries) are adjusted to suit your changing needs.

Attack Trends