Welcome to i2IS
CYBER INGENUITY™ is an end-to-end security design and implementation solution.
CYBER OpSentry™ is the i2IS dual-track capability for improving cybersecurity posture and actively defending against advanced cyberspace threats. Cybersecurity with i2IS is a dynamic, vigilant, operational – 24/7 capability. We conduct our dual-track method in two categories: Active defense and security controls. Features of both include:
CYBER OpSentry™ can be installed on-site with security services conducted internally or through managed service support from i2IS; or, i2IS can provide comprehensive remote managed security services from the i2IS Network Operations Center (NOC). The Active Defense track ensures that malicious activity is identified at the network internet access point (ingress/egress), and enables network administrators to remediate threats immediately. The Security Controls track uses industry best practices to ensure proper configuration management, vulnerability assessment and penetration testing so that a security baseline is established – and in the event of a compromise, restored.
The best technological security solutions can be quickly and easily defeated by network users – and the current threats from cyberspace regularly use social engineering techniques to trick users into errors that enable unauthorized access to your organization network. i2IS addresses this vulnerability through expert training – training designed to modify human behavior.
Users commonly use the Internet – surfing, emailing, tweeting, texting and downloading. Awareness of threats among users is woefully deficient. Many vendors provide “awareness training”. Few, however, modify behavior in ways that align with the security plans of IT managers, compliance directors, or the security strategy of executive leadership.
CYBER CITIZENSHIP™ is designed to instill user ‘ownership’ for their online behavior. Its purpose is to add a training control to one of the many risks emerging from cyberspace.
i2IS leverages the industry-acclaimed training methodology of Imprimis, Inc. (i2). i2 led the course development for the establishment of the US Army Ground-Based Mid-Course Defense Training and Education Center (GTEC). The GTEC, with Imprimis functioning as project manager and lead trainer for the past ten years, received the Training Center of Excellence Accreditation through the US Army in 2005 and revalidated in 2008. This world class approach to training includes Instructional System Design (ISD) methodology and Interactive Media Instruction (IMI), initiated through a training baseline and proceeding with a series of managed spiral upgrades. Additional methodology information can be found at http://www.imprimis-inc.com/i2WebSite/Capability/index.php.
Assessing risk is an on-going process. Certain compliance regimes require a written security plan. While a good first step, the i2IS methodology incorporates a strategic framework to ensure all components are integrated into a comprehensive cybersecurity posture. Training, metrics, compliance and oversight, enforcement, and incident response must be incorporated in a governance structure to enable an organization to implement, execute, monitor and improve its overall cybersecurity defense capabilities.
i2IS also leverages its cross-disciplinary approach, especially law, privacy and compliance expertise, to ensure customers implement a governance strategy that addresses all applicable risk mitigation considerations.
At i2IS, the team’s executive-level, functional and programmatic, government, and industry background enables informed thinking and creativity that helps organizations in multiple ways: alternative risk mitigation strategies, cybersecurity insurance, strategic cybersecurity business development, incident response, culture change agent, public-private partnerships, information sharing frameworks, and “Reasonable Security” advising. In short, we can help you understand cybersecurity risks and opportunities, and the gamut of cybersecurity issue areas (scientific, societal, privacy, governmental and private sector).
The end-to-end security design and implementation solution is offered through our consulting services.
We developed CYBER INGENUITY™ because the single-discipline approach does not adequately address the asymmetric nature of cybersecurity.
For additional information, please contact firstname.lastname@example.org.
A fuel distribution firm in North Carolina lost more than $800,000 in a cyberheist this month. Had the victim company or its bank detected the unauthorized activity sooner, the loss would have been far less. But both parties failed to notice the attackers coming and going for five days before being notified by a reporter.
Hardly a week goes by when I don't hear from some malware researcher or reader who's discovered what appears to be a new sample of malicious software or nasty link that invokes this author's name or the name of this blog. I've compiled this post to document a few of these examples, some of which are quite funny.
Criminal commerce on the Internet would mostly grind to a halt were it not for the protection offered by so-called "bulletproof hosting" providers -- the online equivalent of offshore havens where shady dealings go ignored. Last month I had an opportunity to interview a provider of bulletproof services for one of the Web's most notorious cybercrime forums, and who appears to have been at least partly responsible for launching what's been called the largest cyber attack the Internet has ever seen.
On Monday, I profiled asylumbooter.com, one of several increasingly public DDoS-for-hire services posing as Web site "stress testing" services. Today, we'll look at ragebooter.net, yet another attack service except for one secret feature which sets it apart from the competition: According the site's proprietor, ragebooter.net includes a hidden backdoor that lets the FBI monitor customer activity.
Microsoft and Adobe today each released updates to fix critical security holes in their software. Microsoft's patch batch tackles at least 33 vulnerabilities in Windows and other products, including a fix for a zero-day vulnerability in Internet Explorer 8 that attackers have been exploiting. Separately, Adobe pushed security updates for Flash Player, Adobe Reader, Acrobat and Adobe AIR.
i2 Information Security Corp © 2013
i2IS is a service-disabled veteran-owned small business