An Effective Network Operations Center Does More Than Provide Alerts

A while back, one of Mission Critical Partners' (MCP's) long-standing clients, the Lower Rio Grande Valley Development Council (LRGVDC) in Texas, was growing increasingly frustrated with its third-party network operations center (NOC). It always is good for an emergency-response organization to enlist the services of a NOC to ensure the reliability of its mission-critical communications networks and systems and to perform network troubleshooting. But in this case, the NOC’s performance was insufficient, according to Hector Chapa, program supervisor II, who oversees the council’s communications systems and emergency communications center (ECC) ECC operations.

Cybersecurity Threat Advisory: Two Microsoft Zero-Day Attack Vulnerabilities

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their mission-critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Summary

Microsoft has addressed two zero-day vulnerabilities in last week’s rollout of security patches. A zero-day vulnerability is a software security flaw that is known to the software vendor but no patch exists to fix the flaw, creating the potential for exploitation by cybercriminals.

Cybersecurity Threat Advisory: Windows DNS Servers

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their mission-critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

Public Safety Cybersecurity Threat Advisory: Cisco WebEx Vulnerability

As part of our ongoing effort to keep our clients informed about the latest cybersecurity threats, we issue advisories whenever new threats are detected. If you would like to receive such advisories in the future, update your preferences here. 

What the Public Safety Community Can Learn From the COVID-19 Pandemic

In a recent post, I touched upon some of the novel ways that the public safety community has responded to the COVID-19 pandemic. In this post I’ll explore some of the most important lessons that have been learned.

First and foremost, all public safety agencies need continuity-of-operations (COOP) and disaster-recovery (DR) plans. We have roughly 150 subject-matter experts, and as they travel the country supporting clients, they often discover the complete lack of such plans and/or they come to realize that they haven’t been updated for quite some time. This always amazes me. Every agency should have such plans. As Benjamin Franklin said, “by failing to prepare, you are preparing to fail.” While the pandemic has brought this need into sharp focus, there are many events—tornados, floods, earthquakes, wildfires, hurricanes, hazmat incidents—that could render an emergency communications center inoperable, inaccessible or uninhabitable.

If You Do Nothing Else, Implement Multifactor Authentication to Head Off Cyberattacks

MCP’s NetInform solution leverages a variety of tools that enable our subject-matter experts to assess our clients’ communications network security postures. That assessment includes looking for vulnerabilities that could allow a bad actor to gain access to the network and then navigate through it, seeking opportunities to perform cyberattacks. Typically, a lot of vulnerabilities exist, and they’re not always easy to see. It can be something as simple as a network port being left open by a service technician after the work is done, or a former employee’s account is still active long after they left. This is problematic because numerous, easy-to-use scanning programs are readily available to hackers that enable them to probe an organization’s network to discover every open port, i.e., breach point, and attempt access.

Cybersecurity Threat Advisory: Hackers Still Are Exploiting COVID-19

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their mission-critical communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the mission-critical community’s immediate attention.

Advisory Summary

Hacking groups still are exploiting the COVID-19 pandemic as an opportunity to perform cyberattacks. The United States’ Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint alert regarding the threats. To combat these threats, their recommendations are focused on user training and good cyber hygiene. A comprehensive list of recommendations to mitigate the risk can be found on the CISA website.

Public Safety Cybersecurity Threat Advisory: Critical VMware Bug

As part of our effort to inform our clients about potential and serious cybersecurity issues, MCP provides advisories about vulnerabilities and exploits that could threaten the operations of their public safety communications networks. Sign up to receive these advisories in your inbox as soon as they are released.

This week, there is a new critical alert that requires the public safety community’s immediate attention.

Eight Tips for Protecting Public Safety Organizations Against Phishing

In this recent post on cybersecurity training, we explained why it is one of the most crucial tactics government agencies for cyberrisk prevention—specifically, we highlighted how phishing messages can infect and ultimately bring down an entire mission-critical communications network. With email being such a widely used form of communication, malicious-threat perpetrators are increasing in quantity and sophistication by the minute, looking to take advantage of email’s prevalence in order to exploit it. Statista reports that more than 55 percent of emails sent are considered spam, and many of them contain phishing exploits.

Security Training: A Key Element of a Strong Cyberrisk Prevention Program

According to a recent report by Crowdstrike, cybersecurity threats to state and local governments increased in sophistication in 2019. While there have been improvements in how government agencies detect attacks, assailants continue to be relentless and inventive in their efforts to find IT infrastructure gaps that can be exploited. In a highly complex digital environment full of cybercriminals looking to exploit your organization’s vulnerability, a self-inflected wound can be especially frustrating.

URL Integration Acquisition Bolsters MCP’s Data-Integration Capabilities

When we launched MCP a little more than a decade ago, we established some pretty aggressive growth goals, especially for a firm that was operating out of a garage and had no clients at the very beginning. Nevertheless, each goal was met with room to spare. Our ability to do so hinged on a single, overarching, inflexible focus on delighting the client.

2019: The Year in Review

This year has brought a lot of change, and excitement, to the public safety industry. From the announcement of 911 grant funding for states and tribal nations to advance their efforts to implement next generation 911 (NG911) to an increased, industry-wide focus on cybersecurity and preventing cyberattack, the groundwork has been laid for continued improvement for emergency response in 2020 and beyond.