INFORMATION SECURITY POLICY UPDATE FOR A FINANCIAL SERVICES INSTITUTE

A well known Financial Services Institute required Mobius Consulting’s assistance in refreshing their Information Security and Information Technology Risk Management policies and standards, as well as their associated controls catalogue, to ensure the relevance of both Information Security and Information Technology controls across their hybrid IT environment – which operates both on-premise and in the cloud. This entailed that Mobius Consulting [...]

PRIVACY GAP ASSESSMENT FOR A HIGHER EDUCATION INSTITUTE

A higher education institute appointed Mobius Consulting to assist with a Privacy gap assessment and the implementation of prioritised activities focusing on POPIA, GDPR & other privacy requirements. The assessment was completed across several divisions, and a broad understanding of their current level of Data Privacy readiness was provided.  Mobius assisted the institution with the [...]

BIG DATA GOVERNANCE AND SECURITY IN THE FINANCIAL INDUSTRY

In line with changing banking regulatory requirements, a client in the financial services industry required Mobius Consulting's assistance to perform a detailed Data Governance and security review on one of their critical big data repositories. Specifically, Mobius helped the client define data flow diagrams and review current access to the data within the critical big [...]

MAKING DATA PROTECTION COMPLIANCE EASIER

A leading large FMCG organisation required SME Privacy and Information Security assistance to drive and achieve the desired level of POPIA compliance within their respective business areas in the organisation. The organisation further required a Privacy Programme to be implemented across the various Information Privacy risk themes which include: Privacy Governance  Change Management  Information Security […]

MOBIUS ASSISTS A LEADING FINANCIAL INSTITUTION IN ACHIEVING ISO27001 CERTIFICATION

Mobius Consulting assisted in implementing an Information Security Management System (ISMS) at a leading financial institution, with the primary objective of obtaining ISO27001 Certification. The scope of certification pertained to a core banking platform, along with related core banking processes. In order to ensure this was possible, Mobius used a practical and technologically-led approach to: […]

MOBIUS IMPROVED REPORTING OF INFORMATION SECURITY

Mobius Consulting assisted with improving the reporting of Information Security at a financial institution through the use of appropriate Information Security metrics and measurements at the Board and Executive levels. The primary objective of the engagement was to define the Information Security metrics and measurements, based on best practices, that should be used for effective […]

MEASURING THE INFORMATION SECURITY METRICS FOR A FINANCIAL INSTITUTION

A well known Financial Institute identified a need to enrich their Information Security strategy and enablement practices to cater for a number of requirements across compliance, risk and external regulations. In order to meet some of these requirements, they engaged Mobius to assist with the development and execution of information security metrics that support and […]

INTRODUCING AMANDA HECHTER, SENIOR MANAGING CONSULTANT

        Technology consulting brings a new level of understanding to the implementation of information technology and benefits it can have for businesses; and Senior Managing Consultant at Mobius Consulting, Amanda Hechter is one such driver of the service line.   As part of the EXCO team and a service line leader, Amanda plays […]

XSS to SHELL

ZERO-DAY ADVENTURES – UNKNOWN UNTIL WE FOUND THEM For the astute among you, you’ll notice that the chaining of these types of exploits has been seen/used often enough, but the implications thereof are often overlooked. In this write-up we delve a little deeper into a real life example of how we uncovered three zero-days in […]

INTRODUCING RAYMOND DU PLESSES, SENIOR MANAGING CONSULTANT

  BACKGROUND   Raymond du Plessis is based in Mobius’ Johannesburg office. He began his studies at the University of South Africa (UNISA) and he has gone on to complete vocational studies through professional bodies like ISACA and ISC. Raymond believes that continual education, and more importantly the knowledge that you gain from it, forms […]

STRENGTH IN DIVERSITY WITH MOBIUS CONSULTING

      DIVERSITY IN LEADERSHIP AROUND THE WORLD   A recent study by Boston Consulting Group showed that companies that value diversity amongst staff and senior management increased their revenue by 19%. The study found that “increasing the diversity of leadership teams leads to more and better innovation and improved financial performance.” It looked […]

HOW DO THE OUTCOMES OF THIRD PARTY RISK MANAGEMENT INCREASE REGULATORY COMPLIANCE IN SOUTH AFRICA?

    WHAT ARE THE COMPLIANCE DRIVERS FOR THIRD PARTY RISK MANAGEMENT IN SOUTH AFRICA   The world has officially arrived in the age of information, with an ever-increasing amount of company, client and customer data at our fingertips. The increasing amounts of available information raises the need for organisations to take more responsibility for […]

ENHANCING INFORMATION SECURITY PROGRAMMES IN MAURITIUS SINCE 2019

With Lovena Reddi, Managing Consultant for Mobius Consulting Mauritius     From South Africa to Mauritius   Mobius Consulting takes pride in empowering the largest group of companies in Mauritius with enhanced Information Security programmes. Mobius Consulting Mauritius, in collaboration with Mobius Consulting South Africa, assisted one of the largest conglomerates in Mauritius to set […]

5 STEPS TO CREATING A CYBER SECURITY INCIDENT RESPONSE FRAMEWORK

With Patrick Ryan, Amanda Hechter and Raymond du Plessis from Mobius Consulting        The NIST Cyber Security Incident Response Framework   Cyber security breaches should be taken as a “when” and not an “if” occurrence, especially given the rise in cyber attacks due to remote working. The wrong time to put your cyber security incident response plan in place is […]

[FREE INFOGRAPHIC] 3 STEPS TO A SUCCESSFUL INFORMATION SECURITY AWARENESS CAMPAIGN

With Yolandi Moodley, Senior Managing Consultant for Mobius Consulting.     We live in the digital age, where information is shared at an astronomical rate. Since remote working has become the “new normal” in a very short space of time, many companies are entering uncharted territory when it comes to managing their information security risks. […]

CORONA VIRUS AND WORKING REMOTELY

4 CRITICAL RISKS FOR A COMPANY TO MANAGE   Coronavirus poses a risk to humanity, possibly the greatest risk to our physical health that many of us have faced in our lifetime, and at the same time, unethical cybercriminals are using the pandemic as an opportunity to increase hacking attempts and phishing attacks. In order […]