News

MAKING DATA PROTECTION COMPLIANCE EASIER

A leading large FMCG organisation required SME Privacy and Information Security assistance to drive and achieve the desired level of POPIA compliance within their respective business areas in the organisation. The organisation further required a Privacy Programme to be implemented across the various Information Privacy risk themes which include: Privacy Governance  Change Management  Information Security […]

INFORMATION PRIVACY FOR A GLOBAL OIL AND GAS GIANT

A global Oil and Gas client was in the process of establishing Information Privacy operations across various regions worldwide to mature its compliance efforts with applicable Privacy legislation. While the client embarked on identifying appropriate roles and skillsets for regional Privacy Officers, and aimed to initiate implementation efforts; Mobius Consulting was required to drive Privacy […]

CYBER SECURITY AUDIT SERVICES

The Mobius Cyber Security team recently completed a Cyber Security audit for a leading asset management client in the financial services industry. The objective of the project was to provide independent assurance on the adequacy and effectiveness of key Cyber Security controls in the environment. The project included an assessment of the organisations Cyber Security […]

CYBER RELATED THIRD PARTY RISK

A leading bank needed to understand the level of cyber related risk that Third Parties and Cloud Service Providers introduced into their business, and also wanted to understand how to mitigate these risks. Mobius assisted the bank by designing and developing a Third Party Cyber Risk Management (TPCRM) approach that was tailored to their unique […]

IMPROVE YOUR ORGANISATIONS PREPAREDNESS FOR A CYBER SECURITY ATTACK

Improve your organisation’s preparedness for a cyber attack  Cyber Security and Incident Response A multinational client in the financial services industry recently asked Mobius to conduct a Cyber Security incident response review and simulation exercise. The primary objective of the project was to help improve the organisation’s readiness to respond to a major Cyber Security […]

HOME NETWORK SECURITY TESTING

A client in the Consumer Services industry was forced to make extensive use of remote working from home as a result of the COVID-19 lockdown. Their concern was that the home networks and computers used by employees were not secure, and if breached could result in various risks such as disclosure of sensitive data. The […]

FOSTERING A POSITIVE INFORMATION PRIVACY CULTURE ONE LOCATION AT A TIME

A global client in the machinery and equipment business recently asked Mobius Consulting to facilitate Information Privacy awareness training across its various sites in 8 Provinces across the country. Mobius has previously assisted this client in completing a Privacy Gap assessment and subsequently, is currently assisting with the implementation of remediation activities that were recommended […]

SECURITY TESTING PROJECT IN SOUTH AMERICA

A multinational client approached Mobius with the requirement of running two internal penetration tests and two vulnerability scans at two remote offices simultaneously. The client, however, did not have the budget for an onsite analyst at both locations, their budget allowed for only one onsite analyst at one location.  As an organisation, Mobius always endeavours […]

PRACTICE MAKES PERFECT – INCIDENT SIMULATION FOR OIL AND GAS COMPANY

Mobius recently assisted an Oil and Gas company with a Cyber Security Incident Simulation exercise. The Primary objective of the Simulation was to test the company’s playbooks and stakeholder understanding and involvement in the incident response process. The key deliverables of the project were as follows: Create a tabletop Incident Scenarios including all the possible […]

MOBIUS ASSISTS A LEADING FINANCIAL INSTITUTION IN ACHIEVING ISO27001 CERTIFICATION

Mobius Consulting assisted in implementing an Information Security Management System (ISMS) at a leading financial institution, with the primary objective of obtaining ISO27001 Certification. The scope of certification pertained to a core banking platform, along with related core banking processes. In order to ensure this was possible, Mobius used a practical and technologically-led approach to: […]

DEFINING AND IMPLEMENTING DATA GOVERNANCE

Mobius Consulting assisted a food and beverages company with defining and implementing data governance based on a custom Mobius Data Governance Framework.  The organisation’s data and technical requirements had changed and influenced a decision to move various datasets to a cloud computing service provider.  The move to the Cloud made it imperative to put in […]

MOBIUS IMPROVED REPORTING OF INFORMATION SECURITY

Mobius Consulting assisted with improving the reporting of Information Security at a financial institution through the use of appropriate Information Security metrics and measurements at the Board and Executive levels. The primary objective of the engagement was to define the Information Security metrics and measurements, based on best practices, that should be used for effective […]

CYBER SECURITY ASSESSMENT AND IMPROVEMENT ROADMAP

Mobius recently completed a Cyber Security Capability and Risk Assessment for a leading financial services organisation. The assessment was based on the NIST Cybersecurity Framework and included both a risk-based and capability maturity based assessment. The project included the development of a cybersecurity Future State Roadmap for risk reduction and improved security capability. The key […]

DEMONSTRATING THE RISKS OF USING FREE WIFI

Mobius delivered on a project to highlight the potential risks of accessing “free” wireless access points and how this can lead to a targeted attack against the user and even the company they work for. The project included the delivery of a proof of concept rogue wireless access point that was deployed at a client conference. […]

MAKING ACCESS REVIEWS EASIER AND MORE MEANINGFUL TO BUSINESS

Mobius is assisting a client in the financial industry with defining and documenting business-friendly names, descriptions and segregation of duties conflicts for access permissions/access rights on critical financial systems. Timelines to deliver on this engagement are extremely tight with role names, descriptions and segregations of duties needing to be completed for 90 applications over a […]

ASSESSING HIGH-RISK PARTIES FOR A PREMIUM FINANCIAL SERVICE GROUP

Mobius Consulting is assisting a premium financial service group in assessing their high-risk Third Parties cyber security control environment. The primary objective is to identify, profile according to the risk and then assess high-risk third parties in order to identify, log and ultimately help mitigate third party risk. Each new and existing Third Party is […]

A PRIVACY GAP ANALYSIS FOR A GLOBAL BRAND

A global brand management and distribution organisation appointed Mobius to perform a detailed Information Privacy gap analysis based on the current state of the local (South African) divisions. The objective of the project was to understand what is required to ensure compliance to the Protection of Personal Information Act (POPIA) across the business divisions as […]

MEASURING THE INFORMATION SECURITY METRICS FOR A FINANCIAL INSTITUTION

A well known Financial Institute identified a need to enrich their Information Security strategy and enablement practices to cater for a number of requirements across compliance, risk and external regulations. In order to meet some of these requirements, they engaged Mobius to assist with the development and execution of information security metrics that support and […]

4 ESSENTIAL SECURITY PRINCIPLES TO CONSIDER WHEN MOVING TO THE CLOUD

With Raymond Du Plessis and Sven Muller from Mobius Consulting.     Many large financial services companies with broad customer bases are moving to the cloud for improved accessibility, scalability, cost-effectiveness and new cloud based customer apps. However, this modernisation shift comes with its own set of challenges.  Mobius Consulting has worked closely with companies […]

INTRODUCING AMANDA HECHTER, SENIOR MANAGING CONSULTANT

        Technology consulting brings a new level of understanding to the implementation of information technology and benefits it can have for businesses; and Senior Managing Consultant at Mobius Consulting, Amanda Hechter is one such driver of the service line.   As part of the EXCO team and a service line leader, Amanda plays […]

XSS to SHELL

ZERO-DAY ADVENTURES – UNKNOWN UNTIL WE FOUND THEM For the astute among you, you’ll notice that the chaining of these types of exploits has been seen/used often enough, but the implications thereof are often overlooked. In this write-up we delve a little deeper into a real life example of how we uncovered three zero-days in […]

XSS TO SHELL

ZERO-DAY ADVENTURES – UNKNOWN UNTIL WE FOUND THEM For the astute among you, you’ll notice that the chaining of these types of exploits has been seen/used often enough, but the implications thereof are often overlooked. In this write-up we delve a little deeper into a real life example of how we uncovered three zero-days in […]

INTRODUCING RAYMOND DU PLESSES, SENIOR MANAGING CONSULTANT

  BACKGROUND   Raymond du Plessis is based in Mobius’ Johannesburg office. He began his studies at the University of South Africa (UNISA) and he has gone on to complete vocational studies through professional bodies like ISACA and ISC. Raymond believes that continual education, and more importantly the knowledge that you gain from it, forms […]

STRENGTH IN DIVERSITY WITH MOBIUS CONSULTING

      DIVERSITY IN LEADERSHIP AROUND THE WORLD   A recent study by Boston Consulting Group showed that companies that value diversity amongst staff and senior management increased their revenue by 19%. The study found that “increasing the diversity of leadership teams leads to more and better innovation and improved financial performance.” It looked […]

HOW DO THE OUTCOMES OF THIRD PARTY RISK MANAGEMENT INCREASE REGULATORY COMPLIANCE IN SOUTH AFRICA?

    WHAT ARE THE COMPLIANCE DRIVERS FOR THIRD PARTY RISK MANAGEMENT IN SOUTH AFRICA   The world has officially arrived in the age of information, with an ever-increasing amount of company, client and customer data at our fingertips. The increasing amounts of available information raises the need for organisations to take more responsibility for […]

INTRODUCING ROBERT LEN, LEAD SECURITY TESTER

Robert Len’s Background  Cape Town born, Robert Len has a Bachelor of Commerce, majoring in Information Systems. He also completed his MCSE and OSCP. Rob’s passion for information security has led him to pursue his masters in Computer Science, writing his thesis on in-browser crypto jacking.  Robert Len has specialised in information technology throughout his […]

4 ESSENTIAL SECURITY PRINCIPLES TO CONSIDER WHEN MOVING TO THE CLOUD

With Raymond Du Plessis and Sven Muller from Mobius Consulting. Many large financial services companies with broad customer bases are moving to the cloud for improved accessibility, scalability, cost-effectiveness and new cloud based customer apps. However, this modernisation shift comes with its own set of challenges.  Mobius Consulting has worked closely with companies in this […]

COMMENCEMENT OF CERTAIN SECTIONS OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 – 1 JULY 2020.

Critical Portions of the POPI Act are Scheduled to Commence   The Protection of Personal Information Act (POPIA) promotes the protection of personal information processed by public and private entities and seeks to ensure that the human right to privacy is upheld. We have noted in recent media releases that the Information Regulator has made […]

ENHANCING INFORMATION SECURITY PROGRAMMES IN MAURITIUS SINCE 2019

With Lovena Reddi, Managing Consultant for Mobius Consulting Mauritius     From South Africa to Mauritius   Mobius Consulting takes pride in empowering the largest group of companies in Mauritius with enhanced Information Security programmes. Mobius Consulting Mauritius, in collaboration with Mobius Consulting South Africa, assisted one of the largest conglomerates in Mauritius to set […]

INTRODUCING LOVENA REDDI

    Lovena Reddi’s Background    After completing her BSC degree in Computer Systems, her next step was to do her Master’s degree in Enterprise Management and later she became a qualified Microsoft Systems Engineer and Certified information Security Manager. She feels as if there is always a lot to learn because the Mobius way of consulting is new on the market.   […]

5 STEPS TO CREATING A CYBER SECURITY INCIDENT RESPONSE FRAMEWORK

With Patrick Ryan, Amanda Hechter and Raymond du Plessis from Mobius Consulting        The NIST Cyber Security Incident Response Framework   Cyber security breaches should be taken as a “when” and not an “if” occurrence, especially given the rise in cyber attacks due to remote working. The wrong time to put your cyber security incident response plan in place is […]

KNOW AND MANAGE YOUR APPLICATION SECURITY RISK DURING COVID-19

With Amanda Hechter and Raymond du Plessis from Mobius Consulting as well and Lee Bristow from Phinity Risk     Improve your Identity and Access Governance (IAG) & Assess your Application Security Risk     With COVID-19 catching much of the world off-guard, there has been a scramble for organisations to make key applications, such […]

KNOW AND MANAGE YOUR APPLICATION RISKS DURING COVID-19

With Amanda Hechter and Raymond du Plessis from Mobius Consulting as well and Lee Bristow from Phinity Risk     Improve your Identity and Access Governance (IAG) & Assess your Application Security Risk     With COVID-19 catching much of the world off-guard, there has been a scramble for organisations to make key applications, such […]

ETHICAL HACKING: 7 TESTS TO CHECK YOUR CYBER SECURITY

With Patrick Ryan, Managing Director; and Robert Len, Lead Security Tester of Mobius Consulting.      Remote Working may be the New Normal    To help slow down the spread of COVID-19, companies around the globe have sent their employees home, requiring them to work remotely. For some companies this transition to remote working was easy to implement as there has been […]

ETHICAL HACKING AND CYBER SECURITY TESTING: 7 TESTS TO CHECK YOUR CYBER SECURITY

With Patrick Ryan, Managing Director; and Robert Len, Lead Security Tester of Mobius Consulting.      Remote Working may be the New Normal    To help slow down the spread of COVID-19, companies around the globe have sent their employees home, requiring them to work remotely. For some companies this transition to remote working was easy to implement as there has been […]

[FREE INFOGRAPHIC] 3 STEPS TO SET UP A SUCCESSFUL INFORMATION SECURITY AWARENESS CAMPAIGN

With Yolandi Moodley, Senior Managing Consultant for Mobius Consulting.     We live in the digital age, where information is shared at an astronomical rate. Since remote working has become the “new normal” in a very short space of time, many companies are entering uncharted territory when it comes to managing their information security risks. […]

[FREE INFOGRAPHIC] 3 STEPS TO A SUCCESSFUL INFORMATION SECURITY AWARENESS CAMPAIGN

With Yolandi Moodley, Senior Managing Consultant for Mobius Consulting.     We live in the digital age, where information is shared at an astronomical rate. Since remote working has become the “new normal” in a very short space of time, many companies are entering uncharted territory when it comes to managing their information security risks. […]

KNOW AND MANAGE YOUR SUPPLIER SECURITY RISK DURING COVID-19

With Lee Bristow from Phinity Risk Solutions and Malcolm Parker, Senior Managing Consultant at Mobius Consulting.     Manage your Supplier Security Risk    The novel Coronavirus has created a number of challenges for society and most organisations are not well prepared to cope with this pandemic and the impact that it has on their trade. […]

KNOW AND MANAGE YOUR SUPPLIER SECURITY RISK DURING COVID-19-19

With Lee Bristow from Phinity Risk Solutions and Malcolm Parker, Senior Managing Consultant at Mobius Consulting.     Manage your Supplier Security Risk    The novel Coronavirus has created a number of challenges for society and most organisations are not well prepared to cope with this pandemic and the impact that it has on their trade. […]

HOW TO MAINTAIN CORPORATE PRIVACY IN A HOME-BASED OFFICE

With Patrick Ryan, Managing Director and Roelien Howell, Principal Consultant from Mobius Consulting.     POPIA: The Protection of Personal Information Act   The Protection of Personal Information Act (POPIA) aims to enforce protection of personal information by creating the lawful conditions for how this information must be managed. POPIA is closely related to the […]

CORONA VIRUS AND WORKING REMOTELY

4 CRITICAL RISKS FOR A COMPANY TO MANAGE   Coronavirus poses a risk to humanity, possibly the greatest risk to our physical health that many of us have faced in our lifetime, and at the same time, unethical cybercriminals are using the pandemic as an opportunity to increase hacking attempts and phishing attacks. In order […]

CORONA VIRUS AND WORKING REMOTELY

4 CRITICAL RISKS FOR A COMPANY TO MANAGE   Coronavirus poses a risk to humanity, possibly the greatest risk to our physical health that many of us have faced in our lifetime, and at the same time, unethical cybercriminals are using the pandemic as an opportunity to increase hacking attempts and phishing attacks. In order […]

MOBIUS CONSULTING & PHINITY RISK MANAGEMENT ON COVID-19

The Covid-19 (Corona Virus) pandemic is highly topical at the moment and we at Mobius Consulting have taken a clear stance on this. REMOTE WORKING Mobius Consulting has implemented, with immediate effect, a remote-working policy in the South African, Mauritius and UK offices for the next two weeks. Our clients have met this decision with […]

INTRODUCING PATRICK RYAN: MANAGING DIRECTOR AT MOBIUS CONSULTING

INTRODUCTION TO PATRICK RYAN AND THE ORIGINS OF MOBIUS CONSULTING Before starting Mobius Consulting eight years ago, Patrick Ryan worked at a number of large auditing, accounting, and tax firms in South Africa, United Kingdom, and United States, which allowed him to expand his skills, and gain invaluable experience in information and cyber security, which […]

WILL THIS BE THE YEAR WE SEE THE POPI ACT COME INTO EFFECT?

THE LONG WAIT TO ENFORCEMENT  The Protection of Personal Information Act (POPIA) was first tabled in 2005. In 2013, the President signed off the act.  Subsequently, a few developments were established, we saw the appointment of the Information Regulator in 2016 and most recently in 2019 the final regulations of the act were published. These […]

WHERE TO START WITH PRIVACY

Acting ethically means organisations need to understand their personal information processing activities together with the positive and negative impacts on all parties. This means organisations need to be effective data stewards and align processing activities with applicable privacy compliance requirements. Being compliant with privacy law / regulations may be daunting, however we have a recommended […]

MOBIUS CONSULTING CYBER SECURITY SURVEY

It is Global Cyber Awareness Month, a perfect time to review if your organisation has the required capabilities in place to handle a major cyber security incident.  Are you aware of the latest cyber security trends in the industry and how other organisations are managing cyber risk?   Take the Mobius Cyber Security Survey to […]

A LOOK AT THE GDPR AND THE RELEVANCE TO NON EU ENTITIES

It’s been almost a year since we received large amounts of emails informing us of updates to companies’ privacy policies. On May 25, 2018 the General Data Protection Regulation (GDPR) came into effect. The cost of non-compliance, with this extraterritorial regulation, for those entities which process EU citizen personal information is still as high as […]

A LOOK AT THE GDPR AND THE RELEVANCE TO NON EUROPEAN ENTITIES

It’s been almost a year since we received large amounts of emails informing us of updates to companies’ privacy policies. On May 25, 2018 the General Data Protection Regulation (GDPR) came into effect. The cost of non-compliance, with this extraterritorial regulation, for those entities which process EU citizen personal information, is still as high as [...]

MAURITIUS OPENS BORDERS TO SPECIALISED AGENCIES

Mobius Consulting hosted a Cyber Security and Privacy event at the Hennessy Park Hotel in Ebene on 12 April 2019.   Subject matter experts discussed information risks you need to be aware of :- –   risk of non-compliance with privacy regulations and balancing the legal and practical aspects of         the regulations, –  […]

CYBER SECURITY AND PRIVACY EVENT FEEDBACK FORM

Thank you so much for attending our Cybersecurity and Data Privacy event on 12 April 2019.  We are greatly thankful to you for your gesture of taking out time of your busy schedule to complete the feedback form.   Your feedback is extremely valuable to our ongoing effort to strengthen our business relationship.      

CYBER SECURITY AND PRIVACY EVENT

REGISTRATION IS NOW CLOSED We will use the information you provide for purposes related to the event. We may contact you with relevant information and/or events in future with your consent. Important note: By attending the Mobius Consulting (Ltd) (hereafter Mobius) event, you grant permission to be photographed during the event. The resulting photographs may […]

Watch out for the Grand Opening of Mobius Consulting branch in Mauritius & the first ever Security and Privacy Event in March

Watch out for the Grand Opening of Mobius Consulting branch in Mauritius & the first ever Security and Privacy Event in March where our guest speakers will take the audience through the practical aspects of complying with privacy legislation as well as an overview of our services and what difference we hope to make in […]

MOBIUS GROUP IS EXCITED TO LAUNCH THE MAURITIUS OFFICE

Mobius group is excited to launch the Mauritius office to our existing presence in South Africa and United Kingdom. We believe that our cyber security and privacy consulting services will provide value to clients in Financial Services, Hospitality, and other industries to enable them to manage their information risks in this exciting and growing market. […]

ackermans

Brandhouse

Capfin

Credit

Gijima

Massmart

Mediclinic

Old Mutual

One and Only

Storage

Korbicom

Mixtelematics

Tourvest

Mercantile Bank

Visit our stand at this year’s ISACA Conference taking place 27 and 28 August at the Sandton Convention Centre

Vodacom

Vodafone

Seacom

Radian Consulting Services

Optinet

IT Dynamics

Effcomm SA

Dimension Data

CBI: African Cables

Western Cape Government

Johannesburg Social Housing Company

Government Communication and Information System

City of Cape Town

University of the Western Cape

University of the Free State

University of Cape Town

Stellenbosch University

ASAUDIT

Wesbank

Standard Bank

Santam

Sanlam

Remgro Limited

Outsurance

Old Mutual

Mutual & Federal

Momentum Health

Metropolitan Health Group

Nedbank

Maitland

Liberty

Investec

Hollard

FirstRand

First National Bank

Discovery

Deloitte

Datacash

Coronation Fund Managers

Citadel

Capitec Bank

Cadiz Asset Management

Business Partners

Allan Gray

Direct Marketing Association of SA

Spur Corporation

Shoprite

Pick n Pay

Overberg Agri

Media 24

Lewis Group

Imperial

The Foschini Group

Diageo

City Lodge

Test vacancy

Lorem ipsum dolor sit amet, consectetur adipiscing elit, sed do eiusmod tempor incididunt ut labore et dolore magna aliqua. Ut enim ad minim veniam, quis nostrud exercitation ullamco laboris nisi ut aliquip ex ea commodo consequat. Duis aute irure dolor in reprehenderit in voluptate velit esse cillum dolore eu fugiat nulla pariatur. Excepteur sint occaecat […]

Hello world!

Welcome to WordPress. This is your first post. Edit or delete it, then start writing!

Information Regulator Media Briefing

Yesterday the newly formed Information Regulator held a public media briefing in Cape Town. Key points from the briefing are available on their website.  The Regulator is actively working on operationalising the office and gaining insights from established information regulators across various countries, including Germany and the United Kingdom. The expected commencement date of the […]

MOBIUS CONSULTING IS NOW PART OF THE IAPP VENDOR LIST

We are proud to announce that we are now part of the International Association for Privacy Professionals (IAPP) vendor list, one of the largest global privacy communities. Learn more about the IAPP: IAPP Mission and Background