Latest Projects

Projects of the Months

2020
September 2020

Cyber Related Third Party Risk

Cyber Related Third Party Risk
A leading bank needed to understand the level of cyber related risk that Third Parties and Cloud Service Providers introduced into their business, and also wanted to understand how to mitigate these risks. Mobius assisted the bank by designing and developing a Third Party Cyber Risk Management (TPCRM) approach that was tailored to their unique requirements and environment. The solution we developed and implemented for..Read More
July 2020

Information and Access Governance Implementation Project

Information and Access Governance Implementation Project
Information and Access Governance Implementation Project   The Background The VG IAG project was a 2 year project where Mobius assisted in the IAG implementation of the Sailpoint IdenityNow solution. Although the project started off slow and was a bit of a difficult one, having a positive team to work with as well as support from the Information security manager helped.   The Mobius approach..Read More
June 2020

Improve your organisation’s preparedness for a cyber attack 

Improve your organisation’s preparedness for a cyber attack 
Improve your organisation’s preparedness for a cyber attack  Cyber Security and Incident Response A multinational client in the financial services industry recently asked Mobius to conduct a cyber security incident response review and simulation exercise. The primary objective of the project was to help improve the organisations readiness to respond to a major cyber security incident. The project included the following: Development of a cybersecurity..Read More
May 2020

Home Network Security Testing

Home Network Security Testing
A client in the Consumer Services industry was forced to make extensive use of remote working from home as a result of the COVID-19 lockdown. Their concern was that the home networks and computers used by employees were not secure, and if breached could result in various risks such as disclosure of sensitive data. The Mobius Security Testing team assisted by developing a custom built..Read More
April 2020

Check Your Blind Spot: Assessing the SAP ERP Integration Risk

Check Your Blind Spot: Assessing the SAP ERP Integration Risk
Mapping and Risk Profiling in a SAP ERP Environment A client in the Consumer and Service industry recently asked Mobius to assist in mapping and risk profiling all integrations in their SAP ERP environment. This client relies on their SAP ERP environment as the backbone of their operations and therefore ERP itself is regularly assessed and audited. However, less emphasis had been placed on assessing..Read More
March 2020

MOBIUS Helps a client foster a POSITIVE privacy culture ONE location at a time

MOBIUS Helps a client foster a POSITIVE privacy culture ONE location at a time
A global client in the machinery and equipment business recently asked Mobius Consulting to facilitate Information Privacy awareness training across its various sites in 8 Provinces across the country. Mobius has previously assisted this client in completing a Privacy Gap assessment and subsequently, is currently assisting with the implementation of remediation activities that were recommended as part of the gap assessment roadmap report. Information Privacy..Read More
January 2020

PCI DSS Independent Assessment

PCI DSS Independent Assessment
The Mobius Information Security team recently completed an independent assessment of compliance of the Payment Card Industry Data Security Standard (PCI DSS) for a client in the consumer services industry. The project included assessing compliance of all the data security requirements of PCI DSS, and assisting the client with the completion of their annual Self-Assessment Questionnaire. The project included analysing the organisation’s various functional areas..Read More
2019
December 2019

SECURITY TESTING PROJECT IN SOUTH AMERICA

Security Testing
A multinational client approached Mobius with a requirement of running two internal penetration tests and two vulnerability scans at two remote offices simultaneously.  The client, however, did not have the budget for an onsite analyst at both locations, their budget allowed for only one onsite analyst at one location.  As an organisation, Mobius always endeavors to meet our client’s needs and satisfy their requirements while..Read More
October 2019

PRACTICE MAKES PERFECT – INCIDENT SIMULATION FOR OIL AND GAS COMPANY

Cybersecurity Incident simulation
Mobius recently assisted an Oil and Gas company with a Cybersecurity Incident Simulation exercise. The Primary objective of the Simulation was to test the company’s playbooks and stakeholder understanding and involvement in the incident response process.   The key deliverables of the project were as follows: Create a tabletop Incident Scenarios including all the possible attacks defined in their existing playbooks. Develop scripts for existing..Read More
September 2019

MOBIUS ASSISTS A LEADING FINANCIAL INSTITUTION IN ACHIEVING ISO27001 CERTIFICATION

ISO27001 Certified
Mobius Consulting assisted in implementing an Information Security Management System (ISMS) at a leading financial institution, with the primary objective of obtaining ISO27001 Certification. The scope of certification pertained to a core banking platform, along with related core banking processes.   In order to ensure this was possible, Mobius used a practical and technologically-led approach to: Define the organisation’s ISMS scope Perform a gap assessment..Read More
August 2019

DEFINING AND IMPLEMENTING DATA GOVERNANCE

Data Governance Icon
Mobius Consulting assisted a food and beverages company with defining and implementing data governance based on a custom Mobius Data Governance Framework.  The organisations data and technical requirements had changed and influenced a decision to move various datasets to a cloud computing service provider.  The move to the Cloud made it imperative to put in place governance and controls to ensure that data is safeguarded..Read More
July 2019

GOVERN AND CONTROL THE USE OF CLOUD APPLICATIONS – MOBIUS CAN HELP

Moving to the cloud
Mobius Consulting assisted a large insurance institution understand their cloud application landscape and the risks these services pose to their organisation. The primary objective was to identify any shadow IT cloud applications and to assess the utilisation of these applications against the organisations authorised applications. The results were interesting and highlighted the risks of not having sufficient governance and controls in place.   In order..Read More
June 2019

MOBIUS IMPROVED REPORTING OF INFORMATION SECURITY

Information Security Icon
Mobius Consulting assisted with improving the reporting of information security at a financial institution through the use of appropriate information security metrics and measurements at the Board and Executive levels. The primary objective of the engagement was to define the information security metrics and measurements, based on best practices, that should be used for effective reporting at these various levels.   In order to complete..Read More
May 2019

CYBERSECURITY ASSESSMENT AND IMPROVEMENT ROADMAP

NITS Cybersecurity Framework
Mobius recently completed a Cybersecurity Capability and Risk Assessment for a leading financial services organisation. The assessment was based on the NIST Cybersecurity Framework and included both a risk based and capability maturity based assessment. The project included the development of a cybersecurity Future State Roadmap for risk reduction and improved security capability.   The key objective of the assessment was to determine areas of..Read More
April 2019

MOBIUS IS MAKING ACCESS REVIEWS EASIER AND MORE MEANINGFUL TO BUSINESS

Identity and Access management
Mobius is assisting a client in the financial industry with defining and documenting business friendly names, descriptions and segregation of duties conflicts for access permissions/access rights on critical financial systems. Timelines to deliver on this engagement are extremely tight with role names, descriptions and segregations of duties needing to be completed for 90 applications over a period of 3 months.  For these timelines to be..Read More
March 2019

MOBIUS DEMONSTRATES THE RISKS OF USING FREE WIFI

Wifi hacked Icon Security Testing
Mobius delivered on a project to highlight the potential risks of accessing “free” wireless access points and how this can lead to a targeted attack against the user and even the company they work for.  The project included the delivery of a proof of concept rogue wireless access point that was deployed at a client conference.  The access point allowed free internet access for any..Read More
February 2019

MOBIUS IS ASSESSING HIGH RISK THIRD PARTIES

Third Party Risk profile
Mobius Consulting is assisting a premium financial service group in assessing their high risk third parties cyber security control environment. The primary objective is to identify, profile according to risk and then assess high risk third parties in order to identify, log and ultimately help mitigate third party risk.   Each new and existing Third Party is profiled to assess the inherent risk of the..Read More
January 2019

MOBIUS PERFORMED A PRIVACY GAP ANALYSIS

Information Privacy Icon
A global brand management and distribution organisation appointed Mobius to perform a detailed Privacy gap analysis based on the current state of the local (South African) divisions. The objective of the project was to understand what is required to ensure compliance to the Protection of Personal Information Act (POPIA) across the business’ divisions as well as understand the impact of the General Data Protection Regulation..Read More
2018
December 2018

INFORMATION SECURITY METRICS AT FINANCIAL INSTITUTION

A well known Financial Institute identified a need to enrich their Information Security strategy and enablement practices to cater for a number of requirements across compliance, risk and external regulations. In order to meet some of these requirements they engaged Mobius to assist with the development and execution of information security metrics that support and measure Information Security across the business. The metrics were developed..Read More
css.php