Latest Projects

Projects of the Months

2019
September 2019

Mobius assists a leading Financial Institution in achieving ISO27001 Certification

ISO27001 Certified
Mobius Consulting assisted in implementing an Information Security Management System (ISMS) at a leading financial institution, with the primary objective of obtaining ISO27001 Certification. The scope of certification pertained to a core banking platform, along with related core banking processes.   In order to ensure this was possible, Mobius used a practical and technologically-led approach to: Define the organisation’s ISMS scope Perform a gap assessment..Read More
August 2019

Defining and implementing Data Governance

Data Governance Icon
Mobius Consulting assisted a food and beverages company with defining and implementing data governance based on a custom Mobius Data Governance Framework.  The organisations data and technical requirements had changed and influenced a decision to move various datasets to a cloud computing service provider.  The move to the Cloud made it imperative to put in place governance and controls to ensure that data is safeguarded..Read More
July 2019

Govern and control the use of cloud applications – Mobius can help

Moving to the cloud
Mobius Consulting assisted a large insurance institution understand their cloud application landscape and the risks these services pose to their organisation. The primary objective was to identify any shadow IT cloud applications and to assess the utilisation of these applications against the organisations authorised applications. The results were interesting and highlighted the risks of not having sufficient governance and controls in place.   In order..Read More
June 2019

Mobius Consulting improved reporting of Information Security

Information Security Icon
Mobius Consulting assisted with improving the reporting of information security at a financial institution through the use of appropriate information security metrics and measurements at the Board and Executive levels. The primary objective of the engagement was to define the information security metrics and measurements, based on best practices, that should be used for effective reporting at these various levels.   In order to complete..Read More
May 2019

Cybersecurity assessment and improvement roadmap

NITS Cybersecurity Framework
Mobius recently completed a Cybersecurity Capability and Risk Assessment for a leading financial services organisation. The assessment was based on the NIST Cybersecurity Framework and included both a risk based and capability maturity based assessment. The project included the development of a cybersecurity Future State Roadmap for risk reduction and improved security capability.   The key objective of the assessment was to determine areas of..Read More
April 2019

MOBIUS IS MAKING ACCESS REVIEWS EASIER AND MORE MEANINGFUL TO BUSINESS

Identity and Access management
Mobius is assisting a client in the financial industry with defining and documenting business friendly names, descriptions and segregation of duties conflicts for access permissions/access rights on critical financial systems. Timelines to deliver on this engagement are extremely tight with role names, descriptions and segregations of duties needing to be completed for 90 applications over a period of 3 months.  For these timelines to be..Read More
March 2019

MOBIUS DEMONSTRATES THE RISKS OF USING FREE WIFI

Wifi hacked Icon Security Testing
Mobius delivered on a project to highlight the potential risks of accessing “free” wireless access points and how this can lead to a targeted attack against the user and even the company they work for.  The project included the delivery of a proof of concept rogue wireless access point that was deployed at a client conference.  The access point allowed free internet access for any..Read More
February 2019

MOBIUS IS ASSESSING HIGH RISK THIRD PARTIES

Third Party Risk profile
Mobius Consulting is assisting a premium financial service group in assessing their high risk third parties cyber security control environment. The primary objective is to identify, profile according to risk and then assess high risk third parties in order to identify, log and ultimately help mitigate third party risk.   Each new and existing Third Party is profiled to assess the inherent risk of the..Read More
January 2019

MOBIUS PERFORMED A PRIVACY GAP ANALYSIS

Information Privacy Icon
A global brand management and distribution organisation appointed Mobius to perform a detailed Privacy gap analysis based on the current state of the local (South African) divisions. The objective of the project was to understand what is required to ensure compliance to the Protection of Personal Information Act (POPIA) across the business’ divisions as well as understand the impact of the General Data Protection Regulation..Read More
2018
December 2018

INFORMATION SECURITY METRICS AT FINANCIAL INSTITUTION

A well known Financial Institute identified a need to enrich their Information Security strategy and enablement practices to cater for a number of requirements across compliance, risk and external regulations. In order to meet some of these requirements they engaged Mobius to assist with the development and execution of information security metrics that support and measure Information Security across the business. The metrics were developed..Read More