CONGRATULATIONS TO CANDICE JACKSON, WINNER OF THE 2020 YOUNG PROFESSIONAL OF THE YEAR AWARD FROM THE ISACA SOUTH AFRICA AWARDS

The ISACA South Africa Awards are the highest honours bestowed by the Chapter on individuals in the appreciation of their active roles in the field of technology, information and cyber security, governance, risk and innovation in South Africa.     More About Candice Jackson   Candice Jackson joined Mobius Consulting as a young Senior Consultant […]

INTRODUCING AMANDA HECHTER, SENIOR MANAGING CONSULTANT

      Technology consulting brings a new level of understanding to the implementation of information technology and benefits it can have for businesses; and Senior Managing Consultant at Mobius Consulting, Amanda Hechter is one such driver of the service line.   As part of the EXCO team and a service line leader, Amanda plays a […]

XSS TO SHELL

ZERO-DAY ADVENTURES – UNKNOWN UNTIL WE FOUND THEM For the astute among you, you’ll notice that the chaining of these types of exploits has been seen/used often enough, but the implications thereof are often overlooked. In this write-up we delve a little deeper into a real life example of how we uncovered three zero-days in […]

INTRODUCING RAYMOND DU PLESSES, SENIOR MANAGING CONSULTANT

    BACKGROUND   Raymond du Plessis is based in Mobius’ Johannesburg office, and although he is well travelled, Johannesburg is still his favorite place to be. He began his studies at the University of South Africa (UNISA) and he has gone on to complete vocational studies through professional bodies like ISACA and ISC. Raymond […]

STRENGTH IN DIVERSITY WITH MOBIUS CONSULTING

    DIVERSITY IN LEADERSHIP AROUND THE WORLD A recent study by Boston Consulting Group showed that companies that value diversity amongst staff and senior management increased their revenue by 19%. The study found that “increasing the diversity of leadership teams leads to more and better innovation and improved financial performance.” It looked at 1700 […]

HOW DO THE OUTCOMES OF THIRD PARTY RISK MANAGEMENT INCREASE REGULATORY COMPLIANCE IN SOUTH AFRICA?

    WHAT ARE THE COMPLIANCE DRIVERS FOR THIRD PARTY RISK MANAGEMENT IN SOUTH AFRICA   The world has officially arrived in the age of information, with an ever-increasing amount of company, client and customer data at our fingertips. The increasing amounts of available information raises the need for organisations to take more responsibility for […]

INTRODUCING MALCOLM PARKER, SENIOR MANAGING CONSULTANT

  MALCOLM PARKER’S GLOBAL EXPERIENCE   Malcolm Parker began his career on a traditional chartered accountant route with articles at KPMG which is where he met Patrick Ryan and Lynn Martin. Quite early in his career he realised he was more passionate about IT than finance and switched to a career in IT auditing, advisory […]

INTRODUCING ROBERT LEN, LEAD SECURITY TESTER

Robert Len’s Background  Cape Town born, Robert Len has a Bachelor of Commerce, majoring in Information Systems. He also completed his MCSE and OSCP. Rob’s passion for information security has led him to pursue his masters in Computer Science, writing his thesis on in-browser crypto jacking.  Robert Len has specialised in information technology throughout his […]

4 ESSENTIAL SECURITY PRINCIPLES TO CONSIDER WHEN MOVING TO THE CLOUD

With Raymond Du Plessis and Sven Muller from Mobius Consulting.     Many large financial services companies with broad customer bases are moving to the cloud for improved accessibility, scalability, cost-effectiveness and new cloud based customer apps. However, this modernisation shift comes with its own set of challenges.  Mobius Consulting has worked closely with companies […]

COMMENCEMENT OF CERTAIN SECTIONS OF THE PROTECTION OF PERSONAL INFORMATION ACT, 2013 – 1 JULY 2020.

Critical Portions of the POPI Act are Scheduled to Commence   The Protection of Personal Information Act (POPIA) promotes the protection of personal information processed by public and private entities and seeks to ensure that the human right to privacy is upheld. We have noted in recent media releases that the Information Regulator has made […]

5 STEPS TO CREATING A CYBER SECURITY INCIDENT RESPONSE FRAMEWORK

With Patrick Ryan, Amanda Hechter and Raymond du Plessis from Mobius Consulting        The NIST Cyber Security Incident Response Framework   Cyber security breaches should be taken as a “when” and not an “if” occurrence, especially given the rise in cyber attacks due to remote working. The wrong time to put your cyber security incident response plan in place is […]

KNOW AND MANAGE YOUR APPLICATION RISKS DURING COVID-19

With Amanda Hechter and Raymond du Plessis from Mobius Consulting as well and Lee Bristow from Phinity Risk     Improve your Identity and Access Governance (IAG) & Assess your Application Security Risk     With COVID-19 catching much of the world off-guard, there has been a scramble for organisations to make key applications, such […]

ETHICAL HACKING AND CYBER SECURITY TESTING: 7 TESTS TO CHECK YOUR CYBER SECURITY

With Patrick Ryan, Managing Director; and Robert Len, Lead Security Tester of Mobius Consulting.      Remote Working may be the New Normal    To help slow down the spread of COVID-19, companies around the globe have sent their employees home, requiring them to work remotely. For some companies this transition to remote working was easy to implement as there has been […]

[FREE INFOGRAPHIC] 3 STEPS TO A SUCCESSFUL INFORMATION SECURITY AWARENESS CAMPAIGN

With Yolandi Moodley, Senior Managing Consultant for Mobius Consulting.     We live in the digital age, where information is shared at an astronomical rate. Since remote working has become the “new normal” in a very short space of time, many companies are entering uncharted territory when it comes to managing their information security risks. […]

KNOW AND MANAGE YOUR SUPPLIER SECURITY RISK DURING COVID-19-19

With Lee Bristow from Phinity Risk Solutions and Malcolm Parker, Senior Managing Consultant at Mobius Consulting.     Manage your Supplier Security Risk    The novel Coronavirus has created a number of challenges for society and most organisations are not well prepared to cope with this pandemic and the impact that it has on their trade. […]

HOW TO MAINTAIN CORPORATE PRIVACY IN A HOME-BASED OFFICE

With Patrick Ryan, Managing Director and Roelien Howell, Principal Consultant from Mobius Consulting.     POPIA: The Protection of Personal Information Act   The Protection of Personal Information Act (POPIA) aims to enforce protection of personal information by creating the lawful conditions for how this information must be managed. POPIA is closely related to the […]

CORONA VIRUS AND WORKING REMOTELY

4 CRITICAL RISKS FOR A COMPANY TO MANAGE   Coronavirus poses a risk to humanity, possibly the greatest risk to our physical health that many of us have faced in our lifetime, and at the same time, unethical cybercriminals are using the pandemic as an opportunity to increase hacking attempts and phishing attacks. In order […]

THE IMPORTANCE OF CYBER SECURITY AND THIRD PARTY RISK MANAGEMENT FOR YOUR BUSINESS

Having a solid cybersecurity and third party risk management plan for your business is paramount.

WILL THIS BE THE YEAR WE SEE THE POPI ACT COME INTO EFFECT?

THE LONG WAIT TO ENFORCEMENT  The Protection of Personal Information Act (POPIA) was first tabled in 2005. In 2013, the President signed off the act.  Subsequently, a few developments were established, we saw the appointment of the Information Regulator in 2016 and most recently in 2019 the final regulations of the act were published. These […]

WHERE TO START WITH PRIVACY

Acting ethically means organisations need to understand their personal information processing activities together with the positive and negative impacts on all parties. This means organisations need to be effective data stewards and align processing activities with applicable privacy compliance requirements. Being compliant with privacy law / regulations may be daunting, however we have a recommended […]

READY, SET… PRIVACY

We’ve certainly noticed recent changes in global Privacy regulation, including the go live date of the General Data Protection Regulation (GDPR) as well as some advances with the Protection of Personal Information Act (POPIA) – more precisely, the efforts of the Information Regulator to establish its office. Privacy has most definitely moved past the point […]

CYBER SECURITY INCIDENT RESPONSE INFOSHEET

  Hot off the press is our new Cyber Security Incident Response infosheet.   The infosheet articulates how we can help clients to improve their cyber security incident readiness through our approach of developing, adopting and testing an organisation wide response process.   Download the infosheet HERE        

A LOOK AT THE GDPR AND THE RELEVANCE TO NON EUROPEAN ENTITIES

It’s been almost a year since we received large amounts of emails informing us of updates to companies’ privacy policies. On May 25, 2018 the General Data Protection Regulation (GDPR) came into effect. The cost of non-compliance, with this extraterritorial regulation, for those entities which process EU citizen personal information is still as high as […]

NIST RELEASES VERSION 1.1 OF ITS POPULAR CYBER SECURITY FRAMEWORK

Credit: N. Hanacek/NIST GAITHERSBURG, Md.—The U.S. Commerce Department’s National Institute of Standards and Technology (NIST) has released version 1.1 of its popular Framework for Improving Critical Infrastructure Cyber security, more widely known as the Cyber security Framework. “Cyber security is critical for national and economic security,” said Secretary of Commerce Wilbur Ross. “The voluntary NIST Cyber […]

MOBIUS CONSULTING IS NOW PART OF THE IAPP VENDOR LIST

We are proud to announce that we are now part of the International Association for Privacy Professionals (IAPP) vendor list, one of the largest global privacy communities. Learn more about the IAPP: IAPP Mission and Background

css.php