Cyber threats and cyber crime are on the rise. Criminals are exploiting the complexity of our expanding networks to infect systems, steal data, and ransom systems. But that’s only half the story. Learn how to balance your organization’s productivity with robust prevention, detection, and response.
MODERN THREAT LANDSCAPE
Is your business challenged around Cyber Security and Identity Management?
South Africa has the
3rd Highest Number Of
Cyber Crime Victims Worldwide …
Success starts with security. Choosing the right security partner should never carry the same stress as having to deal with a security breach. BUI makes use of the NIST CSF framework which was designed with the intent that individual businesses and other organizations use an assessment of the business risks they face to guide their use of the framework in a cost-effective way.
Our Approach
BUI follows the NIST Cyber Security Framework and we included four of the five Core Functions from the NIST CSF: Identify, Protect, Detect and Respond, because BUI can help with most of the subcategories under those four high level functions. With BUI as your cyber security partner, you’ll not only be able to leverage our experience and expertise – to protect what matters most to you, your digital assets.
What we can help you achieve
The most effective way to protect against exposure to vulnerabilities is to develop intelligence around your assets via assessment and to harden these systems to minimise your attack landscape. We will help assess your cybersecurity program.
Breaches
60
Security Products
75
Success starts with security
Security is the number one focus and priority for organizations today.
Learn MoreCybersecurity isn't an IT problem, it's a business problem
That’s why it’s important to share articles and examples of how disruptive an attack can be to business.
Want to embed cyber security at the heart of your business?
We can help you protect your digital assets. The cyber ecosystem is become very complex and lightning fast. While it’s necessary to invest in protection, incidents will occur. Rapid response is key to minimising brand damage and financial loss. Protection, detection and response are interdependent. Leading practice needs a cohesive relationship between technology risk, information security, forensics and operational teams.
How much can you afford to lose?
The data, personnel, devices, systems, and facilities that enable the organization to achieve business purposes are identified and managed consistent with their relative importance to business objectives and the organization’s risk strategy.
Our Focus Areas
- Physical devices and systems within the organization are inventoried
- Software platforms and applications within the organization are inventoried
- Organizational communication and data flows are mapped
- External information systems are catalogued
The organization’s mission, objectives, stakeholders, and activities are understood and prioritized; this information is used to inform cybersecurity roles, responsibilities, and risk management decisions.
Our Focus Areas
- The organization’s role in the supply chain is identified and communicated
- The organization’s place in critical infrastructure and its industry sector is identified and communicated
- Priorities for organizational mission, objectives, and activities are established and communicated
- Dependencies and critical functions for delivery of critical services are established
The organization understands the cybersecurity risk to organizational operations (including mission, functions, image, or reputation), organizational assets, and individuals.
Our Focus Areas
- Asset vulnerabilities are identified and documented
- Threat and vulnerability information is received from information sharing forums and sources
- Threats, both internal and external, are identified and documented
- Threats, vulnerabilities, likelihoods, and impacts are used to determine risk
- Access Control
- Awareness and Training
- Data Security
- Information Protection Processes and Procedures
- Protective Technology
Who is really accessing your network and data?
Access to assets and associated facilities is limited to authorized users, processes, or devices, and to authorized activities and transactions.
Our Focus Areas
- Identities and credentials are managed for authorized devices and users
- Physical access to assets is managed and protected
- Remote access is managed
- Access permissions are managed, incorporating the principles of least privilege and separation of duties
The organization’s personnel and partners are provided cybersecurity awareness education and are adequately trained to perform their information security-related duties and responsibilities consistent with related policies, procedures, and agreements.
Our Focus Areas
- All users are informed and trained
- Privileged users understand roles & responsibilities
- Third-party stakeholders (e.g., suppliers, customers, partners) understand roles & responsibilities
- Senior executives understand roles & responsibilities
Information and records (data) are managed consistent with the organization’s risk strategy to protect the confidentiality, integrity, and availability of information.
Our Focus Areas
- Data-at-rest is protected
- Data-in-transit is protected
- Assets are formally managed throughout removal, transfers, and disposition
- Protections against data leaks are implemented
Security policies (that address purpose, scope, roles, responsibilities, management commitment, and coordination among organizational entities), processes, and procedures are maintained and used to manage protection of information systems and assets.
Our Focus Areas
- A baseline configuration of information technology/industrial control systems is created and maintained
- Configuration change control processes are in place
- Backups of information are conducted, maintained, and tested periodically
- Policy and regulations regarding the physical
operating environment for
organizational assets are met
Technical security solutions are managed to ensure the security and resilience of systems and assets, consistent with related policies, procedures, and agreements.
Our Focus Areas
- Audit/log records are determined, documented, implemented, and reviewed in accordance with policy
- Removable media is protected and its use restricted according to policy
- Access to systems and assets is controlled, incorporating the principle of least functionality
- Communications and control networks are protected
Can you Detect suspicious activity right away?
Anomalous activity is detected in a timely manner and the potential impact of events is understood.
Our Focus Areas
- A baseline of network operations and expected data flows for users and systems is established and managed
- Detected events are analyzed to understand attack targets and methods
- Event data are aggregated and correlated from multiple sources and sensors
- Incident alert thresholds are established
The information system and assets are monitored at discrete intervals to identify cybersecurity events and verify the effectiveness of protective measures.
Our Focus Areas
- The network is monitored to detect potential cybersecurity events
- The physical environment monitored to detect potential cybersecurity events
- Personnel activity is monitored to detect potential cybersecurity events
- Unauthorized mobile code is detected
- Monitoring for unauthorized personnel, connections, devices, and software is performed
- Vulnerability scans are performed
Detection processes and procedures are maintained and tested to ensure timely and adequate awareness of anomalous events.
Our Focus Areas
- Roles and responsibilities for detection are well defined to ensure accountability
- Detection activities comply with all applicable requirements*
- Detection processes are tested
- Event detection information is communicated to appropriate parties*
- Detection processes are continuously improved
Threats are evolving, are you?
Response processes and procedures are executed and maintained, to ensure timely response to detected cybersecurity events.
Our Focus Areas
- Response plan is executed during or after an event
Response activities are coordinated with internal and external stakeholders, as appropriate, to include external support from law enforcement agencies.
Our Focus Areas
- Personnel know their roles and order of operations when a response is needed
- Events are reported consistent with established criteria
- Information is shared consistent with response plans
Analysis is conducted to ensure adequate response and support recovery activities.
Our Focus Areas
- Notifications from detection systems are investigated
- The impact of the incident is understood*Detection activities comply with all applicable requirements
- Forensics are performed
Activities are performed to prevent expansion of an event, mitigate its effects, and eradicate the incident.
Our Focus Areas
- Incidents are contained
- Incidents are mitigated
- Newly identified vulnerabilities are mitigated or documented as accepted risks
Organizational response activities are improved by incorporating lessons learned from current and previous detection/response activities.
Our Focus Areas
- Response plans incorporate lessons learned
- Response strategies updated
Cost of Data Breaches by 2019
2.1
Avg. Response time to Breach
147
The Difference
Cyber threats and cyber crime are on the rise. Criminals are exploiting the complexity of our expanding networks to infect systems, steal data, and ransom systems. But that’s only half the story.
Learn MoreWe are BUI, Award Winning Leaders
in Identity and Security Solutions
INNOVATION
Transform ideas into business value enabling businesses to adapt to greater demand of services
DELIVERY
Our capabilities include Virtualisation, Private Cloud, Microsoft Azure, Microsoft Office 365 & Microsoft’s Enterprise Mobility
RESULTS
BUI is the first Microsoft Partner to hold a Microsoft Gold competency for identity and security in Africa