Do you know what your Ransomware and Data Breach Susceptibility is?
Request a Free Ransomware Report
Powerful tools to further empower our clients:
1. External IT Asset Data Vulnerability Scan
Included in Phases 1 and 3 of Privacy, Security and IT Governance Programmes.
The external data vulnerability scan scans your external-facing IT assets (your company URL (domain) and open ports) to assess critical gaps in SSL/TLS strength, DDoS Resiliency, Patch Failures, Network Security and many more. Key outputs also include Ransomware And Data Breach Score benchmarking. In addition, it scans policy and controls on the website to determine the extent of completeness and compliance in relation to specific regulations and standards – such as NIST and GDPR (general Data Privacy) or ISO 27001.
The gaps identified within the scan provide key insights into data privacy, data security and cyber risk posture and when combined with the maturity assessment outcomes provide a rich picture of maturity and key gaps on which to build the Compliance Plan in Phase 2.
As the client works through the program we track the improvement in their cyber risk posture, ransomware index and compliance and completeness scores.
This powerful tool assists organisations in protecting themselves against cyber threats from external threat actors looking to take advantage of weaknesses in your domain security and controls.
2. Internal Data Vulnerability Scan
Included in Phases 1 and 3 of Privacy, Security and IT Governance Programmes.
The internal data vulnerability scan conducts an assessment of critical internal facing assets, including the firewall and what is behind it. This type of scan, which is often prohibitively expensive, assists in the identification of key misconfigurations, open ports and other back doors that threat actors can easily take advantage of. One of the most exploited IT vulnerabilities is an RDP (Remote Desk Protocol) port left open, which then can lead to a serious DDoS and Ransomware attack.
The internal vulnerability scan, which is included as part of Phase 1, offers an extremely affordable assessment of the types of vulnerabilities that the organisation may be exposed to, often unknown to IT administrators, and which could seriously compromise the organisation relating to information privacy and security.
We highly recommend the inclusion of this internal scan in Phase 1, in order to obtain a full view of information privacy ‘as-is’ maturity and risks and appropriately inform and support the priorities of the Compliance Plan within Phase 2
3. Data Discovery Scan (Bolt)
Included in Phase 3 of Privacy programme.
The Data Discovery tool’s function, within the context of PoPIA and /or GDPR alignment, is to scan your on-premise and cloud-based storage, as well as employee PCs and Laptops to find ‘Personally Identifiable Information’ (PII). This is the data within your organisation that could be used to identify customers, employees, individuals and other stakeholders – all of which is governed by the information privacy regulations and needs to be carefully processed, stored and managed by organisations.
The scan is non-intrusive, simple to execute and highly valuable in that it will significantly enhance your information privacy management capabilities and insights, significantly reduce manual efforts in achieving compliance (data discovery would need to be done manually by internal resources otherwise and can be extremely labour intensive and prone to material error) and improve the robustness of your organisations ability to continuously comply with POPIA or GDPR.
4. Continuous Computer Assisted Audit (Arbutus)
Included in our EGRC Programmes.
Organisations operate with high volumes of information and data and the ‘old school’ Internal Audit approach, often misses key emerging risks, simply due to the fact that people cannot review the volume of data needing to be audited. The Arbutus digital insights assisted audit tool, integrated within RUBIQ Control Assurance and Audit functionality, supports a big data, continuous audit capability and process. This vastly improves the attention to detail and internal audit and control assurance process within the organisation.
In the RUBIQ Business Intelligence Module, all aspects of the audit and assurance attestation process can be brought together into a single reporting environment.
Control Assurance providers are able to review the state of Control Reviews, the outcome of current and past audits for the last auditable period and any supporting information from third party systems that will help to provide insights to the state of assurance.
This ensures that control assurance providers do not digest and analyse information in silos and thus miss critical emerging risks or hidden aspects of context that will give rise to risk unexpectedly.
5. TOM AI Risk Decision Making Support
RUBIQ incorporates AI in GRC, through the Up To TOM AI Risk Decision Support tool. TOM supports expert decision assistance, by defining specification scenarios that a human would need to make informed decisions on and combines training capabilities (through machine learning), natural language analytics and data discovery with cognitive intelligence to assist Risk and Control Owners in the Risk Management Process.
AI Risk Decision Support can help in ensuring that risks are managed effectively within Appetite and Tolerance levels and that causal analysis is done correctly. It ensures Control Reviews are performed as expected per policy guidelines and can give indication of situations of emerging risks, prompting risk owners and control owners to take action. TOM can recommend what action to take, based on the data analyzed and correlated by TOM.
This smart technology puts digital experts right at your first line of defense and significantly improves your overall approach to management of your enterprise-wide risk universe.
A combination of cloud infrastructure architecture and SME content, developed and tested by SME experts helps entrench a high quality of data input within the risk management evaluation and control assessment process.
6. Vizard AI OHS Camera System
Leveraging IOT (Internet of Things) as part of your integrated Risk Programme.
The RUBIQ Team have collaborated with a unique supporting tool to enhance immediate detection / reporting and action on incident identified and unsafe behaviour captured by smart CCTV cameras. Vizard is an intuitive Artificial Intelligence that monitors camera footage to identify key alerts. With an expansive array of alerts and an ability to incorporate facial recognition, this starts to become a powerful collaborative tool that can auto record issues / events / incidents, near misses & hazards directly into the RUBIQ Incident Module. Clients can opt in to add this functionality at an additional cost.
Let RUBIQ + VIZARD help you detect incidents such as:
-Fire Hazards
-Unsafe Conditions
-Worker fall
-PPE Non-Conformance
-Working unsafely at heights
-Unsafe stacking
-Social Distancing Non-Conformance
-Non wearing of masks
-Person of Interest
-Perimeter Intruder
-Vehicle of Interest