Background

Given the sensitivity of Kaleidoscope’s work, and the general increase in the threat-level faced by actors of all size, the board and leadership felt it would be prudent to engage outside experts in a systematic review of the organisation’s cyber-policies and practices. SOHO was approached by the charity’s Chair and Chief Executive with a mandate to conduct this deep-dive and strengthen the organisation’s cyber-resilience.

Our Work

SOHO performed a full organisational review of all cybersecurity policies and practices in place, as well as non-cybersecurity policies and practices which may impact upon potential readiness and resiliency. With an unrestricted mandate across the organisation, SOHO:

• Catalogued digital assets;
• updated organisational risk-registers;
• implemented password management solutions;
• reinforced anti-malware protections across the network;
• strengthened account credentials;
• issued guidance on best-practice;
• introduced multi-factor authentication throughout the organisation; and
• rationalised disparate accounts into a new, easy-to-manage, properly-permissioned structure.

Cyber-resilience was built through a wide range of activities, and secure methods for sharing sensitive materials developed. Training was delivered on-site to the organisation’s staff in how to use these new tools, and follow best-practice in their own online activities. A ‘digital retrospective’ was furthermore undertaken to review account activity to-date, check for policy compliance, and determine whether appropriate access-permissions were held by all employees, volunteers and partners of the organisation.

Need a hand?

If you think your organisation could benefit from a short and non-invasive <1-week cybersecurity review, contact us today to find out how we can help.