Cybersecurity consultancy Secure Forte has committed to providing free cyber assessments for not-for-profits affected by COVID-19 in a bid to give back to particularly vulnerable organisations.
The business, founded last year by former Content Security chief executive Louis Abdilla and colleague Mani Amini, has been working with Child Abuse Prevention Service, which recently took the provider up on its free-assessment offering.
The Child Abuse Prevention Service, or CAPS as it's known in-house, was founded in 1973 and is the oldest child abuse prevention organisation in Australia. It’s programs provide parenting advice and skills to help people respond to the needs of children before unfortunate circumstances emerge.
One of CAPS’ key services is to run protective behaviours programs in childcare organisations, which educate children about safe and unsafe feelings and how to seek help if needed. Parents are also taught about the early warning signs of a child suffering abuse, as well as how to protect them and file reports.
Faced with funding losses and reduced capability to deliver its programs, CAPS chief executive Reegan Barber said the pandemic was hitting charities when they were needed most.
“It's tragic in that the need for our work has been heightened during the pandemic especially with kids being taken out of childcare,” Barber said. “Childcare workers are the eyes and ears of the child protection system, so with more kids at home and out of sight it's very hard to recognise and track abuse as it happens.
“Based on everything I’ve read, reporting to the child protection hotline in New South Wales is down, which is not a good thing. We don’t want under-reporting when it comes to child abuse, and this has all happened at the same time as COVID-19 has impacted charities.”
When lockdown and social distancing measures came into play, CAPS could not longer get in front of classrooms to deliver its programs. On top of that, while primarily funded by the Department of NSW and Justice, CAPS relies on grants it applies for as well as donations and fundraising, all of which have dried up thanks to the pandemic.
“For a lot of charities, fundraising has just gone off a cliff, and we’re certainly impacted by the closure of community grants programs which are relied upon; grants funding is down about 50 percent from where it was last year,” he said.
Secure Forte’s Abdilla said the importance of cybersecurity in 2020 couldn’t be understated, with effects felt particularly harshly by community organisations
“There is so much going on with respect to cybersecurity right now,” Abdilla told CRN. “In Australia even before the pandemic we were dealing with the wildfires disaster. The government was totally absorbed by it, and now we are consumed by a pandemic. With so much energy and focus on these disasters, It’s the perfect time for cybercriminals or state-sponsored actors to attack.
As high-profile breaches have repeatedly made headlines in recent years, organisations are increasingly compelled to have highly resilient systems in place to avoid sensitive data leaking.
With CAPS also unable to get in front of classrooms in the traditional sense, like many other organisations in the world it started offering its services and courses online. It had also been auditing other child-facing organisations to ensure they were operating within accepted national standards and principles.
“It was that child-safety auditing work that we were doing that made me see a great opportunity to do the same for us from a cybersecurity perspective. So much of what every organisation does now, in terms of what photos they put online, for example, that needs to be assessed from a child safety perspective, which we also do,” Barber said.
Secure Forte’s Mani Amini said it’s in-house developed cloud assessment software generated a threat profile across an entire organisation.
“We have the capability because we have a platform that is intelligent, so rather than spending four weeks in a not-for-profit we can spend a couple of hours and provide a very accurate posture,” Amani said.
“The whole purpose of the software is to make it a business matter, the application gathers enough information about the business to generate a threat profile of the business, the risk exposure of the business. It looks at things like what the business is about, what is the context of this business and the data of this business. Based on that, the app provides an automated threat profile.
“The next part of the process is about collaboration, so we sit down having understood the context of the business. The application generates a set of story-based questions that are very easy to understand by the leadership team, they are not technical jargon, they are very business-oriented questions, presenting technical problems in a business manner.”
Collaborative discussions with the leadership team and collecting additional evidence-based data then helps Secure Forte’s solution come up with a relevant cybersecurity posture to adopt, which the provider can then advise their customer on how to go about implementing.
“It’s working really well because we have the chief executive on board as well as the head of finance and IT working together, understanding the risk for the organisation. At Secure Forte we identify all the risks in different areas of the organisation, we rate them and help the customer identify a mitigation strategy going forward,” Abdilla said.
“The really important thing about our application, I believe, is that it’s bringing the whole business together. Cyber is a business issue today, it's not just an IT problem and the more that the business owns it as a leadership team, the greater the likelihood of deterring issues going forward.
“Mani and I and the whole Secure Forte team have been really happy to help with CAPS and what they do is really important, which makes us feel really good about the work.”