KHIPU have been a trusted partner for consulting, designing, deploying and supporting cyber security products and solutions since 2005.
The vast majority of companies and institutions have already been compromised, many are still compromised and haven’t yet noticed the intrusion. This is because the old meme of hackers sitting in a dark room trying to break down your security defences is pretty rare. The vast majority of hackers these days just send a well crafted email into your company asking for user names and password, in our experience over 30% of recipients will provide details or click on a link to a compromised site.
Awareness is critical, if you are not aware of the threats then you are unlikely to have created a secure ecosystem.
KHIPU provide all the essential elements for organisations to become cyber secure, this includes :- consulting, products, managed services, MDR Services via our 24×7 SOC and NOC, professional services and training.
What we do
Visibility & Control
What can KHIPU do for you?
From employee awareness training, to providing your organisation with the state of the art cyber security defences.
Stop attacks with the power of KHIPU’s SOC
Our ‘Always Available’ SOC service provides 24x7x365 advanced cyber defence across endpoints, networks and the cloud – proactively identifying and blocking malware, ransomware, file and file-less attacks by focusing on five key areas; Identify, Alert, Investigate, Mitigate and Continuous Improvement.
Managed Detection and Response Services
Managed Firewall Services
Including a wealth of support products and services as below:-
Next Generation Firewalls
Providing full visibility and control over all communications (Perimeter / Data Centre / Remote)
Vulnerability Assessment Service
How secure are your networks from external or internal attacks?
Secure DHCP/DNS/IP Address Management
Are your DNS services being used to transport critical data?
Network Access Control (NAC)
Do you really know what is connecting to your network, where, who and when? After your users, NAC is the next critical line of defence.
Next Generation Networks
Switches & routers have progressed and are intelligent enough to manage and protect your network integrity.
Next Generation Wi-Fi
All vendors are not alike, your Wi-Fi network reaches outside of your physical perimeter, you should be able to trust it is as secure as possible.
Security Information and Event Management (SIEM)
With so many systems monitoring your network, it makes sense to merge the information and alerts to a single view. To reduce false positives, provide greater visibility to your security team.
Take your corporate Wi-Fi with you, in your cars, vans, ambulances, fire engines. Always on secure Wi-Fi for data, voice, video.
Cyber Security Awareness Training
KHIPUs Phishing as a Service identifies your organisations appetite to risk, provides interactive training and full reporting for your audit and compliance team. Your own users are your biggest risk factor, carefully tailored emails or social engineering can easily compromise an unsuspecting and busy employee. Regular training and real-world examples provide significant benefits to all organisations.
KHIPU can assist your organisation reach the Governments recommended “Cyber Essentials Certification”.
Drones provide multiple threats to organisations, from hacker-drones, privacy invasion, terrorism. – KHIPU can monitor your airspace, classify and alert you to threats 24×7.
Technology is moving fast, KHIPU can provide you with autonomous self charging security drones and alert you to all sorts of threats: Fire, Gas, Chemical, People, Animal etc. Drones can be free roaming, hybrid, tethered as required.
As you can imagine our technology is capable of collecting a load of information, which can be used to improve services, security, marketing, smart buildings etc.
Why cyber security awareness is crucial for on-going protection and prevention against cyber attacks
Q&A with North-West University’s Barend Pretorius
What is your role at the University?
I’m a Senior Business Analyst within the division AOS (Application and Office Support). My duties vary from institutional software license management to system implantation and project management.
How many staff and students are at the University?
Currently the NWU has +- 5000 staff members and +- 85 000 Students (Students are spread over three campus and are comprised of full time, part time and distance both for undergraduate and post graduate studies.
Has the University been victim to cyber attacks?
Yes, the NWU regularly comes under attack from different entities either phishing our users with fake sites for information or direct attacks in the forms of malware and ransomware. Staff have downloaded attachments, which appeared to be legitimate, but were actually malware attacks.
What has the impact been to these attacks?
- Large scale virus infestations on end user devices causing loss of data
- IT operations unable to operation affecting productivity and the user experience
- Increased strain on our IT department in regards to supporting and fixing these disruptions
- Overall concern about the Universities reputation across South Africa
Why did the University select KHIPU’s simulated phishing and cyber security awareness training service?
- Users are the biggest single failure point for any institution but can also be your biggest defence against these kinds of attacks. Education is critical for cyber defence as users need to be made aware of the kinds of threats and what impact they could have on them as individuals and on the institution.
- We chose KHIPU’s service to understand our risk to phishing attacks so the right level of awareness and training can be applied. They were the only cyber security within South Africa, who had experience in carrying out these services in large University environments.
What did the service offer the University
- It offered us as an institution, simulated phishing attacks so we could target our users to understand the University’s risk to these types of attacks.
- Extensive risk reports were provided detailing the impact and reach of these simulated phishing campaigns, enabling us to identify our vulnerabilities and weaknesses, so we can implement the right security controls and training to help protect and prevent real-life attacks.
- Onsite cyber security training was carried out across all of our campuses to both students and staff (over 30,000 people), supported by on-line awareness services – as educating our users is the only way to truly fight these forms of phishing attacks regularly hitting our institution.
How has the University benefitted from the service?
- This service has provided us with great insight into our user base and their vulnerability points. We now have a better understanding of how people react to phishing and from what devices they are more susceptible to these attacks.
- We implement regular simulated phishing services to help drive awareness coupled with extensive training programs
- By knowing our risks and vulnerabilities, we can help reduce our risk of being breached.
What are the next stages?
We have completed four phishing campaigns thus far and two rounds of user education. Our future plans are two run two more targeted campaigns over the next twelve months and continuously encourage our staff and students to take part in the education program.
Would you recommend the service to other education institutions within South Africa?
We, as an institution, would encourage the education sector to run simulated phishing campaigns supported by regular cyber security training, to help promote awareness of cyber threats. Cyber security impacts on all of us regardless of how big or small an institution is. Continuous education of our staff and students will aid in combating these attacks and the threats they bring to both our work and personal life. In the long run, our students will be more empowered and aware of cyber threats in their professional careers once they leave the institution.