The forgotten cheques –a case of fraud or strategic deception?
Mr Strategy’s Memo on fraud risk Have you ever been accused of a crime you never committed? Imagine waking up to a letter demanding that…
Our articles & news
The lie of ‘100% secure’ every system is hackable, here’s how to survive
There’s a pervasive myth in boardrooms and IT departments alike: that with enough investment, training, and fancy software, a company can be 100% secure. The…
Going deeper into Carter’s fraud case
Every fraud starts as a ‘necessary adjustment.’ Then it becomes a habit. Then it becomes the business model. Carter’s, a beloved name in children’s apparel,…
Shadows and Echoes: Uncovering Hidden Deceptions
Every company has its secrets. Undue enrichment is usually part of them. Stories about a top honcho who stole large sums of money through his…
Why earning a Certified Fraud Forensic Professional certification is essential for your career
In an era where financial transactions are becoming increasingly complex and digital, fraud has evolved into one of the most dangerous and costly threats to…
Strategic shield: Aligning cybersecurity risk priorities across the board
“Cybersecurity is not just an IT issue; it is a business risk that demands strategic alignment from the top down.” In the digital landscape, cyber…
Stop chasing cyber certs why CCSM is the only one that matters
In the overcrowded world of cybersecurity certifications, everyone is chasing acronyms you know several. They look good on a LinkedIn profile but let’s face it…
Building a Cost-Effective SOC for Umoja SACCO
Umoja SACCO, a mid-sized financial cooperative with 15,000 members, faced growing cybersecurity threats as it digitized its services. It needed a Security Operations Center (SOC)…
Rethink your soc strategy effective cybersecurity without bleeding cash
Dear Executive Team, Cybersecurity doesn’t have to mean writing a blank check. The conventional wisdom screams for bloated Security Operations Centers (SOCs) brimming with overpriced…
The Rising Tide of Internet Fraud in Uganda: A Call for Vigilance and Action
In the digital age, the Internet has become an essential part of daily life, offering numerous opportunities for economic growth, communication, and innovation. However, it…
Write an effective investigation report
Who did what, where, when, and how? An investigation must provide answers to each of these questions concerning the issues at hand. Everyone wants to…
Have you established an Attack Surface Management (ASM) for your organization?
According to Gartner’s report on ‘Innovation Insight for Attack Surface Management (ASM)’, which covers the growing need faced by security teams to manage an expanding…
Is conducting IT Audit necessary when you have adequate security controls in place?
The increasing number and sophisticated nature of cyber-crimes prevailing in industries worldwide. As governing bodies are stepping up to help organizations mitigate the prevailing attack…
Do you control and monitor what applications run on your corporate network?
Application monitoring just like overall network monitoring is a vital IT function for corporate organizations. From employee productivity with the various applications to infrastructure maintenance,…
User Access concerns to systems security: Why authentication process needs a keen eye?
In today’s complex environment, employees have access to corporate networks and are authenticated to corporate systems, as well as servers, and devices. It is dire…
Endpoint Security Risks: Organizations should Revise their Risk Management Strategies
While technology has driven the digital agenda and led to greater innovation, growth, and efficiency; it also opens the road to potential security breaches and…
Increasing entry points: Have you empowered your staff?
Human error has been highlighted as a major contributing element to cybersecurity vulnerabilities for years. It is a long-standing concern in cybersecurity breaches, thus requiring…
Cybercrime is a constant business: Three business areas to watch out for!
Due to the ever-growing threat landscape in the digital ecosystem, your business must embrace cybersecurity irrespective of the size of the company. The statistics regarding…
Your organization’s resources are Targeted: Level up the attacker’s playing field and reduce the aftermath
Organisations in the digital ecosystem spend millions trying to establish controls around their corporate networks from data breaches. This to a great extent does not…
Physical security: What Organizations are lacking in their security strategy?
Protecting company data, sensitive and high priority information, corporate networks, software, company equipment, and personnel is what makes physical security. Physical Security is affected by…
Applications Harbour a plentiful of Low-hanging fruits for attackers: Have you protected yours?
Did you know that 99.7% of applications have at least one vulnerability! Findings from Verizon’s 2020 Data Breach Investigations Report show that malicious attackers take…
Technology Intertwined with Human Behaviour; What are the Implications?
In this digital generation, the great shift to mobile devices and technology adoption has tremendously changed our mode of interaction. How we use these devices…
The Incognito kids
In the good old days, before COVID19, the easiest way to keep children from online dangers was to not give them Internet access. As someone…
A case for fraud risk maturity assessment
What do you think is the number one mistake many fraud examiners, investigators and other governance champions make? The number one mistake is not something…
Build your company’s cyber-Resiliency: Embrace Cybersecurity Culture
The threat actors have not only grown in numbers but have also become more sophisticated. They have mastered speed, precision, and agility in their endeavours…
Incident Response: Reduce the Aftermaths of Cyber events
Have you or your organization been a victim of a cyber incident or experienced a data breach? What kind of breach did you encounter? Did…
A glimpse into supply chain cybersecurity
“Managing third-party vendor cyber risk is fast becoming the defining cybersecurity challenge of our time.” In the current corporate enterprise, any ICT supply chain is…
New cyber gap: Few or no staff at offices contribute to new security threats
As organizations traverse the setbacks brought about by COVID-19 and the need to stop its vast spread, many have resorted to a routine of working…
Case Name 02/2021: Email Fraud Scams reimagined in the era of cloud adoption
“Dear Mr. Justin Williams, I’m Vikas Manjit Singh from Punjab (India). I belong to a city named Ludhiana. Mr. Williams, I am having a brother…
Personal Devices Connected To Work-related Resources, Have You Invested In Securing Remote-Working?
Given the current situation of the continued existence of the pandemic. Millions of employees continue to work from home to fulfill their work obligations and…
Is your remote working secure?
When Jane received a brand-new laptop and a smartphone as part of her home working package, she was elated. “Every crisis comes with a silver…
Too many passwords!! What should I do?
As technology takes shape, more applications are cropping up, more social network forums, more devices that require me to sign in for me to access…
Why Assess The Awareness of Your Staff To Enhance Your Resilience?
As the saying goes “you’re not hurt and care less about what you don’t know”. Over time you may wonder how secrets between two people…
Why Should Organizations Consider Intrusion Detection A Priority?
In a digitally more connected world today, intrusions have consistently scaled. The outcomes from these intrusions have contributed to financial loss where those intrusions have…
Why segment your network?
Many of today’s enterprise IT environments are linked to multiple vendors and other interconnected devices to optimize business operations. However, the corporate network’s security is…
Enterprises must comply with Information Security Policies
Why information security policies? As so many organizations (SMEs and Large enterprises) adopt technology in their daily operations, shifting from data-driven decision-making to cloud adoption,…
The successful path of hunting down your data
Given the tremendous growth of cyber threats today has not only caused an impact on personal data but also boosted the rise of the cost…
Summit Cybersecurity Project Frontline Report 2020 launch
The best and most effective defense against cybersecurity attacks is user awareness. It is against this background that we publish the annual cybersecurity project frontlines…
Vulnerability Scanning Essentials with Nmap
Cybersecurity analysts can only secure a network when they have good situational awareness of the systems and devices on that network. Nmap, short for “Network…
Leveraging SSH for network security
System administrators, developers, IT support people, and power users all find Secure Shell (SSH) a very useful protocol for connecting to systems remotely over a…
Enhance your safe-browsing hygiene in your virtual education
What’s your worst cyber nightmare? What is your plan to prevent this and should something happen, mitigate it? Have you heard of something called cyber…
Children Online Safety Awareness Training
Master the art of how to use virtual learning platforms and social networks like WhatsApp safely Are you too secure to be hacked? As schools…
Mobile Gadgets And Work Computers Are Left Open To Attack
As of the fourth industrial revolution today, information is the most crucial and important asset to any organization. It is, for this reason, that information…
Summit Consulting Ltd scores again, transforming clients one at a time
The advantage of competitive games especially football is they keep score. At any time during the match, you can look at the scoreboard and know…
Twitter hacked, as Bitcoin double scheme targets A-listers
Several Twitter accounts of high-profile people and companies were hacked on Wednesday 15th July 2020, throwing Twitter in the unwanted spotlight. This was a high-level…
Monthly fraud risk & integrity assurance as a service
As the reality of the economic impact of coronavirus sinks in, you need to explore cost-cutting alternatives. As part of the #coronavirus recovery strategy, leaders…
The value of Social Engineering pen-testing
Penetration testing is done in different ways, apart from other penetration testing processes, Social Engineering is one of the fundamental techniques and methodologies that is…
The Value of an IT Budget to your organization
Your data is valuable and should belong to you!! But what guarantee do you have that your online records are owned, accessed, and or reviewed…
Happy Martyrs Day to you and your family: what are you living for?
Today, June 3rd, we celebrate the Uganda Martyrs. The people who paid the ultimate price in defense of their Christian beliefs. Fearing the possible loss…
Here is how to transform your internal audit department
Are you adding value as an internal auditor or you are just ticking and bashing and getting lost in the paperwork? In these pandemic times,…
#COVID19: Using TECHNOLOGY to collaborate – Recommended Tools and Winning Habits
Tuesday, June 2nd 2020, 12pm Register Here When was the last time you wondered how to eliminate barriers created by time and location against you…
#covid19: are you prepared to survive a crisis at a personal level?
Are you winning or losing during this crisis? Before we go deep, use two minutes to complete a brief survey to help you fine-tune…
#covid19: How prepared are you to survive a crisis at a personal level?
Start: Tuesday, May 26, 2020 12:00 PM Meeting ID: 965 7979 5276 Password: Summit [* the S is Capital] Are you winning or losing at…
PRESS RELEASE: Summit Consulting appoints a new Director: Pius Babyesiza
KAMPALA – 1st May 2020. Summit Consulting Ltd, summitcl.com, a professional services firm offering proactive forensics and fraud management services, corporate strategy, and risk advisory…
#covid19 cyber threats and attack vectors: how to be secure
Criminals attack when they are least expected. As you go about your business, someone somewhere is hatching a plan to steal from you. You must…
How to ensure safe work from Home Cyber-Hygiene
Looking at the array of technical countermeasures available to protect confidential data and computer systems has certainly expanded as compared to the last decade. Most…
Covid19 business continuity planning considerations
Effective leadership is the difference between business success and failure. Some leaders are already adjusting their financial forecasts to take into account the potential impact…
Attend our COVID19 Business Continuity and Disaster Recovery Training 2020
Are you worried about the impact of Covid19 to your business or organization? No one could have anticipated a pandemic in early 2020 that could…
Take caution, prevent hackers’ access to your bank accounts
In the realm of this fourth industrial revolution, the security of our accounts starts with the creators/owners of the accounts. In many data breaches that…
Patient’s platforms regarded as target
How to protect from the Cyber Risks created by technology providers with the use of mobile and patient portals. It has been noticed from various…
Risking your Browsing History/activity to Public WiFi owners..
Public Wi-Fi is found most popular in public places like airports, coffee shops, malls, restaurants, and hotels. It allows everyone that is short of their…
Are You Prepared for Next Cyber Threats?
As technology takes on a high trend in the fourth industrial revolution, a yet-coming world that will take on the next edge, almost entirely digitized…
DNS poisoning redirects users to fake sites (Cyber Attack)
Humankind, not computers, are the pivot region for computer threats. As predators (hackers) victimize others for their gain, access to secure networks is given to…
Internet of Things (IoT) a growing threat
In the realm of technology comes the digital devices in the fourth industrial revolution. All electronic devices that have access to the internet and that…
Third-Party Software – a Security menace
Your device is at risk!!, your network is at risk! it’s all over the news, it is said every day, researchers and security officers lament…
Business Email Compromise
More often than not, corporate emails stand the risk of a sophisticated scam. What exactly does the hacker aim at? Business Email Compromise is a…
Cyber security a public good
According to the prevailing security inequities and technology advancements, personal and corporate privacy has continuously eroded as cyber-attacks and data breaches become a daily issue…
Formjacking a menace in Cyberspace
Formjacking is a new invisible threat in cyberspace today. The term “Formjacking” is a combination of “online/website form” and “hijacking”. This term brings about the…
File System Access Controls
I.T professionals are always responsible for ensuring that the data on the systems they manage is safe beyond a reasonable doubt from the risk of…
I.T Security Controls
I.T Security professionals spend most of their time designing, executing, and managing security controls. Security controls are procedures and mechanisms that an organization puts in…
Intellectual Property Protection
One of the principal responsibilities of cybersecurity professionals is protecting the intellectual property belonging to their organizations from unofficial use or disclosure. This disclosure can…
Data Privacy and Compliance in Uganda
It is common knowledge that data is one of the most vital assets for any organization. And as such, many laws that impact information security…
Annual IFIS cybersecurity event an eye-opener
The Cybersecurity and Risk Management Conference 2019, with the theme “Big Data in Cybersecurity” is the latest milestone in a series of events held by…
Protecting your Critical Assets: Your Data
It has often been argued as to what the most critical asset for an organization is. Of all the assets mainly associated with business success,…
Are you an effective Cybersecurity/ I.T Manager?
As organizations strive to ensure the Confidentiality, Integrity and Availability of their systems, they go out of their way to hire Cyber security professionals (I.T…
Healthcare Cybersecurity: Are your medical records safe?
As each day comes, Cyber-attacks and data breaches are increasing in the news and the types of cyber-attacks are becoming more varied and sophisticated. Malicious…
Understanding DoS and DDoS Attacks
Recently, A 23-year-old hacker from Utah who launched a series of DDoS attacks against multiple online services, websites, and online gaming companies between December 2013…
Insider Cybersecurity Threats: Stay Vigilant
From ages past, there has always been the calamitous possibility for a colleague to be shockingly revealed as the ‘wolf in sheep’s clothing’, and we…
Easy Cyber hygiene practices to keep you Safer
Every day, employees hear the same things from their IT staff about cybersecurity and safety. Though they may pushy and monotonous, there are very important…
MALWARE ON THE RISE: REINFORCE AWARENESS
More often than not, hackers are working around the clock to breach systems with a multitude of social engineering techniques and malware. Attackers are using…
Cybersecurity Incident Response Planning
As the number of cyber breaches occurring worldwide increases, a number of companies have invested a lot of money in system hardening, user awareness, intrusion…
Cybersecurity: Safeguarding data
First Appeared in TODAY’S Accountant The Magazine for The Institute of Certified Public Accountants of Uganda (ICPAU) ISSUE 19, AUGUST 2019 pg. 44 He posted a WhatsApp message…
Why Insurance players MUST attend the Cybersec conference!
Qn. I am an insurance practitioner? Why should I participate or sponsor the 3rd annual cybersecurity and risk management conference? A: Insurance sells a promise…
Is your cyber hygiene adequate?
Before you eat food at any restaurant, you mind about the hygiene of the place. This saves you from some diseases. When it comes to…
PROTECT YOUR ONLINE REPUTATION BY ATTENDING THE 3RD ANNUAL CYBERSECURITY & RISK MANAGEMENT CONFERENCE 2019
Why attend the #CSRM19? Are you too secure to be hacked? If you or any of your team member has Internet access or use social…
INVITATION TO ATTEND THE 3RD ANNUAL CYBERSECURITY AND RISK MANAGEMENT CONFERENCE
The current internet usage stands at 4.4billion users Worldwide, with Africa alone taking 525million users as of June 2019 (Internet World Stats). Uganda herself loses…
Countering Cyber Attacks
New cybersecurity threats and breaches emerge each year. Even with unprecedented vulnerabilities such as Spectre and Meltdown, the approach to dealing with the risks they…
PHISHING, THE GREATEST FORM OF CYBER ATTACK
If you access the Internet or use WhatsApp, Email, Skype and any social media app, you are vulnerable to phishing. Derived from the fishing hook,…
Why a career in cybersecurity? Part 2 lots of opportunities await
Diploma in Cyber Security and Forensics pioneer class at Institute of Forensics & ICT Security on 12th August 2019 orientation talk by Mustapha B Mugisa.…
Why a career in cybersecurity? Part 1
Diploma in Cyber Security and Forensics pioneer class at Institute of Forensics & ICT Security on 12th August 2019 orientation talk by Mustapha B Mugisa.…
External Audit of information and communication technology systems of Supervised Financial Institutions (SFIs)
On July 10, 2019, Bank of Uganda issued Instruction Circular ‘EDS.306.2 as a follow-up to circular Ref: EDS.306.2 dated July 13, 2017, with respect to…
We were lied to: we were trained not educated
Our teachers lied to us. Our parents lied to us. Our policymakers lied to us. Our government lied to us. We were trained, not educated.…
Part 3: 10 reasons for a career in cybersecurity
8th: Career in cybersecurity offers fat pay cheques and high mobility Of what use is a career specialization that does not bring money on the…
10 reasons for a career in cybersecurity and forensics – Part 2
9th: Endless opportunities I got my first job at a time I was pursuing an accountancy qualification. My job performance indicators were a number of…
A word to Users
Are you aware of what’s trending in the technology of mobiles today and the security niches that arise out of lack of knowledge on what…
Securing your devices
Man is not an island, and as such we seek to interact more and more with each other. This has led to a level of…
Active Network Forensics Solution
The main challenge faced during computer related investigations is the lack of sufficient evidence to pin point which device on the network was used to…
Is Employee Cyber Security Awareness Inevitable?
Gone are the times when our only security concern was making sure that our doors and windows were locked. Due to rise in technology and…
How secure is your bank?
As an executive committee member, CEO or board member of a financial institution, you know one of the most critical assets in your control is…