Day 11: MCNC Security Consultants help solve tough cybersecurity challenges

Just as staff at educational institutions throughout North Carolina constantly seek out new knowledge and engage in important studies or groundbreaking research, MCNC Vital Cyber also continues to hone its strategies to support and protect these institutions from the increasing risk of cyberattacks.

In 2022, MCNC’s Security Advisory Consulting Service conducted an assessment of ISO 27002 maturity across all 18 schools in the UNC System. The purpose of this work was to determine how well each institution implemented security safeguards and adhered to best practices as well as to provide guidance for those seeking to improve upon their existing programs. At the same time, MCNC was able to glean important lessons on what did and did not work in practice, what risks still exist, and how to help clients improve their security posture for the long haul.

According to MCNC Vice President of Security Initiatives and CISO Chris Beal, MCNC conducted nearly 900 hours of consultant support and evaluated each institution’s implementation of security safeguards and best practices as prescribed in the ISO standard. Beal added, “these assessments provided each institution with important insight into the maturity of their cybersecurity programs and delivered valuable input to help guide system-wide cybersecurity initiatives.”

MCNC Security Consulting Services exist to advise, create, and augment your existing team. If you have any questions or don’t know where to begin, this is where to start. Consultants are able to guide organizations with best practices, policy development, audits, risk assessments, and other ongoing cyber hygiene efforts to ensure the safety and security of an organization’s digital resources. The client relationship can be as deep or brief as each organization requires. 

“As many organizations struggle with hiring and retaining staff with cybersecurity expertise, MCNC can help fill the gaps in their security team, serve as a ‘virtual’ or ‘fractional CISO’, or provide a more intense level of leadership,” added MCNC Security Services Manager Ruthy Mabe.

The consulting team continues to grow, adding more availability and capability to help clients with their cybersecurity needs. Building upon the popular Cybersecurity Program Review, security consultants are actively developing a new IT Risk Assessment Service that will enable clients to go one step deeper when evaluating their current security posture. By understanding a client’s current state, Shirley explained, MCNC consultants can assist with cybersecurity program development, such as IT Security Policy, Identity and Access Management, Vulnerability Management, Business Continuity and Disaster Recovery, and Incident Response.

MCNC also is using innovative ways to communicate with current and future clients. This year MCNC launched the Community Connect Podcast to share ideas and discuss a vast range of technology challenges and opportunities with a couple of episodes dedicated to cybersecurity.

Cybersecurity Podcasts available…

• It’s Not a Matter of ‘If’ but ‘When’: Cyber Experts Talk Cybersecurity in North Carolina and Beyond
• Safeguarding Students: Cyberthreats & Cybersecurity in the Classroom

The increased reliance on technologies that provide access anytime, anywhere, and anyplace means that cybersecurity is critically important to your organization and users. Organizations that cannot protect their digital resources will struggle to operate effectively and efficiently. MCNC is here to assist and ready to help you address your cybersecurity challenges.