RASV
Security Assessment

SS

Overview

  • Industry
    Not-for-profit
  • Platform
    Security Services
The Royal Agricultural Society of Victoria (RASV) is a not-for-profit organisation that benefits the community by promoting and celebrating Victorian agricultural produce and producers, through world-class events and programs that connect industry with consumers. RASV conduct Victoria’s largest and most iconic annual community event, the Royal Melbourne Show.

Challenge

The Royal Agricultural Society of Victoria (RASV) is a not-for-profit organisation that benefits the community by promoting and celebrating Victorian agricultural produce and producers, through world-class events and programs that connect industry with consumers. RASV conduct Victoria’s largest and most iconic annual community event, the Royal Melbourne Show.

RASV oversee the Royal Melbourne Show, events and programs, which requires it to meet best practices in security. Therefore, they needed confirmation there are no risks to the organisation through unauthorised access of perimeter services, users, applications or other services.

To fulfil this goal and keep RASV and the Royal Melbourne Show operating securely, the board actioned a penetration (pen) test against the RASV environment. RASV also determined it needed to undertake a security assessment to identify any weaknesses and/or vulnerabilities within the environment.

Project
Budget
Project
Urgency
1
months
Project
Timeframe

Solution

Kiandra’s security experts determined it needed to provide a ‘Grey Box’ assessment – this is where the tester is provided limited information on specific targets or the environment.

The first step was to gather information on the organisation (forming an attack blueprint) prior to any testing being conducted. RASV provided additional information that is easily sourced, in order to streamline the testing.

Next step was an assessment of the RASV web applications, network and perimeter services of RASV. We assessed security controls related to email filtering and end-user awareness via global and targeted phishing attacks – to determine if the end-users would provide an entry point into the corporate network and identify training and awareness gaps.

Team

Penetration Tester
Security Expert

Methodology

Security Assessment
Kiandra IT provided an extremely comprehensive Security Assessment that exceeded our expectations in depth, quality and coverage. The final report delivered was detailed enough to allow us to get to work fixing the issues.
The team shone a bright light on some holes in our defences that we never realize existed. We couldn't recommend the team highly enough.

Outcome

Three weeks of testing resulted in a comprehensive report on findings, risks and vulnerabilities to the RASV infrastructure, staff and processes with remediation steps and action plan for mitigation.
The entire engagement also ensured that RASV met insurance and compliance requirements. Glenn Goodwin, CIO, The Royal Agricultural Society of Victoria said:

“Kiandra IT provided an extremely comprehensive Security Assessment that exceeded our expectations in depth, quality and coverage. The final report delivered was detailed enough to allow us to get to work fixing the issues.

“The team shone a bright light on some holes in our defences that we never realize existed. We couldn't recommend the team highly enough.”