Horangi and CCF Secure The Future For Children and Families Affected By Cancer.
The Children’s Cancer Foundation (CCF) plays an important role in helping to improve the lives of children and families affected by cancer, having helped more than 3000 children to date. In 2019, Horangi performed a penetration test on CCF’s Hair for Hope website, the Foundation's signature outreach event that serves to raise childhood cancer awareness and funds. As CCF moves into digitizing its procedures and processes to improve work efficiency, the Foundation is aware about the potential data security risks. Horangi also conducted a security audit to identify the security gaps within the organization and put forth a focused strategy for CCF to implement and enhance its compliant data policies and practices.
The Story
At 17, Divesh Singaraju was forced to put aside the first year of his polytechnic engineering education because of a cancer relapse. Seeing the emotional toll his chemotherapy had on his family, Divesh was determined to bounce back stronger. And he did.
Four years from the cancer relapse in 2014, Divesh graduated as Singapore Polytechnic's valedictorian, earning himself a scholarship by Singapore Airlines to study aeronautical engineering at the Imperial College of London.
Making success stories like Divesh’s possible is the reason that the Children’s Cancer Foundation (CCF) exists. Divesh is one of CCF's beneficiaries who has survived the big C with the support of CCF.
CCF is a social service agency in Singapore that aims to improve the quality of life of children and families affected by cancer through enhancing their emotional, social, and medical well-being. Over the years, CCF has helped more than 3000 children and their families at different stages of the illness and recovery.
One of CCF’s most successful initiatives is Hair for Hope, an annual outreach event that serves to raise childhood cancer awareness and funds. Through the symbolic gesture of shaving bald, Hair for Hope builds a community of support for children with cancer and their families. Since its inception in 2003 by 9 CCF volunteers, Hair for Hope has become CCF’s iconic event to tell children with cancer that it is OK to be bald.
With Hair for Hope’s growing prominence as a marquee outreach event in Singapore, CCF needed to ensure that both the funds and the confidential information provided by its donors were properly secured. As such, CCF saw the need to enhance robust security and privacy controls for the Hair for Hope event.
When CCF approached Horangi to conduct a security risk assessment on its Hair for Hope website, Horangi gladly offered to lend our services pro bono.
The Engagement
Horangi conducted a comprehensive risk assessment on the Hair for Hope event, and with that, identified these key areas to address:
- Security of the Hair for Hope website
- Protecting Personally Identifiable Information (PII) and compliance with PDPA, including data handling processes and frequency of security audits
- Third party risk management
With a focus on helping CCF solve its top security and compliance challenges efficiently, Horangi used its cyber strategy assessment to formulate a tailored cybersecurity solution that included a web penetration test, data mapping exercise, and a PDPA gap analysis that involved partnerships with qualified lawyers. Horangi evaluated everything from their data handling processes and frequency of security audits to data encryption standards and third party screening procedures.
"We are thankful to have Horangi to help us progress as a more secure organization. Horangi’s cybersecurity expertise and holistic approach to improving our data privacy and security practices are systematic and easy for us to execute against."
Ms Fuh Yang Zhen, Data Protection Officer, Children's Cancer Foundation
The Results
Horangi’s razor focus on mitigating the key risks for Hair for Hope donors helped CCF to plan a cost-effective security program based on the recommendations provided by Horangi. In evaluating CCF’s data security and data privacy practices through the web penetration test and gap analysis, these recommendations that CCF is now poised to adopt includes implementing security controls on all endpoints and conducting regular penetration tests on their public-facing systems.
Horangi’s suite of services in its comprehensive Data Privacy solution gives CCF the necessary intelligence to strengthen its security posture of the Hair for Hope event. Having this confidence in security and compliance enables CCF to assure its current and future donors on its commitment to security and privacy.
In Horangi, CCF found a security partner willing to go above and beyond to help its customers improve compliance posture and security maturity. Horangi’s belief in long term partnerships meant that its consultants focused not only on technical security solutions, but also on equipping CCF’s leaders with the necessary knowledge and skills to drive compliance by themselves.
As CCF takes the Hair for Hope event to greater heights and continuously digitizes its other core functions, it can be confident that it has invested the necessary resources to scale securely and offer its excellent services to those in need. Horangi is proud to support CCF as it continues driving its world-class mission, being a stellar role model for other social service agencies to aspire to.