Governance consulting

IT governance is the anchor and basis of your security architecture and measures. It is an important component of corporate management and, with normative IT security, it creates the prerequisites and a regulatory framework for IT to perfectly support the company’s goals.

NIS2 and the IT-Sicherheitsgesetz 2.0 in particular require suitable technical and organisational IT security measures. You can see here whether your company is affected.

We help you to answer the question of what IT can and must contribute toward the success of the company.

Risk management

ISMS, BSI IT Grundschutz, NIST
Compliance

NIS2, DORA, KRITIS, IT-SiG 2.0, ISO 27001, PCI, MaRisk, BAIT, VAIT
Data protection & privacy

General Data Protection Regulation (EU) (GDPR), Europäische Datenschutz-Grundverordnung DSGVO

NIS2 checklist and solutions

Risk Analysis

NIS2 requires the implementation of risk analysis and security concepts for all information systems.
Risk Assessment
Security Concept and Emergency Management

An ISMS guarantees the documentation and success monitoring of the required security guidelines.
ISMS
Risk Management and Reporting Obligations

Evaluate the effectiveness of the measures implemented and fulfil your reporting obligations when managing vulnerabilities.
Vulnerability Management Managed SOC
Awareness Training

Sensitise employees to the topic of cyber security with suitable practical training.
Awareness Training
Security Technology

State-of-the-art IT security tools enable reliable and forward-looking automation of the incident process.
IT Security Solutions Vulnerability Management
Ensuring Security Standards

The "systems for continuous attack detection" should be operated in such a way that they are always up to date and include current cyber threats.
Managed Security Services

Risk management

No room for compromises

As IT systems are becoming more and more complicated and are generally prone to error or contain errors by design, this results in numerous threat scenarios with high risks for all companies.

Risk assessments play a fundamental role in meeting the relevant requirements by law or by your company’s specific industry. We assist you with risk management in accordance with ISO 31000:2018 in operating functional and streamlined risk management, or we perform it on your behalf.

Compliance

Effective security expertise

Legal requirements change on a regular basis. Harmonizing profitability, modern data backups and IT security is hard to achieve? This is one of the most common misconceptions. The basic requirements for confidentiality, availability and integrity have always remained. But the technologies and the processes change.

Together with our certified consultants, we help you to keep on top of the various requirements like NIS2, DORA, BAIT, VAIT, KRITIS, B3S and ISO 27001, and assist with the introduction of new technologies, including the adaptation of business processes.

Data protection

Legal and data security for your company

Countless provisions and directives relevant to data protection come from the German Federal Data Protection Act (BDSG) and the EU-GDPR (EU General Data Protection Regulation). Legislators threaten those that do not comply with these provisions with severe fines. However, a data protection concept which leads to specific data protection measures offers initial relief and prevents the worst from happening. We help you produce tailor-made data protection concepts and construct a DSMS, or we create the concepts for you completely as your data protection officer.

Our consultants are fully up to speed with the BDSG and EU-GDPR from years of experience and TÜV certifications. Our experts swiftly develop a concept to protect your data or provide advice on changes in your company. As an external data protection partner, we reduce your risk.