Cybersecurity

​​Information Security – ISMS​

​​How is the cybersecurity in your company ordered? Do you have an effective management system for information security implemented? Around the topic of ISMS (Information Security Management System) we offer you custom-fit solutions for the protection of your digital infrastructure. In doing so, we refer to relevant standards and norms, such as ISO/IEC27001 and the IT baseline protection of the BSI (Federal Office for Information Security).​

Our focus areas 

• Development of an information strategy
• Implementation of an ISMS
• KRITIS consulting, NIS-2-Ready-Check and consulting
• Provision of an external ISB
• ISMS Services as a Service (from the Cloud Germany)​

More information​

​​Business Continuity Management​

We advise you on the introduction and implementation of emergency management strategies, including the implementation of business impact analyses (BIA), the development of emergency prevention and emergency management strategies, as well as the development of emergency plans for relevant hazards, such as cyber attacks. We help you build a Business Continuity Management (BCM) that gets you back on track as quickly as possible after a crisis.​

Our focus areas

• Determination of current degree of implementation BCM
• Development and structure of your BCM governance and strategy
• Implementation and optimization of the BCM
• Integrated crisis management
• Awareness and training in the areas of (IT) emergency, crisis and BCM

More information

​​Data Protection and GDPR Consulting​

In the context of the General Data Protection Regulation (GDPR), we support you and your customers in the implementation of data protection management systems. We are happy to provide the external data protection officer (DPO) if required. We ensure the security of your company data and personal data and work with you to develop a structure for integrated data protection and IT security.​

Our focus areas

• Determination and improvement of degree of implementation DSMS
• Optimization of your DS organization or your DSMS
• Provision of an external DPO
• Execution of data protection impact assessments (DPIA)
• Data protection training

More information 

​​NIS-2 Consulting

The topic of NIS-2 is particularly in focus due to the current legislative process (NIS2UmsuCG). The extension of the already known KRITIS legislation to large parts of the European economy affects approximately 30,000 companies in Germany alone. Will you be affected by the upcoming “NIS-2 Implementation and Cybersecurity Strengthening Act” (NIS2UmsuCG)? What measures do you have to take? We would be happy to advise you in this context.

​​Our focus areas​

• NIS-2 impact analysis
• NIS-2-Readiness-Check / GAP analysis
• Risk analysis and definition of measures
• Support and advice on the implementation of NIS-2 requirements

More information​

KRITIS Auditing and Consulting

We support you in the practical planning and implementation of KRITIS requirements. Together, we develop your individual security concept that fits your organization and infrastructure. From the implementation of the risk analysis, to the determination of risk treatment, the development of the necessary documentation up to the audit preparation – we advise you comprehensively on the topic of KRITIS.

As an auditing body, we are your partner if you, as a KRITIS operator, require a verification audit in accordance with § 8a paragraph 3 BSIG. Our auditors evaluate your information security management system and its maturity level as proof to the BSI.

Our focus areas

• Full-scope advice on fulfilling the requirements of § 8a BSIG
• Implementation of a management system for information security (ISMS)
• Efficient mapping of your management system in an ISMS tool
• Conductor of internal audits
• Execution of verification audit according to § 8a paragraph 3 BSIG as an auditing body

Learn More