Our Services

Lean Risk Management

 

Compliance to regulations requires effective IT Risk Management. We support our clients to identify and close their compliance gaps pragmatic, fast and sustainable. We create IT Compliance and IT Risk Management solutions which are supporting the Management to identify when and where to act -  before compliance issues become threats to the Enterprise.

Our Expertise:

  • Setting up, managing and running effcient IT Compliance Programs to close existing regulatory findings

  • Creating and optimizing efficient and effective IT Compliance and IT Risk Management frameworks, processes and policies to fulfill regulatory demands (MARisk, BaIT, IT-Sicherheitsgesetz) and manage IT Risks

  • Implementing cyber security control frameworks (ISO 27002, CIS critical controls, OWASP and others).

  • Implementing KPIs, metrics and automated measuring systems.

Security Analytics

 

We develop and implement Data Infrastucture, Data Analysis and Visualization to identify and fight threats and attackers, base Compliance on evidence and continuously improve the Cyber Security performance of our clients.

Our Expertise:

  • Implementing Information Security Data Lakes as a central repository for all IT Security, IT Compliance and IT Risk-related Information. Building the foundation for effective IT Security Analytics and Decision Making.

  • Implementing Data Analysis, vizualisations and dashboards to identify Threats, mitigate vulnerabilites and optimize Security Operations.

  • Communicating the current state of Cyber Security and Risks across the organization and on the Board Level through Storytelling, visualization, and Drill-Down-Analytics.

Security Culture

 

When the most critical security incidents and data leaks are originating in social engineering, spearfishing and waterholing attacks, the human is the first and very often also the last line of defence. Security Awareness is not leading to more Security. Knowledge is not sufficient to make humans act differently, as everyone knows who read about eating healthier and excercising more. To increase Security, decisions and behavior must change. Our unique approach supports our clients to promote and increase Security by adopting powerful values, effective principles and forming secure habits across the whole organization.

Our Expertise:

  • Measuring and Mapping the current Security Culture to uncover the factors influencing Security and detecting the most effective levers to positively change the dynamics.

  • Defining, forming and measuring of habits, principles and values influencing security by applying the latest research on behavioral science, creative problem solving and learning.

  • Designing and executing powerful learning campaigns and effective feedback loops to stimulate and improve secure habits.