Success can be planned. Security too!

Security gaps can endanger business success. We help you to stay safe, so you can focus undisturbed on your business success.

Contact us

our expertise

Portfolio

Security for us is a multi-faceted issue that we have divided into three main categories. We offer our expert guidance on all of them should you have the need. If you would like to learn more about our approach to security, please contact us.

Information Security

Information Security

With the right combination of organizational, procedural, and technical measures, we help you to minimize information security risks for your company.
IT Security

IT Security

We support you in the implementation of technical measures for your security strategy. Whether trough a vulnerability analysis of your used software or the development of secure software.
Data protection

Data Protection

We help you navigate the complex world of regulation and data processing in a secure and compliant manner.

our process

How we work

01

Understand the Need

There are many reasons for focusing on security-related issues. Regulatory and legal requirements can be drivers, as can your valued customers. Regardless of the reason, our consultants will support you in classifying your individual challenges and offer tailor-made solutions.

02

Define a Goal

Depending on your need, your goals will vary. For example, one goal might be to successfully implement an ISMS and become certified. Our consultants will work with you to define the most important goal to most effectively move your enterprise security forward.

03

Choose a Method

Formulate your objectives and work with us to determine the best possible methodology for your project. To do so, we must understand your company's culture and work ethics. That information will be used to determine which communication and project management tools will work best for you.

04

Create a concept

Our motto in projects is, "Cooperation as equals." For a concept to succeed, it must combine our expert knowledge, and previous customer projects with knowledge of your company's culture.

05

Develop a Backlog

This is where the implementation phase begins; our involvement does not stop after the creation of a concept, we actively take part in its implementation. Using an agile approach, we will define tasks and document them in the backlog.

06

Perform Sprint Planning

We commit to regular sprint plannings in order to reliably and efficiently achieve the stated goal. During sprint planning we will decide which tasks have the highest priority and must be accomplished during the next sprint phase.

07

Implement operationalization

Once all tasks have been processed and completed, our consultants will work with you to implement the operationalization.

08

Go live

We are not interested in creating a prototype or functional-in-theory system for you. We are interested in bringing the project to life and ensuring that it goes the distance. We want to ensure that you are safe.

Tap step to explore

Planning phase

implementation phase

We combine a holistic approach with years of project experience which allows us to rapidly identify and focus in on your security vulnerabilities. Our consultants will work with you to create a company-wide awareness for security and take measured, remedial actions to ensure that you have the best possible protection against malware and hackers. In doing so, we take your individual security challenges into account and meet you where you are at the moment.

our approach

Holistic

Technology

Technology

We integrate effective, pragmatic security measures into your software - for your corporate security.

Human

Human

Proper security necessitates a change in culture. Awareness trainings and company-wide security campaigns help achieve this goal.

Organization

Organization

Whether EU-DSGVO or ISO 27001 - we will support you in the creation and implementation of processes and documents.

We will help you develop, implement and establish a comprehensive security strategy. In doing so, we have based our holistic approach on three core pillars. If you would like to learn more about our corporate values, take a look at our corporate website.

Contact us

success stories

Case Studies

Task

Development and implementation of an information security management system

Project outline

  • Preparation and execution of kick-off.
  • ISMS scope definition.
  • Joint creation of the asset inventory.
  • Execution of risk assessment.
  • Definition of security measures.
  • Definition of security KPIs.
  • Joint creation of the management review.
  • Definition and implementation of a continuous improvement process.
  • Implementation of awareness trainings.
  • Accompaniment of the internal audit.
  • Accompaniment of the external audit, by an external, accredited body.

Project results

Certified ISMS
Company size:  ~900
Industry:   Energy sector
Department:   Development

Challenge:

Requirement of the IT Security Act 1.0 had to be met (KRITIS).

Task

Entwurf und Implementierung einer privaten Cloud-Umgebung für die Softwareentwicklung

Project outline

Unterstützung bei der Service- und Prozessentwicklung, sowie bei der Ausarbeitung einer Entwicklungsstrategie in einem regulierten Umfeld:

  • Aufbau einer Cloud-Umgebung auf Basis von OpenShift sowie entsprechende Provider-Auswahl.
  • Design der Infrastruktur unter Berücksichtigung von Compliance-Anforderungen.
  • Beratung bei der Auswahl und Anwendung geeigneter Technologien, Frameworks und Best Practices zum Aufbau einer serviceorientierten und sicheren Architektur.
  • Beratung bei der Software-Architektur einschließlich der Zusammenstellung von Professional Services.
  • Mitwirkung und Coaching bei der Entwicklung.

Project results

Freigegebene Cloud-Umgebung
Firmengröße:   800
Branche:   Bank
Abteilung:   IT-Security

Herausforderung:

Die BAIT-Anforderungen im Cloud-Umfeld mussten erfüllt werden (BaFin).

Task

Establishment and implementation of a DSMS. Position of an external data protection officer (DPO).

Project outline

  • Preparation and execution of kick-off.
  • Joint initial creation of the processing directory (Art. 30).
  • Ongoing task: data protection tool audits.
  • Creation of privacy statement website.
  • Creation of consent management processes (Art. 6).
  • Creation of data subject rights compliance processes (Ch. 3).
  • Conducting data protection audits.
  • Ongoing task: contact person for data protection supervisory authority.
  • Ongoing task: Data protection review of contracts.

Project results

Long-term support of the customer as external DPO
Company size:   800
Industry:   Advertising agency
Department:   Data protection

Challenge:

Meet the requirements of the GDPR.

Contact us

How can we protect you? Our security experts are happy to help. Get in touch with us.

    Thank you!

    Your request has been submitted!

    Thank you for your inquiry. We are looking forward to hearing from you. Our security experts will get back to you in 1-2 working days.