Do you have specific information security topics in your company? We support you in an appropriate manner—whether through security workshops, awareness campaigns, tabletop exercises, process development, and more. We provide valuable input and expertise that empower you to drive information security forward in your organization.
With over 20 years of experience in IT - both in software development and business - combined with our solid education in management topics, we have a holistic view of the entire company and can connect the individual information security aspects. We bring our expertise and external insights to the table, serving as your sparring partner.
In information security, there are numerous standards that can be utilized to enhance security. The most common ones include ISO 27001, the NIST Cybersecurity Framework (CF), the IKT Minimalstandard, and the BSI IT-Grundschutz. The last three are freely available.
The individual standards have different levels of detail but are largely overlapping. The choice of which standard to adopt depends on the specific goals of the company.
How secure is the information in my company? To establish a baseline with concrete quick wins, we analyze the current state of your organization. This assessment goes beyond technical aspects, placing a strong focus on processes as well.
Is your company active in software development? Modern software development offers many opportunities to make security-relevant errors in the pipeline from development to productive deployment. We recognize these errors and suggest sensible security checks at various points, which can often be automatically integrated into the deployment process. In this way, vulnerabilities are detected early and can be eliminated.
Are you planning to set up an information security management system or are you already on the way to doing so? We can support you with valuable input and experience. We not only understand the management view and processes, but also the technical side with all its complexity.
If you lack resources or experience, our specialists can bring their input to your company. We focus on your needs and work with you to find the right format to tackle the issues.
The scope depends entirely on your security requirements. This can range from a brief analysis of an existing process to a complete awareness campaign. We take a pragmatic approach and provide you with the relevant points for the size of your company.
The result depends on the needs and scope of the order. Our aim is to provide you with as much information as possible so that you are able to develop independently and can come back to us if you have any questions.
The costs depend on the scope. An offer is drawn up before each consultation and a cost ceiling is defined together. Billing is based on actual expenditure.
Tabletops (short for tabletop exercises) simulate security incidents. The aim is to test and improve the ability of individual teams to respond to cyber attacks or other security-related incidents.
Tabletops are a cost-effective way to prepare organizations for real cyberattacks without taking any actual risk.
The whole group is only as strong as the weakest link. People are often a strong link in the chain, but unfortunately they can also quickly become the weakest. Statistics show that many attacks on companies start with phishing campaigns or at least have a social engineering component. It is important to sensitize people to these issues. As IT has now penetrated all levels, it is also important to ensure that all employees are aware of the issues. Awareness campaigns, workshops or presentations can help here.
If a process needs to be created or expanded, security workshops can help. In these workshops, we actively contribute input and experience in order to develop a complete process or checklist.
63% of confirmed data leaks are caused by a weak, preset or stolen password.
Source: SecurityIntelligence
Kathrin Müller is looking forward to hearing from you and will be happy to organize a meeting according to your needs.
nanio GmbH (Codepurple)
Moosweg 24
5606 Dintikon
