SOM CYBER SECURITY CONSULTING
Information security and business continuity: protection against cyber attacks, sabotage and espionage
The increasing networking of organizations and systems as well as new legal requirements such as the DORA Directive (Digital Operational Resilience Act), the KRITIS DACH Act and the NIS2 Directive pose considerable challenges for companies. These regulations aim to strengthen the resilience of critical infrastructures and digital systems and raise security standards to a higher level. Attacks such as cybercrime, industrial espionage and targeted sabotage not only threaten IT security, but also the continuity of your business operations. A holistic approach consisting of organizational, technical and personnel measures is therefore essential.
Our experts support you in achieving a robust level of information security and protecting your organization in the long term – with the following consulting services:
Analysis and planning
Determining the current status of information security and carrying out risk analyses
Creation of a security concept and security policy
Development of a customized protection concept for business continuity in accordance with KRITIS, NIS2 and DORA requirements
Implementation and realization
Introduction of an information security management system (ISMS) in accordance with ISO 27001 or BSI basic protection
Implementation of organizational and technical security measures
Preparation and support for certification in accordance with ISO 27001 or BSI basic protection
Compliance with regulatory requirements as required by KRITIS, DORA and NIS2
Sensitization and training
Conducting security awareness training and courses to prevent cyberattacks and insider threats
Building security awareness at all levels of the company
Testing and continuous improvement
Scheduled review and optimization of the ISMS
Establishment of a process for the continuous improvement of information security
External support and management
Provision of an external and independent Chief Information Security Officer (CISO) to manage and monitor the security process
Conclusion:
Our holistic approach combines the highest information security standards with the specific requirements of the DORA Directive, the KRITIS Umbrella Act and the NIS2 Directive. In this way, we protect your organization against cybercrime, sabotage and espionage and ensure the resilience of your critical systems and processes.