vCISO / CISO-as-a-Service
Objectives
Challenges
Developing and implementing a cybersecurity strategy.
Identification and assessment of IT security risks.
Implement security policies, processes, and controls.
Regular reporting on the security status and risks to the client's management.
Support in compliance with legal and regulatory requirements (e.g. FADP).
Monitoring of security incidents and response to security incidents.
Advice on security investments and prioritization of security measures.
Results
achieved
Cybersecurity strategy according to NIST Framework 2.0
Cybersecurity Program Roadmap with projects on identities, endpoints, applications, network and data (strategy basis in the form of the Zero Trust Security Framework)
Development of security policies, concepts and governance
Recording and documentation of the IT security architecture
Backup & Recovery Concept and Policy
Acceptable Use Policy for Employees
Password policy
Access and Role Management Policy
Incident Response Processes
Cyber Incident Management and Handling
Incident analysis, management and response
Incident coordination and communication
Technical log analysis and identification of the scope of the attack
Coverage
Cooperation with external SOC and IRT
Categories
Cybersecurity
Date
> 2 years, still active
Client
Industrial company (international, approx. 1,600 employees)
vCISO / CISO-as-a-Service
Objectives
Challenges
Developing and implementing a cybersecurity strategy.
Identification and assessment of IT security risks.
Implement security policies, processes, and controls.
Regular reporting on the security status and risks to the client's management.
Support in compliance with legal and regulatory requirements (e.g. FADP).
Monitoring of security incidents and response to security incidents.
Advice on security investments and prioritization of security measures.
Results
achieved
Cybersecurity strategy according to NIST Framework 2.0
Cybersecurity Program Roadmap with projects on identities, endpoints, applications, network and data (strategy basis in the form of the Zero Trust Security Framework)
Development of security policies, concepts and governance
Recording and documentation of the IT security architecture
Backup & Recovery Concept and Policy
Acceptable Use Policy for Employees
Password policy
Access and Role Management Policy
Incident Response Processes
Cyber Incident Management and Handling
Incident analysis, management and response
Incident coordination and communication
Technical log analysis and identification of the scope of the attack
Coverage
Cooperation with external SOC and IRT
Categories
Cybersecurity
Date
> 2 years, still active
Client
Industrial company (international, approx. 1,600 employees)
vCISO / CISO-as-a-Service
Objectives
Challenges
Developing and implementing a cybersecurity strategy.
Identification and assessment of IT security risks.
Implement security policies, processes, and controls.
Regular reporting on the security status and risks to the client's management.
Support in compliance with legal and regulatory requirements (e.g. FADP).
Monitoring of security incidents and response to security incidents.
Advice on security investments and prioritization of security measures.
Results
achieved
Cybersecurity strategy according to NIST Framework 2.0
Cybersecurity Program Roadmap with projects on identities, endpoints, applications, network and data (strategy basis in the form of the Zero Trust Security Framework)
Development of security policies, concepts and governance
Recording and documentation of the IT security architecture
Backup & Recovery Concept and Policy
Acceptable Use Policy for Employees
Password policy
Access and Role Management Policy
Incident Response Processes
Cyber Incident Management and Handling
Incident analysis, management and response
Incident coordination and communication
Technical log analysis and identification of the scope of the attack
Coverage
Cooperation with external SOC and IRT
Categories
Cybersecurity
Date
> 2 years, still active
Client
Industrial company (international, approx. 1,600 employees)