Companies of all sizes and industries are threatened. Firewalls, antivirus programs and other protection systems are elementary and important, but often powerless against new forms of cyber threats. This is shown, among other things, by the following cases of damage:
The Trojan was installed via software updates bypassing firewalls and antivirus programs. Internal distribution was mainly made possible by the fact that system services had overly extensive authorizations. Administrative accounts could be misused for further installations.
Firewalls or antivirus programs cannot prevent redirection of payment ﬂows. Instead, eﬀective measures such as monitoring payment transactions and informing the relevant specialist departments are necessary.
We analyse your changed risk situation.
We identify high and critical operational risks, create worstcase scenarios and assess the possible business impact on this basis.
We check your IT and OT/SCADA systems and processes for existing security holes and evaluate the vulnerability using our Security Control Scoring. Our results allow a meaningful prioritization for the risk handling process.
You will receive a three-part fi nal report on management, risk and vulnerability. Using benchmarks and vulnerability scores for the individual security controls, we present the results using comprehensive dashboards and determine your personal risk situation including recommendations for action.
Entrepreneurial activities are generally associated with risks. Our Cyber Risk Assessment enables you to manage your risks in accordance with your corporate goals. We systematically identify and evaluate potential business impacts based on worst-case scenarios. These scenarios serve as a basis for the decision of management/the executive board whether risks should be accepted, avoided, reduced or transferred.
Security controls are defined protective measures (for IT systems, processes, etc.) designed to prevent the occurrence of a business impact. Using selected security controls and a KPI-based rating system, vulnerability can be isolated or assessed in a network. Typical security controls are e. g. Vulnerability Management, Financial fraud prevention, BCM, Rights management, Authentication security, Mail security etc.