Cyber risk check
Optimal IT security consulting for small to medium-sized companies.
In an increasingly digitalized world, cyber security is becoming ever more important. The growing number of hacker attacks is forcing companies to constantly optimize their security precautions and keep them up to date. This can often be a challenge for many companies, as there is often a lack of technical expertise and sufficient personnel. Common certification standards such as DIN ISO 27001 are often too complex and expensive.
Does this situation sound familiar to you? Then our cyber risk check could be the ideal starting point for improving IT security in your company. We analyze potential risks and vulnerabilities in your technical infrastructure and give you recommendations for improving the protection of your IT.
Do you need support in eliminating the identified security gaps? We are at your side in this case too. With us as your partner, your IT is quickly better protected and you can assure your customers: “Our company meets all basic IT security requirements in accordance with DIN SPEC 27076.”
DIN SPEC 27076: the basis for our cyber risk check
Our IT security consulting is based on DIN SPEC 27076, a standard developed in collaboration with the German Federal Office for Information Security (BSI) and over 20 partners. This standard provides a reliable and widely recognized basis for our discussions and analysis of your IT.
Your advantages at a glance
- Individual advice for small and medium-sized companies
- Results report with customized risk status value and graphical representation of weak points
- Progress monitoring through 27 standardized test criteria during regular reviews
- Overview of the current state of cyber security in your company
- Recommendations for optimizing protection - prioritized, concrete and clearly formulated
- Overview of relevant subsidy programs to reduce costs
Procedure of the cyber risk check
Our cyber risk check comprises several steps to help you improve IT security in your company. First of all, we invite you to an evaluation meeting where we record your data and clarify which contacts and documents are required for our analysis. We can already assure you that the entire cyber risk check will take no more than 5 hours of your time. Depending on your preferences and business requirements, we can meet online or in person.
In the second step, we carry out the actual cyber risk check, in which we analyze the current status of your IT security. You answer 27 standardized questions from our test catalog. We then evaluate your answers and create a test report for you with an individual security score.
Finally, we present the results of our analysis to you. We discuss the current status of your IT protection and show you where you can further optimize your security. If you wish, we can also support you in implementing our recommendations for action so that your company soon meets all the requirements of basic protection in accordance with DIN SPEC 27076.
Evaluation meeting
Cyber risk check
Evaluation and results report
Basic protection according to DIN SPEC 27076
Implementation of the measures
Presentation of the results
*Basic protection according to DIN SPEC 27076 does not prevent cyber attacks. We recommend the basic protection of the BSI or ISO 27001 certification.
Cyber risk check: This is part of it.
Organization & awareness
Together, we look at the commitment of the management, the internal distribution of responsibilities and the sensitization and training of employees.
Identity & authorization management
We analyze access and access authorizations to physical and digital infrastructures.
Data backup
We examine backups and backup concepts in terms of responsibility, scope, frequency and availability.
Protection against malware
This section deals with the main attack possibilities and vulnerabilities that can be exploited by malware.
Change & patch management
Wir prüfen die Aktualität der eingesetzten Hard- und Software
IT-Systeme & Netzwerke
We look at the security measures of the information and communication technology (ICT) used together.
Use subsidies. Save costs.
After you have completed our cyber risk check in accordance with DIN SPEC 27076, we will continue to be at your side. As experts in IT security, we also support you in applying for financial assistance. We can inform you about various federal and NRW state funding programs that provide you with financial resources for security measures and employee training. This allows you to effectively improve your IT security without overburdening your budget.
Interested? Request a cyber risk check now
FAQ
Why is the cyber risk check carried out with the management?
The involvement of the management in a cyber risk check in accordance with DIN SPEC 27076 is important, as it bears overall responsibility for the company and is therefore responsible for ensuring IT security in the interests of the company.
Why does the check only apply to companies with up to 250 employees?
Our cyber risk check is based on DIN SPEC 27076 and was specially designed for small to medium-sized companies. In a streamlined process, we check whether the basic requirements for IT protection are met.
Other standards and more complex requirements apply to larger companies. For example, they can use DIN ISO 27001 to prove that they have implemented a comprehensive system for identifying, assessing, handling and monitoring information security risks.
Should you repeat the cyber risk check?
It makes sense to repeat the cyber risk check or even carry it out regularly. This is the only way to continuously improve your cyber security and adapt your security measures to changes in the company. After all, growth, restructuring, the introduction of new technologies or changes in business strategy also have an impact on the security situation. Stay on the ball!
What does the cyber risk check according to DIN SPEC 27076 not offer?
Our cyber risk check is an analysis of the current IT security situation in your company. You are responsible for eliminating the identified vulnerabilities. Of course, we will support you in this if you wish.
It is also important to know that meeting all the requirements of DIN SPEC 27076 only represents the minimum level of IT security for you. Protection can be increased with BSI basic protection or ISO 27001 certification. The cyber risk check is no guarantee of complete protection against cyber attacks.
What subsidies are available?
The federal and state governments support your commitment to cybersecurity in your company. At federal level, there is the “Promotion of business consulting for SMEs” program, which covers up to 80% of the costs for consulting services (max. EUR 2,800).
The “NRW – MID-Digitale Sicherheit” initiative aims to support small and medium-sized enterprises in strengthening their digital security with training courses and workshops, among other things. Between 4,000 and 15,000 euros in funding is available over 12 months.