Cyber security and governance consultancy. We help organizations on their journey towards cyber risk management — with human-centric cyber security and continuity consulting for resilient processes and secure technologies. Our focus areas are critical infrastructures and NIS, security management, BCM and IT-SCM and digital technology consulting.
Organizational change in management systems for responsible governance.
Lean process engineering and implementation for solving real problems.
Goal-oriented strategies for sustainable ways through risk and uncertainty.
What we do
We help our clients at the intersection of security, risk and technology:
Information and IT security across all disciplines is our focus — making CISOs digital business enablers through sustainable and effective governance. We help our clients all the way from security design, ISMS architecture to effective execution — with analysis and guidance.
Consulting and analysis for critical infrastructures and NIS since 2013 — we help operators and utilities be prepared for NIS audits and security compliance requirements. This is guided by our work on CI and NIS policies for state, federal and EU governments.
BCM and IT-SCM processes help clients identify and mitigate risks to the availability of critical business processes and IT. We led continuity management implementations from zero hour to being integral parts of organizational risk management and cyber security.
We are passionate auditors and love to use that experience to help our clients fare better in audits — on both sides of the table. Versed from hundreds of audits, we coach clients to be better auditors and prepare auditees with audit management and audit defense.
Advisory for developing line units and project organizations founded in sensible governance. We built and successfully led distributed teams and coached managers on their journey. We shared our path with wonderful project teams through challenges big and small.
Technology and digital consulting on all OSI layers. We are experts in the architecture, engineering and securing of Internet and networking technologies — from global IPv6 backbones and ISP use cases to software-defined networks in the enterprise.
We are experienced from over twenty years of securing organizations, processes and technology through corporate transformations as well as government service advisory.
We are fluent in common industry standards — ISO 27001, ISO 22301, NIST, BSI 200-4, §8a BSIG, IDW PH 9.860.2 and others. Assorted professional qualifications available.