Cybersecurity is a process, not a project! In order to feasibly establish these processes in the company, we offer customized services and support starting with the initialization of security.
We offer the following services:
Identifying risks through an assessment is the first important step towards a cybersecurity strategy and the following implementations and reactions. ComCode specializes in the implementation of highly efficient and insightful cyber/ information security risk analysis. The risk assessments cover the topics of corporate strategy, business processes, IT and external service providers.
Together with the client, ComCode establishes an appropriate and feasible Information Security Management System (ISMS following ISO27001). The requirements of the security strategy will be explicitly structured across the whole company in the form of guidelines (policies), defined classifications and standards. Guidelines will be defined for the IT, external service providers and the business processes in terms of cybersecurity and the safe handling of information. From here on out, cybersecurity will be an integral part of the business processes.
he review of the effectiveness of the measures is an important part of the security process. In our audits, we check to see if and how security is implemented, whether employees have the required knowledge and whether the installed systems actually offer the desired technical protection. The security checks may include the following elements: social engineering, documentation check, process check, penetration testing, architecture review, code check.
If something actually happened, we help to get the situation under control and limit damage. Possible triggers for emergency measures may be:
- Major systems have failed or are functioning faultily
- It is suspected that sensitive information unintentionally left the company
- Confidential data (e.g. customer data) appears on the internet; possibly already reported in the media
- There is a suspicion that an employee is deliberately harming the company
In these or similar cases, immediate measures are taken to keep damages to a minimum. In advance of potential emergencies, we teach the company how to best respond in such cases of emergency by developing and establishing emergency processes.