Cyber Security – We Are Helping Companies Protect The Core

Our Committment

Organizations are facing a rapidly increasing range of attacks on diverse and critical company resources. Attackers are adapting their approach and techniques to increasing digitalization, increasing mobility and global connectivity in order to damage SMEs, large corporations and public sector institutions through increasingly professional attacks. The targets of the attackers are extensive and range from destabilization to extortion to industrial espionage.

We support you in identifying the cyber threats relevant to your company and advises you in the selection of suitable technical and organizational security measures. Together with you, we organize security measures that match the individual risk of your company and protect your company against modern and professional attacks.

THREAT ANALYSIS

The procedure and the way in which cyber criminals work varies greatly depending on the assignment of the criminal actors. To protect your business from cyberattacks, you need to know who the attackers are, what they do, and what their goals are. Threat analyzes identify the attackers relevant to your company and their possible attack vectors and targets. Based on the analysis, suitable protective measures can be organized that suit the individual threat situation of your company.

We carry out a threat analysis in your company in order to identify the criminal actors relevant to your company, their attack patterns and targets. The results of the threat analysis are discussed with those responsible and documented in a report.

After the threat analysis, we will also accompany you in prioritizing and implementing measures to improve your security level.

CYBER SECURITY CHECK

Due to the strong dependence of companies on their IT, the requirements for efficient and effective security measures to protect your systems and data are increasing. To do this, it is necessary to know the current status and weaknesses in relation to cyber security.

We carry out a cyber security check in your company in order to offer you a status analysis of your cyber security and to show optimization potential. The possible attack vectors are analyzed and the technical and organizational security measures are checked. The results of the cyber security check are discussed with the responsible persons and documented in a report (with management summary).

We will also be happy to accompany you after the cyber security check, in prioritizing and implementing measures to improve your security management.

AWARENESS /SENSIBILIZATION

Only those who are adequately informed about cyber threats can make effective and economic decisions to protect themselves against these threats and to reduce the associated risks. The collection and preparation of information on the subject is time-consuming and time-consuming. Use the know-how of our experts and let us inform you about the most important topics.

We carry out awareness measures for board members, management and executives in your company. The sensitization is aimed at those responsible who, due to time constraints, can only deal with information and cybersecurity issues irregularly.

ATTACK WORKSHOP

Professional attackers use the knowledge of internal company employees to plan and implement your cyber attacks. For this, e.g. Social engineering measures are used or employees are blackmailed. Be one step ahead of the attackers and use the knowledge of your employees about weak points in your company. In the context of so-called attack workshops, weak points in your company are identified by important know-how carriers forming an attack team.

We moderate the execution of attack workshops in your company and support your internal attack team in planning and preparing the attack. Here, our know-how from our many years of activity in the field of information acquisition is very helpful.

After the attack workshop, we will be happy to assist you in identifying, prioritizing and organizing measures to improve your security.

CYBER INCIDENT RESPONSE PLAN

After a cyber attack occurs, it is necessary to make the right decisions quickly in order to minimize consequential damage or breakdowns in production systems. Entry gates through which an attack occurred must be identified and closed to prevent follow-up attacks.

To prepare for cyber attacks and to be able to quickly take the right measures, companies have to organize responsibilities and procedures in advance. Reaction measures must be developed so that they can be structured in the event of an attack.

We advise and support you in setting up and optimizing your Cyber Incident Response planning and in developing the necessary checklists, alarm and process plans.

 

 

PenTesting – You want to keep your IT up to Secure?

People & Processes

Strengthen Your Core
  • Employee Trainings
  • Establishing risk management and emergency management in your company
  • Establishing management system for information security

Penetration Testing

Application, Infrastructure & Network
  • Vulnerability Scan
  • Penetrationstest – Outside / Inside
  • Penetrationstest – Black- / White-Box
  • Red Team Operation
Get an Offer

Managed Security Services & vCiso

We are living in a Subscription Economy

Set up security governance

  • Create ISMS (Information Security Management System) according to ISO 27001
  • Define IT Risk Catalog and Key Risk Indicators (KRIs)
  • Establish CISO (real or virtual)

Top-Down Operations, periodical

  • Identify threats and weaknesses
  • Update of IT risk catalogue and Key Risk Indicators (KRIs)
  • IT security reporting and mitigations
  • Audit support

Bottom-Up Operations, permanent

(24*7*366 or Office Hours)

  • Process and IT migration support
  • Penetation testing
  • System monitoring: permanent vulnerability analysis, event evaluation, attack detection & alerting, immediate measures, crisis management and reporting

Why working with Us?

EXPERTISE

EXPERTISE

With 20 years of professional experience in the areas of information acquisition and information security, we look after a large number of customers with a wide variety of threats. Through our professional experience in the field of information gathering, we know the procedures and methods of modern and professional attackers and the right measures to prepare for and counter the threats.

  • Certified Global Industrial Cyber Security Professional (GICSP)
  • Certified GPEN, GIAC PenTester
  • Offensive Security Certified Professional (OSCP)
  • IT Governance ISC² CISSP

DISCRETION

DISCRETION

Due to our many years of work in security-sensitive areas, we are aware of the requirements that our customers place on us in terms of confidentiality. We treat the information obtained from our orders with the utmost confidentiality.

 

 

 

 

HOLISTIC

HOLISTIC 

Forty2 provides you with practice-oriented and individual advice. We always consider the risk exposure of our customers as a whole. Our advice is based on a holistic approach to ensure synergy effects from the disciplines of IT governance, IT compliance, data protection, information and cyber security for your individual questions. Use business continuity & disaster recovery.

 

EXPERIENCE

EXPERIENCE

Our consultants have more than 10 years of consulting experience in the financial, industrial, insurance and service sectors, trade, the health sector and other institutions, in the areas of digitization and security.

 

 

Ready to Talk

    Digital Technology

    

    Learn More
    Project Management
     
    Learn More