Information Security

Transformation in absolute safety 

Digital transformation presents new challenges – in terms of security too, since ICT systems are vulnerable. Despite security technology and security tools: a residual risk remains. We meet this challenge with the holistic strategic information security concept “Assume Breach”, which also covers planning in case of emergency.

This not only aims at optimal ICT protection. Key issues are also the fast recognition of cyber-attacks (compromises) and the restoration of normal status. As your all-round partner for information security, we help you in the reorganization of your information security strategy and the implementation of a holistic approach. You then have maximum security and are on the right road to innovation and growth with digital business models and technologies.

 

How we support you

Big Data, Cloud, IoT, Mobile Communications, Social Media etc.: whatever new technologies you use, COCUS gives you maximum information security. For we master the subject not only technically bat also at a strategic and legal level. Our broad range of technical knowledge comprises Firewall F5, IAAS, IPv6 (ITIL/Cicso certification), SaaS, SDN, load-balancing etc. On the strategic and legal level, we offer comprehensive knowledge as regards overall project management, security strategies taking into consideration cloud environments and BYOD topics (Bring Your Own Device) as well as compliance requirements in various areas (BSI IT basic protection, ISO27001, PCI-DSS, SOX). And we provide you with proven specialists – from Certified Information Systems Auditor (CISA) to Certified Information Privacy Technologist (CIPT). Moreover, you profit from our holistic approach, which takes into account all relevant factors: personnel, organization, processes, technology. On this basis, we identify your requirements and work out a coherent overall concept. Our focus: the development of a proactive strategy. This enables you to implement your digital plans and at the same time strengthen the security competence of your company.

What we offer

On the issue of information security, we offer professional services for companies in all sectors and sizes. We develop needs-oriented strategies and take on strategic transformation projects end-to-end: from requirement analysis and consultation to conception and design to successful implementation. On request, we provide you temporarily with a project management office, a CISO, or a program, IT compliance and information risk manager.

And of course we support you with comprehensive individual services:

 

  • Creating and introducing compliance, information security and risk management-frameworks
  • Introducing supporting technologies for the data leakage prevention
  • Introducing supporting technologies for data retention
  • Designing, planning, and implementing security architectures incl. engineering
  • Conducting risk analyses, preventive measures, and source code audits (web/mobile)
  • Setting up MySQL firewall, threat monitoring and database intrusion detection
  • Making an IT inventory incl. possible weaknesses
  • Implementing directives in accordance with IT security law (IT-SIG)
  • Conducting penetration tests (in accordance with SI guidelines) and system hardenings
  • Testing – ethical hacking – and assessing information security (red teaming)
  • Examining service abuse and security breaches (data breach forensics)
  • Developing and implementing business continuity concepts
  • Setting up and running security monitoring with the use of Splunk
  • Designing incident management processes with integration of Splunk and Service Now
  • Support in the choice of threat intelligence providers
  • Overall project management in the introduction of managed security providers (security operations center)
  • Conducting awareness campaigns and providing phishing information
  • Organizing end-user training and risk management workshops
  • Conveying aspects such as embedded security and privacy by design

You have a question about our services?

Contact us by phone or e-mail.

Contact Details