Measure your Cyber Security

We perceive cyber security as an addition and expansion of conventional information security – with a focus on active attacks with potentially significant repercussions.

Together we increase the cyber resilience of your organization to reduce the risk of a cyberattack. At the same time, we take the necessary preparations to ensure that any cyberattack is quickly detected and meaningfully restricted. We also assist you during or after a security incident.

Our services follow the NIST Cybersecurity Framework based on which we prepare for you an customized set of measures from the disciplines of «govern», «identify», «protect», «detect», «respond» and «recover».

We use the cyber security risk assessment (cyber security audit) to evaluate your cyber security dispositive from holistic and strategic perspectives. The findings obtained can be used to define and implement purposeful measures at a variety of levels, which all protect your organization against cyberattacks. Should you wish to expose your company to a simulated attack, we would also be pleased to offer our Attack Simulation.

Selected references on the subject

Our Services

Compliance assessment & management

Our security specialists review the fulfillment of legal and regulatory requirements within the framework of the compliance assessment. Structured as a gap analysis, you receive an independent assessment of current implementation levels, as well as a set of recommendations to ensure compliance.

We will gladly support you in the assessment of requirements defined by relevant laws or regulations and collaborate with your specialists to ensure an optimized structure. This is how we lay the foundations for effective and efficient implementation.

Where necessary, our security specialists translate the requirements into the current information security management system or establish a suitable policy.

ISO 27001 Certification Support

ISO/IEC 27001 is the world's leading standard for the certification of information security management systems (ISMS).

We are happy to assist you in assessing your organization's maturity level. Through a review, we evaluate whether you already comply with the ISO/IEC 27001 standard or if there are still weaknesses. For the latter, we develop a pragmatic implementation plan that allows you to establish a security process within your organization, thereby ensuring long-term compliance with the ISO/IEC 27001 standard and optimally preparing for certification.

Social Engineering & Physical Security

Physical security barriers are only as strong as the people who enforce them. Our specialists therefore simulate a targeted physical intrusion attempt on your premises to uncover both technical and human vulnerabilities. We assess the effectiveness of measures like access controls, alarm systems, and perimeter security. Simultaneously, we test employee security awareness through targeted social engineering. Using credible pretexts, we attempt to gain unauthorized access and analyze whether your staff adheres to established security policies and challenges strangers. The final report highlights the identified risks and provides pragmatic recommendations to strengthen both your infrastructure and your team's awareness.

ICT Minimum Standard Assessment

The ICT Minimum Standard is a comprehensive framework for protecting your organization against cyber risks.

We support you in determining the maturity level of your organization. By assessing the status quo in the regard to the ICT Minimum Standard, we evaluate whether you are already compliant or vulnerabilities continue to exist. If the latter applies, we develop a pragmatic action plan that equips you to establish a security process within your organization and hence to comply with the ICT Minimum Standard in the long term.

More Information

AI Assessment

We provide comprehensive support for the responsible and secure use of Artificial Intelligence. Through structured assessments, for example, based on ISO 42001, we analyze your existing processes, roles, and controls related to AI. We then identify where risks, optimization potential, or regulatory requirements exist. You receive an independent assessment and concrete, practical recommendations.

Beyond organizational and strategic aspects, we also offer technical consulting – for example, with an GenAI Red Teaming. Whether in the early planning phase or during the further development of existing systems, we guide you on your path to trustworthy and secure AI utilization.

Support for other certifications

We support you in building and certifying data protection and information security management systems according to ISO/IEC 27001, 27002, 27005, EPDG and VDSZ. In this regard, we ensure ideal preparation for upcoming certification and accompany the audits until successful completion of the certification process.

Why

Cyberattacks present an increasingly serious threat to organizations and enterprises operating in all industries. To counter this threat, we holistically analyze and assess your cyber security dispositive. This gives you transparent insight into your company’s current threat situation. We use the findings to deliver specific measures for protection from cyberattacks. The cyber security risk assessment by Redguard is based on the established and recognized Cybersecurity Framework by NIST.

Your benefits at a glance

  • Neutral and unbiased assessment of your status quo
  • Identification of your critical company assets
  • Understanding of perpetrator groups that are relevant to you, their attack vectors, methods and therefore your threat situation
  • Identification of measures for the cyber enhancement and optimization of your dispositive
  • Determination of areas of action and measures with due consideration of the threat situation
  • Long-standing experience of our security experts with a variety of specializations at your disposal

Procedure

The first step is a workshop with your management team to assess the threat situation. Together with your team and based on critical company assets, we identify possible perpetrator groups, their methods and attack vectors (threat modelling). This shows the specific threat situation for your company and can then be used to align the cyber security measures. In a second step, the Redguard specialists join with your experts to determine processes and current security precautions against cyberattacks in your company. This visualizes any gaps or vulnerabilities in the current cyber security dispositive at the levels of technology, organization and human resources.

Action plans

Together we prepare the calls to action, which consist of a variety of measures to strengthen your cyber security. Each of these measures can be assigned to one of the five phases of the Cybersecurity Framework by NIST (govern, identify, protect, detect, respond and recover). A maturity model and the desired level of maturity for your organization are determined for all phases within the Cybersecurity Framework. The Redguard specialists collaborate with you to assemble the ideal set of measures for your organization.