Whether cyber security, cyber risk resilience, governance, risk & compliance, digitalisation or cloud: the growing challenges can only be mastered with a holistic cyber security strategy. InfoGuard's modular range of services takes equal account of technologies, processes and your employees. Many years of experience in the field of security consulting according to ISO 27001 and NIST, penetration testing, attack simulation as well as security awareness and the first-class skills of our specialists ensure the smooth interaction of all elements.
Does your company lack the internal resources to competently fill the position of a security officer and/or data protection officer? We can take on this task within the framework of an outsourcing relationship. You benefit from the experience and comprehensive know-how of our experts in the areas of technology, organisation, compliance and audit. We define the specific area of responsibility together with you and provide you with the relevant specialists.
We advise and support you on the following topics:
Do you want to be sure that your security is built on a firm and reliable long-term foundation and can also be adapted quickly and easily to future requirements? Our experts support you in formulating a long-term security strategy or in setting up a flexible framework for the structured management and targeted minimisation of all ICT risks. A cyber security framework not only helps you to better manage your internal risks. The implementation of compliance and risk management requirements is also massively simplified by the structured framework.
Our ISMS / DSMS services include:
Development of a sustainable security strategy (re-)certification according to ISO 27001
Auditing of your ISMS according to ISO 27001
Risk analyses according to ISO 27005
Development of a cyber security framework according to the NIST CSF
Development of a security policy as well as user guidelines and directives
Definition of the security organisation with functional descriptions
Our independent security audit examines your information security and informs you about the organisational, personnel, physical and technical weaknesses in your company. Our detailed action plan provides you with the basis for a sustainable increase in your information security. It also includes recommendations for technical and organisational measures as well as awareness-raising and training suggestions for your employees.
Our Security Audit & Review covers the following areas:
A gap analysis against the internationally recognised NIST Cyber Security Framework (CSF) provides the necessary transparency of your cyber security. Our security experts uncover deviations to all topic areas of the NIST CSF, assess them and provide prioritised recommendations for action.
This is how you benefit from our NIST CSF gap analysis:
A data protection gap analysis is the optimal solution if you only want to have one specific aspect examined more intensively. For example, all the services you have commissioned, in the context of which personal data is processed on behalf of the service provider or potential access possibilities exist to such data by the service provider. Or do you just want to have the data protection declaration of your website thoroughly checked in order to prevent possible warnings? Here, too, the gap analysis is the right tool.
With our many years of experience in cyber security, we have the expertise to support you in setting up or optimising your cyber supply chain risk management (C-SCRM). A systematic C-SCRM improves your security level in your supply chain, reduces own cyber risks and ensures compliance requirements.
We advise and support you on the following topics:
More about Supply Chain Risk Management Services
People are a decisive key factor for your information security, which is why security awareness is an important element of any cyber security strategy. Our specialists have many years of practical experience in the targeted sensitisation of employees for a risk- and security-conscious handling of information in everyday business. Based on existing guidelines and your specific needs, we develop a detailed security awareness concept. This includes the most important core messages, an appropriate catalogue of measures and a target-oriented communication plan.
Our security awareness services include:
Security awareness concept development and campaign planning
Security awareness branding
Awareness communication (workshops, posters, brochures, intranet portals, etc.)
Topic-specific workshops and training courses
Live hacking demonstrations
This year, SWIFT has once again tightened its regulations for financial service providers. Not only have new SWIFT controls been added, but several have been upgraded from advisory to mandatory. And a problem for many companies: the one-year period in which the adjustments have to be made. How do things look for you?
InfoGuard is a SWIFT assessor and confirmed cyber security provider. With our SWIFT Assessment, you receive a comprehensive overview of your current status as well as recommended measures to meet Compliance v2020.
We help you to build an appropriate network and security architecture. Based on the ISO 27001 standard and the NIST CSF, we identify the missing elements in a GAP analysis and show the associated risks. As a basis for operational implementation, an action plan is then drawn up and prioritised according to risk. In this way, we ensure that you can continue to react quickly to new needs and derive optimal IT security measures. With the know-how of our specialists, you can expand the competencies of your organisation and increase the performance of your information and ICT security in a targeted manner.
Our Security Architecture Services include:
With digitalisation advancing ever faster, the number of security technologies needed to protect applications and users is also increasing. Our experts are always up to date with the latest knowledge. Depending on your specific needs, we support you and your specialist departments both selectively in individual processes or technology disciplines as well as comprehensively in entire application areas.
Our OT / DLT Security Services include:
With our Vulnerability Management, you have an efficient way to identify, analyse and assess IT vulnerabilities. The vulnerability scan provides fundamental findings for assessing the current risk situation and the effectiveness of the implemented measures. Proactive monitoring of your IT infrastructure uncovers changes in systems and thus not only finds vulnerabilities of manufacturers, but also misconfigured systems, which in turn can lead to a security risk.
ICT security, compliance and cyber risk resilience are our core competencies. Regardless of whether you lack internal resources in individual specialist areas, whether you are looking for strategic support or need additional know-how for the development of a cyber security framework or information security management system (ISMS): Our specialists are proficient in all elements and processes and have extensive cross-industry experience from a wide range of sectors. Our modular service offerings can be adapted precisely to your individual needs. We know exactly the specific requirements of the Swiss economy.