Workshops and trainings
Within my range of services, I conduct specific training courses with customer representatives in the premises of the customer. Basically, within booked projects with corresponding changes in the company, workshops and training courses are included as standard, but can also be booked individually. The offer ranges from project-specific training courses, through special workshops to more general lectures.
Strategy Workshop information security incl. identification of a data and information stream
Workshop on the collection of the information security strategy and identification of the problem.
- In the company, none or only a few isolated measures were taken to raise information security. There is no comprehensive view of the risks and necessary precautions. There is no planning how to deal with such events.
- Corporate documents are previously viewed. In the workshop, business processes are collected and compared with the existing IT. On a subsequent day the data and information flows are worked out. Furthermore, the focus is on an appropriate level of protection for the data and information flow.
Strategy Workshop Identification & Quality Assurance of a data and information stream
Workshop to collect the data stream and identify the problem.
- The company already knows which data and information stream it would like to examine and protect. Together with the management of the customer, the business process and the IT systems are considered.
- The data and information streams are thereby worked out. Existing protective measures are clarified. Assured and requested information security as well as compliance requirements are consolidated. Now the necessary protection level can be defined.
- A summary report provides a more precise definition of the level of protection and a proposal for further action.
Data are collected, or can now be fine-grainely resolved. Are you already using these options to better understand your customers and refine your products every day? With the collection of these data, the needs for storage, which no longer have to take place in the own business building, are becoming more and more acute. Accordingly, the handling of data is conceptually redesigned.
Setting up distributed data storage as a basis for data science
- Modern storage strategies store the data decentrally on different computers, but make them accessible via a uniform memory management. The distribution of the storage as well as the data evaluation load is done automatically.
- This project is about a prototype for technologies such as Hadoop or Spark, so the company can evaluate whether this approach is appropriate.
Develop a Data Science approach to maturity
- Data Science creates the basis for strategic decisions of the company. Simple approaches can be implemented, but the complete value-added potential can only be raised with the individual adaptation of the data model.
- This leads to a prolonged development phase. Such a research-driven elaboration of a new model often happens with unknown results.
Despite a certain size, many companies do not have their own information security officer, have little competence in this area, or the consulting capacities in Germany are not sufficient. However, all these companies are exposed to different cyber risks, which is why information security should be an important factor.
Data stream hardening at one location
- The data and information stream was developed in a workshop and a proposal for the further procedure was developed. Now the threats at a site can be comprehensively covered and action plans can be presented and implemented.
- If necessary, repeat this procedure for each additional location.
CISO4rent (external information security officer)
- After the establishment of an ISMS, the migration or hardening of a DIS, corresponding processes have been introduced. There is no staff or financial resources available within the company to provide its own information security officer. There is no correspondingly experienced and security-oriented employee. The desire for an independent entity without operational blindness exists.
- In this case, the service of an external information security officer can be provided. At the same time, this is also an offer for the productive support for the introduced and established measures.
Set an ISMS up in a SME
- An Information security management system (ISMS) is a leadership process for comprehensive design and management of information security in a company.
- Based on the results of the strategy workshop, a risk analysis can be carried out, corresponding directives formulated and current safety levels can be collected both internally and externally.
- Subsequently, measures are proposed and accompanied in the implementation. The company is supported in product selection and training. The ISO standard 27001, for example, offers a best practice based framework.