Expertise: Information-Security

Information Security for the Capital Market:

Certified. Trustworthy. Progressive.

Our services in the field of information security:

Always one step ahead.

In our networked world with its multitude of highly sensitive data and digitally stored information, information security should be an essential part of the business model. However, with the increasing complexity of IT, the legal requirements are also evolving - and new or updated regulations are published almost every year.

There are therefore a whole host of reasons why companies and banks should pay close attention to the security of their data, but also to the security of their digital processes.

  • Costs
    The loss of data can sometimes result in high costs, for example due to production interruptions, fines from regulatory authorities, legal disputes, or because a physical renewal of the IT becomes necessary after cyber attacks.
  • Loss of trust
    An external attack or the loss of entire data sets has a negative impact on the trust of customers and service providers and thus also affects business success.
  • Damage to image
    If data loss occurs due to non-compliance with national and international regulations, laws or frameworks, this usually results in fines and damage to the company's reputation.

Our Information Security Competencies:

Geared for maximum safety and regulatory compliance.

  • With our two certified Chief Information Security Officers (DGI® AG) and a team with in-depth knowledge of information security, we offer you support on numerous information security topics such as Individual Access Management (IAM), Privileged Access Management (PAM), Security Information and Event Management (SIEM), Segregation of Duties (SoD), Outsourcing Management, IT Asset Management and Information Risk Management.
  • We offer our extensive knowledge of regulatory frameworks as well as industry standards, such as the Banking Regulatory Requirements for IT (BAIT), the Insurance Regulatory Requirements for IT (VAIT), the Digital Operational Resilience Act (DORA), ISO 27k and the EBA Guidelines on ICT and Security Risk Management.
  • We have experience with waterfall and scrum projects and can provide you with a certified team as project managers or intelligent project management support.
  • In addition to our experience in the aforementioned areas, we have in-depth knowledge of the IT landscape of banks and can therefore advise you directly and competently on capital market projects, without long lead times.
  • We also have extensive experience in the entire chain of regulatory information security findings and are your partner when it comes to preparing responses to regulators, creating remediation action plans, setting up a project structure, and reporting on progress to senior management, boards, and regulators.