CISO as a Service

Maintaining the crucial specialized cyber security knowledge necessary, especially OT (Operational Technology) by yourselves is cost- and ressource-intensive. We provide you with the know-how on a flexible basis at any time. In this way, you have comprehensive dynamic support for your information security at all times. Our cyber security services prepare your critical infrastructure to the required level, increasing resilience for new threats at any time.

CISO_as_a_Service_2024.pdf [Only available in German]

CISO as a Service - Initialization Package

Your entire company is analyzed in terms of cyber security aspects and a standard of security is established according to the NIST Framework.

CISO as a Service - Basic Package

You get the support to actively and appropriately manage cyber security in your organization according to your requirements and in line with your business processes. In addition, you are prepared for the future regulatory requirements in the area of critical infrastructure.

CISO as a Service - Extention

With the specification of concrete guidelines and work instructions, you achieve necessary compliance levels with security requirements ensured end-to-end.

CISO as a Service - Initialization Package

Cyber Security Assessment according to IKT Minimum Standard (NIST)

Identify and document the current cyber security levels and identify potential cyber risks from weak configuration.

Security Strategy

Define and review existing security strategy and present proposals with a detailed action plan.

Security Policy

Creation or review of the security policy. Description of the optimum target situation. Strategic orientation of cyber security as an integral approach with physical security.

CISO as a Service - Basic Package

Cyber Risk Assessment

Twice yearly detailed audit of cyber risks for your critical business processes, update all related documentation for security configuration and SOP standard operating procedures. 

Auditing and Testing Program

We test and review your processes, technologies and capabilities in the area of cyber security on the basis of the ICT minimum standard from the Federal Office of National Economic Supply. 

Awareness and Training Program

Every 2nd year development of the program including identification of roles as well as definition of training objectives.

Review of the Security Strategy

Twice yearly review of the security strategy, report on suggested changes or tuning required to ensure necessary standards are met.

CISO as a Service - Extention

Implementation of the Action Plan

Support in the implementation of the measures (PL activity and engineering).

Security Architecture

Development of a security architecture appropriate to the protection needs of your company.

Business Process Map

We develop the business process map with you, on the basis of which the critical processes can be defined and prioritized. This also forms the basis for risk management, in which cyber security is an important component. Furthermore, measures for the Business Continuity Management (BCM) can be derived from it.

Security Instructions, Guidelines and Work Instructions

We work with you to create the necessary policies and guidelines for managing cyber security in your organization.

Network Analysis and System Tests

Ensuring that the OT environment meets the defined requirements by means of analyses and tests.

Please read our latest blog entry

Article only available in German.

Schweizer Energie-Unternehmen setzen Sicherheitsstandards