The three protective objectives
All good things come in threes: confidentiality, integrity and availability. These are the three IT protective or warranty objectives. In the age of digitalization of value chains and entire business models, IT security plays a decisive role. Both the protection of personal data (data protection) and the protection of factual data, such as business and company secrets, require an "appropriate" IT security level in companies.
Today, a large number of attack strategies on corporate networks and IT systems are known, such as industrial espionage, hacker attacks, encryption Trojans, viruses, malware and ransomware. Attackers are becoming more sophisticated and unscrupulous, which is why it is important to implement adequate technical and organizational measures that are always one step ahead of the attacker's procedures.
In the worst case, a successful attack can lead to valuable company data falling into the wrong hands and causing great damage, on the one side, and a violation of the protection of personal data due to non-implementation of the provisions of Art. 32 GDPR, on the other side, which can result in a large fine.
We support you in the creation and development of an information security system (ISMS) according to ISO 27001 and the documentation of the requirements. We advise you with regard to the selection of technical and organisational measures and their effectiveness. Due to our high expertise in the field of data protection and the smooth transition between IT security and (technical) data protection, we can offer you comprehensive advice that is rounded off with a legal approach. We always keep an eye on whether a measure can withstand the strict assessments of a supervisory authority, a court or an insurance company in the event of damage.