Implement and document information and IT security on a technical and organizational level with the support of our experienced and certified security consultants.
Develop, implement and document information and IT security
IT governance often requires documenting IT security. Developing security concepts and writing respective policies and guidelines can be a time-consuming and demanding endeavor, especially if you have to start from scratch.
We provide CIOs, CISOs / CSOs, compliance officers, data protection officers, IT governance, IT department heads and system engineers with best practice advice as well as tried and tested templates so they don’t have to reinvent the wheel.
- Tried and tested templates
- Best practice advice from over 2000 security projects
- IT and business university graduates
- Certified security experts (e.g. ISO Lead Auditor, CISSP, ITIL)
Below you find some examples of our security consulting activities:
A security roadmap is a planning instrument which defines individual security measures on a timeline of 1 to 3 years.
The security controls may have been defined in a previous risk assessment, penetration test or standard-based security audit (e.g. ISO 27001 or ISO 27002) and need to be scheduled according to their dependencies and prioritization.
We will support you in determining the right selection of security measures based on available resources, priorities, dependencies and cost benefit ratio. Usually, defining the security roadmap involves the following steps:
- Information gathering
- Draft timeline
- Workshop discussion
- Final roadmap
Data protection is a key pillar of IT compliance. Wherever personally identifiable and sensitive information exists (such as salary information, healthcare records, financial transactions), organizations need to make sure they protect such data according to applicable law.
In contrast, information protection deals with data which should be protected based on the organization’s own requirements (for example strategies, pricing models or manufacturing know-how).
Oneconsult has developed a tried and tested method to assess the data and information protection requirements and bring them together to define organizational and technical measures for implementation. Approach is mostly workshop-based.
Most information security standards require specific kind of documentation. For example in ISO 27001 and the respective controls of ISO 27002 (if selected) the following policies are mandatory:
- Information security policy
- Acceptable use policy (acceptable use of assets)
- Information classification policy
- Mobile device policy
- NDA (non-disclosure agreement)
- Clear desk and clear screen policy
Examples of concepts we may help you with in the form of reviews and second opinions are:
- Backup concept
- Incident response concept
- Security operations center (SOC) concept
- Data leakage prevention (DLP) concept
- Network zoning concept
One of our core areas of expertise is IT forensic readiness, which amongst others includes an IT forensics concept or digital forensics guideline.
Oneconsult also competently supports you in your decision-making process with product and solution evaluations that are optimally tailored to your requirements, with a special focus on information security.
Security Consulting Expertise
Our qualified consultants have performed a wide variety of consulting projects. Amongst other qualifications, they hold ISO 27001 Lead Auditor, CISSP, ITIL Foundation certificates. Our technical as well as conceptual expertise will help you get quick and practical results.
For definitions of information and IT security terms please refer to our glossary.
Technical and organizational preparations required to be optimally prepared for a forensic investigation of security incidents. Typical aspects are: Definition of the IT security organization (internal and external), logging type and depth, tool selection, training of involved staff and emergency drills.
In the OSSTMM (Open Source Security Testing Methodology Manual), a de-facto standard for security tests, a flaw is the least serious security hole in the respective risk categorization. It is an unknown factor in the system, which a tester could not identify with the available information within the given time frame (example: unexpected response from a router).
Ransomware is malware that attackers use to encrypt data and/or block systems of their targets. The attackers then ask their victims to pay a ransom, after which the data/systems are supposedly decrypted or unblocked again. This type of malware is often spread via malicious email attachments and links or phishing. Well-known examples of ransomware are CryptoLocker, Petya and WannaCry.
A buffer overflow is triggered by coding errors. The program can thereby be made to write more data to a data structure (for example a buffer for temporary data storage) in the main memory (RAM) than it was meant to hold. The extra data can thus overwrite adjacent data structures and cause unwanted changes in the memory content or program flow. Buffer overflow problems usually occur only in programs which have been written in programming languages with direct memory access (e.g. C). A related issue is buffer over-read, where more data can be read than intended and thus internal information of the program becomes visible. An example of this variant is the so-called Heartbleed bug in OpenSSL.