Information Security

Protecting business information is one of the most important tasks of any company. Information security defines technical and organisational controls for this purpose.

Information security

The path to effective security management

Data is often referred to as the gold of the digital age. Because of this significance that it is important to implement reliable controls to ensure the essential protection goals of information security - confidentiality, integrity and availability. ISO/IEC 27001 is one of the most recognised standards in the field of information security and defines the framework for a holistic approach to security with the implementation of an ISMS (Information Security Management System).

As condignum, we support you both in setting up certifiable information security management systems (ISMS) and in reviewing and optimising existing systems in accordance with ISO/IEC 27001.

Risk management

Risk management - how to stay prepared for anything!

The number and complexity of cyber attacks is constantly increasing, making the implementation of appropriate security controls an increasingly difficult undertaking. Only those who know their risk profile are able to set the right priorities, deal with risks effectively and use available resources efficiently.

As condignum, we support you throughout the entire risk management process on the basis of recognised standards such as ISO/IEC 27005, ISO/IEC 31000 and BSI 200-3 - from the identification of threats and the assessment of risks to the planning of security controls.

Based on this, we can assist in the development of security concepts and technical security architectures that are tailored to your company and your use cases.

Critical infrastructure

Cyber security for operators of critical infrastructures

With the EU NIS2 directive, minimum standards for the protection of critical infrastructures were established in the EU.

With the implementation of the NIS Act in Austria and the IT Security Act (IT-SiG) in Germany, operators of critical infrastructure are obliged to implement technical and organisational security controls. Measures taken must be verified on a regular basis.

As an accredited qualified body (QuaSte), condignum supports you in the implementation and regular verification of the applied security controls for effectiveness, appropriateness and efficiency.

CISO as a Service

Expertise and a helping hand for cyber security

In every company, there should be a person who has an overview of the current state of information security and provides the management with the relevant information to make informed decisions. However, especially for SMEs, it is not always possible to hire a dedicated person for this purpose.

With the condignum "CISO as a Service" model, you get an experienced security expert at your side - exactly when you need him.