With IT infrastructures changing all the time, it is important to regularly review and update your security strategy and protective measures/controls. In the hectic activity of day-to-day business, however, it can be hard to find the time. Or you may be unsure where to go with your strategy. In both cases, Security Consulting can provide valuable assistance.
Changes to the IT infrastructure, such as cloud adaptation, always raise questions about security. Is the data used to define the data storage for the cloud strategy classified? Does the organisation need a Security Operations Center (SOC) to respond to security incidents? There are also general issues to consider: how is the infrastructure protected, and does the Information Security Management System (ISMS) still meet current requirements? In addition to providing support with your strategy, Security Consulting can also provide you with a ‘part-time CISO’ courtesy of CISO as a Service, to step in and provide assistance as and when required.
Companies are constantly optimising their infrastructure and digitising processes to meet market needs more effectively. Regulatory requirements are also increasingly rigorous. You want to maintain a high level of IT security despite the pace of these changes.
Besides constantly reviewing and adapting your strategy, meeting IT security requirements also means keeping employees alert to security issues in their day-to-day work. At the same time, you are under cost and resource pressure and could certainly use the occasional support of a CISO.
Employees are trained in the secure handling of e-mails, the Internet and IT
The majority of security incidents are the result of human error. With our tailored IT Security Awareness training, you will be able to increase employee awareness of security and successfully defend against cyberattacks.
Swisscom experts act as the CISO for your company
Understanding the diverse cyber risks and complex threat landscape is not always easy for organisations. If required, our Swisscom experts can take on the role of Chief Information Security Officer for your company and plan, implement, coordinate and monitor your information security measures.
Individual consulting on information security in the cloud
The number of cloud services is growing rapidly with increasingly rigorous data protection and compliance requirements for companies. The Security Consulting Team provides competent, independent advice on cloud information security to help protect your sensitive cloud data and applications.
Vulnerability identification and improvement of your cybersecurity posture
To reduce cyber risks, companies must identify vulnerabilities and increase the sophistication of their IT security. Swisscom experts provide support by performing a cybersecurity assessment, analysing your company’s IT security and helping you initiate any necessary measures.
Support with the implementation and operation of an ISMS
As digitisation progresses, it is becoming increasingly important to protect yourself against cyberattacks and ensure information security. An ISMS defines the rules and measures to ensure confidentiality, availability and integrity. The Security Consulting Team supports you with this.
Dedicated support to ensure the security of your software supply chain
Unknown, compromised or insecure software components can harm your business. Swisscom helps you to understand your current risk landscape from all perspectives and measure risks, define your software supply chain management strategy and implement the necessary measures.
Management support in the area of information security and data protection
The Security Consulting Team offers support in your project and day-to-day business. It helps you continuously improve information security and data protection in your company and systematically align it with your business goals and requirements.
Information Security Officer as a Service
Reducing workload for the IT department
The tasks facing IT security managers and CISOs are unmanageable, which can delay important IT projects.
We provide you with a qualified and experienced security consultant who takes over the role of CISO or significantly reduces the workload of your CISO. This provides a sparring partner who can challenge ideas and provide additional capacity for your projects.
How security-oriented is my company?
You want to know how well your employees deal with e-mail attachments and links, to assess and reduce the risk of a phishing attack.
We run targeted IT security training and awareness campaigns to increase employee knowledge and awareness. We measure the results using simulated phishing attacks, among other things.
ISO 27001 certification
A direct route to certification
You want to ensure that information security and data security are firmly and sustainably anchored within your company. To achieve this goal, you would like to implement an ISMS based on the ISO 27001 standard.
With our expertise and experience, we guide you on your journey to certification. We know the individual steps and controls as well as the possible stumbling blocks, making it easier for you to reach your goal.