Professional advice on cybersecurity

Strengthen cyber defence with Security Consulting

With IT infrastructures changing all the time, it is important to regularly review and update your security strategy and protective measures/controls. In the hectic activity of day-to-day business, however, it can be hard to find the time. Or you may be unsure where to go with your strategy. In both cases, Security Consulting can provide valuable assistance.

From cybersecurity consulting to part-time CISO

Changes to the IT infrastructure, such as cloud adaptation, always raise questions about security. Is the data used to define the data storage for the cloud strategy classified? Does the organisation need a Security Operations Center (SOC) to respond to security incidents? There are also general issues to consider: how is the infrastructure protected, and does the Information Security Management System (ISMS) still meet current requirements? In addition to providing support with your strategy, Security Consulting can also provide you with a ‘part-time CISO’ courtesy of CISO as a Service, to step in and provide assistance as and when required.

What’s in it for you:

  • Comprehensive advice on cybersecurity topics
  • CISO as a Service to cover resource bottlenecks
  • Workshops and assessments for strategic development

Your benefits

  • Checks on current protection needs and vulnerabilities
  • Strategies and measures to increase your resilience and comply with regulations
  • Cybersecurity awareness campaigns for your employees

When is it the right solution?

Companies are constantly optimising their infrastructure and digitising processes to meet market needs more effectively. Regulatory requirements are also increasingly rigorous. You want to maintain a high level of IT security despite the pace of these changes.

Besides constantly reviewing and adapting your strategy, meeting IT security requirements also means keeping employees alert to security issues in their day-to-day work. At the same time, you are under cost and resource pressure and could certainly use the occasional support of a CISO.

Why Swisscom?

  • Comprehensive: We support you with advice and an ecosystem of professionals.
  • Experience: You benefit from our many years of strategic and product-specific expertise.
  • End-to-end: As well as providing advice, we can also support implementation.

Getting started

Security Operations Center workshop

Do I need a SOC? And if so, should it be on premise or as a service? This workshop lets you create a strategy.

Register now

More security solutions

Our consulting services

Let’s talk about your needs

Our Security Consulting experts will help you minimise your cyber risks and protect your company.

Our Consulting Services in detail

Security Awareness Training

Employees are trained in the secure handling of e-mails, the Internet and IT

The majority of security incidents are the result of human error. With our tailored IT Security Awareness training, you will be able to increase employee awareness of security and successfully defend against cyberattacks.

  • Online training units on a range of IT security topics
  • Authentic e-mail phishing simulations
  • Regular reporting for measurable success
  • Mentoring from our specialist Security Consulting team  

Data Protection Governance as a Service

Strategic and operational support for ensuring compliance with data protection regulations

Implementing the necessary data protection and privacy governance is now a basic requirement for any business in any market. Our security consulting team can advise you on all aspects of data security and support you in complying with data protection regulations.

  • Support with creating your data processing framework
  • Operational support for your data protection officer (DPO)
  • Gap analysis and ad-hoc privacy impact assessments (PIAs)
  • Data protection training for all employees

CISO as a Service

Swisscom experts act as the CISO for your company

Understanding the diverse cyber risks and complex threat landscape is not always easy for organisations. If required, our Swisscom experts can take on the role of Chief Information Security Officer for your company and plan, implement, coordinate and monitor your information security measures.  

  • Developing a cybersecurity roadmap for your company
  • Advising on information security and supporting projects in this area
  • Setting up ICT governance structures for your Information Security Management System (ISMS)
  • Carrying out risk and protection needs analyses

Cloud Security Consulting

Individual consulting on information security in the cloud

The number of cloud services is growing rapidly with increasingly rigorous data protection and compliance requirements for companies. The Security Consulting Team provides competent, independent advice on cloud information security to help protect your sensitive cloud data and applications.

  • Support with GRC (governance, risk and compliance) management
  • Adapting architectures and concepts with supplementary training courses and workshops
  • 360° cloud security assessment (technical and organisational)
  • Conceptual and technical support in a Microsoft Cloud Security environment

Zero Trust Journey

As Zero Trust Advisors, we advise you on increasing the cyber resilience of your company

Assets and identities are increasingly at risk in the corporate network (BYOD, WFH, remote working and cloud). That’s why the “trusted network” security strategy is no longer enough. Our security consulting team advises your company on the development of zero-trust concepts to protect your network infrastructure even more extensively.

  • Customer workshops – determining the necessary maturity level
  • Maturity and technical assessments
  • Roadmap with strategic zero trust projects
  • Migration plan towards zero trust reference architecture

Security Management Consulting

Management support in the area of information security and data protection

The Security Consulting Team offers support in your project and day-to-day business. It helps you continuously improve information security and data protection in your company and systematically align it with your business goals and requirements. 

  • Design, implementation and maintenance of an ISMS
  • Development of security policies, guidelines and concepts
  • Design and implementation of IT security concepts
  • Compliance consulting
  • CISO as a Service

Cybersecurity Assessment

Vulnerability identification and improvement of your cybersecurity posture

To reduce cyber risks, companies must identify vulnerabilities and increase the sophistication of their IT security. Swisscom experts provide support by performing a cybersecurity assessment, analysing your company’s IT security and helping you initiate any necessary measures.

  • Assessing the current security level 
  • Identifying areas with a low maturity level 
  • Providing recommendations of short and long-term improvement measures
  • Prioritising the biggest vulnerabilities 

Secure Software Supply Chain

Dedicated support to ensure the security of your software supply chain

Unknown, compromised or insecure software components can harm your business. Swisscom helps you to understand your current risk landscape from all perspectives and measure risks, define your software supply chain management strategy and implement the necessary measures.  

  • Customer workshop: Secure Software Supply Chain
  • Creating your own Software Bill of Material (SBOM)
  • Monitoring and overseeing your software supply chain

Information Security, Cybersecurity and Data Protection Management System (ISMS)

Support with the implementation and operation of an ISMS

As digitisation progresses, it is becoming increasingly important to protect yourself against cyberattacks and ensure information security. An ISMS defines the rules and measures to ensure confidentiality, availability and integrity. The Security Consulting Team supports you with this.

  • Creating mandatory documentation or conducting reviews
  • Assisting with classification for the protection of information assets
  • Identifying, assessing and handling information security risks
  • Efficacy assessments for continuous improvement (CIP) 

Security Consulting in practice

Information Security Officer as a Service

Reducing workload for the IT department

Customer situation

The tasks facing IT security managers and CISOs are unmanageable, which can delay important IT projects.

Our solution

We provide you with a qualified and experienced security consultant who takes over the role of CISO or significantly reduces the workload of your CISO. This provides a sparring partner who can challenge ideas and provide additional capacity for your projects.

Awareness-Training 

How security-oriented is my company? 

Customer situation

You want to know how well your employees deal with e-mail attachments and links, to assess and reduce the risk of a phishing attack.

Our solution

We run targeted IT security training and awareness campaigns to increase employee knowledge and awareness. We measure the results using simulated phishing attacks, among other things.

ISO 27001 certification

A direct route to certification

Customer situation

You want to ensure that information security and data security are firmly and sustainably anchored within your company. To achieve this goal, you would like to implement an ISMS based on the ISO 27001 standard.

Our solution

With our expertise and experience, we guide you on your journey to certification. We know the individual steps and controls as well as the possible stumbling blocks, making it easier for you to reach your goal.

Find out more

Article

Combating the skills shortage with MSS

Discover how Managed Security Services can help plug the skills gap.

Our experts will be happy to answer your questions. Contact us.