Cyber Security - Cornerstone of Your Business Success

No company or organization is immune to cyber attacks today. The number of attacks is steadily increasing and the attackers are using ever smarter tactics. With advanced IT security risks, new attack vectors and new attack patterns in the age of digitization, in industry 4.0, and the internet of things (IoT), traditional IT security technology and methods often fall short. We accompany you on the way of a secure digital transformation. Find out how we can secure your data, systems and thus your business success with IT Security Consulting, IT Security Solutions and Managed Security.

Modern cyber security must extend beyond virus protection and firewalls. IT security is no longer just about securing the actual information and communication technology (IT) or a server, an application or a network individually. Effective security mechanisms have to protect the entire information space and all networks of the real and virtual world, which serve the exchange and the handling of data and information - from the affected and often critical infrastructures across all devices used, whether these are smartphones or smart refrigerators, and all the way to the human users themselves.

  • But how can effective strategies and solutions for cyber security and secure systems look like?
  • Which methods and tools increase information security efficiently?
  • How can managed IT security play an integral role when your own know-how and resources reach their limits?
CONET cyber security portfolio- consulting operation managed security

An integrated cyber security strategy secures your valuable resources from data and applications to systems and architectures - and thus your lasting business success!

Our experts advise and support you from strategy to implementation. In addition to the technical know-how, project and requirements management, risk and process analyzes, other established traditional and agile methods and process models are also part of our portfolio. Applying standards and established best practices reduces risks such as unexpected cost increases and delays.

CONET always aligns IT security solutions with the relevant legal and regulatory framework regarding governance, risk and compliance. Our consulting service is vendor-neutral and solution-oriented. In doing so, we always take into account that projects are planned and implemented by people for people. With this awareness, we achieve sustainable results and high customer satisfaction.

However, the best concept cannot improve your IT security if the implementation in the processes and systems is not consistently followed and monitored. Operational IT security is the sum of our management and implementation services for more security in your organization - from the introduction and configuration of appropriate standard tools or special solutions to the documentation and continuous optimization of your security architecture.

In the face of increasing complexity and criticality of cyber threats, as well as protective measures and security tools, many organizations find it increasingly difficult to ensure adequate protection or self-sufficient responsiveness despite the support of outside professionals. CONET takes full care of the operation of your security as managed security especially for medium-sized or government customers - whether with our own employees on site or as a service within our own Security Operations Center.

Based on many years of project experience, CONET has extensive strategic knowledge, technical know-how and process expertise to identify vulnerabilities, appropriate security tools and cyber-attack protection measures. We are happily using this basis for working together with you to minimize the risks of digital convergence.

CONET-Cyber-Portfolio-900-new-EN

Clickable Graphic: The CONET Cyber Security Portfolio

Security Operations Center (SOC)

CONET cyber security portfolio - security operations center

A Security Operations Center (SOC) and its IT security specialists provide managed services to its customers. More and more complex threat scenarios make it increasingly difficult for companies and organizations to react appropriately to risks and attacks with their own resources.

The task of the SOC is therefore to proactively prevent hazards in order to minimize the residual risks in terms of IT security for systems, data and applications with concerted technical know-how and technical solutions.

By constantly monitoring and hardening their own systems based on IT infrastructure images with risk analyzes and penetration tests, companies are able to assess their own level of security more effectively and act instead of having to react.

The CONET SOC primarily uses the particularly powerful detection and evaluation of events by means of netflow analysis. The operational analysis processes have been specially developed and are constantly adapted to current requirements.


We offer you:

  •     Security Incident Monitoring: Identify and classify potential security incidents
  •     Security Incident Response Service: Individualized instant messages on incident and ongoing status information
  •     Customer Information & Reporting: Regular information about the security situation and security reports
  •     Threat & Impact Analysis: Detailed analysis of the IT infrastructure and creation of an escalation matrix

Secure IT Infrastructures

CONET cyber security portfolio - secure infrastructures

Hardened IT infrastructures, along with trained employees, suitable security components and established process management (ITSM & ISMS), form the indispensable basis for the most secure local processing of your data as well as cloud services, aimimg at minimizing information security risks.

Specifically, the safety-related hardening stands for the properties: always up-to-date, correctly defined, fully cataloged, largely automated, properly configured and reliably tested as well as constantly monitored.

In order to permanently fulfill these high requirements for information security through proactive protection and a robust response capability for defense or damage detection and reduction, an integrated approach is necessary: ​​from technical protection and organizational adjustments and permanent monitoring (functional and security monitoring) to the support of proactive activities and necessary responses.

CONET adapts its security projects risk-based to the performance potential and depth of the customer environment, supports the transfer of know-how to the customer organizations and service providers and avoids lost efficiency in coordination and implementation through coordination by a competent single source.


We offer you:

  •     Identification of individual protection needs against security threats
  •     Analysis, evaluation and optimization of the components of your IT infrastructures, networks, applications & systems
  •     Definition and setup of suitable architectures and topologies
  •     Selection and setup of optimized processes and tools for monitoring and incident handling
  •     Definition of test strategies and tests (penetration tests, disaster recovery)

Cloud Security

CONET cyber security portfolio- cloud security

An appropriate level of security is the prerequisite for the use of cloud services. Cloud security is therefore focussed on the secure processing of data and information - especially with mobile access on a variety of devices and also outside of your own network and thus beyond your own control.

With proven cloud security policies and measures, cloud solutions can - rather than creating new business risks - even improve the overall security of your infrastructure and compliance with security and compliance policies.

CONET optimizes and migrates your existing infrastructure, combining it with secure, mobile, user-centric, and productivity-enhancing solutions on next-generation collaboration platforms. The focus is currently on Office 365, Microsoft 365, the Microsoft Enterprise Mobility & Security Suite (EMS) and Azure.

Our cloud security specialists always keep an eye on the security of your infrastructure in all its aspects; whether on premise in your own data center, in hybrid environments or cloud-only on any given cloud platform - from market leaders to industry solutions.


We offer you:

  •     Consulting and design for the integration and secure use of cloud services
  •     Management solutions for a "secure digital identity"
  •     Solutions to protect and defend against advanced attack vectors based on security and compliance products
  •     Classification and encryption of distributed documents - also with external parties

Identity & Access Management (IAM)

CONET cyber security portfolio - identity & access management

Professional identity management supports the management of digital identities with all the associated attributes and characteristics (user lifecycle management). It regulates the automated generation and deletion of user accounts and ensures a consistent information status in all connected IT systems, regardless of whether they are located in your own data center or in the cloud.

Access Management manages the rights of authorized users to access a service, while blocking access for unauthorized users. Together, Identity & Access Management (IAM) enables the complete and uniform maintenance and control of user accounts and authorizations across applications, services, platforms and devices.

With IAM, you keep track of defined rights, assign roles reliably, and receive (partially) automated support, for example, in withdrawing authorizations when employees are leaving the organization or are changing roles.


We offer you:

  •     Creation of role and authorization concepts
  •     Optimization and consulting on all topics of user lifecycle management
  •     Design and implementation of IAM systems
  •     Real-time quick-check of roles and permissions

Privileged User Management (PUM)

CONET cyber security portfolio - privileged user management

Personnel with special responsibilities and functions often require special access and usage rights in IT systems and applications. Privileged User Management controls the special rights of these "privileged users" and protects organizations against deliberate but also unwitting abuse of privileges.

Administrative accounts (such as domain admin, root, or super-user) are a popular target for cyber attacks and therefore exposed to special risks. In order to protect these, various approaches are pursued:

While Privileged User Management (PUM) focuses on managing user accounts with extended privileges, Privileged Access Management (PAM) focuses on managing and controlling critical access. Because of these and other existing variations, the abbreviation PxM is increasingly used to summarize all such solutions in conjunction with other security systems.

Due to the complex authorization structures and the criticality of the systems and processes affected by potential damage, as well as the need for still smooth access by privileged users, a coherent PxM places even greater demands on design experience, process know-how, and architectural knowledge than traditional identity management. The security specialists at CONET help you in keeping track of roles and authorizations and to reliably and completely secure your systems and data.


We offer you:

  •     Authorization concepts especially for privileged users
  •     Requirements analysis and engineering for PxM solutions
  •     Implementation, review and optimization of PxM solutions
  •     Real-time quick-check of roles and permissions

Information Security Management System (ISMS)

CONET cyber security portfolio - ISMS

An Information Security Management System (ISMS) is used to plan, implement and maintain information security within an organization.

Similar to other management systems, such as quality management, it is a collection of policies and procedures that can be used to manage and control security.

As a rule, predefined standards are used as the basis, such as the DIN-ISO standard 27001 or the "IT-Grundschutz" (basic IT security guidelines) defined by the Federal Office for Information Security (BSI), especially for public authorities and public institutions. The aim of information security management is to ensure information security on a uniform and verifiable basis and to continuously optimize it.

The ISMS is therefore a valuable tool both for the proof of good IT governance and compliance as well as for improving your own level of protection. Due to the complexity of the standards, mechanisms and technologies used, the involvement of experienced specialists pays off when setting up and updating an ISMS.


We offer you:

  •     Establishment and maintenance of an ISMS
  •     Consulting services for ISO 27001 and "IT-Grundschutz" (BSI)
  •     Emergency concepts and recovery concepts
  •     Real-time quick-check of roles and permissions

IT Governance

CONET cyber security portfolio - IT governance

IT governance provides optimal support for the business and strategic goals of organizations and consists of all the corresponding processes and requirements for the entire IT infrastructure.

Of particular relevance is the compliance with legal regulations and legal requirements, which result from industry standards or contractual and legal terms.

Software solutions and tools can help implement IT governance. For example, specialized applications such as an access governance solution can help meet the requirements of the General Data Protection Regulation (GDPR) by ensuring and documenting that only authorized employees can access sensitive data.

CONET can rely on a wealth of experience from a wide range of consulting and implementation projects, extensive industry know-how and detailed process knowledge that are essential for ensuring reliable IT governance.


We offer you:

  •     IT compliance consulting
  •     Process and project expertise for the implementation of the EU GDPR
  •     Design and implementation of access governance solutions
  •     Real-time quick-check of roles and permissions

For cyber security to provide effective protection and resilience to attacks, it must be at the core of all business processes and organizational structures. Security considerations must not be incorporated into new IT solutions at a later date, but must be taken into account right from the start when designing new architectures and applications, achieving "business-driven security". What is needed is an overall cyber security strategy and integrated IT security architecture, based on established IT security policies and best practices.

CONET addresses questions, methods and techniques of IT security always in the sense of "Security by Design" - security considerations form an integral part of all IT solutions and IT services in process consulting, technology consulting and application development.

Ultimately, it is important to master the tightrope walk between uncompromising but equally complex and rigid IT security and reasonably practicable cyber security. IT security should enable a secure economy and not create increased expenses and thus hinder the business.

The progressive digitization opens up new opportunities for optimized and new business models. However, it also offers new challenges for IT security, increased IT security risks and potential targets for cyber criminals due to the ever-increasing networking of everyday private life and work. And as we have known in crime fighting since ancient times, perpetrators and defenders are in a perpetual arms race. New vulnerabilities are discovered, exploited and closed or resolved.

As soon as leading software and system vendors publish new security updates, criminal networks are trying to reconstruct the vulnerabilities through reverse engineering and attack those who have not immediately downloaded the new updates. A few years ago, often weeks or at least days passed before the first attacks on incomplete security vulnerabilities started. Today it is sometimes only seconds.

The attack on information infrastructures, the misuse of botnets, the theft of data or extortion with externally controlled encryption of data via malware and ransomware or the threat of such cyber attacks under the banner of cyber crime have long since become a business model of its own. Experts like the German Federal Office for Information Security (BSI) estimate that more than 400,000 new viruses, worms and trojans are being developed worldwide every day. By ransomware alone, cyber criminals extort  around five billion dollars worldwide annually.

Whole underground networks of hackers are constantly developing new ways to penetrate networks, spy on corporate knowledge, steal data and misuse it, and make it available as a service to the highest bidder on the Darkweb as a Crimeware-as-a-Service (CaaS).

Still many phishing and virus mails, which are directed predominantly untargeted at masses of users, are quite easily recognized due to spelling mistakes or qualitatively inferior graphic elements. But more and more frequently, they are now deceptively real due to a sophisticated social engineering and hardly distinguishable from real e-mails, especially if "real" e-mail and social media accounts have been hijacked and abused to send these messages.

Additionally, in the face of increasing mobility in the workplace, the boundaries between personal and business threats are blurring. Consumer solutions are used unreflected in the business environment or employees bring their own devices officially or as a parallel shadow IT to the their workplace - often not sufficiently secured: Once the employees' web accounts or smartphones have been compromised through identity theft, the company gates are left open to attackers.

This risk is aggravated by the fact that for stationary IT systems, security considerations are already anchored in the minds. But in mobile devices such as smartphones, tablets, smart watches or in many devices of the internet of things - whether refrigerator or children's toys - hardly anyone thinks of a proper protection.

Related Solutions

Technologies

CONET Manfred Müller

Follow us