Information Security Management

contact our experts nowcontact our experts now

The shield against digital threats

In today's networked world, information security is non-negotiable.
That is why our focus is on continuously increasing your level of maturity in information security. In doing so, we are guided by current regulations and international standards such as: NIS-2, ISO27001, TISAX etc.

Our approach includes pragmatic approaches and tools to ensure information security management, business continuity management(BCM) and disaster recovery measures(DR). We support you in developing a holistic security strategy. Our goal is to accompany you End2End.

Our offers

Informationsecuritymaturityassessments

GAP analyses and maturity assessmentsof information securityin accordance with relevant standards and legal requirements such as NIS-2, ISO27001 and TISAX Site assessment for companies; analysis of the maturity level of technical and organizational measures and identification of improvement measures

Implementation of audits and compliance readiness

Verification of compliance with common ISMS standards and/or legal requirements in order to master compliance challenges.

Dissemination for emergencies Business Continuity Management (BCM)

Support in setting up BCM/IT emergency management in accordance with BSI standard 200-4/100-4 in order to meet regulatory requirements and as preventive and reactive protection against incidents that endanger the continued existence of the company or organization.

IT emergency exercise

As part of an IT emergency exercise, we work with you to test the functionality and completeness of your IT emergency plans.

we transform for the better

Our NIS/NIS-2 & DORAsupportservices

Organizational audits for NIS/NIS2 & DORA: Performing a review of the required regulatory requirements

More about NIS-2 & DoraMore about NIS-2 & Dora More about the CyberRiskRatingMore about the CyberRiskRating

A woman analyzes information security data on a computer screen.

Rating:

CANCOM Austria evaluates the existing technical and organizational protective measures of the client company from the perspective of a qualified body in accordance with the applicable legal situation (NISG, NISV, NIS factsheets, NIS-2 guideline implementation). This can take the form of a gap assessment, a technical architecture analysis and/or an internal or external pentest. The aim is to obtain as accurate a picture as possible of compliance with the NIS requirements and to derive work packages and projects from this.

A woman points to a blackboard and discusses information security management.

Consulting:

CANCOM Austria supports the client company in the implementation of projects and work packages by providing information and feedback as well as templates and requirement profiles. The implementation is primarily carried out by the client company, while CANCOM Austria only becomes directly involved if required or requested. The aim is to build up and expand internal expertise to meet the requirements. CANCOM Austria acts as a multiplier, increasing the efficiency and effectiveness of internal resources.

A man and a woman stand in a room and smile, symbolizing teamwork and partnership in the field of information security.

Implementation:

Here CANCOM Austria works directly for the client company and provides the building blocks for the successful fulfillment of requirements. The client company specifies the tasks and objectives, but does not usually implement them itself. CANCOM Austria provides its expertise and experience in order to fulfill the tasks and objectives well and efficiently. The implementation can concern various areas: Document creation, process development, risk analysis, incident response, etc.