Due to the increasing digitization and networking of public life worldwide, there are also various risks in addition to the many advantages and simplifications of everyday life. Whether a targeted spy attack on the company network to obtain sensitive company data by internationally competing companies or automated attacks that cause encryption (e.g. malware) of all system relevant files The consequences usually have a far-reaching extent of lasting negative effects on your company.
The loss of customer and business data, information about internal products and research results can threaten the very existence of your company. Especially small and medium-sized companies, which are particularly interesting for attackers due to a lack of IT security resources, are increasingly coming into their focus.
In addition to the financial damage caused by loss of production, data or know-how, there is also the threat of image damage. Possible legal consequences due to non-compliance with the GoBDs (principles for the proper keeping and storage of books, records and documents in electronic form and for data access) cannot be ruled out either.
Ever-improving technical security measures at the digital level require more extensive background knowledge about the target to be compromised. In order to obtain this information or to obtain further action, the perpetrators use personal contact with the company and try to persuade employees with manipulation techniques (social engineering) to act in a way that is detrimental to the company.
The theft of company sensitive data or the smuggling of digital and electro-technical means to carry out espionage activities can also take place through physical intrusion into the company, if digital means do not bring the desired success for the perpetrators due to the hurdles of the IT security mechanisms.
We as PSA Security Management take a holistic view of all possible attack possibilities on the company and develop effective and target-oriented security mechanisms based on this analysis and the current threat scenarios in order to successfully prevent digital and physical damage to the company.
Our portfolio of services to prevent digital and physical attacks against the company or its employees:
Procurement of information
Analysis and processing of the acquired data for the detection of digital and physical attack vectors
Physical vulnerability analysis:
Evaluation of the personnel and structural-technical security measures for the detection of weak points and risk assessment
Physical penetration test using conventional/unconventional
penetration techniques to test the security measures and determine the actual vulnerabilities
Digital vulnerability analysis:
Execution of social engineering attacks to test the susceptibility of the employees in the company to manipulation
Digital penetration testing / detection of security gaps in the company’s IT systems through external and internal cyber attacks
Training & Consulting
Development of solution strategies for minimizing the risk of security risks being disclosed
Implementation of awareness training (Computer Security) for employees
Our customers determine the type and scope of the desired service. All planned actions are explained in detail in advance, followed by penetration testing. After the testing, the customer receives a comprehensive report on the measures carried out in order to minimize existing security gaps and the resulting risks, if necessary.