Cyber attacks on companies are on the increase and are becoming ever more complex - from blackmail attempts using ransomware and phishing to data espionage and the theft of intellectual property.
Your contact
Cyber attacks pose the greatest business risk
Cyber attacks are therefore one of the biggest business risks - with the possible consequence of business interruptions, production downtime, ransom demands and loss of reputation. This raises the question of how well your company is secured and how well your information and company assets are protected.
Independent assessment of the current situation
With the PKF Cyber Security Check, you receive an independent assessment of the current state of your cyber security in up to six steps, customised to your needs and requirements. As a result, you will receive a report with specific recommendations on how you can optimise your cyber security. Our cyber security check is based on a scalable framework that can be customised to your needs and requirements. Our independent and highly qualified cyber security experts will accompany you on your individual journey to achieve your cyber security goals and better protect yourself against cyber attacks.
The scalable PKF cyber security check
Step 1: Order
- To ensure a comprehensive and effective assessment, the PKF Cyber Security Check should be commissioned by the head or management.
- The PKF cyber security check can be initiated in any environment and at any stage of the security process. In particular, no mandatory documents on the security process need to exist for the PKF cyber security check to be carried out, nor does a defined implementation status of certain security measures need to have been reached.
- We work with you to determine the specific scope and timing of the PKF cyber security check, ideally based on your cyber risk assessment. This results in a more precise estimate of effort and costs.
Step 2: Risk assessment (optional)
- We recommend that you survey and assess your company's cyber risks before carrying out the PKF Cyber Security Check. This will give you an overall assessment of your cyber threat situation. Based on your cyber risks, the scope of the PKF Cyber Security Check can be tailored and planned even better to your needs and requirements.
- If your company has already carried out a cyber risk assessment, taking into account the level of damage and probability of occurrence, your cyber risks will be used as input for the cyber security check, provided they are considered comprehensible and appropriate.
- If the cyber risk assessment has not yet been carried out for your company, our cyber security experts will be happy to support you in this process at your request as part of a workshop.
Step 3: Recording
- The purpose of the assessment is for our cyber security experts to gain an overview of the current state of your cyber security, in particular the associated tasks, organisation and IT infrastructures of your company. This requires you to provide us with documents based on a checklist and name a central contact person.
- The documents provided will be reviewed by PKF Fasselt. If available, the IT framework concept, the list of critical business processes, the security guideline and the security concept including the network plan will be assessed. If no sufficiently informative documents are available, the assessment is supplemented by interviews.
- Based on the findings, our cyber security experts determine the samples and focal points of the next step, i.e. the assessment, in a risk-oriented manner.
Step 4: Evaluation
- As part of the assessment, our cyber security experts conduct interviews, inspect IT systems and review any other documents. When conducting the assessment, the contact persons to be interviewed for the respective topics should be available.
- The samples to be assessed (e.g. documents, IT systems) and the issues identified are sufficiently detailed by our cyber security experts and are included in the preparation of the presentation of results.
Step 5: Result/report
- In a final meeting, which should also be attended by the management of your company, our cyber security experts provide an initial general assessment of your company's level of cyber security.
- The PKF cyber security check is concluded with an assessment report. The report provides you with an overview of your company's cyber security and includes a list of the deficiencies identified in addition to the maturity level of your cyber security.
- The respective assessment result is documented for each audit item and recommendations for action to address the deficiencies identified are shown. From this, you can recognise the areas in which action is required to increase the level of your cyber security.
- The report takes the form of a presentation of the results and includes general data, a management summary and a detailed assessment. An audit report can be created as an option.
Step 6: Roadmap/Follow-up (optional)
- Optionally, we can support you in creating a cyber security roadmap to achieve your cyber security goals.
- Together with you, we derive specific fields of action and security measures based on the recommendations for action from the assessment (steps 1, optionally 2, 3-5).
- If required, we will support you in prioritising the areas of action and planning implementation times, possibly as part of a multi-year plan.