DE
 
Contact

strategy

Strategy

Enterprises that develop products with embedded software have some overlap with traditional IT, but need to be analyzed differently.

There will be no magic tool for security.

For one, traditional IT security solutions do not scale well. It is not possible to just take ISO27001, use your normal ISMS or use firewall/antivirus and think your security will do what you (really) need. The same is true same for the promises about KI, blockchain and other magic solutions to solve all the security demands you have.

More and more, embedded products are connected and offer a growing attack surface. A chain is only as stable as the weakest link... And an attacker will find the weakest link. There’s no point having really strong, expensive (and cumbersome) security in one place if right next to it everything is held together with string.

Your staff needs to be trained to detect critical decisions for security.

It is important to look at the whole chain – and its environment – and detect weaknesses and strengths. I contribute most value by helping you get a view of the whole chain: Development, production, and service throughout the product’s lifetime. Only when you see security as a whole chain are you in a position to take the right decisions.

As a small business, I have a laser-clear focus on working with your personnel to determine the desired level of security. I bring in my experience to analyze and document your current security strengths and weaknesses. If you already have a security team, I like to collaborate. Otherwise, I can work with security-liking employees or educate interested ones. The goal is to empower your employees with security optimisation so your business does not needlessly lose money or reputation.

Trennlinie

Depending on your requirements, I can analyze an existing product, fix a concrete incident, or help plan a new project with security in mind from the beginning. My favourite is getting your overall security level for embedded products in shape.

The first step is always a clear breakdown of the real security requirements.

The first step is always a clear breakdown of your true security requirements, done together with product management and engineering. Depending on our findings, we might continue with trainings for software engineers. Or with a precise risk and threat analysis. Or with building an incident management system, or issuing new guidelines for development… Whatever the next step is for you.

To help you succeed with embedded products, I offer the relevant combination of:

Risk analysis

Analyze the whole chain

Threat analysis

Implementation of security in a new project

An analysis of a running project

Personal development: Training to detect security relevant situation themselves

Analyze current security process

Definition of needed security level

Incident management

Security concept

Build up security team

Supporting on concrete problems as external expert

Requirement engineering

Implementation of new processes

Testing of current systems

Feel free to contact us via mobile or via e-mail.

contactinfo@currentSecurity.chemail0041 79 322 18 80

Thank you for your message and we will get back to you as soon as possible.

Close

Oh no, something went wrong. Please contact us directly by email or Phone.

Close

Write us a message with the contact form.