IT security check
DIN SPEC 27076
Optimal IT security consulting for small and medium-sized companies
The CyberRisko-Check helps you to uncover weak points and to maintain your company's success through a secure IT infrastructure. With our tailor-made recommendations for action, you set the right priorities for your IT security.
SUCCESSFUL WITH SECURITY
Stay future-proof with the cyber risk check for small businesses
Many small and medium-sized enterprises (SMEs) would like to do more for their IT security, but often don't know how. The typical standards such as the IT baseline protection compendium of the BSI or the ISO/IEC27001 standard are in most cases not optimal for companies with fewer than 50 employees.
In order to also support small and medium-sized companies, a consortium for the development of a DIN specification was founded in cooperation with the Federal Association of Small and Medium-Sized Businesses (BVMW).
​
The result of the consortium's eight-month work is DIN SPEC 27076 "IT security consulting for small and micro-enterprises" and the CyberRisikoCheck based on it. Through this, SMEs can receive standardized advice from IT service providers that is specially tailored to their needs. The recommendations for action for SMEs were also standardized in the DIN SPEC. As a result, both the client and the contractor know what service is to be expected or to be provided.
Specially designed for small and medium-sized businesses
Comprehensive view of your IT landscape, organizational measures and risks.
Full report with concrete recommendations for action
As a result, you will receive an understandable report with specific guidelines and recommendations to make your company more secure.
Vendor neutral and independent
We look at your IT systems independently of the devices and manufacturers you use.
Progress control through 27 defined test criteria for recurring checks
Keep track of your current security level and progress through clearly described criteria and security goals.
THE NEW STANDARD - DIN SPEC 27076
Optimal IT security consulting for small companies
With us, you will find out in the shortest possible time what the current situation is in your company.
​
We give you clear recommendations for action and show you relentlessly where security problems lie and how they can be solved.
​
We would be happy to actively support you in implementing a secure IT infrastructure.
CYBER RISK CHECK - EFFECTIVE PROTECTION FOR SMES
What is DIN SPEC 27076?
DIN SPEC 27076 is a new consulting standard for improving IT and information security in small companies in a cost- and time-efficient manner. But it can also be applied to larger, medium-sized companies.
The CyberRisiko-Check is used by IT service providers and creates an offer for industry-independent and needs-based advice for better IT security in your company.
​
The CyberRisk Check defines 27 test criteria that companies must meet in order to minimize the most relevant security risks and to close open gateways for attackers. These are queried by us in short sessions, either on site or digitally, in an understandable way and then evaluated.
​
Based on the results, you will receive a meaningful report, ideas and recommendations for action that you can use to improve your corporate security. On request, we will also actively support you in the implementation.
​
While previous standards, such as a large part of the BSI basic protection or ISO/IEC 27001, are often too extensive and too expensive, DIN SPEC 27076 pursues a particularly needs-based and practical approach without excessive complexity.
What are the advantages of consulting according to DIN SPEC 27076?
With the new standard, the cyber risk check gives you an overview of the current situation of cyber security in your company in a very short time. The 27 requirements developed by the consortium are divided into regular and particularly important recommendations for action.
​
In this way, you can immediately see which measures you should implement first. The result is formulated in an understandable way and contains concrete recommendations and measures on how to deal with current weaknesses.
​
Our results report, carefully prepared for you, summarizes everything for you:
​
- Your company's own risk status value in the form of a security score
- Overview of current vulnerabilities
- The prioritized recommendations for action to be implemented and the other measures to be taken to increase your IT security
Which subject areas are audited?
Organization & awareness
Considers the commitment of the management, as well as the distribution of competencies and sensitization of employees
Regulates access and entry authorizations for physical and virtual premises
Identity & Authorization
management
IT systems &
networks
Considers the security mechanisms behind the information and communication technology used.
Checks the availability and currency of the hardware and software used.
Patch & Change Management
Protection against malicious programs
Addresses the main gateways for malware.
Describes responsibility, scope, frequency & availability of data and their backups.
data backup
How does the audit according to
DIN SPEC 27076 work?
Initial consultation
In an initial discussion, we collect basic information about the technology used and your company structures together with you, and explain the audit process to you.
Analysis of your IT landscape
With the 27 test criteria from 6 categories, we work with you to record how your technology is currently configured and how it is used.
Report
In a final report, you will receive an understandable overview of your current security level and recommendations for implementation.
Final presentation
In a final presentation, we show you in detail where there is potential for improvement or where there are even serious security problems. We can clarify open questions together and discuss further details if there are problems with understanding.
Free initial consultation
Do you have any questions or would you like to know how we can make your company more secure?
​
Write to us and arrange a free and completely non-binding initial consultation with us, in which we will show you what preparations you need to make, how an audit works and what options you have afterwards.