The various rotation areas each have their own objectives and roles:
Strategy & Governance
We help senior leadership across all industries who want to align the cyber agenda with client’s dynamic business and compliance priorities by avoiding an insufficient view of relevant cyber threats and a wrong evaluation of cyber risks as well as enabling targeted investments, efficient risk reduction and support to achieve business goals. We perform cyber maturity and risk assessments, develop cyber strategies, target operating models, cyber security roadmaps and business continuity plans. We support organizations using AI solutions in a secure and trusted way.
Security transformation
We assist organizations build trust through transformation and implementation of controls in a sustainable and risk-based approach. Amongst other things; we build, deploy and transition to secure cloud providers, perform end-to-end identity and access management, security programme management, setup Trusted AI systems, perform AI governance, and of course – onboard and transition to managed security service providers and AI providers.
Cyber Defence
We help our clients strengthen their cyber defences, for example by conducting security and penetration tests, red teaming exercises and attack simulations, simulated phishing exercises or mainframe security services
Incident response
We help our clients prepare for a cyber emergency. Furthermore, if worst comes to pass, we help our clients in the management of the incident by identifying and containing the threat, by analysing root causes and by supporting the business to come back to normal operations as fast as possible
Data Governance & Privacy
We assist companies in properly managing and protecting their data by providing a wide range of services, from privacy, data protection, data compliance, data governance, AI compliance to archiving.
Data & Cloud Governance
Together with our clients we develop and implement data governance, digital governance, third-party governance/cloud compliance, AI in control, document management all the way to data agent services.
Certifications
We assess the documentation and technical implementation of our clients according to the control objectives of selected standards and regulations like ISO27001, ZertES (Swiss law on qualified electronic signatures) and EPDG (Swiss law on the eHealth record system), therewith providing independent assurance for the conformity of our clients against these regulations and standards.
