Security in IT is like locking your house or car – it doesn't stop the bad guys, but if it's good enough they may move on to an easier target.
insecor® is a Swiss Company. Core competence is: the holistic approach to Information Risk Management.
CEO, MAS Law, CAS Information Security,
cert. HERMES 5 Project Management
Who is working for insecor?
To best meet the needs of our customers we work closely with carefully selected cyber security professionals, ICT-Lawyers and trustworthy partner companies. Additional specialised companies are brought in depending on the specific project and its requirements, business sector and volume.
- New Data Protection Regulations in Europe and Switzerland
Planning, supporting and implementing the necessary organisation, processes and documents in order to be compliant with the new EU General Data Protection Regulation as well as the upcoming new Swiss Federal Data Protection Act (DPA; the Swiss Federal Council has adopted the dispatch on revision of the Data Protection Act on 15 September 2017; the DPA has to be approved by the Swiss Parliament first before it can come into force).
- Privacy Law and ICT Law
e.g. the legal evaluation of ICT projects and information technology systems; audits and analysis of information systems according to ISO 27001 and privacy law; authoring and reviewing ICT related contracts and documentation.
- IT-Governance and Strategies
e.g. consultancy for CEOs, legal counsels, security officers (CISOs) and ICT project managers; demonstrating coherencies and dependencies between business processes and information systems; strategic planning of specific security solutions.
- Project- and Process Management
e.g. consultancy for ICT project managers; defining information security and data protection measures within ICT projects.
- Risk Management and Information Security
e.g. security and privacy concepts for information technology systems and databases; legal evaluation of projects and information technology systems; defining information security and data protection measures within ICT projects; planning and implementing information security management systems (isms according to ISO 27001).
- Information Governance
e.g. strategies; legal evaluation of projects and information systems; information classification; access control.
Services and Products
- Technical Security Audits
Assessments and Audits of IT Infrastructure components, systems and applications.
- IT Forensics
Consultancy to clear up incidents (e.g. data leakage or cybercrime).
- Conception and design
Authoring, revising and/or analysing concepts and designs.
Product from insecor for a userfriendly and informative assessment of information systems and their information according to relevant security standards and Swiss Laws.
- isms manager®
Toolset for the governance and supervision of an information security management system (e.g. isms according to ISO 27001) or data protection management systems.
Methods and Standards
We emphasize the interdisciplinary approach and therefore the close collaboration with the management body and legal department as well as the CISO, ICT project managers and computer scientists. We apply recognized standards, methods and best practices as for example the ISO/IEC 27000 series, NIST, COBIT or the HERMES 5 project management method.
Some good reasons to choose insecor…
- Personal and Expert Advice
- Swiss Company
- Distinctive Quality Awareness
- Experience and Innovation
- Interdisciplinary Team
- Strong Commitment
Some highlights of our work…
- Supporting different law enforcement authorities in the fields of IT Governance, ICT Law and IT Forensics;
- Authoring information security concepts (incl. protection needs analysis and risk analysis) for information systems containing sensitive data;
- Audits of different information systems as well as related business processes regarding requirements like information security, IT security, privacy law and information protection regulations;
- Acting as the only external technical expert for data protection management systems (incl. ISO 27001 and ISO 27002) of the Swiss Accreditation Service (SAS);
- Reviewing and/or authoring ICT contracts of different organisations and companies (e.g. concerning IT outsourcing, general business terms, privacy law, liability law);
- Conception and design of customized products, software solutions and engineering solutions.
- AIIM - Association for Information and Image Management
- HIV - Handels- und Industrieverein des Kantons Bern
- IAPP - International Association of Privacy Professionals
- ISACA - Information Systems Audit and Control Association
- ISSS - Information Security Society Switzerland
- SK ITS - Sector Comittee Information Technology
- SGRP - Sicherheitsgruppe Schweiz
- SPICT - Verein Swiss Police ICT
- swissICT - Schweizerischer Verband der Informations- und Kommunikationstechnologie
If you require any additional information please feel free to contact us and we will be happy to assist you.