Security breaches cost the German economy billions every year. Materna offers a range of products and services that help organisations to significantly reduce the risk and impact of malicious cyber activity.
Employees represent the weakest link in any organisation, in every sector. Social engineering attacks, in other words attacks on workers, now pose a greater danger to organisations than ever, especially where data is involved. The majority of cyber attacks are targeted via staff, almost half of whom will try to hide incidents, ultimately resulting in even greater damage. Roughly one third of successful attacks lead to the theft of valuable data. That is why employees should receive intensive training to recognise when they are the target of an attack.
Materna assists organisations which wish to invest in an information security management system (ISMS). The purpose of an ISMS is to identify and analyse IT risks for an organisation, and then to manage these by applying appropriate measures. A multi-pronged approach is crucial to drawing the full benefit, including:
Materna has been operating as a consultancy for information security for more than 20 years and specializes in the following areas:
Materna will assess the maturity of your organisation’s cyber security with a cyber check based on the ISACA model.
Our awareness training courses will introduce your employees to the tricks used by social engineering scammers and teach them the importance of reporting potential incidents without fear of repercussions. Videos produced by the Materna media team accompany our e-learning content, which your staff can consume at their workstation and flexibly incorporate into their busy schedules. The course material is backed up with fun games to motivate and encourage users to apply their newly gained knowledge. Regular training and varying campaigns help to reinforce the learning units. A variety of skill levels is available that reflects the needs of every member of staff. Materna also offers face-to-face training courses for the instruction of very complex content.
Materna carries out simulated phishing campaigns: Using a carefully structured test we can check how your employees deal with personalized attacks in the real world. Materna’s method specifically takes individual staff performance into consideration.
Just like real-life malicious phishing attacks, these simulations are designed to tempt employees into opening what appear to be harmless attachments, websites or links. This may take the form of emails from inside the company or from known service providers. Users who stumble into the trap are redirected to an information page that offers a choice of video tutorials, games and other training material showing the user exactly what to look out for. A statistical and personalized record of the recipients of these phishing attacks is kept, providing the organisation with an overview of those employees in need of further training and of their individual learning curves.
Materna operates a security operation centre (SOC), a cyber security control hub to protect your IT and OT (operational technology). Our cyber security analysts are on hand to provide the following services:
The SOC deploys a range of sensors and systems that generate, collect, analyse and process log files and information flows. Behind every successful SOC lies a log management solution alongside the security incident and event management systems, supported by additional functionalities to detect and intercept intrusions.
The speed of technological development demands a continual modernization of every IT landscape. However, organisations aren’t always sure how up-to-date their own IT security currently is and which investments would make sense. These and other questions are dealt with by IT Check, Materna’s new non-proprietary consultancy package. You receive a comprehensive assessment of your IT, accompanied by advice on any adjustments the IT landscape requires in order to assure the reliable protection on which your core business depends.
The analysis covers six aspects: compliance, processes, organisation, software and architecture, security and operation. Where IT architecture is concerned, the focus lies in business-critical infrastructures and the data objects stored there, not to mention data flows. Processes are examined for their compliance with recommended best practices and norms like ITIL, FitSM or ISO 20000.