External ISB
Your external information security officer - clear responsibility for secure IT and reduced liability risks.
Recognize cyber risks
An external information security officer creates clear transparency about cyber risks for the management and identifies the actual dangers and relevant areas for action. This reduces risks in a targeted manner by identifying vulnerabilities and organizational gaps at an early stage – before they lead to failures, damage or loss of reputation.
It represents your interests vis-à-vis IT service providers and ensures that security decisions are based on risk analysis and business requirements – not on product promises. Particularly important for managing directors: the ISB minimizes the personal liability risk through complete documentation and comprehensible justifications.
He translates technical details into understandable economic effects. This makes information security measurably controllable and a fixed management task within the company.
Scope of services
We establish and operate your information security management system – tailored to your company size, industry and risk situation. Whether in accordance with ISO 27001 or pragmatically without certification, we adapt the ISMS flexibly to your requirements.
Our focus is on the targeted identification and minimization of your most important security risks. This includes clear guidelines, defined responsibilities as well as regular phishing tests and practical training to permanently strengthen security awareness.
We integrate information security into new IT projects right from the start to avoid expensive rework and security gaps.
In the event of an emergency, we coordinate the measures and prepare all relevant information for management and external partners in a comprehensible manner.
You receive a fixed contact person who manages your IT security issues responsibly, consistently reduces risks and prepares complex technical content clearly for the management. The collaboration is based on monthly invoicing and is designed for a term of one to three years – for long-term security and planning security.
Advantages at a glance:
Reduce liability risk
Clear documentation and structured control protect the management from personal liability.
Central control
A dedicated contact person bundles and takes responsibility for all IT security matters. Not just consulting, but with a mandate. Cheaper than a permanent employee.
Tried and tested expertise
Experience from over 400 IT security projects and various industries ensures realistic, effective solutions.
Economic security
We focus on appropriate protection instead of unrealistic full protection – with monthly billing and a flexible term of one to three years.
Our approach in six steps
01
Initial meeting & understanding of objectives
We get to know your company, your assets and your security objectives - confidentially and in a structured manner
02
Risk and actual state analysis
We review your existing security measures, identify vulnerabilities and prioritize risks.
03
Concept development
Based on the analysis, we create a customized security concept to suit your company.
04
Implementation
We implement guidelines, processes and technical measures - including training and phishing tests.
05
Operation and monitoring
Continuous monitoring, adaptation and regular reports ensure sustainable security.
06
Regular reviews and optimization
We review progress together, adapt the concept to new risks and support you in the long term.
Your contact persons
Security is a matter of trust. With us, you don't talk to a ticket system - you talk directly to experienced experts.
S. Philipp Kalweit is Director Strategy & Consulting with a focus on security awareness and offensive IT auditing. He has been advising SMEs and corporations for nine years, particularly in highly regulated industries. In 2019, he was honored by DIE ZEIT as “Hamburger of the Month” and included in the Forbes 30 under 30 DACH list.
S. Philipp Kalweit
Managing Partner
Dipl.-Wirtsch.-Ing. Günther Paprocki has been Managing Partner of KALWEIT ITS since May 2024. As Director HR & Operations, he is responsible for operations and personnel. With experience at Sharp, Philips and Cisco, he brings a breath of fresh air to consulting. His focus: strengthening cybersecurity in Germany.
Günther Paprocki
Managing Partner
