IT-SECURITY CONSULTING

We create holistic solutions and make cybersecurity measurable.

We support our customers in every organizational, technical or cultural challenge of IT security. Because every technical challenge is also a challenge at the level of corporate culture. We think in terms of holistic solutions, using recognized consulting methods such as GAP analyses and working independently of products. We use proven frameworks such as BSI IT-Grundschutz, ISO/IEC 2700x, COBIT, ITIL or NIST standards as a basis for consulting.

Think new!

IT security means collaborative teamwork! This is precisely why we always work in teams of at least two experts. We think outside the box – with ever new ideas, fresh approaches and constantly new constellations of proven expert teams.

Interdisciplinary

  Because security is also a social issue, because any security concept is only as effective as it is accepted and implemented by the user.

DevSecOps

IT security is a holistic process. Particularly in application development, it can be of economic interest to identify security-relevant problem areas not at the time of release, but already in the coding process.

As an experienced consulting boutique specializing in penetration testing, we know the state-of-the-art standards, known or common attack vectors and hurdles in secure software development. The project knowledge of each penetration test ensures that we can adapt this knowledge and pass it on as part of our business consulting.

 

 

 

In this way, security risks can be identified at an early stage and taken into account during development, before further project cycles progress.

We support you in the following areas

Development and implementation of DevSecOps concepts

  • Sharpening the IT security culture among application developers
  • Introduction of security tools and further training of application developers (e.g. secure testing toolkits and integration into the CI pipeline)
  • Development standards such as Security by Design, Privacy by Design or Clean Code
  • Secure coding best practices (secure coding baselines, use of secure code scanning tools, manual code analyses)
  • Secure Coding Awareness Training
  • Incident Response Frameworks and Best Practices
  • Design, implementation and deployment of security assessment concepts

How we work

Sustainable

We create sustainable cybersecurity solutions through interdisciplinary approaches, because people need to understand why they should do what they should do. We support you with your cybersecurity strategy, internationally recognized security standards or security concepts. In doing so, we make cybersecurity measurable, more effective, for people, while reducing costs of ineffective cybersecurity measures.

After all, safety must pay for itself. This is achieved by creating appropriate safety measures that are similar to the probabilities of occurrence and damage levels of the risks.

Interdisciplinary

We understand your information security challenges: regulations, legal requirements, continuous operations challenges, and the rapid evolution of technology. In order to ensure consulting in high standards, we work with certified experts and strong principles. Through interdisciplinary work and the resulting insights, we increase the effectiveness, efficiency and pragmatism of security concepts – because any concept is only as effective as it is accepted by those around it.

Independent

We make recommendations for action not on the basis of partnerships, but on the basis of your need for protection, the existing conditions of your infrastructure, and other objectively measurable criteria.

Our experts also have proven specialized knowledge as well as various additional qualifications in the areas of data protection, criminology, forensics, and business administration and/or were partially employed in previous professional positions as, for example, a security officer. Police officers active.

Book your appointment

Your contact persons

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner

 

+49 40 285 301 257

hello@kalwe.it

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. As Director Strategy & Consulting, he is responsible for corporate strategy as well as the advisory and consulting area. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.

 

Günther Paprocki

Günther Paprocki

Managing Partner

 

+49 40 285 301 258

hello@kalwe.it

Since May 2024 industrial engineer Günther Paprocki has been a managing partner at KALWEIT ITS. As Director HR & Operations, he is responsible for the operational business and the HR department. From his positions at Sharp, Philips and Cisco, he brings a breath of fresh air to our consulting firm. Whether in the field of photovoltaics, e-mobility or the first mobile network in Germany – Günther Paprocki has always been active in forward-looking sectors in the past. His current mission: to strengthen cybersecurity in Germany.