IT Sicherheit – frischer Wind
IT security – a breath of fresh air
Sécurité informatique – un vent de fraîcheur
Seguridad informática – un soplo de aire fresco
Hacker sind kreativ und finden immer neue Wege in Unternehmen einzudringen. Um Angreifern weiterhin einen Schritt voraus zu sein, braucht es immer wieder neue Ideen.

KALWEIT ITS – Wir bringen frischen Wind.
Hackers are creative and always find new ways to penetrate companies. To stay one step ahead of attackers, new ideas are always needed.

KALWEIT ITS – We bring a breath of fresh air.
Les pirates informatiques sont créatifs et trouvent toujours de nouveaux moyens de s'introduire dans les entreprises. Pour garder une longueur d'avance sur les attaquants, il faut sans cesse de nouvelles idées.

KALWEIT ITS – Nous apportons un vent de fraîcheur.
Los hackers son creativos y siempre encuentran nuevas formas de penetrar en las empresas. Para estar un paso por delante de los atacantes, siempre se necesitan nuevas ideas.

KALWEIT ITS – Traemos un soplo de aire fresco.

Cyber Resilience

Cyber Incident Simulation

What happens when something happens that shouldn’t? An actual IT crisis, a complete systems failure, or a ransomware removal demand?

Often there is ambiguity for such situations,

  • Whether everyone knows exactly what to do in the event of an IT emergency and where to find the relevant documents if an attack is more unusual and does not fit into the “routine”.
  • how resilient the IT emergency team is
  • what still needs to be done to make emergency response and crisis communications even better.
The goal
Optimal preparation for a potential emergency.

Together with your IT department, we analyze the most likely IT crises with a high probability of occurrence and amount of damage and create a business game for joint implementation.

Specifically, you will receive:

  • Knowing clearly where each contact’s strengths and weaknesses lie in an attack
  • Clarity, which attacks can already be mastered well and which not
  • Integrated, optimal emergency processes
  • Clear communication and a delineation of responsibilities

The procedure

In the first step, we sit down with the individual stakeholders (emergency team, executives, managers) in the form of 2 to 3 homogeneous group discussions so that the insights gained can be included in the simulation and contribute to sharpening the individual incident case studies. In addition to the technical IT exchange on previous incidents and the resulting learnings, the group discussions also take into account company specifics as well as the corporate culture and the situation/trends in the industry. The insights and wishes of the participants should contribute to the simulation being in high conformity with practice.
The simulation itself is accompanied by two K-ITS teams. Team B observes the simulation events, gathers information on crisis management and crisis communication, depending on the situation, uses the information to manage the events depending on the success/failure of crisis management. Team A guides the participants through the simulation event. Multi-layered incident simulations with avoidance options, dynamic adjustment depending on the response ensures a challenging crisis experience where the simulation cannot be designed to be “too easy” or “too complex”.

The project observations are then evaluated, and the project findings with concrete recommendations for action and listing of positive/negative aspects are mirrored to both the steering committee and the group of participants.

Incident Response

Your company is in an IT crisis or IT catastrophe because critical IT systems have failed, causing immediate severe disruptions and making proper business operations impossible?

Since 2017, our company has been providing independent support with highly specialized IT security consultants in situations such as successful IT attacks on your company. Our experts have in-depth and long-term experience as penetration testers and are therefore very familiar with the latest attack strategies and methods. In addition, many of our colleagues have various additional qualifications in the fields of criminology, forensics, data protection or business administration and/or have worked in previous professional positions, for example as police officers.

We are happy to support you in the context of incident response measures for the following topics:


  • Initiation and management of the IT crisis team (SME), support of the operational or strategic crisis team in corporate structures / consulting of the crisis team
  • Analysis of the current IT security situation in the company: Assessing the situation and identifying possible courses of action
  • Operational implementation of restart strategies
  • Support for external/internal communication strategy
  • Implementation of IT forensic measures (not court-proof)

Virtual CISO

The constant digitization in all sectors of the private sector is also increasingly ensuring greater dependence on IT systems. Organizations can hardly manage proper business operations without functioning IT. In most cases, IT security in companies is in a critical state.

“The IT security situation in Germany as a whole was tense to critical in the current reporting period.”
The State of IT Security in Germany 2021, Federal Office for Information Security.

As part of our “Virtual CISO” service offering, we provide medium-sized companies with highly specialized IT security knowledge without having to create a permanent position and the associated long-term costs within the company. Our experienced IT security consultants can draw on cross-industry expertise from a large number of consulting projects in the corporate and SME environment.

Scope of Services:

  • Up-to-date, highly specialized IT security expertise
  • Contact person for management on IT security issues
  • Technical and strategic development of the IT security strategy
  • Conducting risk assessments and IT audits
  • Implementation of security awareness measures
  • Design and implementation of governance and compliance concepts
  • Consulting and further training of the IT department on IT security topics
  • Steering of the IT department with regard to IT security topics
  • Development of an IT security culture
  • Implementation of technical IT security measures

Good reasons for us:

  • due to our specialization in performing penetration tests, we know the modus operandi of potential attackers: As part of our core business, we find vulnerabilities in IT systems by penetrating companies like attackers do
  • we think holistically and solution-oriented according to the Pareto principle: minimize 80 % of risks with 20 % of consulting input
  • we are specialized in IT compliance in banking and healthcare and have many years of professional experience
  • we have additional qualifications in the area of DSGVO and other topics
  • Cross-industry practical knowledge, e.g. on high-security requirements

Your contact

You can always reach us personally. Because loyalty based on partnership is far more important to us than short-term success.

Philipp Kalweit

Philipp Kalweit

Managing Partner


+49 40 285 301 257

Philipp Kalweit is an experienced IT security consultant on the topics of security awareness and offensive IT auditing. For the past six years, he has been advising and auditing clients from the SME and group environment, in particular ECB and BaFin-regulated organizations as well as groups in the retail sector. His consulting focus is on holistic IT security. He was honored for his work in 2019 by DIE ZEIT as “Hamburger of the Month” and in the same year was included in the Forbes “30 under 30 DACH” list.