Terminology With terms such as InfoSec, cyber security, information security, ethical hacking, cracking, malware, ransomware, denial of service attacks, social engineering, ISO 27001, NIS-2, data breaches, end-to-end encryption, etc., the terminology of IT security is certainly confusing for people in other specialist areas, but not nearly as complex as the actual content.
Risks In an increasingly digitalised world, this also increases the individual attack surface and the risk of an attack. While in a private context, attempts are often made to spy on confidential personal data for advertising purposes or identity theft as well as financial data for fraud and theft, in the corporate sector it is often a case of attempts to gain advantages through blackmail or industrial espionage or to damage an organisation for personal or political motives. In addition to the usually financial damage to the organisation, personal sanctions for management can be expected in the future (e.g. within the framework of NIS-2) in the event of failures.
Security Consulting HetaPhi provides competent and confidential advice on information security audits as well as the design and implementation of security measures.