You're somewhere over the Pacific, cake is served, but there’s no coffee. A few things in the machine just don't work. The crew is puzzled. Maybe a wrong programming? Maybe it is the combination of flight altitude, outside temperature, time and kerosene consumption that affects it? Maybe the misdirected signal from a smartphone in the first-class? Perhaps a deliberately caused error? In any case, it is unsettling.
Every break in a routine means stress.
The two following options are available: One is to practice emergency plans. They define, for example, how to react to certain incidents: You are familiar with this from the obligatory fire drill or the first aid course. The second option is the possibility of identifying security gaps so that they do not even arise in normal operation.
It doesn't just sound exciting, it's exciting. Because it turns the approach by 180 degrees. The specialist calls it a penetration test. Ultimately, it is about discovering weaknesses and to use them. The procedure does not have to be limited to the technical side. Every interface is a possible gateway to get inside a company. Every employee in the call centre, every supplier who has access authorisation, every email to the management, every sales representative, all networked devices from refrigerators to surveillance cameras to telephones or smartphones — it is theoretically and practically possible to initiate an attack across all of them. Once the friendly hacker is in the system, he looks around and checks which options are then open to him.
The knowledge gained from this penetration test forms the basis for the evaluation and documentation of the current corporate and IT security. We then make this extensive dossier—we call it an action plan—available so that you can find the best solutions for yourself and your company. We would be happy to support you, but always very cautiously. We don't want to be accused of testing in a certain way and then selling products to you. In addition, the penetration test also shows areas that cannot necessarily be solved with technical equipment.
IT security is only one segment of corporate security, IT security never stands alone. Accordingly, the following applies even more to this broad area: Security is a process. And we are happy to accompany it.
Yours sincerely, Gordon Kirstein