Cyber Resilience Assessment

Understand your organisation's cyber resilience readiness level

Get in touch

 

Cyber Resilience Assessment Cyber Security beginnt mit einer proaktiven Cyber Recovery-Strategie

We know that every cyberattack threatens your existence. Can you recover your business operations smoothly after an attack?

Cyber attacks have become unavoidable in principle, which has made cyber resilience a de facto ‘must-have’ with the entry into force of NIS2 and DORA. Cyber attacks have now become the number one IT threat for companies and public institutions and cause an annual loss of >200 billion euros - to industry in Germany alone. This is also shown by other statistics, including those from Bitkom's ‘Wirtschaftsschutz 2024’ study.

% 0
of companies are affected by cyber attacks. (Source: Bitkom)
Bis zu 0 %
of their turnover is spent by German SMEs on IT failures on average each year.
0 %
of cyber attacks threaten the existence of a business. (Source: Bitkom)

The new compliance requirements stand in the context of such figures

This threat and the entry into force of legal requirements such as NIS2 and DORA make a mature and detailed cyber resilience strategy a must-have for companies.

Introduction and implementation of NIS2

  • The NIS 2 Directive has been in force since 16 January 2023 and regulates IT security in companies. The German implementation law comes into force in March 2025.

  • NIS2 tightens the cyber security requirements in the EU under sanctions in order to ensure a standardised level of security in the EU. Stricter requirements apply to the areas of cyber risk management, control, monitoring, incident management and business continuity management. These now apply to almost all companies and organisations than was previously the case under the KRITIS legal basis. In addition, stricter liability rules apply for management.

  • Conclusion: NIS2 now affects a broad range of companies in Germany and Europe. Cybersecurity and resilience are therefore becoming a key issue for many more companies than previously assumed under the KRITIS heading.

     

    (Classification according to ActiveMind.legal, usd AG and Atos)

DORA (Digital Operational Resilience Act)

DORA is an EU regulation on digital operational resilience in the financial sector, came into force on 16 January 2023 and will be binding for financial institutions and their IT service providers from 17 January 2025 with the following objectives:

  • Strengthening cyber resilience and IT security in the financial sector
  • Standardised risk management requirements for banks, insurance companies, investment firms, etc.
  • Mandatory reporting of cyber incidents
  • Regulation of third-party providers (e.g. cloud service providers)
  • Harmonised EU-wide standards for digital security

 

Conclusion: DORA aims to achieve a higher and harmonised level of cybersecurity in the European financial sector

Cyberframework NIST, Source: NIST
NIST Cyberframework. Quelle: NIST

We analyse cyber resilience in the context of the NIST cyber framework as the basis for a cyber resilience assessment

  • Scope of the organisational profile
  • Gather required information
  • Creating an organisational profile
  • Analyse vulnerabilities and create an action plan
  • Implement action plan and update profile

The NIST Cyber Framework

Our technical and content-related approach is based on the categories of the NIST framework

Cyber resilience must be anchored as an integral part of the corporate strategy. Clear guidelines must be defined and responsibilities and capacities created.

A transparent risk management framework enables well-founded decisions, regular reviews and KPI-based measurements of success.

Relevant areas of the company must be checked for cyber risks by analysing critical assets, supplier risks and internal cyber risks and ensuring well-functioning data management.

To establish improvement mechanisms, we recommend clear reporting and escalation channels, regular test scenarios and structured C-level reporting. In this way, optimisation potential can be continuously identified and your company is better prepared for cyber attacks.

Cyber security can only be ensured if weaknesses in identity and access management have been uncovered and the infrastructure has been strengthened with secure architectures. Data security must be guaranteed for all data types for stored, transmitted and active data and all legal requirements for data security and the flow of information in the event of a crisis must be complied with.

Security risks in networks, physical environments, employees and external providers should be continuously monitored. By analysing past events with AI, missed incidents can be detected and monitoring processes can be automated for faster threat detection.

Responding appropriately to incidents means reviewing incident management processes to ensure rapid processing and clear responsibilities. Causes are analysed, measures are derived and communicated transparently to all stakeholders in order to minimise the impact and deal with IT-related incidents in the context of cyber resilience.

Enabling recovery means developing an emergency manual and a recovery plan that clearly sets out all the steps required to restore the organisation in the event of a business interruption. These steps are regularly tested to ensure their feasibility. In addition, recovery times are measured, all backups are checked after a ransomware attack and automatic threat detection systems are implemented to enable proactive recovery.

Critical systems and processes are defined and restored as quickly as possible. Restored assets are only considered functional if their availability has been verified. Clear criteria are defined for when a problem is considered resolved and communication plans are developed for the entire recovery process.

Hands-on mit Empalis: Cyber Resilience Assessment 

Hands-on with Empalis: Cyber Resilience Assessment

In some sectors - such as many industrial companies, for example - the view that this is purely a compliance issue leads to implementation measures. Others, such as the financial sector, have realised its relevance for ensuring business continuity in terms of corporate risk management.

Accordingly, reactions to the current threat situation vary, meaning that the ‘cyber resilience readiness level’ of companies in Germany is quite different.

The question of what needs to be done appears complex and comprehensive with regard to NI2 security mapping.

The Empalis Cyber Resilience Assessment offers a one-stop shop for examining suitable measures. With our holistic consulting approach, we guide our customers through their cyber resilience journey.

  • Structured interviews with relevant stakeholders

  • Evaluation of the relevant business processes

  • Evaluation of the current status quo in the area of cyber resilience

  • Criticality of the data/applications

  • Requirements for data availability/classification of data

  • Requirements for cyber resilience

  • Commercial requirements

     

  • Development of objectives and next steps
  • Presentation of the results to management
  • Presentation of possible target image by Empalis
  • Joint definition of priorities and goals
  • Planning the future model together with those responsible
  • Ensuring compliance with regulatory requirements (NIS2, DORA) and cyber resilience standards
  • Detailed planning to implement the defined requirements

 

  • Implementation of the strategy in the company by Empalis

  • Regular management meetings including status updates

  • Enablement of the organisation through training

  • Support for operational implementation with our technical experts

  • Implementation of the technical and procedural solutions

  • Enablement of the organisation/provider for the operation of the solution through training

     

  • Introduction of KPIs for the regular review of cyber resilience in the company
  • Regular review of the measures implemented
  • Support for operational processes through managed services
  • Regular review of technical standards
  • Implementation of necessary improvements and changes

How exactly does the Cyber Resilience Assessment work? - the format in detail

The assessment consists of

  • Management workshop
  • Interviews with stakeholders (compliance managers, IT security managers, ...)
  • Questionnaire distribution with further questions to relevant roles
  • Technical examination of individual infrastructure components (existing infrastructures, examination with regard to resistance to ransomware attacks), depending on the case
Empalis Cyber Resilience Assessment
Ablauf des Cyber-Resilience Assessments - die Phasen

The phases of the cyber resilience assessment

Ram-up phase

In this phase, our consultants are brought into your company for the project.

We draw up a project plan, jointly define the project's key milestones and agree on the members of the project team and other important stakeholders.

Phase 1

A cyber resilience workshop is held together with management and relevant stakeholders to develop a shared view of the topic of cyber resilience.

We discuss how the company is already positioned in this area from a strategic perspective, which legal requirements affect you, identify initial focus topics and define goals for the next steps.

Phase 2

With the help of interviews and questionnaires, a detailed inventory is carried out in various departments of the company.

The input from the individual departments is incorporated into the evaluation system with a certain weighting. If your company is affected by NIS2 or DORA, the specifics of these regulations are included in the questionnaire.

Further documents such as emergency plans, certificates, process documentation, training courses, architecture documents and contracts are compiled and analysed for a more detailed evaluation of the individual subject areas.

In the area of disaster recovery in particular, we offer an optional additional technical analysis in which we analyse the current technical setup with a particular focus on the topic of cyber attacks. As soon as the required input has been collected, the project enters the assessment phase.

Phase 3

In the final phase of the project, the information gathered is processed and a gap analysis is developed in which the results are consolidated and the most critical points of each area are highlighted.

From the final results of this gap analysis, we develop clear recommendations for action and potential solutions, together with us or one of our partners.

The results are presented to the agreed stakeholders and together we work out a roadmap to implement the recommendations for action according to your company's priorities.

We are your reliable and experienced partner for the best cyber resilience strategy

> 0
Companies are more cyber-resilient thanks to our consulting services
0
Years of IT consulting for enterprise customers and 20 years of experience in large backup infrastructures
> 0
Hosted Peta-Byte data with long-standing customers

Together with our partners, we help you to make your backup infrastructure more cyber-resilient

Satisfied customers in the cloud disaster recovery environment: Empalis - your reliable partner

Use Cases

German automotive supplier

Carve-out from the foreign parent company including cloud migration for technical reorientation

Situation

  • Infrastructure hosted by external provider
  • Target infrastructure should be mapped in M365
  • Active Directory to be used for company-wide authentication
  • Backups of the current solution in TSM

Question: How can a cyber-resilient disaster recovery solution be established for the cloud environment?

Empalis activities

  • Setting up the backup strategy
  • Setting up the new backup infrastructure in the cloud environment
  • Migration of data from the old infrastructure to the new infrastructure by Empalis
  • Operation of the backup solution

German family-owned company

Problems with newly purchased disaster recovery solution after cloud migration

Situation

  • Newly purchased backup product did not work in the cloud
  • The aim was to back up data from several locations centrally to the main location and make it available via the cloud
  • Empalis was called in to advise on problems after the migration
  • Question: How do we get our backup environment NIS2 compliant?

Empalis activities

  • Advice on a NIS2-compliant disaster recovery strategy
  • New setup of the disaster recovery solution by Empalis (tiering, S3...)
  • Setting up the central cloud backup instance for the national companies
  • Backup of the data additionally in a central Azure instance
  • Training of employees and handover of operations to the customer
  • Regular support

Translated with DeepL.com (free version)

Empalis is an exclusive Predatar partner

  • “Single point of truth” for your data protection
  • Insight into backup and recovery progress
  • Remote monitoring capability
  • Insight into your storage and infrastructure
  • Proactive warning of potential problems and risks
  • Independent testing and planning Worst case scenario provider
  • Malware detection in backups, clean-up of backups

Empalis is a Veeam Gold Service Provider Partner

  • Full-service offer: consulting, implementation and operation from a single source including German support
  • Specific expertise with all Veeam solutions (e.g. Veeam
  • Rechovery Orchestrator, Veeam Backup Enterprise Manager)
  • Setup of cyber-resilient disaster recovery solutions, also in combination with other solutions such as TSM
  • Project management and review of implementation by other providers, as well as operational monitoring

Would you like to find out more? Feel free to contact me directly.

Philip Röder, Key Account Manager & Business Development
Phone +49 162 4196789

Send email