We protect companies
against hackers and criminals.
What we do
We protect companies against hackers and criminals. Our work is as dynamic and diverse as the threat itself. As an accredited assessor, we advise and certify companies worldwide according to the specifications of the credit card industry and other international IT security standards. The experts at usd HeroLab identify vulnerabilities in IT systems and applications. Our security consultants advise companies holistically on questions of information security, risk management, and IT compliance. The Cyber Security Transformation Academy (CST Academy) promotes exchange and knowledge transfer within the community. more security is our mission.
What does usd stand for?
When usd was founded in 1994, the three-letter code stood for management consulting, security and services and described our then broad portfolio of services. Over the years, usd has developed and refined its portfolio. Today, the three-letter code stands for our mission and our values:
Unabhängigkeit (independence)
We’re a community of experts. We’re independent from products, haven’t taken out any loans, aren’t dominated by a client, we’re inventing ourselves. “U” is for “Unabhängigkeit”.
Sicherheit (security)
The center of our name and the center of what we do. We protect companies against hackers and criminals. “S” is for “Sicherheit” (Security).
Demut (humility)
No one is all-knowing, there is no absolute security. We are aware of our responsibility and we know that our task is complex. That’s why we share our knowledge, cooperate with the best and dedicate each day to “more security”. “D” is for “Demut” (Humility).
Our certifications and accreditations
Our commitment
To protect companies from hackers and criminals, we must ensure that our skills and knowledge are always up to date. That is why security research is just as important to our work as building a security community to promote knowledge exchange. After all, greater security can only be achieved if many people are involved.
But further commitment to our society, our planet, and future generations is also very important to us. Our corporate social responsibility guidelines and measures provide insights into this.
Building competence. Sharing knowledge. Acting together.
Security does not depend on tools alone, but on cooperation. In a world full of digital risks, collaboration is key. The CST Academy creates a community that lives and breathes cyber security: exchange, practical training, and insights into current research — for everyone who wants to shape security. It takes a community that understands and acts. From the uncertainty of the individual to greater security in the knowledge community. We are breaking with the image of isolated experts. We are the place where knowledge is shared, skills are built, and networks are formed – from students to top managers.
Partner to Leading Institutes
- efl - the Data Science Institute
- Allianz für Cybersicherheit
- CAST
- ATHENE
Security Research
- Responsible Disclosure
- Security Advisories
- Articles & Publications
- BioMobile II
Committed to Teaching
Our Management
Andrea Tubach
Chair of Executive Board
Andreas Duchmann
Member of Executive Board
Matthias Göhring
Member of Executive Board
Christopher Kristes
Member of Executive Board
Felix Schmidt
Member of Executive Board
Dr. Christian Schwartz
Member of Executive Board
Mareike Clemens
Authorized Signatory
Daniel Heyne
Authorized Signatory
Jan Kemper
Authorized Signatory
Anna-Magdalena Kohl
Authorized Signatory
Tim Kranz
Authorized Signatory
Maximilian Müller
Authorized Signatory
Stephan Neumann
Authorized Signatory
Vinzent Ratermann
Authorized Signatory
Andrea Rupprich
Authorized Signatory
Torsten Schlotmann
Authorized Signatory
Simon Weickart
Authorized Signatory
Our references
Customer Stories
Safe Rides, Secure Data – Bikeleasing Implements Comprehensive ISMS in Accordance with ISO 27001
The ever-increasing interconnection of business processes and the growing use of digital information processing pose a major challenge for companies today: they must continuously adapt their information security measures to new and constantly growing risks. In order...
POLAVIS GmbH Commits to the Highest Security Standards in Healthcare
POLAVIS GmbH has established itself as a leading company for networking in patient care with innovative software solutions for clinics. The Berlin-based company stands for digitalization in healthcare and relies on customized technologies and efficient and secure...
Navigating DORA: Delvag's Successful Journey from Gap Analysis to Compliance
A cyberattack on an insurance company is far worse than just a technical problem: in addition to the breakdown of central IT systems, there is also the threat of sensitive customer data being exposed. This not only results in significant business losses, but can also...
usd Experts Provide Support for Successful KRITIS Proof of Compliance
With several data centers spread across the globe, a European cloud hosting provider offers critical services to its customers around the world. This means that in Germany, it falls under Section 8a (3) of the BSIG (German Federal Security Act) and must undergo...
As Micropayment’s PCI Officer, usd AG Ensures Continuous PCI DSS Compliance
The requirements of PCI DSS are becoming more complex - and with them the effort involved in day-to-day business. In order to ensure security, governance and certification according to PCI DSS 4.0.1, Micropayment is once again relying on a collaboration with usd AG....
Joint Success: Partners Support German Automotive Manufacturer along the Journey to PCI Compliance
Regardless of the business sector, customers value flexibility when it comes to processing payments for services and products. A leading German automotive manufacturer was therefore faced with the challenge of implementing a secure and efficient solution for...
BoostAeroSpace and usd AG: A Partnership for More Security in the Aerospace Industry
In today’s business environment, companies rely on a broad network of partners and service providers to deliver their services efficiently. Digital supply chain integration offers significant gains in efficiency – but it also increases the risk of cyberattacks....
Marathon at Sprint Speed – LANCOM Systems Builds Certifiable ISMS
In an age when digitalization has become the norm in almost every industry, information security is becoming increasingly important for companies. In March of this year, LANCOM Systems, a leading European manufacturer of network and security solutions, achieved...
When Pentest Planning Becomes a Game of Tetris - A Look behind the Scenes of an Extensive Pentest Project with HanseMerkur
In a world where security and efficiency must go hand in hand, our recent project with HanseMerkur Krankenversicherung AG shows how crucial good organization and clear communication are to the success of a pentest project. Despite a tight timeframe and the challenge...
Information Security in the Financial Sector: How Frankfurter Sparkasse is Tackling the Mammoth Task
The digital transformation in the financial sector has created new areas of attack for cyber criminals and therefore significant risks for companies. The result: ever-increasing internal and external demands on the information security of financial institutions and...