We are a flexible and interdisciplinary team consisting of experienced senior consultants, dedicated juniors, technical IT security experts and a network of long-standing, specialized partners who complement our expertise in the project business. Our team has more than 50 members with the goal to incorporate security into your company holistically.

We share our experience and know-how in various publications, lectures, research projects and specialist groups. To name just a few examples: We are a founding member of the CAST Forum, a partner of CRISP and are involved in various ISACA specialist groups.

  • Anne-Kathrin Kenessey
    Managing Consultant

    “As a consultant I support companies in preparing for their ISO/IEC 27001 certification. Documents, processes, interviews – everything must be up to par. I thoroughly enjoy every single time a client receives their certificate from a satisfied auditor”.


  • Dr. Christian Schwartz
    Managing Consultant

    “Our clients’ security is the focus of my daily work. Together with them I develop information security strategies, define long-term goals and support them in introducing suitable processes. However, I also help with operative tasks where necessary”.

  • Andrea Rupprich
    Managing Consultant

    “My work with our clients is characterized by many years of trust and mutual appreciation. The introduction and implementation of complex information security management systems (ISMS) are my core competencies”.

  • Jan Lietz

    “Recognizing, analyzing and correcting vulnerabilities in IT and organizational structures and systems is never routine, but my everyday life as a consultant. Every fixed vulnerability raises the security level and my client’s happiness as well as my own.”

  • Ester Widera
    Senior Consultant

    “Guidelines that adhere to compliance requirements while still being practical play an increasingly important role today. The documentation requires know-how and time – in addition to their day-to-day business, this task poses a major challenge to many companies. I’m glad that I’m able to provide hands-on support with that.”

  • Maximilian Müller
    Senior Consultant

    “I accompany companies in their day-to-day business and help them improve the security of their processual, organizational and technical structures. My work is varied and interesting, no day is like the other. That’s challenging and I enjoy it a lot”.


Security Consulting is about processes, technology and people and can therefore never be a standardized service. Getting to know our clients and their individual situation and help them directly and pragmatically – that’s what drives us.


In addition to a structured, professional onboarding program for our new colleagues, we continuously invest in our team’s education and in various internationally recognized certifications.


  • CGEIT (Certified in the Governance of Enterprise IT)
  • CISA (Certified Information Security Auditor)
  • CISM (Certified Information Security Manager)
  • CRISC (Certified in Risk and Information Systems Control)
  • DSA-TÜV (Data Protection Auditor DSA-TÜV)
  • DSB-TÜV (Data Protection Officer DSB-TÜV)
  • IHK Foreign Language Correspondent
  • IHK Certified Project Lead

  • ISO 27001 Lead Auditor
  • ITIL v3 Foundation
  • Public Administration IT Security Officer
  • PMP (Project Management Professional)
  • Prince2 Foundation
  • Qualys Certified Specialist (Vulnerability Management)
  • Scrum Master
  • Certified Economic Security Officer