Comprehensive IT security audit at Versorgungswerk der Zahnärztekammer Berlin (VZB)
by Tina Siering
Successful cyberattacks can have serious consequences for organizations of all sizes and industries - for example, a complete systems failure due to a ransomware attack, combined with data encryption and high ransom demands from cybercriminals. In order to close potentially existing IT security gaps, to sensitize its own employees to security risks and, in principle, to be prepared for a possible worst case scenario, the "Versorgungswerk der Zahnärztekammer Berlin" is the professional pension fund of dentists for the chamber areas of Berlin. VZB (for short) commissioned Allgeier secion with a three-part IT security audit.
First, the pentesting experts used a black box audit to examine the VZB's infrastructure for vulnerabilities and IT security gaps. There was hardly any information available about the IT systems to be audited, so the audit was conducted under the conditions of real cyber criminals. The aim of this procedure was to uncover an attacker's view of the organization from the outside, to detect existing security risks in the systems and then to test them using targeted attack scenarios. In the subsequent social engineering audit, the IT security consultants attempted to exploit the "human vulnerability" through social manipulation and to persuade VZB employees to disclose sensitive information such as passwords.
At the recommendation of the security experts from Hamburg, the comprehensive IT security review was concluded with an organizational audit that focused on VZB's "Incident response readiness strategy." The existing process and behavior plans of the pension fund were analyzed and optimized in the event of a compromise of the systems and laid down in a dedicated emergency plan. Because in the event of a successful cyberattack, fast and precise action is required!
Read more about the challenges and the decision-making process at VZB in our joint success story!
Are you also looking for a proactive 24/7 network monitoring?
Contact us - we will be happy to advise you!
Related articles
As an inclusive institution, Elbe-Werkstätten has an increased security risk when it comes to IT security. In addition to already existing, established security solutions, further measures in the area of "Managed Protection and Response" (MDR) should therefore be added. The condition: It had to work simply, be affordable and also be implementable with a small team. After some research, those responsible decided on Allgeier secion's lean but effective Active Cyber Defense (ACD) service instead of their own SIEM solution (Security Information and Event Management), which they had initially considered.
Weitzer Parkett - one of Europe's leading parquet manufacturers - wanted to effectively and permanently strengthen its own IT security within the company. In order to respond to the acutely increased threat situation, the endpoint security used was to be supplemented by a solution that would enable proactive monitoring of all systems in the network. After extensive research, those responsible decided to use Allgeier secion's lean but effective Active Cyber Defense (ACD) service instead of the initially considered SIEM (Security Information and Event Management) solution - just in time to nip a Log4j attack in the bud.
After a successful cyberattack, the IT systems and subsequently parts of the business processes of Martin Baur GmbH came to a temporary standstill. The medium-sized company from the district of Biberach then brought Allgeier secion on board as an external IT security expert in order to have its own IT protection measures reviewed and to secure itself even better for the future.