4 steps to holistic IT and information security

Hardly a week goes by without headlines about successful cyber attacks on companies. Not only large corporations, but also more and more small and medium-sized companies are the targets of cyber attacks. Regardless of whether the human factor is used as the attack vector or whether attacks are carried out directly on IT systems, the economic damage is enormous in most cases. In order to prevent such attacks, it is clear that a large number of IT security measures must be implemented in the company. The subject of IT and information security is complex and often not manageable. For this reason, organizations often ask themselves how one can initially approach such a complex topic in practice. Find out more about the first and, above all, essential steps to improve your information and IT security in our blog article.

Read more

Aufgaben eines ISB - was macht ein Informationssicherheitsbeauftragter?

Tasks of the information security officer (ISO)

In order to successfully implement an information security management system (ISMS) in a company, every company needs an information security officer (ISB). In this article we show you the extensive tasks of the ISB.

Read more

TISAX - neuer VDA-ISA Katalog

VDA-ISA for TISAX® certifications: Publication of the new version 5

On August 4th, 2020 the Association of the Automotive Industry published a new version of the Information Security Assessment for TISAX® certifications. The current version 5.0 of the VDA-ISA catalog brings with it a new structure and fundamental changes in the structure of the modules. Find out more about the changes and the validity of the new requirements in our blog article.

Read more


ISMS – simply explained Part 1: The importance of an ISMS for your company

More and more companies are striving to improve information security in their own company. To meet this challenge, organizations rely on the establishment of an information security management system, or ISMS for short. In order for such a project to be implemented successfully, various aspects must be taken into account before the introduction, which the responsible persons must be made aware of. Find out more about the importance of an ISMS for your company in this blog article and our YouTube video.

Read more

TISAX® – simply explained: Assessment Levels

In the case of TISAX® assessment levels, the question arises again and again which of these are there and what impact they can have on a TISAX® project. Assessment levels are used to determine the depth of your final TISAX® audit, which is carried out by an external audit service provider. However, the type of […]

TISAX® – simply explained: assessment objectives and labels

Although there is still no general requirement for TISAX® certification, it is required by more and more automobile manufacturers. In order not to endanger the partnership, certification is then inevitable at the latest. Satisfying the complex requirements remains a challenge for many companies.

In our video series “TISAX® – simply explained”, we clarify the most frequently asked questions that we are asked again and again in practice. Our part 2 deals with test targets and labels.

Read more

TISAX ® – simply explained: You should know that

Many automobile manufacturers often develop their products in cooperation with supplier companies. In 2017, the Association of the Automotive Industry (VDA) developed the TISAX ® test and exchange mechanism to ensure secure processing and a trustworthy exchange of information between these companies. With TISAX®, a certification for information security in the company is created for automotive suppliers, which is specifically aimed at the needs of the automotive industry. The implementation of a TISAX® project is a complex challenge. With TÜV-certified TISAX® consultants from aigner business solutions GmbH, however, we support you efficiently and effectively in order to obtain the desired certification as quickly as possible. Find out more in our blog article and our first video in the TISAX ® series – simply explained.

Read more

Ransomware! How does malware get into the company?

Ransomware – A form of digital blackmail

Ransomware attacks are arguably one of the most widespread attack methods that cyber criminals use to harm companies. The attack method of digital blackmail aims to encrypt as many company-internal files as possible automatically. They should thus be made unusable for the company. The internal information can only be accessed again if the organization pays a ransom to the criminals and in return receives a decryption code for their unusable files. Encrypted files lead to production downtimes, reputational damage and financial losses in companies.

Read more

Hacker attack: do customers need to be informed?

As already announced in the media, electronics retailer Conrad fell victim to a hacker attack. This was due to an IT security gap in the company’s own IT systems. This allowed strangers to access a database with almost 14 million customer records over a period of several months. The customer data records included the customers’ postal addresses, e-mail addresses, fax numbers and IBAN numbers. The Bavarian State Office for Data Protection Supervision was also involved in this case.
Read more