HvS-Consulting
Speciality: Red Teaming and Offensive Security Assessments
Cybersecurity consulting firm based in Garching, Germany; over 20 years of experience in offensive security; 50+ highly qualified employees; 500+ satisfied clients including 50% of DAX companies; specializes in penetration testing, red teaming, and security stress tests.
ISO 27001: Information Security Management Certification
Origin
ISO 27001 was developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC), and was first published in 2005. It evolved from the British Standard BS 7799-2, which was created in the late 1990s. The standard was developed in response to the growing need for organizations to systematically manage and protect sensitive information in an increasingly digital business environment. ISO 27001 has since been revised, with major updates released in 2013 and 2022 to address evolving cybersecurity threats and best practices.
Industry Value and Importance
ISO 27001 is globally recognized as the leading standard for information security management systems (ISMS) and is valued for providing a systematic, risk-based approach to protecting sensitive data. Organizations that achieve ISO 27001 certification demonstrate to clients, partners, and regulators that they have implemented comprehensive security controls and are committed to maintaining confidentiality, integrity, and availability of information. The certification is particularly important for organizations handling sensitive data, as it helps meet regulatory compliance requirements, reduces security incidents, builds customer trust, and often provides a competitive advantage in procurement processes where information security assurance is required.
TISAX: Trusted Information Security Assessment Exchange
Origin
TISAX (Trusted Information Security Assessment Exchange) was created by the ENX Association (European Network Exchange) in 2017 at the request of the German automotive industry, specifically the VDA (Verband der Automobilindustrie - German Association of the Automotive Industry). The certification was developed to address the automotive sector's need for a standardized, mutual recognition framework for information security assessments. It was created to reduce the burden of multiple audits on suppliers, as automotive manufacturers were each conducting their own security assessments of shared suppliers, leading to duplication and inefficiency.
Industry Importance
TISAX has become essential for companies working with the automotive industry, particularly in Europe, as many major manufacturers now require it from their suppliers and partners. The certification provides a trusted, industry-recognized validation of a company's information security practices, protecting sensitive data such as intellectual property, product designs, and business information. Its importance stems from the mutual recognition principle—once a company achieves TISAX certification, the results are shared across participating organizations, eliminating redundant audits and creating efficiency while maintaining high security standards. For suppliers, TISAX certification has become virtually mandatory to maintain or establish business relationships with automotive OEMs and tier-1 suppliers.
- Abus
- Amadeus
- Allianz Group
- Audi
- Biontech
- Bosch Group
- DZ Banking Group
- Dr. Oetker
- Ergo
- Evonik
- Finanz Informatik
- Airports DUS
- CGN
- FRA
- HAM
- MUC
- ZRH
- Geberit
- Generali
- Giesecke & Devrient
- Groz-Beckert
- Helmholtz Centers
- Henkel
- Hornbach
- IATA
- Kuka
- LBBW
- Lidl
- Müller Group
- Lanxess
- Loacker
- Lufthansa Group
- Munich RE
- Osram
- Otto Fuchs
- Pro7Sat1
- Rational
- Rewe Group
- Rohde & Schwarz
- RWE
- Saar LB
- SAP
- Software AG
- thyssenkrupp
- Villeroy & Boch
- ZF Friedrichshafen