The level of information security as well as appropriate measures for data protection have to be individually designed in small and medium-sized enterprises (SMEs) and depend closely on the available financial and human resources.
Fire protection in the 21st century. VdS has developed preconfigured cyber package solutions especially for these companies. These solutions are freely scalable and contain modules for both improving information security and data protection. The offer modules range from as-is analysis and immediate measures to certificated cyber security in accordance with VdS 10000. On this website we would like to inform you about the content, composition, handling and scaling of the cyber package solutions.
This is how the cyber kit works: different modules form the building blocks for your cyber security and are combined to form various package solutions. The advantage for you: All modules from one source require less administrative effort on your side and allow attractive pricing. Some modules are also available separately if required, to give you the option of upgrading if conditions around your protection needs change.
The Bronze Package
Most cyber attacks start with a phishing e-mail, which is now virtually indistinguishable from standard business correspondence. That's why the addressees - your own employees - are among the biggest cyber risks in the company. By raising awareness through training, you will already achieve a significantly increased security level.
The Gold Package
The Silver Package
The Silver Package contains all the modules of the Bronze Package, but goes one important step further: The self-disclosures that you provided, for example, as part of the VdS Quick- Check, are primarily intended to provide you with a detailed picture of the status quo of your current IT security level and to initiate initial measures. However, the basis remains your self-disclosure.
The Platinum Package
With the web-based tools "VdS Quick-Check", companies can obtain an initial picture of the status of their information processing, divided into the following topics:
- Information security (Office)
- Information Security (Production/ICS)
- Data protection
The questionnaires are used to determine the company's individual degree of fulfilment in various fields of action, such as organisation, technology, prevention and management or processing principles. Fast, detailed, free of charge and including a detailed report of the results with concrete recommendations for action.
Based on the results of the VdS Quick-Check for Information Security Management Systems, our auditors examine the measures taken for cyber security in your company on site. The VdS Quick-Audit is particularly suitable for smaller companies and usually takes one day. The audit report after completion of the investigation shows point by point which measures are already effective and uncovers existing gaps.
The results of the VdS-Quick Check on the General Data Protection Regulation (GDPR) form the basis for the Quick Audit, in which the data protection measures introduced in your company are examined on site by our auditors. The audit usually takes one day. The guidelines VdS 10010 serve as a guideline for this, with which you can implement the legal, organisational and technical requirements of the GDPR clearly structured and with manageable effort.
The sector-neutral VdS guidelines 10000 are a catalogue of measures for a management system that is specially tailored to SMEs and improves the information security status of a company. The minimum requirements for information security are formulated in an understandable way and are designed in such a way that SMEs are not overburdened organisationally and financially. The VdS 10000 guidelines are based on the recognised standards ISO 27001 and BSI-Grundschutz.
The sector-neutral VdS guidelines VdS 10010 are a catalogue of measures for a management system that is specially tailored to SMEs and improves the data protection status of a company - without overburdening the company organisationally and financially. The VdS 10010 guidelines are based on the EU General Data Protection Regulation (GDPR) and the current Federal Data Protection Act (BDSG-new).
Companies that do not have their own cyber know-how will need external help. VdS expressly recommends that these companies contact a VdS-approved cyber security consultant. The VdS certification shows that the consultants are among the top experts in the field of cyber security, know the VdS 10000 cyber guidelines and other relevant VdS protection standards and can implement them for their customers.
For reasons of efficiency and error prevention, companies will seek professional help in implementing VdS 10010 - especially to prepare optimally for a certification audit. VdS-approved consultants for data protection management in accordance with VdS 10010 offer this assistance. Information on the approval procedure can be found here.
The logical consequence as the next expansion stage after the VdS cyber services Quick Check-Quick Audit and Certification Audit in accordance with VdS 10000 is the establishment of an information security management system. ISO 27001 is the globally recognised requirement level for the establishment of such a management system.
Our courses on cyber security are events that take place in small groups. Depending on the course, e.g. group work and excursions are also planned. The participants receive comprehensive training documents and a certificate of attendance. After passing the exam, a certificate can also be issued.
Small and medium-sized companies in particular are often in the crosshairs of cyber criminals. One of the main reasons for this are the conventional security standards, which often overwhelm SMEs. With the publication of the guidelines "Information Security Management System for Small and Medium-Sized Enterprises (SME)" (VdS 10000) and the associated new range of services, VdS offers all SMEs the opportunity to close this security gap organisationally and financially with about 20 percent of the effort compared to the ISO/IEC 27001 series.