Secure and reliable IT is the basis for efficiency and digitalization in companies. However, these benefits come with considerable cyber risks: hacker attacks, phishing, ransomware and cyber espionage threaten profitability and competitiveness. At the same time, companies have to comply with strict legal requirements such as GDPR, DORA and NIS2.

Baker Tilly combines comprehensive, interdisciplinary services in order to master these challenges. We support you with preventive audits, strategic advice on risk mitigation and, in the event of a crisis, with the investigation of cybercrime and fraud cases. 

Our approach integrates specialized legal advice for all issues related to cyber risks and data protection. 

The aim is to protect your IT infrastructure and successfully manage the crisis to safeguard your competitiveness.

Contact us to find out how we can comprehensively improve your cyber security.

Contact us now

Prevention - preventing cyberattacks, strengthening digital resilience

  • Awareness: training, simulation games and emergency drills. Revision, review or implementation of relevant guidelines 
  • Audits & security assessments: Evaluate security setup, check technical and organizational measures against requirements such as IT baseline protection (IT-Grundschutz), ISO 2700x, DORA, NIS2 and GDPR, conduct penetration tests and vulnerability scans 
  • Cyber security advisory & risk management: designing guidelines and technical measures, coordinating & evaluating the implementation of security measures, simulating cyber-attacks and emergencies
  • Continuous monitoring and advice as an external information security officer / vCISO 
  • through appropriate and effective measures to manage your cyber risks 
  • Data protection
  • Managing and investigating cybercrime 
  • Computer and network forensics
  • Court-proof digital evidence for fraud investigations 
  • Recovery of deleted or destroyed databases
  • Identification of anomalies in the databases of company applications 
  • Analysis of IT systems for security and potential misuse 
  • eDiscovery (factual analysis of relevant databases (mostly e-mails and documents))
  • Mass data analysis and IT-based detection routines 
  • Evaluation of communication behavior 
  • Analysis of attacks and optimization of security structures 
  • Crisis management and assistance in communicating with authorities, employees and business partners 
Boris Ortolf

Boris Ortolf

Director

Certified Information Systems Security Professional (CISSP), Certified Cloud Security Professional (CCSP)

Alexander Wagner

Alexander Wagner

Partner

Dr. Christian Engelhardt, LL.M.

Dr. Christian Engelhardt, LL.M.

Partner

Attorney-at-Law (Rechtsanwalt)

What can we do for you?

Talk to us - without any obligation

Contact now

Icon image

EU NIS2: Networks and information systems should be able to better withstand cyber threats

The amended Network and Information Security Directive - NIS2 - affects operators of essential and important services in sectors such as energy, transport, health and digital infrastructure. Companies must introduce stricter security measures, report cyber incidents and conduct regular risk assessments. They are obliged to ensure resilient systems and meet regulatory requirements for cyber security.

Baker Tilly provides interdisciplinary support in determining your initial situation and need for action, assists you in closing the gaps and certifies your compliance with the NIS2 requirements.

 

Icon image

DORA: EU regulation to strengthen digital resilience in the financial sector

The Digital Operational Resilience Act - DORA - affects financial companies, including banks, insurance companies and payment service providers. They must ensure robust digital operational resilience, report cyber incidents and conduct continuous risk analyses. DORA requires stricter security measures, contingency plans and monitoring of third-party providers in order to ensure the integrity and security of financial systems. The deadline is January 17, 2025. 

As part of a gap analysis, Baker Tilly identifies gaps, necessary resources and measures to implement the DORA requirements. With our expertise and proven tools, we offer support to close your gaps. As part of audits and assessments, we examine the implementation of DORA requirements at your company and – particularly important – at outsourced service providers on your behalf.

Icon image

The renunciation is associated with a great risk

An efficient internal control system (ICS) is essential for any company that wants to protect its processes and reputation. If such a system is missing, the consequences can be serious: Incorrect invoices that are sent multiple times can lead to considerable reputational and corrective costs. Billing fraud and decision-making errors due to inaccurate data not only cause financial damage, but also long-term economic disadvantages. Embezzlement in the high six-figure range can also lead to legal costs and further damage to reputation.

More about internal control systems