Cyber Risk and Privacy Assessment

Corporate Open Source Intelligence (OSINT) Assessment: The objective of the open source intelligence (OSINT) assessment is to identify possible risks and vulnerabilities that are public, available, and leave the organization exposed to risks that can be exploited by threat actors.

OSINT is often used as an offensive discipline for cyber-attacks. The quality of the open source intelligence that is collected on the target organization and its employees is often the determining factor on whether a cyber-attack will be successful. Attackers leverage the information they collect from public resources to identify attack verticals, especially on the human layer (for social engineering attacks) and the security of the physical perimeter.

We conduct OSINT as a defensive discipline to help organizations to proactively deal with this problem and reduce or eliminate potential attack vectors. Following the path a threat actor would take, we conduct an OSINT analysis on publicly available resources on the client organization and entities closely associated to them, including business partners and service providers. By identifying the information and opportunities an attacker may exploit, organizations have the chance to proactively prepare on mitigating risks and educating their employees.

We understand that information exposure is often unavoidable or serves significant organizational interests. Unavoidably, this exposure comes with certain risks. Our findings are always followed with recommendations and advice to help organizations minimize or eliminate risks, and act proactively against certain threats.

Cyber and Privacy Needs Assessment: A needs assessment is a systematic exploration of the way things are, and the way they should be. The key is to seek the gap between the current situation and the desired situation. We investigate which are the cyber risk and privacy requirements for your organization. Do you need to comply with the Swiss, the EU, or the US requirements, or all these requirements together? What about the standards at the level of the group? We compare your existing standards with the required standards. We develop a confidential report explaining what we have found. We give a presentation to the Board of Directors, the CEO and the CRO and we answer all questions.

Cyber and Privacy Risk Assessment:We learn which are your cyber risk and privacy standards, policies, procedures, and code of ethics. We examine which is the actual performance of employees, suppliers, service providers and all stakeholders. Do they meet the Board’s expectations? We develop a confidential report explaining what we have found. We give a presentation to the Board of Directors, the CEO and the CRO and we answer all questions.

Cyber Security Training

Cyber security is ofter boring for employees. We can make it exciting.

Online Cybersecurity Training

Online Training

Recorded on-demand training and live webinars.

In-house Cybersecurity Training

In-house Training

Engaging training classes and workshops.

Social Engineering Cybersecurity Training

Social Engineering

Developing the human perimeter to deal with cyber threats.

For the Board Cybersecurity Training

For the Board

Short and comprehensive briefings for the board of directors.

Cybersecurity Assessment


Open source intelligence (OSINT) reports and recommendations.

High Value Targets Cybersecurity Training

High Value Targets

They have the most skilled adversaries. We can help.

Which is the next step?


You contact us


We discuss


Our proposal


Changes and approval


We deliver

Cyber Risk GmbH, Cyber Risk Awareness and Training