Security governance case study
with Haag-Streit
The Haag-Streit Group is a global leader in medical technology that has been developing innovative and high-precision devices for eye diagnostics and eye surgery for over 160 years.
We would like to thank the Haag-Streit Group for the trusting and successful collaboration over the past three years. It is a pleasure for us to support the company in the area of information security and to achieve sustainable improvements together.
Establishment of security governance based on the NIST framework
The Haag-Streit Group was faced with the challenge of introducing a uniform security governance framework across the entire Group. Our approach started with the design of a governance model based on the NIST framework. To involve all stakeholders from the group, we defined stakeholder interaction maps to facilitate communication and clearly define responsibilities. We created security guidelines that aligned with the core functions of the NIST framework and helped the organization define clear processes and responsibilities. These guidelines were developed to meet the security needs of the medical device industry and to comply with regulatory requirements.
In a further step, we supported IT security management in securing senior management buy-in. Through targeted presentations and the development of a clear communication plan, we were able to ensure that top management recognized and supported the relevance and necessity of investing in cyber security.
Statement CIO of the Haag-Streit Group
"The collaboration with Cyberopex was a complete success. Thanks to their expertise, we were able to implement a comprehensive security governance framework based on the NIST framework that meets the high security requirements of the medical technology industry. Cyberopex not only supported us in developing clear security guidelines and engaging all relevant stakeholders, but also helped us to convince senior management of the urgency and importance of investing in cybersecurity. Through this partnership, we have created a strong foundation for our information security and are well prepared for future challenges."
CONCLUSION
By establishing security governance, the Haag-Streit Group was able to bring security standards to a consistently high level across all companies. Clear responsibilities between the Group and the individual companies ensured that the security guidelines were implemented and adhered to efficiently. The implementation of the stakeholder interaction cards promoted better communication and collaboration, which significantly supported the implementation of the safety strategy. In addition, the commitment of senior management contributed significantly to the acceptance and long-term anchoring of the new safety processes.
The collaboration between Haag-Streit and Cyberopex GmbH shows how important it is to be able to rely on experienced partners in times of increasing security requirements. Cyberopex was able to make a decisive contribution to expanding and strengthening Haag-Streit's security resources with its Cyber Security Officer Service.
Would you also like to increase your company's security?
HOW CAN WE HELP ?
Contact our experts at CYBEROPEX
We look forward to your inquiry and will do our best to answer it promptly.