Heinfried Cznottka, Director of Business Development
Today, almost a millennia after the fall of Troy, the defensive and offensive strategies employed by the Trojans and the invading Greek army have remained relevant in the realm of cybersecurity. In fact, cybersecurity experts have often used the example of the mighty wall of Troy to highlight the pros and cons of building a firewall that cannot be breached by traditional, straightforward attacks. However, as technological advancements continue to outgrow the regulations put in place, cybercriminals are developing newer and more dangerous ways to penetrate the strongest of firewalls. As a foil to the nefarious plans of cybercriminals, enterprises today are deploying intelligent cybersecurity measures that are capable of detecting and countering cyber threats. Alternatively, government entities have to conform to using cybersecurity measures that are compliant with the ever-increasing regulations. As a result, most government agencies are left vulnerable to data breaches owing to the one-dimensional protection offered by their existing cybersecurity solutions. Coming to the rescue of such firms is Germany-based achelos GmbH. The company offers consulting and advisory services that help government firms better choose their cybersecurity solutions and effectively protect their network. “Our offerings are backed by extensive domain knowledge, which allows us to guide clients in the development of secure software and applications,” says Heinfried Cznottka, director of business development at achelos.
The company’s portfolio includes solutions and services that are capable of delivering superior security for a multitude of industries. achelos has developed test suites that enable its clients to effectively test their security solutions and ensure that they are compliant with data security and privacy norms of the European Union.
Under its test suite umbrella, achelos offers an electronic identification, authentication, and trust services (eIDAS) inspector to guide clients in certifying and verifying the protective measures of their deployed solutions. Additionally, the firm provides other test suites that include offerings to effectively simulate real-life scenarios and test the defensive capabilities of a client’s transport layer security (TLS), internet key exchange (IKE), and internet protocol security (IPsec). achelos also provides a virtual card kit to to simulate chip card operating systems in different market segments and deliver a flexible experience for users. On the other hand, the company extends services to assist its clients in cross-checking their certifications and compliance with major data security standards. At the same time, achelos leverages its extensive common criteria (CC) knowledge to actively support the customers in analysing the product specification and security requirements, provide qualified knowledge bases for faster decision-making, and other critical aspects in their product development processes.
With such comprehensive capabilities, achelos goes above and beyond to ensure that its clients can make the most of its offerings. To this end, the company starts every client engagement with a detailed discussion on the overall scope of a project. In this meeting, achelos finalises a testing framework based on the client-specific needs and ensures that all the required technology solutions and processes are compliant. Highlighting the efficacy of achelos’ portfolio and proven engagement methodology is an association where the company assisted a large bank in ensuring that their services were compliant with the payment services directive 2 (PSD2) of the EU. In this instance, achelos offered its eIDAS inspector to assist the client in eliminating the risk of an attack or misuse of the bank’s financial offerings.
Similarly, the company has been aiding businesses in the healthcare and public sector to organise, verify, and maintain their IT and data security certifications since its inception in 2008. Presently, achelos is focused on enhancing its ‘testing as a service’ portfolio to help more organisations in Germany and Europe at large. In the pursuit of this, the company is keeping a close track of regulations by bodies such as the European Union agency for cybersecurity (ENISA), among others. “As cybersecurity and data privacy regulations become more relevant, we will continue to enhance the capabilities of our portfolio to assist clients that are aiming to expand their businesses in the most secure and compliant way,” concludes Cznottka.