Our B2B solution supports your organisation with a structured, stepwise approach in the implementation and follow up of Info-/IT-security industry standards.

The way out of expensive ISMS (re-)builds

Situation Today

Cyber security threats continue to increase year by year.

IT security professionals spend large amount of time on mapping regulations and requirements to ‘controls’ – without real technical knowledge of what those controls actually imply – this lead to waste as well as low understanding of the impact of the controls on the technical architecture.

Many organisations today fail to move from ‘theory to practice’ while implementing security controls. Large amount of resources are put into definition and planning, while guidance and follow up of implementation are often lacking.

Future competence and knowledge gap is regarded as one of the largest threat to achieving well protected assets.

Companies are also facing changing as well as new regulatory requirements and are often expected to comply to a vast range of legislations, however requirements are largely overlapping or can be fulfilled by implementing similar controls once.

The Airpump Solution ©
  • Supports a structured and lean approach in implementing Info-/IT-Security industry standards within your organisation.
  • Provides transparency on selected relevant controls, related owners and contributors as well as their current status of implementation.
  • Supports your organisation in a stepwise growth path to reach the desired IT security maturity level. (Airpump Small/Medium/Large)
  • Provides an always upto date knowledge base providing hands-on guidance for operational teams to fulfil given Info-/IT-Security requirements.
  • Provides feedback regarding the compliance level of implemented controls towards different industry standards.
  • Provides all the necessary guidelines and documentation as well as follow up capabilities.
Request Demo

Airpump Solution Offer

Our B2B solution is available at different levels

Airpump Small

Yearly 30k €

Includs Airpump small IT security implementation guidelines and actions.

Airpump Medium

Yearly 45k €

Includs Airpump medium IT security implementation guidelines and actions.

Airpump Large

Yearly 55k €

Includs Airpump large IT security implementation guidelines and actions.

All offers will include an initial setup fee of 5k €.

Contact us for Demo and
more Information

© 2022 Airpump
Risk Catalogue (why)
"Standard risk library per industry including a suggestion for risk taxonomies"
Provides a library of standardized but yet detailed risk descriptions that support risk analysis and workshops. Risks can be selected as applicable and can also be used as inspiration for a brainstorming session to get the dialogue going. Identified risks can either automatically be assigned to relevant controls (from the standardized control library) or by customer tailored controls where needed, to highlight the way for successful risk mitigation.
Standardized Controls Library (what)
"Predefined controls including a suggested test protocol. Specifications carry strength and validity related to risks"
The airpump controls library is designed on three building blocks of controls - Small, Medium and Large. Controls are influenced by global frameworks for information and cyber security such as ISO27000 series, ISF Standard of Good Practice for Information Security, NIST Cybersecurity Framework, CIS Top 20 Critical Security Controls for Effective Cyber Defense e.g. Key controls are selected to build security based on corporate appetite, resources, maturity and knowledge. The selection of specific framework control sets (e.g. to focus on certification is also possible, but needs to be licensed).
Steering Documents (how)
"Documents (e.g. operational procedures) stating what & how it should be done"
Steering documents are the foundation of any information security management system. You will get out of the box written policy documents presenting selected controls in the previous steps. With our steering documents you get a fast track and a convenient way to implement a management system for IT- and Information- security. Examples. End-user policy, anti-malware instruction, software design and development policy, patch and vulnerability management.
Action Plans (who & when)
"Practical activities for teams to work on (possible to integrate with planning tools like e.g. Jira)"
The real core of the Airpump solution. These are tangible hands on guidance for IT-managers at all levels. In depth and descriptive instructions to teams within a certain domain e.g. Databases, Linux servers or networks on what to do and what's expected of them. Actions can be integrated into your existing workflow and planning tool such as Jira, Confluence, ServiceNow etc. so you don't need to work with different tools and to minimize administration.
Test & Audit (if)
"Test plans and protocols including tool integration with 3rd party products"
Once relevant controls and corresponding actions have been implemented and approved by the responsible manager, organizations enter the test & audit phase. Test plans provide audit steps and methods to confirm that the controls and actions where implemented as intended. For example when to test a control, how to test a control, how to pick samples to test operational effectiveness, how to document the test. Airpump tool also includes out of the box templates to help you with the documentation of test and audit results.