enterprisesecuritymag

Secure Systems Engineering (SSE): Interlacing Product Development with Security

Daniel Augustin, Managing Director, Secure Systems EngineeringDaniel Augustin, Managing Director
SSE enables companies to implement a holistic, effective and permanent security strategy to let them focus on their core business.

Focusing on core competency has always been the primary objective of businesses. With the increasing need for digitalization, the role of IT in business has become even more critical, and companies with a paucity of resources or expertise outsource those IT services to specialized providers. However, if IT operations management is not adequately security-driven, the threat posed can permeate to the core of the business, impinging on business continuity, reputation, and compliance. Given the spurt in cyber-attacks, it is no longer sufficient to follow a reactionary strategy based on pre-defined threat scenarios. One cannot be assured of utmost security irrespective of the solution implemented or the robustness of security infrastructure. Hence, what is required is a nuanced approach towards enterprise security with proactive stance.

Berlin-based Secure Systems Engineering GmbH (SSE) is providing the same to enterprises. The team of specialists enables enterprises to transition from a defunct binary approach towards security to a strategy that is a meticulous continuum which adapts to the changing security threats. “Security is not just ‘zero’ or ‘one’ – what you get always is a degree of security; not ‘all security’ or ‘none’. Hence, whatever degree you reach, it is not a constant achievement. The threat landscape changes, and so does the requisite appropriate response,” says Daniel Augustin, Managing Director of the company. Underscoring the fact that a secure technical infrastructure is no guarantee of not being attacked unless the employee awareness is enhanced, SSE helps enterprises inculcate a pro-active security culture.

The company identified a lacuna between the workflow of security managers and developers. Many companies approach product development with a strategy that does not factor in the security risks until the product is ready, and then they try to add security as threats are discovered.
The drawback of this approach is that such a product lacks sufficient internal technical flexibility to accommodate the security later. SSE set out to bridge the gap by making security an integral part of the development process. Such integration is only possible when the security specialists work in tandem with the client’s team. SSE team works closely with its customers, providing them with cost –effective and lasting security which also leads to increased security awareness among its clients.

We Make Sure That Security Aspects Are Addressed At The Proper Time And In The Right Way. It Is Essential To Adjust The Mode Of Working So That It Is Compatible With How Other Processes Work

“By supporting clients during the planning phase of their projects – from the conception of the architecture, through the actual development all the way to establishing compliance policies – we make sure that such backlog does not accumulate, and security aspects are addressed at the proper time and in the right way. In each of these steps, it is important to adjust the mode of working so that it is compatible with how other processes work,” explains Augustin. The company’s portfolio comes with a Security Assessment offering which entails mapping out of the IT landscape of the client along with an assessment of the quality and maturity of the existing approach.

Going the extra mile, the company instils a security-driven product development culture in enterprises. As the enterprises today wish for an enhanced security maturity of their organization after the engagement with a security partner, it is essential for security specialists to reshape the security posture of the enterprise. SSE leaves a transformational impact in the form of Security Ambassadors who are members of its client’s team and take charge of security. They make sure that security concerns get due attention throughout the product development lifecycle. This approach obviates the need for top-down enforcement of security measures after the development of the product, saving the enterprise the trouble of significantly re-working the product.

Evolving with the changing times, SSE is currently ramping up its resources in the area of Penetration Testing and is planning to establish a greater presence in other parts of Germany
Share this Article:
Secure Systems Engineering

Company
Secure Systems Engineering

Headquarters
Berlin, Germany

Management
Daniel Augustin, Managing Director and Dr. Waldemar Grudzien, Christian Böhning

Description
SSE supports enterprises in secure planning of IT projects, from the conception of the architecture and software development up to the establishment of an information security management system (ISMS) and data protection management. It helps enterprises by auditing their system security and information security management, and providing secure implementation and support