Six industries · A specialized team
Cybersecurity for healthcare — in your regulatory language.
Hospital, private clinic, care service, medical care center (MVZ), pharmaceutical manufacturer, or digital health app provider — each industry has its own regulatory burden, threat patterns, and operational reality. Our services are specifically deployed and documented for each of these six industries.
NIS2 + Section 390 SGB V + gematik
Medical care centers & practice networks
Medical care centers, group practices, practice networks. From 50 employees, subject to NIS2 — an estimated 1,000 medical care centers affected for the first time. The training requirement is new; the threat landscape is not.
NIS2 important entity
Private clinics
Affiliated hospitals, private clinics, specialized facilities. Often owner-managed with a pragmatic approach to security — training without overhead, audit-ready documentation without enterprise complexity.
NIS2 · MDR/IVDR · GxP · ISO 13485
Pharma & MedTech
Pharmaceutical companies, medical device manufacturers, and contract research organizations. IP protection is business-critical, supply chains are a target for attacks, and GxP/ISO 13485 audits review awareness programs as well.
GDPR · Social Code XI · MD review
Care facilities
Nursing homes and home care services. High staff turnover, mobile devices, sensitive patient data — and increasingly the target of targeted phishing attacks on billing systems.
BSI TR-03161 · SaMD · NIS2
Health Tech
Digital health platforms, telemedicine providers, DiGA manufacturers. High proportion of APIs and integrations, distributed teams, often targeted through customer service and partner communications.
THE COMMON BASIS
The same four services, rolled out in an industry-specific way.
Regardless of your industry, our offering is based on the same four coordinated services: Security Awareness Training, Phishing Simulation, Vulnerability Management, and 24/7 Managed SOC. What varies are the content, scope, sizing—and the evidence formats we use to serve industry-specific auditors, regulators, and insurers.