Partner of the alliance for Cyber Security of the BSI

From the very beginning, Corporate Trust has been a member of the Alliance for Cyber Security, an organization created by the German Federal Office for Information Security (German acronym: BSI).

Corporate Trust is an APT response service provider qualified by BSI.

As an association of all key players in the field of cyber security in Germany, the Alliance aims to provide up-to-date and valid information across the board. The Alliance for Cyber Security is building a comprehensive knowledge base for participants and supports the exchange of information and experience.

BSI zertifiziert Corporate Trust als qualifizierten APT Diensleister
Partner Allianz für Cyber-Sicherheit

Corporate Trust has so far made the following partner contributions to the alliance:

Tickets for MCTTP 2023

In June 2023, Corporate Trust provided Alliance members with tickets to the cyber security conference mcttp (Munich Cyber Tactics, Techniques & Procedures), which we co-founded.

From keynotes, deep dive sessions, and specialist presentations, to practical reports from international speakers and IT security managers – the MCTTP offered three days of intensive program. On the first day, deep security topics were examined and discussed in four simultaneous training sessions for small and closed groups of participants. During the following two-day conference, participants heard technically sound, practice-oriented presentations on current attack methods and effective defense ideas in the technical track. The organizational track focused on effective crisis prevention strategies, negotiations with perpetrators, criminal prosecution, and data protection in the event of a crisis.

The MCTTP’s goal is to create a better understanding of the nature of current threats and to provide concrete practices and insights into technical, legal, and organizational aspects.

Collaboration on the document "Protection against Espionage" 12/2014

The Cybersecurity Expert Group hosted by the BSI summarized measures to protect German companies against espionage. The paper was aimed at companies at risk for espionage by specifying cyber security measures with pragmatic suggestions for their implementation.

The security of the company’s information technology is to be regarded as a central business support function, as the increasing penetration of economic activity has been accompanied by a shift in the reality of who dominates a market: While it used to be large companies that dominated markets, it is increasingly the agile and well-informed companies that win and maintain market share. Thus, espionage has become an important tool for some market participants to gain an advantage over others. The crown jewels of a company, up-to-date corporate data that is non-public, may therefore translate into a considerable economic advantage.

The final version of the document "Protection Against Espionage" by the Cyber Security Expert Group can be downloaded here.

Partner article 05/2013

As part of an investigation, Corporate Trust has discovered a vulnerability in the implementation of change notifications in the SMB protocol (or the underlying file systems), which under certain circumstances can lead to the unintentional disclosure of sensitive information when sharing central file shares in companies.

The results of our research into this vulnerability were summarized in a white paper and made available to Alliance members in advance. The document covers the following points:

  • Presentation of the circumstances that led to the discovery of the vulnerability
  • Discussion of the technical background based on our investigations
  • Course and results of communication with an affected product manufacturer (Microsoft)
  • Description of possible solutions for two common implementations of the protocol

The final version of the white paper is available for download here.

Partner article 10/2012

Many customers - especially small and medium-sized enterprises - keep security incidents secret. In view of the potential damage to reputation and business, this is understandable. But it hurts Germany’s economy as a whole, as other companies run into the same problems without warning.

Corporate Trust is therefore trying to establish a process to complement the Alliance's anonymous reporting office. The core of the reporting process is a release by a client company to a security service provider such as Corporate Trust to enable them to report the security incident anonymously to the Alliance.

The Word template for this customer release is available for download here.

Our ongoing partner contributions

  • Participation in the National Expert Council for IT Forensics
  • Participation in the National Expert Council for Cyber Security
  • Reporting of current findings from daily operations, which are incorporated into the BSI's situation report as additional information