Cyber Risk Check according to DIN SPEC 27076
The CyberRiskCheck for medium-sized businesses
Fast. Simple. Understandable.
Would you like to know the status of your information security without immediately starting a complex audit? As a qualified service provider, we offer the BSI's CyberRiskCheck for small and medium-sized enterprises. It provides a structured overview of your security level with clear recommendations for action.
Efficient, comprehensible and implementation-oriented.
Why IT security is so crucial for medium-sized businesses
Smaller and medium-sized companies are also increasingly being targeted by cybercriminals. However, without their own IT security department, they often lack an overview: What are the dangers? What protective measures do we need? And how can we react in a targeted manner without getting lost in complex processes?
Typical problems
- Little internal know-how about information security
- Uncertainty about fulfilling legal minimum requirements
- Lack of overview of technical and organizational vulnerabilities
- Fear of excessive effort, complexity, or costs
Our solution - the CyberRiskCheck
For whom is the check suitable?
- Companies with up to 250 employees
- Particularly suitable for medium-sized businesses with growing IT complexity
- Also suitable for smaller companies without their own IT department
- Can be used across all industries: production, service, trade, healthcare
Note: DIN SPEC 27076 was originally developed for smaller companies, but is also suitable as a structured entry point for larger medium-sized companies with a manageable IT landscape.
Our approach – how the check works
1. Preliminary discussion
Together, we clarify whether the check makes sense for your company. We take into account industry, size and IT structure.
2 Structured interview
In an approximately 1–2-hour discussion, we check 27 requirements from 6 central topic areas:
- Organization & Awareness
- Identity & Authorization Management
- Data Backup
- Patch & Change Management
- Protection against Malware
- IT Systems & Networks
3. Evaluation with rating system
Your answers are evaluated according to DIN SPEC 27076. This results in a point value (max. 37) that reflects your IT security status.
4. Individual results report
- Security score visualized with a spider diagram
- Concrete, prioritized recommendations for action for each topic
- Optional: Information on suitable funding programs
5. Follow-up meeting & outlook
We explain all results in detail, identify quick wins and show possible next steps. We also take into account further measures such as awareness training, backup concepts or the introduction of an Information Security Management System (ISMS). The CyberRiskCheck thus offers a solid basis for strategically developing your security level.
Further information on DIN SPEC 27076 can be found directly at the BSI
Our packages at a glance
CyberRiskCheck BASIC: 950€
Ideal for smaller companies with up to 25 employees:
Execution of the CyberRiskCheck incl. final discussion
CyberRiskCheck PLUS: 1.350€
Recommended for medium-sized companies:
Execution of the CyberRiskCheck including final discussion, comprehensive analysis and structured measures workshop
Optional with follow-up consultation (e.g. awareness, backup concept, penetration tests)
CyberRiskCheck PREMIUM: from 1.950€
For companies > 150 employees:
Execution of the CyberRiskCheck including final discussion, comprehensive analysis and structured measures workshop as well as in-depth measures plan
Optional with follow-up consultation (e.g. awareness, backup concept, penetration tests)
Your Benefit
Why you should work with us
- Structured security check according to BSI standard (DIN SPEC 27076)
- Conducted by qualified consultants with many years of security experience
- Practical recommendations with technical depth
- Clear report with action plan, prioritized by risk
- Implementation possible within one working week
What comes next
- Upon request, we can assist you with the implementation of the recommended measures.
- We offer supplementary services: security awareness, backup strategies, technical hardening, penetration tests, and much more.
- You will receive documented security status, which is helpful for customers, insurance companies, or partners.
Frequently Asked Questions
- What does the CyberRiskCheck cost?
Our packages start at €950 (plus VAT).
- How quickly can the check be carried out?
Typically within 7–10 working days from commissioning.
- What happens after the check?
You will receive a prioritized action plan. Upon request, we can also assist you with the implementation, e.g., with security concepts, penetration tests, or security awareness.
Why mgm security partners?
In a world full of cyber threats, more than standard solutions are needed. We offer tailored IT security strategies that not only look good on paper but also prove themselves in practice.
- Holistic approach: We combine technology, organization, and people into a practical security program.
- Technically sound: Our methods are based on current standards and our many years of expertise.
- Individual & pragmatic: No “one-size-fits-all”, but tailor-made solutions for your corporate culture.
- Long-term support: From the initial analysis to the continuous improvement process.