IT security must be easy!

Taking fast steps into a secure future




IT security as
monthly subscription



Best Practice from
decades of experience



Start small and add
new services as needed



Transparency in performance
and always high quality

"Modern IT security puts people at the center of what's happening, with a commitment to ensuring that protection goals are sustained."
Michael Theumert

What about your IT security?

Take the maturity check!

You have an idea of your IT security,
but you do not yet know how and where to start.
You have started with your IT security,
however, it is not working as planned.
Your IT security is working,
but the results could be better.


Security as a Service

Security-as-a-Service (SECaaS for short) is our answer for an innovative support service in IT security. Companies can use it to book individual services. "Everything very simple, expandable according to your own needs available as a subscription model."

For more and more companies, the development, implementation and optimization of digital business models is becoming an important part of their competitive advantage. It requires new capabilities to secure the complex IT infrastructure and thus the foundation of all business areas.

Classic IT security strategies usually focus on processes and tools. “Modern IT security puts people at the center of the action, with the claim to optimize IT security awareness.”

Considerable productivity gains are possible in agile organizations. We work completely agile to provide these benefits to our customers in the form of speed and quality in our services.

With Security-as-a-Service (SECaaS for short), we offer our capabilities and best practices in pragmatic service packages as a monthly subscription. This allows companies to book individual IT security services with us or outsource them completely.


At the beginning of every Security-as-a-Service service, we start with an individual service onboarding. Here, we discuss specific challenges with you, share activities that have already been carried out to find a solution, and record your individual expectations of us.

Subsequently, possible services from our service catalog are discussed and related to your challenges for finding a solution.

Important components of our service: Emergency Preparedness, General Overview, Network Security, Data Backup, Updates, Password + Crypto, System Security, User Management, Security Mindset, Logging / Time Synchronization, Infrastructure Security, Best Practice.

Regarding the Hospital Future Act (KHZG), we are a certified service provider and will be happy to advise you on the application and implementation of your project.


Emergency preparedness

Are emergencies identified, emergency preparedness and response plans developed, responsibilities defined and actionable? Are emergencies rehearsed regularly and are the key rules known to all involved?

General overview

Have all critical data and processes been identified, and corresponding protection requirements implemented? What are the requirements in IT security, which measures need to be implemented in a prioritized manner, and how are the roadmap and responsibilities defined for this?

Network security

What processes and measures are in place to support network security? How are anomalies detected, communicated, and handled?

Data backup & updates

What processes are implemented for software maintenance and updates? Are backups secure against deletion and manipulation via the network? Are backups checked regularly?

Password + Cryptography

Which guidelines exist for passwords, (privileged) user accounts, 2-factor authentication, encryption of e.g., mobile devices? How are these policies implemented?

System security, user administration

Which systems are used to harden systems (hardening)? How is user administration implemented and which hierarchies, protection mechanisms and processes are actively in use?

Security Mindset, Training

What are the priorities regarding IT security and what is the focus? How high is the budget for IT security and corresponding training and which measures have already been successfully implemented? Is there a knowhow portal, regular teasers, and effectiveness measurements to actively promote security awareness among all stakeholders?

Logging / time synchronization

For the clarification of security incidents, a complete and chronologically correct recording of log files is very important. What systems and processes are in place for this purpose?

Infrastructure security

Are your IT systems adequately protected against elementary threats? How is adequate access protection ensured?

Best Practice

All our experience is always incorporated into the consulting process. A pragmatic, solution-oriented approach that is appropriate to the requirements and understandable to people is the basis of our work.


In our work, we consider applicable regulations, such as ISO 27000, B3S, Kritis, and are happy to prepare your infrastructure for certification in accordance with the relevant standards.

In the service onboarding we will – as far as possible – define the framework conditions for your IT security project in person, otherwise via video telephony. Necessary requirements as well as priorities are determined in order to ensure the best possible success of our services. Additionally, wishes, challenges as well as needs for a successful cooperation will be discussed and integrated into the monthly service.


Our SECaaS team is agile and digital in the way we work. This allows us to deliver high quality and work pragmatically with our customers.

In our service delivery, we work with NPS scoring. This gives us the opportunity to perceive your expectations in a structured way and provide necessary suggestions in case things don’t fit.

If it does not fit at all, we are ready to terminate the cooperation without any additional consequences for both parties. Due to our transparent way of working we would like to emphasize that we do not have any hidden costs, i.e. you book your individual service package with us and we deliver the promised service.




1.500 € / MONTH

according to time and material


can be cancelled monthly


up to 10 hours included


knowhow transfer included


expenses for service

onboarding of 1.500 € once

3.500 € / MONTH

according to time and material


can be cancelled monthly


up to 25 hours included


knowhow transfer included


expenses for service

onboarding of 1.500 € once

6.000 € / MONTH

according to time and material


can be cancelled monthly


up to 50 hours included


knowhow transfer included


expenses for service onboarding of 

1.500 € once

Are you more interested in our security services?

Everything very simple, expandable according to your own needs and available as a subscription model.

Get in touch with us!

Want to learn more about Security as a Service? Leave your e-mail address. We will contact you with pleasure.

SECaaS – Security as a Service

Theumert Consulting GmbH
Landwehrstraße 48
80336 München


Copyright 2021 Theumert Consulting GmbH – All rights reserved.