the company

Galach Consulting delivers the IT security management services. Our mission is to help our Clients:

  • Minimise the risks of financial damage resulting from loss, falsification or uncontrolled disclosure of data
  • Achieve compliance with legal information security requirements, rules imposed by corporate owners (especially in the case of international companies) or requirements related to particular services.

Our strength lies in the skills of the consulting team. The knowledge and competence are confirmed by industry certificates possessed by our staff, including CISSP, CRISC, CISA, CSWAE, ISO/IEC 27001 LA, ISO 22301 LA, ISO 27005 RM, ISO/IEC 27001 IA. Our in-house research provides us with tools and methods of improving and optimizing the services we deliver.

We have received the Innovation Health Check assessment certificate in accordance with the European Innovation Management System CEN / TS 16555-1. The certificate confirms our innovative approach to research and development works. We also participate in PWCyber Programme.

We pride ourselves on individual approach to our Clients. Wherever possible, we aim to optimise the existing solutions. Our extensive cooperation with companies from various market sectors as well as central and local government institutions has reinforced our belief that you do not need to organise a revolution to make changes for the better.

Cybersecurity Management

Cybersecurity Management

Our offer is based on the services covering the full lifecycle of the cybersecurity management, including implementation, maintenance, operation and optimization. We implement and audit information security management systems (ISO/IEC 27001), business continuity management systems (ISO 22301) and service management systems (ISO/IEC 20000). We help our customers to reach the necessary security level in an organization and support them in management systems certification process. In case of personnel shortage we can also help by outsourcing cybersecurity processes. 
Cybersecurity Technologies

Cybersecurity Technologies

We conduct a comprehensive security analysis of IT infrastructure, including security concept and design verification, manual and automated configuration audit, scanning and penetration tests. We check the security level of the applications, including web and mobile ones. Security assessment techniques used by our team, are based on global standards and professional toolkits. The results of security analysis deliver valuable information on the systems’ resilience to attacks from the Internet and the internal networks.
Legal Requirements

Legal Requirements

We perform the compliance analysis of cybersecurity governance processes according to relevant legal requirements. We deliver the comprehensive support in identifying and impementing the required organizational and technical countermeasures. The range of our professional expertise includes personal data protection (General Data Protection Regulation), secure medical data processing in IT infrastructure, eIDAS and M460 requirements for certification authorities.
Our Experience

Our Experience

We are ready to challenge assignments and demanding tasks. Our experience covers various projects, both for large corporations as well as smaller organisations. We have cooperated with companies from such market sectors as:

  • Finance
  • Insurance
  • Petrochemical
  • Mining
  • Telecommunications
  • Automotive
  • Energy
  • Logistics
  • And many more
strzałka do góry