The task of the nic.at Information Security Management (ISM) team  is to identify potential risks at an early stage, assess them correctly and, together with colleagues from other departments, successfully fend them in the long term. Thus, the ISM department operates an information security management system certified in accordance with ISO 27001 and steers a continuous improvement process within the company, which ensures the availabilty of services within critical infrastructure services.

(Photo) Michael Zach

Michael Zach
Chief Information Security Officer

As CISO, Michael bridges the gap between the traditionally separated disciplines of IT and security. He is responsible for its strategic alignment with business objectives. His profound scientific and technical educational background as well as his work experience as developer, administrator and consultant is of great benefit to him. In addition to his core tasks in the areas of information security, business continuity and data protection, Michael dedicates himself to other tasks at nic.at, which range from enterprise modeling to threat intelligence and cloud governance.

(Photo) Andreas Steyrer

Andreas Steyrer
Information Security Officer

was in charge of the development of the management system and is still responsible for the continous improvement. He has gained his extensive expertise from previous work as process manager at a leading ISP, through relevant studies, numerous certifications in the areas of information security management and cybersecurity, and through his participation in international working groups. Andreas' proactive problem-solving skills and his ability to explain complex issues in an understandable way are very crucial for maintaining security awareness within nic.at.