Cyber Security Advisory & Implementation Services Aligned with Zero Trust Principles Cyber Security Posture Review Cyber Security Roadmap Delivery Management Identity Security Device Security Network and Cloud Security Applications - DevSecOps Data Security What are the principles of Zero Trust? Zero Trust is an architecture framework based on the concept of "never trust, always verify". Core principles include: Assume Breach – operate as if attackers are already inside. Least Privilege Access Continuous Verification of identity, device posture Segmentation – breaking networks into smaller, isolated zones. Title Make It Aunt Bette's Homemade Pecan Pie Make It Rockin’ Rocky Road Ice Cream Make It Tom’s Heavenly Apple Strudel Make It Joe’s Divine Butter Tarts Make It Zero Trust is an architecture principle or framework. SASE is an architecture pattern which is in line with the zero trust principles. Security Service Edge is the security component of SASE and can be directly associated with a range of solutions and products. What are the benefits for Security Service Edge? The main benefits of SSE over legacy on-premises solutions are: - User experience - Improved security - Cost and operational complexity What are the main use cases for the use of SSE? Example of use cases 1- Improving user experience and security for a geographically distributed workforce 2- Replace VPN with Zero Trust Network Access 3 - Secure access to SaaS apps 4 - Enable secure access for 3rd party teams and replace VDI

We are thrilled to introduce our founding members, the driving force behind Cybersherpa's vision and success. Based in the vibrant cyber landscape of Switzerland, our founding partners brings a wealth of experience as a highly regarded cybersecurity professionals. With careers spanning major cyber consulting firms, proven cyber experience in public and private sectors, we bring a rich variety of skills and insights that enrich our team's capabilities. Who are we? Team of proven professionals, with deep and pragmatic cyber expertise Based in the vibrant cyber landscape of Switzerland, our founding partners brings a wealth of experience as a highly regarded cybersecurity professionals. With careers spanning major cyber consulting firms, proven cyber experience in public and private sectors, we bring a rich variety of skills and insights that enrich our team's capabilities. Our common passion in cybersecurity is to make a sustainable impact for our clients by helping their organisation become cyber-resilient. Jean-Loup Ravinet Founder, Partner Jean-Loup is a seasoned cyber security leader with more than 20 years’ experience helping organisations strengthen their security posture and achieve business resilience. He specialises in designing and leading security programmes that transform clients’ cyber infrastructures in line with strategic objectives. He holds industry-recognised certifications, including CISSP and CCSP, and is a certified Security Architect (SABSA). In addition, he is trained as an AWS and Google Cloud Security Engineer and is Zscaler Zero Trust certified. Jean-Loup also brings strong business acumen as an MBA-qualified leader, bridging the gap between technical expertise and executive priorities. Omar Guemmi Partner Omar is an international leader in application security, AI governance, and data protection with more than 17 years of global experience helping organizations strengthen cyber resilience, ensure digital sovereignty, and secure cloud environments. He specialises in designing and leading security and governance programmes that align with corporate strategy, protect critical assets, and enable trusted digital transformation. He holds industry-recognised certifications, including ISO/IEC 42001:2023 (AI Management System), ISO/IEC 27001 Lead Implementer, CISM, CISA, PMP, and AIGP, as well as Microsoft Certified Cybersecurity Architect Expert and Azure Solutions Architect. Fluent in several languages and a former Swiss Kung Fu champion, Omar combines discipline, innovation, and executive insight to bridge the gap between technology, governance, and business priorities. Dergin Tiritoglu Partner Dergin is a senior security architect, with over 10 years of experience, breadth and depth of technical knowhow to safely deliver the business mission. Extensive technical skills and expertise gained in high-profile sectors including finance, energy, telecoms, pharmaceuticals, and public sector. Skilled in security strategy, and delivery of ‘secure by design' solutions that meet both current and future challenges across cloud, on-prem and managed platforms. Join us Cybersherpa is recruiting! Cyber Infrastructure Security Architect The Cybersherpas Community Cybersherpa has developed a worldwide network of independent cyber talents, “the cybersherpas”, who join forces on project basis. This ensures our clients get the right level of specialised support while our community grows with Cybersherpas who do what they love and are best at what they do. We continuously grow our community, in particular for the following domains of expertise: Enterprise Security Architecture Cyber Infrastructure Security Architecture and Engineering Cloud Native Security Architecture and Engineering Join our Cybersherpas' community What is happening? Company News News latest Aout 2025 Omar Guemmi joins Cybersherpa as a Partner, bringing his expertise in Governance & Compliance, Microsoft security, Application security and Data protection. Welcome Omar! New Point of view paper published May 2025 Cybersehrpa published, in collaboration with Artes Juris a PoV on cloud security and sovereignty in EU and Switzerland Partnership with DuoKey February 2025 Cybersherpa has partnered with DuoKey to unlock cloud & AI security and sovereignty ! Partnership with Palo Alto January 2025 Cybersherpa is very pleased to announce a partnership with Palo Alto with a specialisation on Prisma Cloud and AI SPM Selected by the >_Trust Village March 2024 Cybersherpa has been selected to join the Trust Village in Lausanne, an incubator of cyber and trust companies in Switzerland. The move will be effective by March 15th. Our head office remains unchanged. TrendMicro is now a partner! February 2024 Cybersherpa is very pleased to announce a partnership with Trend Micro and is now an authorised reseller of Trend Micro products and services. Zero Trust event in Geneva September 2024 Cybersherpa hosts a successful event at the Geneva Trust Village with its partners: Zscaler, Ducksify (Panop) and e3. Cybersherpa partners with Panop for Attack Surface Management June 2024 Cybersherpa accelerates its Zero Trust assessments with Panop, an innovative solution to detect and remediate the cyber attack surface Cybersherpa launches Cloud Security Assurance June 2024 Cybersherpa extends its services to cloud with combining its cloud security specialists and AI powered tooling to establish a diagnostic of clients' cloud security posture and provide actionable recommendations. Zscaler is now a partner! February 2024 Cybersherpa is very pleased to announce a partnership with Zscaler and is now an authorised reseller of Zscaler products and services in EMEA. Cybersherpa is registered December 2023 Cybersherpa is registered as a Sàrl in Lausanne.

Zero Trust Workshop Register now Zero Trust does not consist of implementing a new product, but to change the way IT approaches architecture. Our Workshop aims at gaining a fast understanding of a company structure Approach Workshop that last between half a day or a full day depending on the industry, the size of the company, and the complexity of the architecture Understand Busines Context - Drivers and Pain Points Capture Top Use Cases for Zero Trust Describe initial Zero Trust Architecture Consider existing capabilities in line with Zero Trust Vision Project Oriented Roadmap Use Case Presentation Get in touch ! First name Last name Company Position Email I agree to the terms & conditions Send Message sent ! ✅

Cybersherpa has partnered with TrendMicro and is an authorized reseller of TrendMicro products and services. Cybersherpa brings a pragmatic cyber expertise to help your organisation select and integrate the fit for purpose cyber solutions. Cybersherpa will advise on the cyber risk reduction opportunities while making sure budget, operations, IT & security architecture, as well as user experience are fully considered. NEWS! Cybersherpa has partnered with Trend Micro and is an authorized reseller of Trend Micro products and services. Partnership with Trend Micro We believe that managing your cyber risk is an integral part of your business strategy and ultimate success. Leveraging over 35 years of security expertise and technology foresight, Trend Micro is transforming the world of cybersecurity. Cybersherpa brings a pragmatic cyber expertise to help your organisation select and integrate the fit for purpose cyber solutions. Cybersherpa will advise on the cyber risk reduction opportunities while making sure budget, operations, IT & security architecture, as well as user experience are fully considered. Register for a Free Trial Trend Vision One Trend Vision One provides a holistic view of all risks, vulnerabilities and what needs to be done to continuously increase resilience. Centralised management of solutions, management of the attack surface, high automation, modular system are just some of the advantages of a platform. The most important, however, is that silos are broken down and visibility can be guaranteed across all security tools - so an attacker can be stopped quickly and efficiently. The technical analysis will consist of: Cloud Posture Assessment External Attack Surface Assessment Exchange Online Mailbox/Gmail Assessment At-Risk Endpoint Assessment Phishing Simulation Assessment Vulnerability Assessment

Cybersherpa: Expert Governance & Compliance solutions ensuring regulatory adherence, risk mitigation, and corporate cybersecurity excellence. Governance, Risk & Compliance Confidence through intelligent risk management and regulatory excellence Non-financial risk affects your operations, compliance, and reputation every day. We bring hands-on expertise to simplify governance, manage risk, and ensure compliance with regulations like NIS2, DORA, Basel III, GDPR, and the AI Act. Strategic GRC Insights for Enterprise Transformation Our approach is anchored in proven frameworks and intelligent regulatory practices that combine strategic foresight with operational execution. AI-Driven Compliance Automation Risk Quantification & Prioritization Regulatory Intelligence Continuous Assurance Enterprise GRC Service Portfolio We bring together deep expertise in governance, risk, and regulatory compliance with a pragmatic, outcome-oriented methodology Review, Feedback & Benchmarking We identify gaps and risks fast, using leading frameworks like ISO 31000, ISO 27001, NIST, COSO, COBIT, and Basel III. Combined with regulatory gap analyses, self-assessments, and maturity benchmarks, we deliver a clear, actionable view of your compliance and governance maturity, grounded in standards and real-world practice. Certification & Audit Support We guide you through ISO 27001, and other certifications with step-by-step, field-tested methodologies. Our approach blends regulatory expertise with hands-on experience, from gap analysis and control design to audit preparation and evidence management. This ensures certifications are not just achieved but embedded into daily operations for lasting compliance. From Design to Automation We build scalable, practical GRC frameworks that align with your business strategy and can be applied day-to-day. We roll out compliance tools, risk analytics, and dashboards that your teams can actually use, turning theory into action. Sustainability & Continuous Monitoring We stay with you after implementation, ensuring compliance evolves with your business. Through continuous monitoring, regulatory updates, and optimization, we keep your framework effective, cost-efficient, and future-ready. Microsoft Cloud & Security Expertise We bring together deep expertise in governance, risk, and regulatory compliance with a pragmatic, outcome-oriented methodology Cloud Security Posture Review & Benchmarking We help organizations gain a clear, actionable view of their cloud security across Microsoft Azure and Office 365. Leveraging globally recognized standards such as ISO 27001, NIST CSF, and CIS Benchmarks, we perform a hands-on assessment of your environment, identifying misconfigurations, gaps, and high-risk exposures. Microsoft Cloud Governance & Compliance Implementation We help organizations design, deploy, and operationalize governance and compliance frameworks across Microsoft Azure and Office 365. Our certified experts implement scalable controls, policies, and workflows, ensuring alignment with standards such as ISO 27001, NIST CSF, and CIS Benchmarks. Cloud Data Protection & Encryption Protect your organization’s sensitive data across Microsoft 365 – Exchange Online, SharePoint Online, Teams, and OneDrive for Business – using Microsoft Purview Information Protection, DLP policies, and sensitivity labels. Our Microsoft-certified experts guide you through hands-on implementation, leveraging built-in compliance tools, secure collaboration features, and audit-ready reporting. Microsoft 365 Security Audit & Automation Evaluate and strengthen your Microsoft 365 security posture with comprehensive audits across Exchange Online, SharePoint, Teams, and OneDrive for Business. Our Microsoft-certified experts assess configurations, permissions, and compliance controls, then implement automated monitoring, alerting, and remediation workflows using Microsoft Purview, Defender, and Sentinel. Regulatory Framework Expertise At Cybersherpa, we turn complex regulations into clear, actionable strategies. Our team combines deep knowledge of global standards with field-tested experience, helping organizations navigate ISO, NIST, GDPR, DORA, NIS2, and beyond. We don’t just advise—we stand with you to ensure compliance drives resilience and growth. ISO 27001/27002 – Information security & enterprise risk management. NIST Cybersecurity Framework (CSF) – Cyber resilience and operational risk. COBIT – IT governance and control objectives. LPD Suisse, GDPR, DORA, NIS2, AI Act – European regulatory alignment for data, digital resilience, and AI. PCI DSS – Assurance and trust for digital services. Regulatory Heatmaps & Gap Analysis Maturity Models & Benchmarks – Peer comparison and industry best practice alignment.

THERE’S NOTHING HERE... The link you followed may be broken, or the page might have moved. Back to Homepage