Cyber Resilience Platform

adesso and Panik Button B.V.

Working together to keep you operational when your primary IT fails

adesso and Panik Button are combining their strengths to ensure businesses remain operational in the event of a cyber incident. Based on the analysis and documentation we have produced, we configure the Panik Button – a globally patented cyber resilience platform. In the event of an emergency, it activates a fully isolated Microsoft 365 fallback environment via Infrastructure-as-Code: within an hour, communication channels, war rooms and contingency plans are available – and your organisation remains operational whilst the primary IT infrastructure is being restored.

Contact us

Benefits at a glance

What the panic button does

  • Isolated M365 fallback tenant – physically non-existent during normal operation, no lateral movement possible
  • Focus on the Minimum Viable Company: communication, coordination and truly critical business processes continue
  • Predefined war rooms for management, IT, crisis communication and specialist departments
  • Audit-proof documentation of all steps – compliant with audit and BSI requirements
  • Regulatory coverage: NIS2, KRITIS, DORA, ISO 27001 & 22301
  • Recovery Time Objective < 1 hour – from activation to a fully operational fallback environment
Why our partnership matters

Technological excellence meets security consulting expertise

adesso translates your cyber resilience requirements into practical architectures, roles and activation workflows – directly embedded within the panic button platform.

Isolated M365 fallback tenant

Physically non-existent during normal operation – no lateral movement possible from the compromised primary IT. Activation via Infrastructure-as-Code in under 60 minutes.

Minimum Viable Company

Focus on communication, coordination and the truly critical business processes – whilst the primary IT is being cleaned up. Critical information is synchronised once a day via quarantine zones.

Predefined war rooms

Structured crisis rooms for management, IT, crisis communication and specialist departments – individually configured for almost every specialist department.

Audit-proof documentation

Seamless, audit- and BSI-compliant logging of all steps. Demonstration of due diligence, including to supervisory authorities, auditors and regulators.



More about the adesso Security Portfolio

Learn more

How adesso supports you at every stage

From the initial business impact analysis to a ready-to-use training environment – adesso provides consulting, integration and training from a single source.

  • Analysis & Strategy

    Integrate BIA results directly

    The results of the Business Impact Analysis are incorporated directly into the configuration of the panic button – critical processes, roles and escalation paths are stored as templates.

  • Plans & Documentation

    Emergency manual at the touch of a button

    The emergency manual, recovery plan and communication plans are stored in the Panic Button and are available at the touch of a button in an emergency – versioned, up to date and easily accessible.

  • Exercises & training

    Real-world conditions, genuine learning outcomes

    Staff drills and live exercises are carried out directly within the Panic Button – your crisis team practises under realistic conditions in the environment that matters in an emergency.

We have predefined a dedicated war room for almost every specialist department. Critical information and documents are synchronised once a day via quarantine zones. In an emergency, we can be up and running again within an hour. A reassuring feeling for everyone – from management right down to the shop floor.
CISO, Energy Supplier (KRITIS) with over 27,000 employees

Key topics

What might be of interest to you following implementation

Business Continuity Management

BIA, BCMS implementation and ISO 22301-compliant documentation as the methodological basis for the panic button configuration.

Microsoft 365 Security Architecture

Securing the primary tenant with Defender XDR, Purview, Entra ID and Conditional Access as the foundation for resilient hybrid architectures.

Crisis management & exercises

Tabletop and live exercises, staff training and lessons-learned processes directly within the panic button – for KRITIS, DORA and NIS2.

DORA & KRITIS-Compliance

Mapping the Panic Button architecture to DORA Art. 11/17 (ICT BCP/DR), KRITIS proof of protection and MaRisk AT 7.3.

Data Backup & Quarantine Architecture

Design of secure data synchronisation pipelines between primary and fallback tenants under strict isolation conditions.

Governance & Role Model

RACI model for the crisis management team, integration into the Three Lines of Defence model and 3LoD-compliant escalation logic.

Regulatory coverage

  • NIS2
    What does NIS2 mean? The EU directive requires companies in critical sectors to remain demonstrably operational in the event of a cyber incident. Managing directors are personally liable for breaches of reporting obligations or minimum protection requirements.
  • KRITIS
    What does KRITIS mean? Operators of critical infrastructure – energy, water, healthcare, transport – must maintain operations as far as possible even under active attack. The BSI checks whether protective measures are actually effective in technical terms, not just documented.
  • DORA
    What does DORA mean? The Digital Operational Resilience Act requires financial firms and their IT service providers to ensure digital operational stability even in the event of serious disruptions. Communication and reporting channels must function – even if the primary IT systems are compromised.
  • ISO 27001
    What does ISO 27001 mean? The international standard for information security management requires demonstrable protection of critical processes – even in an emergency. A pre-configured emergency environment provides directly verifiable evidence for audit and certification.
  • ISO 22301
    What does ISO 22301 mean? The standard for Business Continuity Management ( ) defines how organisations must be prepared for disruptive events – from communication chains to recovery times. It requires solutions that can be activated, not theoretical contingency plans.
  • • BSI-compliant
    What does BSI-compliant mean? The German Federal Office for Information Security (BSI) sets out binding requirements for digital infrastructures through IT-Grundschutz and the BSI Compendium. BSI compliance makes the solution used verifiable to authorities, partners and insurers.
Press

adesso and Panik Button enable companies to respond effectively in the event of a cyber incident

AI-powered attack methods further shorten the time between a vulnerability being discovered and its exploitation. For businesses, this means: the question is not whether an incident will occur, but when – and whether they will still be able to act.

Mehr lesen

Do you have any questions?

Let’s brainstorm together on how we can identify and minimise existing risks in the context of cyber and information security in your company.

Our services of the adesso Security Services portfolio are at your disposal.