Together with my team, I support organizations with their data and AI initiatives - as an architect and translator between business, IT and security.
This turns complexity into clear, actionable solutions.
OpenClaw marks a shift in how we work with AI: alongside the familiar workflow agents, a new kind of personal assistant arrives. Workflow agents automate processes across the organization. Personal...
Anthropic keeps pushing the boundaries of what AI systems can deliver out of the box. Claude Design turns conversations into prototypes, pitch decks and interactive wireframes, no design degree, no...
Last week, a story made the rounds: Anthropic unveiled Claude Mythos, an AI model that can reportedly find and exploit security vulnerabilities in major operating systems and browsers on its...
For the past few weeks, we have been running OpenClaw in our infrastructure. It is not just a writing assistant; it actively works across our systems: committing code, managing repositories,...
An AI advisor in Switzerland needs more than technical expertise. Check whether the advisor thinks across business, IT and security, not just one side. Results should be traceable, not hidden behind methodology jargon. Laws like the Swiss DSG and the EU AI Act need to be assessed and turned into concrete recommendations. What counts in the end is whether your organization can make its own decisions afterward.
Philipp Kuntschik leads the advisory practice. The team behind it has worked together for years and knows each other’s strengths and limits. Because the coordination is solid, we can take on larger engagements with a lean structure.
Large consultancies often sell capacity before they understand the problem. Specialized AI advisory starts with clarification and scales the team only when the scope is clear. Short decision paths, no overhead, direct access to the people doing the work.
AI agencies build solutions. AI advisory clarifies whether and which solution is the right one before anything gets built. We factor in governance, security and the operating model from day one. Without that clarification, we do not start.
External AI advisory brings experience from many organizations and industries. Someone who has seen many situations spots patterns that are not visible from the inside. An external advisor challenges assumptions without regard for internal dependencies. The goal stays the same: set up the organization so it can decide on its own.
The principles of ISO 42001 help even without certification. Organizations that steer their AI systems by these principles make better decisions, catch risks earlier and strengthen trust with clients and partners. Certification can follow, but it does not have to. We support both paths: pragmatic governance structures as well as formal certification.
ISO 27001 covers information security. ISO 42001 adds AI-specific requirements: risk assessment, transparency, model monitoring. The EU AI Act defines what the legislator requires. Organizations with an existing ISMS can often embed the AI-specific controls into their current control environment instead of building a second management system.
Swiss companies that offer AI systems in the EU or deploy them there fall under the EU AI Act. Even without an EU connection, many organizations align with the requirements because clients, partners or industry standards expect it. Early classification clarifies which systems are affected and which measures are needed.
AI governance starts with a stocktake. Which AI systems are running or planned? What decisions do they make, and who is responsible? Practical structures build on that, scaled to the size and maturity of the organization. The goal: governance that holds without creating an apparatus that costs more effort than it saves.
An AI readiness assessment examines three axes: data maturity, organizational maturity and technical maturity. The result is not a score but a clear analysis with prioritized recommendations. It shows where the organization stands, what works and where investment has the most impact.
AI systems expand the attack surface beyond traditional IT security. Risks arise from training data, model behavior, interfaces to external services and autonomous agents. We assess these risks and build security requirements into the solution design instead of bolting them on afterward.
AI agents act with increasing autonomy. They access systems, trigger actions and make decisions. Traditional access controls do not cover this. The risks: uncontrolled privilege escalation, data leakage through interfaces, shadow IT from agents without central oversight. Governance and security need to account for these levels of autonomy.
We advise from our base in Chur, Grisons, and regularly support engagements in Zurich and Bern. We work with organizations across the DACH region, on site, remotely or both.
It starts with a short message. Describe what it is about, what you have already considered and what is still open. We will get back to you for an initial conversation. Get in touch.