Cyber security | KPMG | BM

Cyber security

Cyber security

The threats from cyber adversaries are continuing to grow in scale and sophistication.

The threats from cyber adversaries are continuing to grow in scale and sophistication.

The digital environment presents opportunities for business that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to cyber security risk.

The constant evolving threat landscape means that cyber risk is an everyday business consideration. This undoubtedly presents a feeling of vulnerability, which has been leveraged by some to increase budget and to sell products. We have often found that this results in significant sums of investment on ineffective programmes with poor alignment to risk and business imperatives. Cyber security is not a quick technical fix nor is it a matter solely for the IT department.

At KPMG we see all too often these behaviours leave leadership wondering what they really need to do, how much is really enough and who can they trust to help them get it right.

We believe that by turning traditional thinking on its head, adopting a positive approach to managing cyber risk, will set organisations free to achieve their business aspirations.

How we can help

KPMG’s Cyber Security practice provides independent, jargon-free advice and advanced technology capabilities to help you proactively and reactively manage your technology risks:

  • Security Governance and Risk Management, including security governance assessment, Cyber Maturity Assessment (CMA), privacy risk and maturity assessment, Privacy Impact Assessment (PIA), security risk assessment, cloud risk assessment, Mobile Chief Information Security Officer (CISO), security awareness training, steering committee and board participation
  • Certification and Assurance, including NZISM and PSR assessments, third party assurance e.g. ISAE 3402 and SAE 3150, security assurance program development, ISO 27001 and ISO 22301 accreditation, PCI DSS advisory, Technical Quality Assurance (TQA), certification and accreditation services
  • Security Testing, including penetration and red team testing, vulnerability assessment, secure code review, accelerated user access training, physical security assessment, system and infrastructure configuration testing, wireless security review, go-live readiness assessment social engineering testing, data loss assessment
  • Computer Forensics and Incident Response, including security incident response, computer forensics, electronic evidence preservation, cyber crime investigations.

Connect with us

 

Request for proposal

 

Submit

Key Contact