Clarity on Cyber Security | KPMG | CH
close
Share with your friends
Driving growth with confidence

Clarity on Cyber
Security

The highest level of cyber resilience is key in a digital economy. Without resilience, there is little confidence. And without confidence, there can be no trust. Cyber security should be at the heart of any sustainable growth strategy.

Clarity in 100 seconds

Cyber security in Swiss companies: a world of contradictions

Our survey suggests that most Swiss companies are aware of cyber threats but are not taking enough action to manage the risks. Find out more about this contradiction in different areas:

0 %

say their boards see cyber security as an operational risk.

0 %

But only 23% carry out cyber security due diligence when investing in a company or entering into a merger.

0 %

believe the main issue in managing third party risks is insufficient transparency over the effectiveness of a supplier’s control framework.

0 %

Yet, only 18% of cyber response plans cover attacks against suppliers or business partners.

0 %

confirm that GDPR applies to their organization.

0 %

However, only 64% of cyber response plans cover breaches of personal data.

0 %

see Digital IDs as an important step towards trusted interactions with clients.

0 %

But only 35% have plans to support Digital IDs in their products or services.

Percentages and statements relate to responses to KPMG’s Cyber Security Survey 2018

Why proactively addressing cyber security is vital to business growth

Robust cyber security is a prerequisite for Swiss businesses to succeed in our data-driven, technology-enabled economy. But there remains a huge amount of work to be done. In part due to the constant evolution of cyber security, which sees new technologies, opportunities and challenges come to the fore. And in part due to the need for businesses across Switzerland to take much more concerted action to achieve cyber resilience.

Matthias Bossardt

Partner, Head of Cyber Security

Contact details

How can we support you?

Contact us

Send online RFP now

Four critical success factors

1. Dealing with the upsides and exposures of new technology

From artificial intelligence to the Internet of Things and blockchain, the noise surrounding new technologies seems to continuously intensify. While such technologies can offer great potential, they also increase the surface area for cyber attacks. Which may be why almost half of Swiss businesses (a majority in financial services) are evaluating the use of blockchain. However, only 8% have already implemented specific measures to deal with the security risk.

Is your organization evaluating blockchain technology for potential use cases?

Percentages and statements relate to responses to KPMG’s Cyber Security Survey 2018

Blockchain represents great potential but also massive challenges. Huge sums of money could be lost through error or malicious action if we don’t invest enough in security and threat prevention.
Oliver Bussmann, President, Crypto Valley Association

Blockchain technologies enable completely new business models that could help drive business growth for many years to come. The Crypto Valley Association gives its view on how to seize the opportunity while raising awareness of blockchain among the vast range of stakeholders.

Read the full interview in the publication

2. Incorporating cyber security into due diligence process

Companies would never dream of failing to carry out financial due diligence on a prospective acquisition target or merger partner. Indeed, due diligences tend to be extensive and provide valuable input to risk avoidance, synergy evaluation, and enterprise valuations. But it seems that companies overlook cyber security despite its importance. Only 23% incorporate specific cyber security evaluations into their due diligence process. The potential exposure to unknown cyber risks is therefore huge.

When your company invests in another company or enters into a merger, does it carry out cyber security evaluations as part of the due diligence?

Percentages and statements relate to responses to KPMG’s Cyber Security Survey 2018

Companies are increasingly expected to have a clear strategy towards cyber security and privacy risks. Building it into your due diligence is vital to protecting both investors and customers.
Christian Unger, Managing Director and Co-Head Industry Value Creation, Partners Group

With the role of cyber security in Environmental, Social and Governance approaches, its importance to public and private markets is growing. Partners Group discusses their practical experience of using cyber due diligence to assess the cyber and privacy risks of companies in which they consider investing.

Read the full interview in the publication

3. Using digital IDs to generate trust with customers

Trusted relationships are key to business growth. At the heart of this is parties knowing precisely who they are dealing with. Incorporating Digital IDs into products and services is key, but not enough Swiss organization are doing so yet. Only 34% confirm that the use of digital IDs is strategically important to their business.

Is the use of Digital IDs of strategic importance in your organization?

Percentages and statements relate to responses to KPMG’s Cyber Security Survey 2018

As a growing number of activities are carried out online, users need to be confident that the environment is secure and reliable. Digital IDs are an integral part of building this trust.
Markus Naef, CEO, SwissSign

SwissID is a key step forward in establishing electronic identities as Switzerland’s economy continues to digitalize. SwissSign share their insights into how digital IDs can be simple, safe and convenient in an age of blockchain and cyber risk.

Read the full interview in the publication

4. Mitigating risks along the entire value chain

Our hyper-connected world means that issues at a supplier or a business partner can pose a very real threat to your own business. And as business ecosystems become more complex and integrated, spotting these issues is increasingly challenging. However, one-third of Swiss businesses do not require their contracts with third parties to cover cyber security measures.

Do you require specific cyber security measures in third-party contracts?

Percentages and statements relate to responses to KPMG’s Cyber Security Survey 2018

No organization can afford to view its own resilience in isolation from the rest of its ecosystem. Understanding risks at other parties in your value chain is necessary for self-protection.
Matthias Bossardt, Head of Cyber Security, KPMG Switzerland

Ever-closer relationships. Outsourced business processes. Increasingly open APIs. Efforts to maintain your organization’s cyber security no longer stop at your front door. But as firms get better at collaborating for efficiency and growth, the same should be true when building resilience.

Read more in the publication

Clarity on Cyber Security

Get the full publication

Download the PDF now

KPMG Switzerland

Your contact

Matthias Bossardt

Partner, Head of Cyber Security

Contact details

Thomas Bolliger

Partner, Head of Information Governance & Compliance

Contact details

Nico van der Beken

Partner, Head of Forensic Technology

Contact details

Cyber jobs

Apply now

Further information

Media release

Dangerous solo efforts in the fight against cybercrime

Read more
Blog article

What are the key messages to businesses in Switzerland? Matthias Bossardt offers answers.

Read more
Information Protection and Business Resilience

KPMG assists clients in conducting risk assessments by identifying technology threats.

Read more
Information Governance and Compliance

KPMG offers data governance and compliance services that cover all relevant aspects of data protection.

Read more