Challenges on the market:

Public and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face.

Dealing with the cyber threat is a complex challenge. Much of the current focus is on protection and compliance, as organizations – subject to increasing amounts of legislative, corporate and regulatory requirements – demonstrate they are managing and protecting information appropriately.

The Information Security landscape is constantly evolving. Organizations find it difficult to believe they could be a target for cyber-attacks. It is no longer viable to rely only on defense. The determined adversary will get through eventually. As a result, public and private sector entities must know what is going on around them so that they can identify when an attack has taken place or when an attack is imminent. Intelligence and the insight that it brings is at the heart of next generation of Information Security.

How we can help:

As trusted advisors to companies from different industries, KPMG advisors work to find smart, creative and forward-thinking strategies to address cyber security challenges. We analyze the cyber risks your organization faces and if you are adequately prepared to face these attacks. Also we prepare solutions to help you provide effective and efficient protection for the confidentiality and integrity of sensitive data and systems.

KPMG uses its approach, methodology and team to help companies achieve their major objectives in information security: Reinforcing the concept of internal controls; Establishing clear principles of IS security; Allow understanding among owners of key business processes, Increase confidence of management in information systems, Reduce risks of fraud, etc.

Our services in this area:

• The introduction of information system risk management
• Classification of information and help in determining ownership and protective measures
• Development of IT procedures and information security policies alongside trainings
• Preparation for ISO27001 certification
• Compliance analysis against international standards, local regulations and best practices
• Secure usage of mobile devices and the introduction of BYOD practices
• Ethical hacking and penetration testing