Cyber solutions for the mid market
Your cyber security team, when you need us.
The average cost of a cyber attack to a business is $274k^, yet almost half of businesses only spend $500 a year protecting their business.*
Australian consumers are becoming more concerned about cyber security, and trust in a company's ability to protect their information is becoming a key decision maker in who they do business with.
Cybercrime is currently believed to cost Australians more than $1 billion every year, and businesses in both the private and public sector have been compromised. This heightened risk environment, coupled with increased regulatory requirements, means that cyber security needs to be a key priority and area of concern for organisations, and it's not just IT departments that are bearing the burden. Boards, audit committee and executives are responsible for ensuring and demonstrating to customers, employees and all stakeholders and regulators that appropriate safeguards are in place.
Cyber is a whole-of-business concern.
KPMG's specialised cyber solutions offering is tailored to help private, mid market and family business outpace cyber threats and protect their most important assets - their customers, their business, their people and their data. Our dedicated cyber team can help our clients implement the building blocks for a cyber resilient organisation so they have the confidence to focus on what will truly make an impact and help them succeed.
* business.vic.gov.au
^ cyber.gov.au
What are the benefits?
-
Cyber governance and transformation
Establish compliant and secure cyber security foundations through a cyber transformation program that includes a data and legal framework review and capability uplift.
-
Threat and intelligence management
Detection and real-time response to threats and cyber incidents, including security testing, cyber analytics, incident response and SOC/SIEM capability uplift.
-
Data and identity protection
Practical and affordable technical and business solutions to address areas such as privacy and data protection, identity management, and access management.
Our specialised cyber solutions and services
-
Cyber health check Cyber health check
An objective assessment of your cyber risk profile in the context of the current threat landscape to help you identify and remediate any security control gaps and risks. This may also help you to prioritise the future investment to enhance business risk reduction.
Expected outcomes of a Cyber health check include:
- An agreed risk appetite statement that reflects your risk tolerance.
- A clear view of the cyber threats that you face.
- How these cyber threats translate into risks for you based on your information assets combined with the control environment.
- An assessment of your cyber control maturity using KPMG Cyber Maturity Assessment (CMA) framework that is based on industry standards (ISO, NIST).
- A tangible and executable roadmap of cyber uplift activities, which are prioritised based on the risk reduction.
-
Incident response Incident response
A cyber incident can happen to anyone, any time. We can offer you specialised incident response services to help effectively and efficiently respond to an incident and get you back up and running as quickly as possible and comply with your obligations.
Prior to detecting an incident
Incident Response readiness services help you to prepare for the inevitable cyber security incidents. We can assess current capabilities, test them using table top exercises or in-depth technical war games and help build any identified capability gaps. We can work with you to be prepared, strengthen your defences and identify who to call and the chain of command. This helps you to mitigate the impact of and effectively respond to cyber attacks.
When an incident is detected
Tackle incidents of high complexity by providing wide support during incidents, ranging from incident response and management and digital forensics, to assistance dealing with regulatory matters, remediation, communication. We understand that the highest priority for you during cyber incidents is to continue with or return as soon as possible to business as usual with minimal impact. KPMG’s in-depth industry experience and familiarity with your business helps provide targeted and practical advice.
Compliance audits
Post a cyber incident: Provide full post-incident support to you so that operations can return to normal mode with least cost and impact and manage identified risks as a result of the incident. We can also follow a cyber attack with a thorough analysis of root cause and improvement recommendations.
-
Virtual CISO services Virtual CISO services
As you go along your journey of implementing the changes put forward by a cyber capability uplift roadmap, you may need specialised advice or support in certain areas. We provide a service that allows you access that specialised advice/support from us, as and when you need it.
Support we can offer:
- Cyber strategy review and development.
- Cyber risk management.
- Cyber capability uplift.
- Cyber threat management.
- Business resilience.
- Incident management.
- Data protection and data privacy;
- Cyber and data governance and board reporting; and
- Cyber operation management and vendor management.
-
Cyber security governance, risk & compliance management Cyber security governance, risk & compliance management
We can help you in understanding and meeting your regulatory, contractual and compliance obligations (CPS 234/PCI etc.) in relation to cyber security. We can support you with targeted reviews, full scope audits and advisory projects to meet your compliance requirements through the below services.
Cyber governance and controls advisory
We can help you understand what effective cyber security governance and risk management tools should look like taking into account your specific requirements and needs. We can also assess your control design and advise on any uplifts to fit-for-purpose controls.
Management analysis
Targeted analysis of one or more areas of cyber security, performed either as internal audits or standalone reviews, to provide you and your stakeholders with insights into what is working and what is not.
Compliance audits
We can help you assess your compliance to a set of requirements – contractual, regulatory, legislative. This may be necessary for you to complete as part of a mandatory filing, because you want to work with a client that requires this as part supplier governance or because executives want to demonstrate to market how cyber secure you are.
Meet the team
Our specialist insights
-
KPMG Cyber Learning Unlock: a behaviour change program
Accelerate, optimise, and uplift your cyber security culture with a next gen human risk management and cyber security training program.
-
Cyber safe: Protecting local councils’ data from cyber attacks
How local governments can build robust cyber security in a maturing digital landscape.
-
Building digital trust through cyber security and privacy
Cyber security strategy is critical to build trust with key stakeholders. Understand how cyber can support the business through eight key insights.
-
Cyber security considerations 2022
Cyber security strategy is critical to build trust with key stakeholders. Understand how cyber can support the business through eight key insights.
Find out more
Fill in your details and one of our cyber team will get in touch to discuss how we can help you outpace cyber threats.