Cyber solutions for the mid market

Helping you prevent, detect and respond to cyber threats

In Australia, a new cyber crime is reported every seven minutes. During FY22, over 76,000 cyber crimes were reported, with medium size businesses suffering the highest average loss.

Cyber crime is estimated to cost the Australian economy $42 billion every year.1 As the number, type and sophistication of cyber attacks increase daily, it is no longer a case of if, but when it will happen to your business.

In this environment, digital trust is paramount to Australian consumers and business customers. Knowing their information is protected and meets regulatory cyber security standards are key factors in deciding who they do business with.

Cyber security needs to be prioritised across all areas of your business so you can ensure and demonstrate to customers, employees, stakeholders and regulators that appropriate safeguards are in place.

Prevent, detect and respond to cyber threats with KPMG’s right-sized cyber solutions. Protect your most important assets and build a cyber resilient business by partnering with specialists who give you the confidence that you’re as prepared as possible.

  • $276,323

    is the average loss of a Business Email Compromise (BEC) attack.*

  • 23 days

    is the average time to resolve an attack, increasing to 51 days if the attack was an insider threat, contractor or employee.

  • 16

    different types of cyber crime your business is vulnerable to.

* Cost of cyber attacks in Australia – factsheet (PDF 107KB)

1 Source: Cybercrime in Australia: 20 years of in-action. Nigel Phair, November 2021

Helping you confidently manage your security risk

  • Improve cyber resilience

    Whether you’re tapping into new markets, moving services online or looking to innovate, we enable you to do it as securely and safely as possible.

  • Get prepared

    Know you're ready for when the worst does happen. We help you uplift your detection and response capabilities through security testing, cyber analytics, and security information and event management solutions.

  • Protect your data (and your customers)

    Get peace of mind knowing you're meeting the expected standards around privacy and data protection, identity management, and access management through practical and affordable solutions.

Right-sized cyber solutions and services

  • Cyber Maturity Assessment

    Cyber Maturity Assessment

    Get clarity on where you are now, and a pathway to where you want to be. Identify and remediate security control gaps and risks and make informed cyber security investment decisions using leading frameworks and regulatory standards such as ISO27001, NIST CSF, AECSF, SOCI, PCI DSS, Australian Privacy Principles, and SOC2.

    What you can expect
    • An agreed risk appetite statement that reflects your risk tolerance.
    • A clear view of the cyber threats to your business with a likelihood and impact map.
    • How these translate into risks specific to you.
    • An assessment of your cyber control maturity using KPMG’s Cyber Maturity Assessment (CMA) framework.
    • A tangible and actionable roadmap of cyber uplift activities to reduce risk fast.
  • CISO Advisor and Cyber Security-as-a-Service

    CISO Advisor and Cyber Security-as-a-Service

    Get specialised support and guidance to increase cyber posture and advance cyber maturity. Gain valuable resources and experience from a team of three to four specialists with expertise across all cyber security aspects, optimised and flexible to your needs and budget.

    How we help you
    • Cyber strategy and roadmap.
    • Cyber risk mapping.
    • Cyber security capability, and resilience uplift.
    • Cyber threat and incident management.
    • Data protection and data privacy.
    • Cyber and data governance and board reporting.
    • Cyber operation and vendor management.
    • Cyber security framework.
    • Cyber security ad hoc activities relative to your industry and business.
  • Incident response

    Incident response

    Cyber incidents happen to anyone at any time. Get effective and efficient help before, during and after an attack so you can prepare, respond and rebuild while complying with your obligations.

    How we can help you
    • Incident response readiness to assess, test and build capabilities.
    • Incident response tabletop exercises for your executive and board.
    • Incident response management and digital forensics.
    • Regulatory, remediation and communication assistance.
    • Post-incident support to manage impact and risk.
    • Root cause analysis and improvement recommendations.
  • Cyber security governance, risk & compliance management

    Cyber security governance, risk & compliance management

    Understand and meet your cyber security regulatory, contractual, and compliance obligations with specialised services from industry experts.

    How we help you
    • Cyber governance and risk management framework.
    • Controls design review and uplift guidance.
    • Targeted management analysis, internal audits and standalone reviews.
    • Compliance audits for contractual, regulatory, and legislative requirements.
  • Cyber resilience testing

    Cyber resilience testing

    Get an objective security assessment of your IT systems. By emulating real-life threat agents, such as disgruntled employees and external hackers, we identify the true technical risks, enabling you to implement appropriate controls.

    How we help you
    • Application security testing.
    • Network infrastructure security testing.
    • People security testing.
    • Cyber and business resilience testing.
  • Cyber solutions

    Cyber solutions

    Tap into world-class turnkey cyber solutions from KPMG or our alliance partners that are scaled to your business. Get your network environment monitored 24 hours a day, 7 days a week through an affordable, integrated cyber attack detection, response and threat intelligence service.

    The managed Security Operations Centre (SOC) is a cloud-based service available through KPMG’s international alliances with leading cyber security technology and services providers specialising in cyber security operations, monitoring and detection.

    How we help you
    • Managed Security Incident and Event Management – designed for businesses with an existing security information and event management (SIEM) function.
    • Security Operations Centre – designed for businesses that need a solution combining technology and professional services in one offering.

Meet the team

  • Gergana Winzer
    Gergana Winzer
    Gergana Winzer, Partner, National Cyber Lead Mid Market – KPMG Australia

    An IT and cyber security professional, Gergana works with clients to develop creative approaches to reduce their cyber and data security risks. She assists organisations to improve their cyber security posture and supports them to achieve cyber resilient outcomes.

  • Gordon Pereira
    Gordon Pereira
    Gordon Pereira, Director, Enterprise Risk and Cyber Consulting – KPMG Australia

    Gordon specialises in conducting internal audit, governance, risk and compliance reviews and has worked in each line of defence. He has a deep understanding of technology and cyber risks, and the changing digital landscape.