In Australia, a new cyber crime is reported every seven minutes. During FY22, over 76,000 cyber crimes were reported, with medium size businesses suffering the highest average loss.
Cyber crime is estimated to cost the Australian economy $42 billion every year. As the number, type and sophistication of cyber attacks increase daily, it is no longer a case of if, but when it will happen to your business.
In this environment, digital trust is paramount to Australian consumers and business customers. Knowing their information is protected and meets regulatory cyber security standards are key factors in deciding who they do business with.
Cyber security needs to be prioritised across all areas of your business so you can ensure and demonstrate to customers, employees, stakeholders and regulators that appropriate safeguards are in place.
Prevent, detect and respond to cyber threats with KPMG’s right-sized cyber solutions. Protect your most important assets and build a cyber resilient business by partnering with specialists who give you the confidence that you’re as prepared as possible.
is the average loss of a Business Email Compromise (BEC) attack.*
- 23 days
is the average time to resolve an attack, increasing to 51 days if the attack was an insider threat, contractor or employee.
different types of cyber crime your business is vulnerable to.
Helping you confidently manage your security risk
Improve cyber resilience
Whether you’re tapping into new markets, moving services online or looking to innovate, we enable you to do it as securely and safely as possible.
Know you're ready for when the worst does happen. We help you uplift your detection and response capabilities through security testing, cyber analytics, and security information and event management solutions.
Protect your data (and your customers)
Get peace of mind knowing you're meeting the expected standards around privacy and data protection, identity management, and access management through practical and affordable solutions.
Right-sized cyber solutions and services
Cyber Maturity Assessment
Get clarity on where you are now, and a pathway to where you want to be. Identify and remediate security control gaps and risks and make informed cyber security investment decisions using leading frameworks and regulatory standards such as ISO27001, NIST CSF, AECSF, SOCI, PCI DSS, Australian Privacy Principles, and SOC2.
What you can expect
- An agreed risk appetite statement that reflects your risk tolerance.
- A clear view of the cyber threats to your business with a likelihood and impact map.
- How these translate into risks specific to you.
- An assessment of your cyber control maturity using KPMG’s Cyber Maturity Assessment (CMA) framework.
- A tangible and actionable roadmap of cyber uplift activities to reduce risk fast.
CISO Advisor and Cyber Security-as-a-Service
Get specialised support and guidance to increase cyber posture and advance cyber maturity. Gain valuable resources and experience from a team of three to four specialists with expertise across all cyber security aspects, optimised and flexible to your needs and budget.
How we help you
- Cyber strategy and roadmap.
- Cyber risk mapping.
- Cyber security capability, and resilience uplift.
- Cyber threat and incident management.
- Data protection and data privacy.
- Cyber and data governance and board reporting.
- Cyber operation and vendor management.
- Cyber security framework.
- Cyber security ad hoc activities relative to your industry and business.
Cyber incidents happen to anyone at any time. Get effective and efficient help before, during and after an attack so you can prepare, respond and rebuild while complying with your obligations.
How we can help you
- Incident response readiness to assess, test and build capabilities.
- Incident response tabletop exercises for your executive and board.
- Incident response management and digital forensics.
- Regulatory, remediation and communication assistance.
- Post-incident support to manage impact and risk.
- Root cause analysis and improvement recommendations.
Cyber security governance, risk & compliance management
Understand and meet your cyber security regulatory, contractual, and compliance obligations with specialised services from industry experts.
How we help you
- Cyber governance and risk management framework.
- Controls design review and uplift guidance.
- Targeted management analysis, internal audits and standalone reviews.
- Compliance audits for contractual, regulatory, and legislative requirements.
Cyber resilience testing
Get an objective security assessment of your IT systems. By emulating real-life threat agents, such as disgruntled employees and external hackers, we identify the true technical risks, enabling you to implement appropriate controls.
How we help you
- Application security testing.
- Network infrastructure security testing.
- People security testing.
- Cyber and business resilience testing.
Tap into world-class turnkey cyber solutions from KPMG or our alliance partners that are scaled to your business. Get your network environment monitored 24 hours a day, 7 days a week through an affordable, integrated cyber attack detection, response and threat intelligence service.
The managed Security Operations Centre (SOC) is a cloud-based service available through KPMG’s international alliances with leading cyber security technology and services providers specialising in cyber security operations, monitoring and detection.
How we help you
- Managed Security Incident and Event Management – designed for businesses with an existing security information and event management (SIEM) function.
- Security Operations Centre – designed for businesses that need a solution combining technology and professional services in one offering.
Meet the team
Gergana WinzerGergana Winzer, Partner, National Cyber Lead Mid Market – KPMG Australia
An IT and cyber security professional, Gergana works with clients to develop creative approaches to reduce their cyber and data security risks. She assists organisations to improve their cyber security posture and supports them to achieve cyber resilient outcomes.
Gordon PereiraGordon Pereira, Director, Enterprise Risk and Cyber Consulting – KPMG Australia
Gordon specialises in conducting internal audit, governance, risk and compliance reviews and has worked in each line of defence. He has a deep understanding of technology and cyber risks, and the changing digital landscape.
Our specialist insights
Virtual CISOs: the right solution to mid market cyber risks?
As cyber security becomes a more prevalent business problem, mid market players without a CISO are left exposed and vulnerable to attacks.
Four must-know cyber trends for the mid market
Sixty percent of targeted cyber attacks in FY21/22 struck small and medium enterprises. KPMG shares four cyber trends and practical ways to respond.
Mid market: a holistic approach to boost cyber resilience
A more connected world has increased risk and expectation. In response, the mid market can implement holistic cyber security strategies.
KPMG Cyber Learning Unlock: a behaviour change program
Accelerate, optimise, and uplift your cyber security culture with a next gen human risk management and cyber security training program.
Let us help
Confidently managing your cyber risk starts here. Fill in your details, and our cyber team will be in touch.