Cyber solutions for the mid market

Helping you prevent, detect and respond to cyber threats

In Australia, cyber crime costs the economy billions of dollars every year, with medium-sized businesses suffering the highest average loss.

As the number, type and sophistication of cyber attacks increase daily, it is no longer a case of if, but when it will happen to your business.

In this environment, digital trust is paramount to Australian consumers and business customers. Knowing their information is protected and meets regulatory cyber security standards are key factors in deciding who they do business with.

Cyber security needs to be prioritised across all areas of your business so you can ensure and demonstrate to customers, employees, stakeholders and regulators that appropriate safeguards are in place.

Prevent, detect and respond to cyber threats with KPMG’s right-sized cyber solutions. Protect your most important assets and build a cyber resilient business by partnering with specialists who give you the confidence that you’re as prepared as possible.


Helping you confidently manage your security risk

  • Improve cyber resilience

    Whether you’re tapping into new markets, moving services online or looking to innovate, we enable you to do it as securely and safely as possible.

  • Get prepared

    Know you're ready for when the worst does happen. We help you uplift your detection and response capabilities through security testing, cyber analytics, and security information and event management solutions.

  • Protect your data (and your customers)

    Get peace of mind knowing you're meeting the expected standards around privacy and data protection, identity management, and access management through practical and affordable solutions.

Right-sized cyber solutions and services

  • Cyber Maturity Assessment

    Cyber Maturity Assessment

    Get clarity on where you are now, and a pathway to where you want to be. Identify and remediate security control gaps and risks and make informed cyber security investment decisions using leading frameworks and regulatory standards such as ISO27001, NIST CSF, AECSF, SOCI, PCI DSS, Australian Privacy Principles, and SOC2.

    What you can expect
    • An agreed risk appetite statement that reflects your risk tolerance.
    • A clear view of the cyber threats to your business with a likelihood and impact map.
    • How these translate into risks specific to you.
    • An assessment of your cyber control maturity using KPMG’s Cyber Maturity Assessment (CMA) framework.
    • A tangible and actionable roadmap of cyber uplift activities to reduce risk fast.
  • CISO Advisor and Cyber Security-as-a-Service

    CISO Advisor and Cyber Security-as-a-Service

    Get specialised support and guidance to increase cyber posture and advance cyber maturity. Gain valuable resources and experience from a team of three to four specialists with expertise across all cyber security aspects, optimised and flexible to your needs and budget.

    How we help you
    • Cyber strategy and roadmap.
    • Cyber risk mapping.
    • Cyber security capability, and resilience uplift.
    • Cyber threat and incident management.
    • Data protection and data privacy.
    • Cyber and data governance and board reporting.
    • Cyber operation and vendor management.
    • Cyber security framework.
    • Cyber security ad hoc activities relative to your industry and business.
  • Incident response

    Incident response

    Cyber incidents happen to anyone at any time. Get effective and efficient help before, during and after an attack so you can prepare, respond and rebuild while complying with your obligations.

    How we can help you
    • Incident response readiness to assess, test and build capabilities.
    • Incident response tabletop exercises for your executive and board.
    • Incident response management and digital forensics.
    • Regulatory, remediation and communication assistance.
    • Post-incident support to manage impact and risk.
    • Root cause analysis and improvement recommendations.
  • Cyber security governance, risk & compliance management

    Cyber security governance, risk & compliance management

    Understand and meet your cyber security regulatory, contractual, and compliance obligations with specialised services from industry experts.

    How we help you
    • Cyber governance and risk management framework.
    • Controls design review and uplift guidance.
    • Targeted management analysis, internal audits and standalone reviews.
    • Compliance audits for contractual, regulatory, and legislative requirements.
  • Cyber resilience testing

    Cyber resilience testing

    Get an objective security assessment of your IT systems. By emulating real-life threat agents, such as disgruntled employees and external hackers, we identify the true technical risks, enabling you to implement appropriate controls.

    How we help you
    • Application security testing.
    • Network infrastructure security testing.
    • People security testing.
    • Cyber and business resilience testing.
  • Cyber solutions

    Cyber solutions

    Tap into world-class turnkey cyber solutions from KPMG or our alliance partners that are scaled to your business. Get your network environment monitored 24 hours a day, 7 days a week through an affordable, integrated cyber attack detection, response and threat intelligence service.

    The managed Security Operations Centre (SOC) is a cloud-based service available through KPMG’s international alliances with leading cyber security technology and services providers specialising in cyber security operations, monitoring and detection.

    How we help you
    • Managed Security Incident and Event Management – designed for businesses with an existing security information and event management (SIEM) function.
    • Security Operations Centre – designed for businesses that need a solution combining technology and professional services in one offering.

Meet the team

  • Dominika Zerbe-Anders
    Dominika Zerbe-Anders
    Dominika Zerbe-Anders, Cyber Human Risk Partner & Solution Owner | ASPAC Women in Cyber Leader – KPMG Australia

    Dominika is a distinguished Cyber Partner with KPMG Australia, where she spearheads the Cyber Human Risk Management capability. She is a cyber resilience Partner with a passion for people, strategy and change.

  • Gordon Pereira
    Gordon Pereira
    Gordon Pereira, Director, Enterprise Risk and Cyber Consulting – KPMG Australia

    Gordon specialises in conducting internal audit, governance, risk and compliance reviews and has worked in each line of defence. He has a deep understanding of technology and cyber risks, and the changing digital landscape.