Insights

Fresh thinking and actionable insights that address critical issues your organization faces.

Learn more

Resources

Services

KPMG's multi-disciplinary approach and deep, practical industry knowledge help clients meet challenges and respond to opportunities.

Services to meet your business goals

Technology Alliances

KPMG has market-leading alliances with many of the world's leading software and services vendors.

View all Alliances

Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more
Relevant Results
Sorry, there are no results matching your search.
Autocomplete suggestions are available. Use up and down arrows to review and enter to select.
See more results

The gold standard of trust

KPMG helped a global auto manufacturer develop an organization-wide strategy to manage insider risk for its most sensitive data.

Client

A global automotive manufacturer

Sector

Industrial manufacturing

Project

Design and delivery of insider risk management

Client challenge

After sensitive company data was lost during a large workforce reduction, the company’s leadership realized that its ability to successfully protect critical assets was limited and tactical, primarily focused on an IT-related detection capability. The board of directors recommended developing an organization-wide strategy to manage insider risk for its most sensitive corporate data. When internal efforts to develop a strategy proved too slow, the company turned to outside advisors for help.

Our experience-based insights tied to this client's “trusted workforce” core value demonstrated that KPMG had the right people with specific insider risk management experience to lead the project.

Key KPMG initiatives

Unlike other firms that were asked to provide insight into this challenge, KPMG took a rare and altogether different approach. We convened biweekly calls designed to listen to the client, not to pitch or propose, but answering a variety of questions from multiple stakeholders, providing experience-based insights tied to the client’s “trusted workforce” core value, and demonstrating that we had the right people with specific insider risk management experience. At the end of 60 days of relationship-building interaction, we were asked to lead the project—without an RFP.

After three months of fieldwork, KPMG recommended an insider risk management strategy that tapped participation from multiple business functions needed to effectively drive down insider risk quickly. Also included was a three-year execution roadmap to guide continual improvement while controlling spend.

Once approved by the board, KPMG: 

1

Was asked to help execute the first year’s strategy activities, which focused on establishing a cross-stakeholder governance council. 

2

Working with senior leadership to identify and agree upon the company’s most critical assets, and developing specific insider risk scenarios and the recommended prevention, detection, and mitigation controls.

 

3

Subsequently, KPMG was asked to help the client with the day-to-day operation of its evolving insider risk management program.

Business impact

Today, the company has a strategy which recognizes that risk management is not just an IT issue. It’s a multiple stakeholder challenge, requiring board oversight and participation from senior leaders across multiple business functions, along with cross-functional controls and governance.

Importantly, the new strategy helps reinforce a key corporate value: to have the most trusted workforce in the world, supporting the company’s goal to become the most trusted brand.

With our guidance:

1

The automotive manufacturer now agrees on its most important sensitive data, gaining cross-stakeholder buy in to reduce its critical data types from 500 to fewer than 10.

 

2

The company developed three categories of insider threat training—depending on employee access to sensitive data—to reinforce the importance of managing critical assets.

 

 

3

In addition, by providing design input for a proprietary tool to improve detection of insider threats, we helped the company reduce the false positive rate by two-thirds.

Why KPMG?

  • Innovation in risk management

    We deliver a gold-standard strategy for managing insider risk, based on published standards, leading best practices, and the experiences of KPMG professionals, all integrated into a single, executable framework to meet boardroom expectations.

  • A range of subject matter professionals for specific client needs

    Our team includes deeply experienced cyber security professionals as well as complementary specialists. For example, we bring in organizational psychologists to conduct HR transformation, attorneys who focus on privacy laws and regulations, and professionals with law enforcement and intelligence-community backgrounds to advise the corporate security function.

  • Immediate impact

    In addition to delivering a strategy and roadmap, we also develop client-specific scenarios and prevention, detection, and mitigation controls to drive home the immediate impact of insider threats.

Meet our team

Image of Charles A. Jacco
Charles A. Jacco
Principal, Cyber Security, KPMG US
Read bio
Image of Charles A. Jacco
Charles A. Jacco
Principal, Cyber Security, KPMG US
Read bio

Explore other services tailored to your business

Service
Risk, Regulatory and Compliance
Read more
Service
Cyber Security Services
Read more

KPMG. Make the Difference.


Some or all of the services described herein may not be permissible for KPMG audit clients and their affiliates or related entities.

The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act upon such information without appropriate professional advice after a thorough examination of the particular situation. KPMG LLP does not provide legal services.

The information contained herein is not intended to be “written advice concerning one or more Federal tax matters” subject to the requirements of section 10.37(a)(2) of Treasury Department Circular 230.

© 2024 KPMG LLP, a Delaware limited liability partnership and a member firm of the KPMG global organization of independent member firms affiliated with KPMG International Limited, a private English company limited by guarantee. All rights reserved.

For more detail about the structure of the KPMG global organization please visit https://home.kpmg/governance.

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Search now!

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Submit

Office locations

View locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Learn more

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Contact

Headline