A NEW APPROACH TO CYBER SECURITY

Similar documents
Cyber Security Evolved

Addressing Cyber Risk Building robust cyber governance

Cyber Security for audit committees

London Business Interruption Association Technology new risks and opportunities for the Insurance industry

Cyber security. Cyber Security. Digital Employee Experience. Digital Customer Experience. Digital Insight. Payments. Internet of Things

Address C-level Cybersecurity issues to enable and secure Digital transformation

CYBER SECURITY DASHBOARD: MONITOR, ANALYSE AND TAKE CONTROL OF CYBER SECURITY

Cyber Security: from threat to opportunity

Cyber Resilience Implementing the Right Strategy. Grant Brown Security specialist,

The UK cyber security strategy: Landscape review. Cross-government

Cyber security: Are consumer companies up to the challenge?

KPMG Advisory. Microsoft Dynamics CRM. Advisory, Design & Delivery Services. A KPMG Service for G-Cloud V. April 2014

Cyber security Building confidence in your digital future

Cyber Security - What Would a Breach Really Mean for your Business?

Security and Privacy Trends 2014

Cyber Threat Intelligence Move to an intelligencedriven cybersecurity model

CYBERSECURITY IN FINANCIAL SERVICES POINT OF VIEW CHALLENGE 1 REGULATORY COMPLIANCE ACROSS GEOGRAPHIES

Cyber Security, a theme for the boardroom

CYBER SECURITY TRAINING SAFE AND SECURE

Cyber threat intelligence and the lessons from law enforcement. kpmg.com.au

Cybersecurity Strategic Consulting

Information Security Managing The Risk

REPORT. Next steps in cyber security

CYBER SECURITY, A GROWING CIO PRIORITY

ASSUMING A STATE OF COMPROMISE: EFFECTIVE DETECTION OF SECURITY BREACHES

Cyber Security and Privacy Services. Working in partnership with you to protect your organisation from cyber security threats and data theft

Cybersecurity The role of Internal Audit

Cyber Security Risks for Banking Institutions.

Cyber security Building confidence in your digital future

CONNECTING WITH CONFIDENCE: OPTIMISING AUSTRALIA S DIGITAL FUTURE. AIIA Response

CYBER SECURITY AND RISK MANAGEMENT. An Executive level responsibility

Cyber threat intelligence and the lessons from law enforcement. kpmg.com/cybersecurity

Mitigating and managing cyber risk: ten issues to consider

National Cyber Security Policy -2013

Zak Khan Director, Advanced Cyber Defence

Cyber Defence Capability Assessment Tool (CDCAT ) Improving cyber security preparedness through risk and vulnerability analysis

Cyber Governance Preparing for the Inevitable Perimeter Breach

Top 5 reasons incident response is failing. kpmg.com

Central and Eastern European Data Theft Survey 2012

The Changing IT Risk Landscape Understanding and managing existing and emerging risks

Corporate Security in 2016.

Building Blocks of a Cyber Resilience Program. Monika Josi monika.josi@safis.ch

G-Cloud IV Framework Service Definition Accenture Web Application Security Scanning as a Service

PCL2\ \1 CYBER RISKS: RISK MANAGEMENT STRATEGIES

Cyber Security Strategy

Defending against modern cyber threats

Rethinking Information Security for Advanced Threats. CEB Information Risk Leadership Council

FUJITSU Transformational Application Managed Services

Assessing the strength of your security operating model

Access is power. Access management may be an untapped element in a hospital s cybersecurity plan. January kpmg.com

IBM QRadar as a Service

UK ICT Outsourcing Service Provider Performance and Satisfaction (SPPS) Study: 2013

D-G4-L4-126 Police contact management and demand reduction review Deloitte LLP Service for G-Cloud IV

Government Procurement Service

Keynote. Professor Russ Davis Chairperson IC4MF & Work Shop Coordinator for Coordinator for Technology, Innovation and Exploitation.

TAX MANAGEMENT CONSULTING. How can you be more efficient at managing tax?

Secure by design: taking a strategic approach to cybersecurity

Cyber security Time for a new paradigm. Stéphane Hurtaud Partner Information & Technology Risk Deloitte

Unified Cyber Security Monitoring and Management Framework By Vijay Bharti Happiest Minds, Security Services Practice

Seamless Mobile Security for Network Operators. Build a secure foundation for winning new wireless services revenue.

THE WORLD IS MOVING FAST, SECURITY FASTER.

Connecting the dots: A proactive approach to cybersecurity oversight in the boardroom. kpmg.bm

Close the security gap with a unified approach. Detect, block and remediate risks faster with end-to-end visibility of the security cycle

IIA South West Event. A look at key supply chain risks and why contracting is a key step 14 January 2015

MSc Cyber Security. identity. hacker. virus. network. information

Stakeholder management and. communication PROJECT ADVISORY. Leadership Series 3

The enemies ashore Vulnerabilities & hackers: A relationship that works

Cybersecurity. Considerations for the audit committee

Protecting against cyber threats and security breaches

Enterprise Performance Management in the Pharmaceutical Industry. kpmg.co.uk

Services. Cybersecurity. Capgemini & Sogeti. Guiding enterprises and government through digital transformation while keeping them secure

C ETS C/ETS: CYBER INTELLIGENCE + ENTERPRISE SOLUTIONS CSCSS / ENTERPRISE TECHNOLOGY + SECURITY

Financial Services. Internal Audit: What s on the horizon? kpmg.co.uk

Technology and Cyber Resilience Benchmarking Report December 2013

2015 NETWORK SECURITY & CYBER RISK MANAGEMENT: THE FOURTH ANNUAL SURVEY OF ENTERPRISE-WIDE CYBER RISK MANAGEMENT PRACTICES IN EUROPE

Business resilience in the face of cyber risk. By Roger Ostvold and Brian Walker

Developing a robust cyber security governance framework 16 April 2015

Cyber security: it s not just about technology

Implementing the value chain of the future

Playing Our Part in Responding to National Threats

ISO27032 Guidelines for Cyber Security

2 Gabi Siboni, 1 Senior Research Fellow and Director,

HEALTH CARE AND CYBER SECURITY:

A strategic approach to fraud

Small businesses: What you need to know about cyber security

Career proposition for software developers and web operations engineers

Security Risk Management Strategy in a Mobile and Consumerised World

Cybercrime in the Automotive Industry How to improve your business cyber security

Who s next after TalkTalk?

Transcription:

A NEW APPROACH TO CYBER SECURITY

We believe cyber security should be about what you can do not what you can t. DRIVEN BY BUSINESS ASPIRATIONS We work with you to move your business forward. Positively managing cyber risk not only helps you take control of uncertainty across your business; you can turn it into a genuine strategic advantage. RAZOR SHARP INSIGHTS In a fast-moving digital world of constantly evolving threats and opportunities, you need both agility and assurance. Our people are experts in both cyber security and your market, which means we give you leading edge insight, ideas and proven solutions to act with confidence. SHOULDER TO SHOULDER We work with you as long term partners, giving you the advice and challenge you need to make decisions with confidence. We understand that this area is often clouded by feelings of doubt and vulnerability so we work hand-in-hand with you to turn that into a real sense of security and opportunity. 01 Feel Free A new approach to cyber security

A positive approach to managing cyber risk can set organisations free UNDERSTANDING THE CYBER SECURITY LANDSCAPE The digital environment presents opportunities for businesses that want to seek out new markets and are prepared to invest in transformational change. The last ten years have seen a rapid emergence of new technology, greater connectivity for organisations and individuals, and a 24/7 approach to global commerce. However, this has left many organisations behind the curve and struggling to achieve their business aspirations without feeling exposed to cyber security risk. Every day we hear of new vulnerabilities, attacks and incidents. A recent report 1 by renowned think-tank The Centre for Strategic and International Studies quoted losses of $375 $575 billion, and suggests that cyber crime might extract up to 20% of the global economic value created by the internet through fraud and espionage. The constantly evolving threat landscape means that cyber risk is an everyday business consideration. This undoubtedly presents a feeling of vulnerability, which has been leveraged by some to increase budget and to sell products. We have often found that this results in significant sums of investment on ineffective programmes with poor alignment to risk and business imperatives. Cyber security is not a quick technical fix nor is it a matter solely for the IT department. At KPMG we see all too often that these behaviours leave leadership wondering what they really need to do, how much is really enough and who they can trust to help them get it right. We believe that by turning traditional thinking on its head, adopting a positive approach to managing cyber risk, will set organisations free to achieve their business aspirations. 1 Net Losses: Estimating the Global Cost of Cybercrime, June 2014 Feel Free A new approach to cyber security 02

ACHIEVE A 360 VIEW OF CYBER SECURITY FREE FROM FEAR Scaremongering is an easy tactic, but staying on top of the evolving threat landscape and how it impacts you can remove fear, uncertainty and doubt. Understanding the external threats from hacktivists, organised criminals, industrial espionage and increasingly National States is important. However, it is all too easy to ignore the insider threats posed by careless, disgruntled or malicious employees. Attackers are frequently gaining access to employee s accounts through phishing emails and other socially engineered attacks. Bribery and intimidation is also still commonplace in most parts of the world. By managing the external and internal threats together, rather than separately, creates an integrated approach that removes the fear and uncertainty of attack sources. Many attackers are simply using different means to achieve a very old objective; be that theft, subversion, sabotage or espionage. Drawing parallels between security in the real and virtual worlds can remove fear of the unknown. At KPMG we assess the motivation and intent of the attacker in both the real and virtual worlds to see how they might compromise your systems. Based on this insight, we can then challenge and advise you on how to position your defences. Building in agility, with the expectation of change and disruption, enables you to architect an environment that is secure by design. 03 Feel Free A new approach to cyber security

LEVERAGING INDEPENDENT AND TAILORED ADVICE CAN GIVE YOU THE CONFIDENCE TO PURSUE YOUR GROWTH AMBITIONS Putting the correct foundations in place around governance, risk and compliance is the place to start. You can then achieve a balance of technical security, internal capability and the appropriate usage of technology and outsourced services. We believe that successful organisations are ones that integrate cyber risk management into all their activities. Those that practice sound transformational principles rather than succumbing to knee-jerk reactive solutions can create a comprehensive approach that focuses on what they can do not what they can t. Feel Free A new approach to cyber security 04

FREE TO CHALLENGE The UK government is regularly implementing initiatives to boost awareness of cyber threats. Boards need to challenge their teams to gain answers to the right questions before they themselves are challenged by stakeholders on their capability and control. Being able to identify, prioritise and protect the information lifecycle helps you to move confidently, safely and securely. At KPMG we can help you understand your dependencies on your supply chain, work with your community to understand cyber risks, share information on threats and improve readiness to respond together. Having a robust strategy and architecture in place will enable you to access clear and actionable management information to give you strength in your decision making; provide access to timely threat insights; trusted information-sharing networks; and credible benchmarks against peers and competitors. Information sources need to be impartial and independent of specific vendor agendas. Accessing sources you can trust allows you to test and examine the right mix of technology, service providers and internal capability to create a blend of control and visibility. We believe that this is where collaboration and knowledge will differentiate to deliver business advantage. By leveraging collective experience of those you trust, you will have confidence to execute new ideas, approaches and solutions to respond to today and tomorrow s security issues. 05 Feel Free A new approach to cyber security

FEEL FREE TO SPREAD YOUR WINGS Feel Free A new approach to cyber security 06

FREE TO INVEST With each aspect of emerging technology, new considerations arise; from the adoption of cloud technologies, the proliferation of social media, to remote working. These are all potential high growth investment options when managed effectively. Similarly, the rise of mobile technology and its applications is relevant to all sectors and business models. Organisations need to make choices around these new technologies, understand the cyber security issues up front, to strike the right balance between risk and opportunity. At KPMG we can work alongside you to identify how much investment is appropriate to ensure that cyber risk management is an enabler to achieve your business aspirations. CYBER RISK MANAGEMENT IS AN ENABLER Leveraging independent and tailored advice on which security services, technologies and approaches fit your culture, can give you the confidence to pursue your growth ambitions. We can help you develop a broad understanding of the threat environment which is specific to you, the regulatory landscape in which you do business, and your own asset environment. We believe that investing in a proactive approach to cyber risk management delivers wider commercial benefits. It is about having the confidence that as your business increasingly moves into the digital world, it is able to grow in an informed and agile manner. 07 Feel Free A new approach to cyber security

FREE TO CHANGE Currently many firms only act if and when a serious breach or failure occurs. Taking a proactive security stance can slow the attacker s progress and identify their actions early. Developing an adaptive approach can prevent downtime, avoid expensive disruptive responses to incidents, and maintain business operations. Thinking through the cyber attack scenarios and the changing threat landscape will help you understand how your business might be targeted and how to configure your defences. SECURITY IS THE RESPONSIBILITY OF ALL At KPMG we focus our approach on making best use of an organisation s scarce resources. We start at the beginning with a concept of secure by design, where money is invested early in the development lifecycle to achieve greater impact. By focusing on building solid foundations, you can underpin your security operations with leadership, sponsorship and governance. This helps set the conditions for the right culture where everyone recognises that security is the responsibility of all, and each individual understands the part that they can and must play. Having the confidence to transform in this way integrates strategy, policy, governance, organisation, process, skills and technology. We believe that businesses who accept cyber attacks as an inevitable part of today s business landscape and who build in proactive safeguards and responses, will secure the future of their business. Feel Free A new approach to cyber security 08

WE ARE... AWARD WINNING Whether it s SC Magazine or the MCA Awards, KPMG shines in independent recognition. Forrester also recognises KPMG as a leader in Information Security Consulting, highlighting our strong focus and ability to take on challenging engagements. INDEPENDENT We are not tied to any technology or software vendor. All of our recommendations and technical strategies are based solely on what is fit and appropriate for your business. GLOBAL, LOCAL We have over 2,000 security practitioners working in KPMG s network of firms, giving us the ability to orchestrate and deliver to consistently high standards globally. KPMG member firms can service your local needs from information security strategy and change programmes, to technical assessments, forensic investigations, incident response, training, and even ISO 27001 certification. COLLABORATIVE We facilitate and work with collaborative forums to bring together the best minds in the industry to collectively solve shared challenges. KPMG s I-4 forum brings together over 50 of the world s biggest organisations to discuss emerging issues and solutions. TRUSTED We have a long list of certifications and permits to work on engagements for the world s leading organisations. 09 Feel Free A new approach to cyber security

THE DIGITAL ENVIRONMENT PRESENTS MANY OPPORTUNITIES FOR BUSINESSES THAT WANT TO SEEK OUT NEW MARKETS AND ARE PREPARED TO INVEST IN TRANSFORMATIONAL CHANGE Feel Free A new approach to cyber security 10

CONTACT US Johan Björk Head of Information Protection and Business Resilience T: +46 (0)70 145 72 27 E: johan.bjork@kpmg.se Anders Nilsson Partner, IT Advisory T: +46 (0)70 558 39 70 E: anders.nilsson@kpmg.se Magnus Sjöström Head of IT Advisory T: +46 (0)70 875 70 62 E: magnus.sjostrom@kpmg.se The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavour to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. 2014 KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. All rights reserved. Printed in the United Kingdom. The KPMG name, logo and cutting through complexity are registered trademarks or trademarks of KPMG International. Oliver for KPMG OM020788A July 2014

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information