Technological advances and changing working practices have created additional opportunities for cyber criminals and hacktivists. Simultaneously, public and private organizations’ major e-crime risks relate to the actions of malicious or former employees, able to exploit customer and employee data, Intellectual Property (IP) or knowledge of system weaknesses.

The protect phase of KPMG’s Cyber Security Framework is about designing and implementing your cyber defense infrastructure.

What’s on your mind?

• What should the overall design of my defense infrastructure look like?
• How do I ensure network security?
• How do I ensure only authorized employees have access to our systems and applications?
• How can I improve the security of information we store in the cloud?
• How can I limit the opportunities for malicious insiders in my organization?
• How do I identify and fix system vulnerabilities?
• What should my governance and controls look like?
• How can I design my people processes to minimize security risks? 

KPMG member firms can help you to design, implement and improve your cyber defense infrastructure. Whether from a people, process or technology viewpoint, our services will help you protect your information assets and reduce vulnerabilities to cyber attack. KPMG’s services include:

• Cyber defense operating model design

  Design and implementation of the overall defense infrastructure

• Identity and access management

  KPMG member firms assist clients to cut through complexity and help ensure enterprise system access is aligned to roles, duties and privileges

• Data loss prevention

  KPMG member firms help clients prioritize the protection of their most important assets, designing efficient methods to identify and prevent accidental and deliberate data loss.

• Security and technology assessments

  Through KPMG’s network of security laboratories we can test and improve the elements of your security and technology infrastructure, including:

  • External, internal and wireless vulnerability testing and improvement – what information assets can be compromised?
  • Network segregation testing and improvement – is your network security appropriately configured?
  • ‘Red Team’ exercises to simulate advanced attacks against your entire organization to assess your detection and response capabilities  

• People process reviews

  KPMG member firms can help you understand and improve vulnerabilities posed by your people processes