The Shanghai Software Centre (SSC) and KPMG Advisory (China) Limited has entered into a strategic cooperation agreement today to leverage each other’s strengths and build a Laboratory for Cybersecurity and IT Innovation. Through deep cooperation and concerted efforts, the two sides aim to provide their clients with more accessible, value-added and diverse services and initiate a win-win outcome.
Fu Guoqing, chief engineer of the Shanghai Science and Technology Commission, Yan Guoqiang, vice president of Shanghai Academy of Technology, Wang Jing from the International Communication Office of the CPC Shanghai Municipal Committee (the Cybersecurity and Information Technology Division), Hu Mu, director of the Department of International Cooperation, the Shanghai Science and Technology Commission, Zong Yuwei, director of the SSC, and William Gong, vice chairman of KPMG China attended the signing ceremony and witnessed the founding of the Laboratory for Cybersecurity and IT Innovation, along with guests from the Shanghai Information Security Trade Association, the Shanghai Information Network Security Administration Association and dozens of well-known domestic and overseas information security enterprises and foreign-funded financial institutions.
In April 2016, the State Council approved the Plan for Shanghai to Vigorously Promote Comprehensive Pilot Programmes for Innovation Reform and Build a Globally Influential Science and Technology Innovation Centre (Guo Fa No.  23). The innovation centre that Shanghai strives to build is one that is comprehensive and will serve as a key hub for the global innovation network as well as an important hotbed for major international scientific breakthroughs, original technology and high-tech industries.
Cybersecurity has received increased attention and is seen as an area of strategic importance for China. In this context, the Central Leading Group for Cyberspace Affairs was formed and is headed by President Xi Jinping. The need to safeguard cybersecurity has been recognised in the Report on the Work of the Government. On 7 November 2016, the Cybersecurity Law of the People's Republic of China was endorsed by the 24th Session of the 12th National People's Congress. These developments necessitate the need to build an IT-empowered R&D service platform with local knowledge and an international outlook. Bearing in mind this need, the SSC and KPMG entered into a strategic cooperation agreement to build a joint laboratory.
KPMG’s 2016 China CEO Outlook showed that CEOs in China highlighted risk associated with emerging technology and strategic risk as their key focuses, with a marked concern over whether the products or services provided by their businesses can still meet market needs in the next three years. In recent years, internet and information technology, with its rapid development, has penetrated every aspect of an enterprise’s operation, changing and swaying how business is run and where information technology is headed. It also lent a strong support to help enterprises improve their operating efficiency and services.
Empowered by disruptive technology, such as cloud computing, the Internet of Things, intelligent industrial robotics, data & analytics and high-end automation, Chinese enterprises can actively adapt to changes arising from China’s economic restructuring, and at the same time, capture new business opportunities along the way. However, as enterprises enhance their application of mobile terminals, cloud computing, big data and other technology and grow increasingly reliant on them, they are facing increasing threat from cyber-attacks.
According to a 2016 CIO survey jointly conducted by Harvey Nash and KPMG, over the past two years, 30 percent of CIOs in the Greater China Region had to respond to major IT security issues or cyber-attacks on behalf of their companies, slightly higher than the global average of 28 percent. With a long-standing recognition of the importance of cybersecurity, KPMG has, starting from as early as 2014, built numerous cybersecurity laboratories around the world to facilitate research on and explorations of various cybersecurity services and tools and their reliability and applicability, so as to provide clients with better services such as cybersecurity structuring and implementation planning, as well as cybersecurity risk control and evaluation.
The SSC and KPMG believe that cybersecurity, with its ability to impact the extent to which a business can satisfy its clients’ security needs, improve its core competitiveness and comply with regulatory requirements, should be approached beyond the technological front, and elevated to the level of strategic importance for a business. A strong and effective cybersecurity presence in a corporate setting can never be possible without the integration of technology and management.
“The cooperation between the SSC and KPMG marks a milestone in building an international science and technology innovation centre,” said Zong Yuwei, director of the SSC. “The joint laboratory takes it as its mission to contribute to the development of science and technology innovation, build a positive and sound ecosystem and safeguard the cause of Shanghai cybersecurity and information technology development.”
“We are confident in our cooperation with the SSC and have great hopes for it, as it matches perfectly KPMG’s purpose of ‘Inspire Confidence, Empower Change’,” said William Gong, vice chairman of KPMG China. “More importantly, through the joint laboratory, we will strengthen our partnership with the SSC and give full play to KPMG’s rich experience in cybersecurity management consulting and the SSC’s strength in cybersecurity technology. Through more cybersecurity R&D activities and practical work, we will assist enterprises in responding and adapting to increasingly demanding cybersecurity challenges and lead the trend of corporate cybersecurity management in China.”
Established in 1984, the Shanghai Software Technology Development Centre (Shanghai Software Centre) is a public institution affiliated to the Science and Technology Commission of Shanghai Municipality. As one of the earliest third-party professional institutions to provide software testing services, it was accredited by the China National Accreditation Service for Conformity Assessment (CNAS) ISO / IEC17025 Laboratory Management System in 2002, and CNAS ISO / IEC17020 On-site Inspection Agency System in 2011. In 2012, it became a certified testing and evaluation institution of the Ministry of Public Security for the graded protection of information security. It is the only company in Shanghai with both software evaluation qualifications and graded protection evaluation qualifications for information security.
After more than thirty years of development, the SSTDC expanded its business across China, and has become a first-class authoritative third-party professional evaluation agency that integrates scientific research, testing and quality service. In recent years, it served as the sponsor and vice chairman of the China Software Evaluation Agency Alliance, as well as vice chairman of the Zhongguancun Information Security Evaluation Alliance.
The SSTDC specialises in the research on and service of information system security level protection evaluation, software product testing, acceptance testing, system testing and tuning, network testing, software engineering research, software quality assurance, national standards development and other fields. With a team of skilled professionals and the world's leading hardware and software testing, monitoring, analysis and service sharing platform, it enjoys a pivotal position in the industry.
The SSTDC has always been committed to ensuring efficient, stable, and sound operation of information systems in serving businesses, industries and governments. It aims to provide scientific safeguards for the construction of information systems through strong technical strength, lead academic research on software quality through rigorous scholarship, and build itself into an authoritative third-party testing agency through a high sense of responsibility and credibility.
KPMG China operates in 16 cities across China, with around 10,000 partners and staff in Beijing, Beijing Zhongguancun, Chengdu, Chongqing, Foshan, Fuzhou, Guangzhou, Hangzhou, Nanjing, Qingdao, Shanghai, Shenyang, Shenzhen, Tianjin, Xiamen, Hong Kong SAR and Macau SAR. With a single management structure across all these offices, KPMG China can deploy experienced professionals efficiently, wherever our client is located.
KPMG is a global network of professional services firms providing Audit, Tax and Advisory services. We operate in 155 countries and regions, and have 174,000 people working in member firms around the world. The independent member firms of the KPMG network are affiliated with KPMG International Cooperative (“KPMG International”), a Swiss entity. Each KPMG firm is a legally distinct and separate entity and describes itself as such.
In 1992, KPMG became the first international accounting network to be granted a joint venture licence in mainland China. KPMG China was also the first among the Big Four in mainland China to convert from a joint venture to a special general partnership, as of 1 August 2012. Additionally, the Hong Kong office can trace its origins to 1945. This early commitment to the China market, together with an unwavering focus on quality, has been the foundation for accumulated industry experience, and is reflected in the Chinese member firm’s appointment by some of China’s most prestigious companies.
KPMG cybersecurity professional team has been serving the market for years and is highly experienced in providing a range of advisory services relating to cybersecurity strategy and planning, assessment of cybersecurity maturity, cybersecurity risk management, cloud security management and assessment. As a trusted advisor for governments and industries around the world, the team is making unremitting efforts to identify simple, innovative and visionary strategies to help businesses overcome complicated issues and rise up to cybersecurity challenges.