Why is it important?

Today, cybersecurity is one of the key challenges that organisations around the world have to face. Cybersecurity incidents can affect the financial and reputational integrity of a business, affecting competitiveness, the ability to access to new markets and the loyalty of existing customers. In serious cases, it can lead to litigation, regulatory fines, falling stock prices, negative media coverage, interruptions to key services and loss of trust from suppliers, customers and partners. Security testing will help you to understand whether your organisation is able to deal with cyber threats, and safely control the processing and storage of commercial and other secrets, client and employee data, and that of your clients and business partners.

How we can help

KPMG has longstanding professional experience in providing security testing services. According to independent research by Forrester, KPMG is one of the leading cybersecurity consultants. Our approach is based on a global KPMG Security Testing Methodology and meets all widely recognised international standards and practices in the field of information and cyber security. Our structured testing approach combines search for, and inspection of, vulnerabilities in information networks and systems using commercial and publicly available tools. KPMG has put together a team of certified professionals in the field of cybersecurity testing with considerable experience in serving clients from various sectors of the economy. This means that you can be sure of our professionalism and our ability to understand your needs and that we will apply our knowledge, techniques, and best practice, to meet your needs.

What we do

• Network testing – search for vulnerabilities in the internal or external IT infrastructure of the organisation.
• Testing of Web and Mobile Applications – our approach is based on the OWASP testing methodology and supplemented by our proprietary security testing techniques.
• Penetration testing – detection of security issues by simulating cyber-attacks on the organisation's information systems, using hacking techniques that are pre-agreed with clients.
• Wireless Network Testing – search for weak points in Wi-Fi Infrastructure to prevent unauthorised access to information resources and data.
• Testing the ability of staff to resist cyber-attacks through social engineering.

What you get

Our clients receive independent and unbiased testing of the ability of their organisation’s information systems and networks to deal with current threats from cyberspace. We can identify the weaknesses in your IT landscape, as well as provide practical advice on minimising risks. Our reports are tailored for different audiences – from senior managers and investors who will be able to evaluate the most critical findings from the point of view of their potential impact on business, to specialist staff who will be offered a comprehensive list of any vulnerabilities found and technical advice to eliminate them. We use an early-alerting reporting approach that allows us to us instantly report issues that require an immediate response.