Using our team extensive experience, our team’s objective is to align the security practices of the organizations using leading practice standards and frameworks to effectively design security controls in line with client risk landscape and appetite.

The KPMG Cyber Services team is headed by Jason Gottschalk who has extensive experience and has been recognized as a speaker at international conferences including CyberCon 2014 and the ISC2 Security Conference.

Our service offering

Public and private organizations in various sectors worldwide now openly acknowledge that cyber-attacks are one of the most prevalent and high impact risks they face.

Dealing with the cyber threat is a complex challenge. Much of the current focus is on protection and compliance, as organizations – subject to increasing amounts of legislative, corporate and regulatory requirements – demonstrate they are managing and protecting information appropriately.

The Information Security landscape is constantly evolving. Private and public sector organizations find it difficult to believe they could be a target for cyber-attacks. This mindset needs to change – as the best offence is a good defense. At the same time, it is no longer viable to rely on defense. The determined adversary will get through eventually. As a result, public and private sector entities must know what is going on around them so that they can identify when an attack has taken place or when an attack is imminent. Intelligence and the insight that it brings is at the heart of next generation of Information Security.

As trusted advisors to governments and industry around the world, KPMG member firms work to find smart, creative and forward-thinking strategies to cut through complexity and address cyber security challenges.

How we can help

KPMG’s Technology team assists clients manage a range of key issues, including:

• Cyber Transformation – The Cyber Transformation methodology combines all our IT security service offerings to provide an all-encompassing security service to an organisation. The transformation framework is used to ensure that cyber security is integrated into the day-to-day operations of an organisation and that root-cause issues are remediated. The focus is also made on early detection and response to cyber attacks.
• Technical Assessments and Architecture Design – This methodology provides KPMG practitioners with a consistent and comprehensive approach to requirements elicitation, requirements analysis and requirements verification and validation for an IT transformation.
• Process review and Advisory – KPMG provides assessment of security processes and provides consulting advice on how to remediate any findings.
• Security Governance – KPMG provides reviews of IT security documentation and practices against leading practice frameworks (IS 27001, ISO 27035, CoBIT, ITIL and PCI DSS).