Successfully reported this slideshow.

The cyber threat to your business


Published on

KPMG’s Cyber Maturity Assessment can help can help your protect from cyber threats.

  • Be the first to comment

  • Be the first to like this

The cyber threat to your business

  1. 1. KPMG Cyber Maturity Assessment / February 2013 The financial and reputational costs of not being prepared against cyber attack are significant. Estimates suggest the global financial impact of cybercrime is US$114 billion.1 Companies are thought to bear almost 80 percent of these costs.2 Loss of consumer and shareholder confidence is a particular issue. A series of data breaches at Sony in 2011 contributed to a 30 percent fall in its share price and a US$170 million hit to operating profits.3 With this global proliferation of attacks, the question for organizations is not if they will be attacked but when. It is also increasingly common for government buyers and large corporates to demand confidence in information management as a qualifier for lucrative contracts or partnerships.With the stakes so high, organizations must decide on their cyber risk appetite and how they will respond to cyber threats.There is a significant responsibility on executives to assure customers, stakeholders and employees that appropriate safeguards are in place. What is the Cyber MaturityAssessment? KPMG’s Cyber Maturity Assessment (CMA) provides a broad ranging review of an organization’s ability to manage and protect its information and its preparedness against cyber attack. It is unique in the market in that it looks beyond pure technical preparedness. It takes a rounded view of people, process and technology to enable clients to understand areas of vulnerability, to prioritize areas for remediation and to demonstrate both corporate and operational compliance, turning information risk to business advantage. In developing the CMA, KPMG has combined international information security standards with our global insight of best practice in risk management, cyber security, governance and people processes.The CMA addresses six key dimensions at three levels of maturity that together provide a comprehensive and in-depth view of an organization’s cyber maturity, as shown below. The cyber threat to your business KPMG Cyber Maturity Assessment 1 Norton Cybercrime Report, 2011. 2 The Cost of Cybercrime, Detica/The Cabinet Office, 2011. 3 in-Tokyo-as-data-breaches-undermine-confidence Board demonstrating due diligence, ownership and effective management of risk Leadership and Governance Human Factors The level and integration of a security culture that empowers and ensures the right people, skills, culture and knowledge The approach to achieve comprehensive and effective risk management of information throughout the organization and its delivery and supply partners Information Risk Management Preparations for a security event and ability to prevent or minimize the impact through successful crisis and stakeholder management Business Continuity and Crisis Management The level of control measures implemented to address identified risks and minimize the impact of compromise Operations and  Technology Legal and Compliance Regulatory and international certification standards as relevant Organizations are subject to increasing amounts of legislative, corporate and regulatory requirements to show that they are managing and protecting their information appropriately. Simultaneously, the threats from cyber criminals and hacktivists are growing in scale and sophistication. Organizations are increasingly vulnerable as a result of technological advances and changing working practices including remote access, big data, cloud computing, services on demand and mobile technology. © 2013 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. All rights reserved.
  2. 2. Through a combination of interviews, workshops, policy and process reviews and technical testing, KPMG’s CMA rapidly: • Identifies current gaps in compliance and risk management of information assets; • Assesses the true scale of cyber vulnerabilities; • Sets out prioritized areas for remediation and an associated management action plan. The CMA provides the flexibility to assess the level of cyber maturity on a site by site basis or at a company level. It helps to identify best practice within an organization and provides comparator information against peer groups and competitors. In short, it provides executives with a rapid assessment of your organization’s readiness to prevent, detect, contain and respond to all threats to information assets. Why KPMG? The CMA is one component of KPMG’s Global Cyber Transformation Service. Our CyberTransformation Service brings together specialists in information protection, technical security, risk infrastructure, organizational design, behavioral change and intelligence management.These combined skills are utilized to tailor a solution relevant to your risk appetite and the cyber threats your organization faces. KPMG member firms are: • Global – through our network of KPMG member firms, we employ over 145,000 professionals in 152 countries. KPMG cyber security industry professionals have deep expertise and can offer insight to you wherever you operate. • Award-winning – KPMG in the UK was awarded ‘Information Security Consultant of theYear’ at both the 2011 and 2012 SC Magazine Europe Awards. KPMG in the UK was also highly commended for the Information Security Project of theYear category for I-4 program, which is the leading information security forum for large global businesses. • Shaping the cyber agenda –Through I-4 (the International Information Integrity Institute) KPMG firms help the world’s leading organizations to work together to solve today’s and tomorrow’s biggest security challenges. • Committed to you – KPMG’s client relationships are built on mutual trust and long-term commitment to providing effective and efficient strategies. Contact us For more information on the CMA or KPMG’s CyberTransformation Services please contact one of our practitioners or visit us at UK Stephen Bonner Partner T: +44 20 76941644 E: RuthAnderson PrincipalAdvisor T: +44 20 76942492 E: US Tony Buffomante PrincipalAdvisor T: +1 312 665 1748 E: Australia Scott Cass-Dunbar Director T: +61 2 6248 1232 E: Netherlands John Hermans Partner T: +31 6 5136 6389 E: Canada JeffThomas Partner T: +1 403 691 8012 E: Germany JörgAsma Partner T: +49 221 2073 6233 E: The information contained herein is of a general nature and is not intended to address the circumstances of any particular individual or entity. Although we endeavor to provide accurate and timely information, there can be no guarantee that such information is accurate as of the date it is received or that it will continue to be accurate in the future. No one should act on such information without appropriate professional advice after a thorough examination of the particular situation. © 2013 KPMG International Cooperative (“KPMG International”), a Swiss entity. Member firms of the KPMG network of independent firms are affiliated with KPMG International. KPMG International provides no client services. No member firm has any authority to obligate or bind KPMG International or any other member firm vis-à-vis third parties, nor does KPMG International have any such authority to obligate or bind any member firm. All rights reserved. The KPMG name, logo and “cutting through complexity” are registered trademarks or trademarks of KPMG International. Designed by Evalueserve. Publication name: KPMG Cyber Maturity Assessment Publication number: 120961. Publication date: February 2013