Skip to main content
       
      We will build a robust information security strategy within your organization and ensure effective cyber defence.
       

      Building a robust digital infrastructure for the financial sector that can withstand future threats.
      Read more

      Graphical risk analysis provides you with more detailed and easier-to-understand insights.
      Read more

      Common Challenges Our Clients Have Faced – And We’ve Helped Solve

      Creating and testing Business Continuity and Disaster Recovery plans

      Ensuring regulatory compliance (the Cyber Security Act, DORA, ISO 27001)

      Establishing a policy framework in accordance with the Cyber Security Act

      Risk analysis

      Building and optimizing an information security management system

      Compiling bidding documentation for tenders on security hardware, software, and services

      Establishing a security monitoring architecture

      Penetration tests

      How We Help

      Cyber Security Strategy and Management

      • Implementation, assessment, or review of the Information Security Management System (ISMS)
      • Information risk analysis and implementation of an information risk management system
      • Assessment of information security maturity in the company
      • Audit and regulatory compliance (NIS 2, ZKB/VKB, ISO 27001, and others)
      • Design and implementation of:
      - identity management system
      - security elements in development (DevSecOps)
      - security components in architecture
      - cloud security and outsourcing
      • Outsourcing of security roles

      Cyber Defence and Incident Response

      • Design and implementation of logging and monitoring systems (SIEM, SOAR, and others)
      • Designing effective incident and event response (SOC, CSIRT, and others)
      • Ensuring business continuity
      • Technical assessment and draft of guaranteed security levels for IS components
      • Penetration tests and simulated hacker attacks

      References

      Information Risk Analysis and Cyber Security Enhancement

      We analysed the client’s information risks and established a management system, ensured compliance with the Cyber Security Act, and initiated a program designed to implement the missing measures. Then, we provided program management, composing bidding documentation and a necessary regulatory base aimed at improving information security.

      Security Monitoring Architecture Design

      We designed a security monitoring architecture that covered technical, processing, and organizational layers. The technical layer outlined the method for recording and evaluation of security events, proposing integration with specific applications and operational systems, including a list of components (XDR, SIEM, SOAR, etc.), and an overview of available technologies. The processing layer described how the architecture fits into SOC processes and outlined implementation options (in-house or outsourced). Following approval, we prepared the bidding documentation for the selection of appropriate technologies and their supplier.

      brychta-petr
      Petr Brychta

      Associate Director, Advisory – Strategy & Performance

      KPMG in the Czech Republic

      Radek Koudela
      Radek Koudela

      Director, Advisory – Risk & Finance

      KPMG in the Czech Republic