Skip to main content
Request for proposal

      In a world where digital transformation and the use of artificial intelligence (AI) now set the pace of business development, cyber security has become a transformational factor in any company seeking to remain stable and competitive.

      As digital services proliferate, new regulations and a growing volume of data place increasingly high demands on companies’ IT systems in terms of information security and continuous operation.

      Modern cyber threats know no borders, with technically sophisticated isolated attacks and state-sponsored operations exploiting vulnerabilities in complex IT infrastructure landscapes and causing significant damage to businesses, customers, and even national security. In an environment rife with potential hazards, organisations need reliable partners capable of anticipating risks, strengthening defences, and ensuring resilience and continuity no matter what tomorrow brings.

      Our team consists of experienced cyber security consultants and practitioners who combine deep expertise, state-of-the-art methodologies, and proven experience working in both the public and private sectors.

      We help organisations of all sizes to get a comprehensive picture of the state of their security and subsequently assist them in increasing their resilience to cyberattacks; building a systematic, managed approach to cyber protection.

      gennadii-reznichenko
      Gennadii Reznichenko

      Director, Consulting, Cyber Advisory

      KPMG in Ukraine

      Request for proposal

      How can KPMG help your business ensure its cyber security?

      Comprehensive cyber security assessment

      We conduct independent assessments at various levels of detail, from quick diagnostics to in-depth audits.  The list of services includes the following:

      • analyses of organisational and regulatory requirements (including international standards)
      • technical security assessments using modern vulnerability scanning and security testing tools
      • attack surface monitoring and simulation of real cyber threats
      • Red/Blue/Purple Team exercises
      • analyses of cyber protection settings and recommendations for optimisation.
      Building security systems and ensuring compliance with standards

      We help create and improve security management systems in line with leading international standards:

      • authorising ICT systems according to security profiles
      • developing target profiles in accordance with NIST CSF and NIST 800-53
      • transitioning from outdated integrated information security system approaches to modern cyber security models
      • preparing companies for certification according to ISO 27001:2022 and other standards.
      Cyber security Strategy and Transformation

      We develop comprehensive cyber security development programmes that include:

      • formulating long-term strategies, target architecture models, and recommendations for technical and management teams
      • creating HLD architecture and technical specifications for solutions
      • pre-investment assessment of companies’ cyber security and data privacy
      • developing concepts and recommendations for creating or modernising Security Operations Centres
      • managing cyber security solution implementation programmes
      • developing business continuity and crisis response programmes.
      Cyber security function assessment and development

      We assess the existing situation in your security department; identify the necessary roles, processes, and tools; and draft substantiated recommendations for management regarding transformations to the protection model.

      Technical assessments and optimization of security tools

      Combining their extensive expertise and hands-on practical experience, our experts analyse the effectiveness of existing cyber security measures, identify gaps, assess risks, and prepare recommendations for improving security in line with applicable policies and international best practices.

      Risk management

      We help develop a systematic information security risk management process, including quantitative risk assessment, cyberattack scenario modelling, and justifications for necessary investment in relevant technologies.

      Incident response and investigation preparation

      We support organisations before, during, and after cyberattacks by:

      • conducting training seminars and response exercises
      • helping organise the response and recovery process
      • conducting internal incident investigations
      • providing cyber intelligence services (Threat Intelligence), from checking compromise indicators to making recommendations based on MITRE ATT&CK.
      Training and improving digital literacy

      We conduct specialised training sessions for different audiences, including:

      • training programmes for top management
      • training users in the basics of cyber hygiene
      • simulating phishing attacks to raise awareness and test staff preparedness.