Public and private organizations in various sectors worldwide now openly acknowledge that cyber attacks are one of the most prevalent and high impact risks they face.
Dealing with the cyber threat is a complex challenge. Much of the current focus is on protection and compliance, as organizations – subject to increasing amounts of legislative, corporate and regulatory requirements – demonstrate they are managing and protecting information appropriately.
The Information Security landscape is constantly evolving. Private and public sector organizations find it difficult to believe they could be a target for cyber attacks. This mindset needs to change – as the best defense is a good offense. At the same time, it is no longer viable to rely on defense. The determined adversary will get through eventually. As a result, public and private sector entities must know what is going on around them so that they can identify when an attack has taken place or when an attack is imminent. Intelligence and the insight that it brings is at the heart of next generation of Information Security.
As trusted advisors to governments and industry around the world, KPMG member firms work to find smart, creative and forward-thinking strategies to cut through complexity and address cyber security challenges.
Cybersecurity incidents relating to securities firms and online trading platforms are on the rise. The SFC recently published updates to further emphasise the importance of managing cybersecurity risks and what licensed corporations should consider.
Success in the IoT space will take more than slick applications, connected devices and advanced analytics; it will also require a robust approach to security, privacy and trust.
In this article, we highlight the potential impacts and possible implications for the board, action steps for implementing a cybersecurity governance planand closing the loop with three key questions.
In this article, we highlight the focus area of the new requirements as well as some of the important next steps boards and senior management should take to strengthen cybersecurity controls to safeguard critical assets.
This thought leadership summarises the new ebanking requirements and also discusses the industry best practices for provisioning secure eBanking platforms.
Automated trading service and alternative liquidity pool operators are facing heightened technological and operational challenges. Management should be aware of the compliance requirements and properly manage these challenges.
KPMG in China is working with HK Financial Services Business Continuity Forum on the WISE 2015 initiative, a market wide scenario for the Financial Services sector in Hong Kong.
The CBRC issued two circulars (Circulars No. 39 and No. 317) in 2014 regarding the use of ‘secure and controllable IT.
We provide a summary on the IS Guideline and how KPMG can help to assist Scheme members on the self-declaration.
The Securities and Futures Commission (SFC) has released on 26 and 27 November 2014 two circulars drawing the attention of all Licensed Corporations’ (LCs) to information security management and the mitigation of cyber security risks.
In October 2014, the Office of the PCPD released the new Guidance on the Proper Handling of Customers’ Personal Data for the Banking Industry.
On 14 October 2014, the Hong Kong Monetary Authority (HKMA) issued a new circular, Customer Data Protection, which sets out the new requirements relating to the handling of customer data.
Based on the recent supervisory activities of HKMA and the SFC, we know that the regulators are focus on regulatory requirements for information technology.
Cyber security is a challenge to all organisations today. Management face the task of understanding the threat and priorities but with a evolving complexity on a day to day basis.
Data loss remains a key concern among organisations especially in the current cyber environment. This publication shares insight on the issue of data loss and considerations on how you can stay ahead of the issue.
Information governance aims to provide a management framework for an organisation’s information based on its business value and associated risk.
Get in touch with KPMG China
Subscribe to receive email alerts or e-Newsletters from KPMG China when new updates are available.
Submit an enquiry about our services, industry practices, or get in touch with one of our professionals.