Industries

Helping clients meet their business challenges begins with an in-depth understanding of the industries in which they work. That’s why KPMG LLP established its industry-driven structure. In fact, KPMG LLP was the first of the Big Four firms to organize itself along the same industry lines as clients.

How We Work

We bring together passionate problem-solvers, innovative technologies, and full-service capabilities to create opportunity with every insight.

Learn more

Careers & Culture

What is culture? Culture is how we do things around here. It is the combination of a predominant mindset, actions (both big and small) that we all commit to every day, and the underlying processes, programs and systems supporting how work gets done.

Learn more

Cyber considerations from the Russia-Ukraine war

Remain proactive in your cyber security preparedness.

How KPMG can help: Cyber Security Services

March 2022

The Russian government’s invasion of Ukraine has elevated concerns for cyber security incidents and the resilience of critical business functions. While there is significant uncertainty around the Russia-Ukraine war and associated actions, there are some things we all should consider as we evaluate our level of cyber security preparedness.

Resilience and continuity

Businesses should assess their readiness for cyber incidents and ability to recover from a cyber-attack. Reviews of response plans should be conducted to understand exposures to current threats.

What to do

  1. Review the threat landscape.
  2. Understand incident response and resilience planning.
  3. Refresh security incident response plans, and have a specific ransomware incident response plan.
  4. Identify a short list of critical dependencies that may be impacted by current events and conduct an analysis of risks.
  5. Consider running a table-top exercise (if one has not been performed in the last six months).

Partner and vendor risks

Businesses have become far more reliant on third parties providing critical systems, services, data, and support. It is vital to understand the security and resilience of all partners across critical areas.

What to do

  1. Identify dependencies on vendors/ partners from Ukraine, Russia, and neighboring countries, and build a contingency plan.
  2. Monitor network traffic, as cybercrime is expected to get more sophisticated.
  3. Understand the incident response and resilience planning.
  4. Understand the cascading effect of an incident in your supply chain and determine weak links.

Cyber security monitoring and incident response

It is widely expected that there will be a marked increase in activity against Ukrainian targets, their allies, and supporters. Businesses should be on heightened alert for these attacks, especially those considered part of critical infrastructure, including Oil, Energy, and Financial Services firms.

What to do

  1. Understand the cyber security monitoring capabilities across your network.
  2. Better understand risks by working with cyber security intelligence partners.
  3. Engage with cyber security vendors for managed detection and response services.
  4. Seek indicators of compromise based on known Russian bad actor tactics, techniques, and procedures.
  5. Secure a cyber security incident response firm and make sure contracts are up to date.
  6. Review regulatory reporting requirements.
  7. Consider proactive discussions with law enforcement / government agencies

Workforce support

To alleviate resourcing challenges, organizations are considering or have already added surge support capabilities to manage business-as-usual security functions, triaging an increased volume of security alerts, and/or execution of project portfolios. 

What to look for

  • Extended staff shortages.
  • Regions impacted by current events.

Summary

The Russia-Ukraine war is driving increased concerns for cyber security incidents and the resilience of critical business functions and services. While the current climate is unpredictable, there are things we can do to better understand our readiness, capabilities, and requirements to help reduce the impacts and shorten the durations of incidents when they occur.

Dive into our thinking :

Cyber considerations from the Russia-Ukraine war

Download the full PDF article to learn more.

Download PDF

Thank you!

Thank you for contacting KPMG. We will respond to you as soon as possible.

Contact KPMG

Use this form to submit general inquiries to KPMG. We will respond to you as soon as possible.

By submitting, you agree that KPMG LLP may process any personal information you provide pursuant to KPMG LLP's Privacy Statement.

An error occurred. Please contact customer support.

Job seekers

Visit our careers section or search our jobs database.

Submit RFP

Use the RFP submission form to detail the services KPMG can help assist you with.

Office locations

International hotline

You can confidentially report concerns to the KPMG International hotline

Press contacts

Do you need to speak with our Press Office? Here's how to get in touch.

Headline