EY refers to the global organization, and may refer to one or more, of the member firms of Ernst & Young Global Limited, each of which is a separate legal entity. Ernst & Young Global Limited, a UK company limited by guarantee, does not provide services to clients.
Recent Searches
Trending
-
The criterion of sustainability for Ukrainian agribusiness products based on the guidelines of FAO and the EU Taxonomy as a driver for strengthening the country’s position on commodity markets
19 Sep 2023 Climate change and sustainability services -
Top 10 business risks and opportunities for mining and metals in 2024
11 Oct 2023 Energy and resources -
Why Europe’s CEOs are confident but cautious, pushing AI and pausing ESG
09 Jan 2024 CEO agenda
Transformation strategy of the information security function
Due to the crisis events, companies rapidly implement new technologies to meet new business challenges. When implementing them, 58% of respondents to the EY Global Information Security Survey claim that the time frame was too tight to implement adequate information security measures, and 56% do not always know whether they are sufficiently protected against new hacker strategies. As companies implement new transformation initiatives, the risk of cyberattacks increases. In turn, CISO have the opportunity to demonstrate the strategic importance of their role and transform information security together with the business.
How EY can help
We offer our clients to develop and implement an information security strategy based on a cost-effective risk-oriented approach, taking into account the threat landscape specific to the organization.
This approach will allow information security to become a strategic business partner that supports new initiatives aimed at achieving the goals of the organization and its mission, while at the same time ensuring the appropriate level of security and preventing losses from the realization of risks.
The main advantages of the strategy implemented according to this approach:
- Effective distribution and use of resources and activities of the entire organization in the field of information security
- Adaptability to changes in the business environment
- Increased attention to compliance with regulatory requirements
- Transparency of investments in information security
- Effective planning and implementation of initiatives
- Qualitative and quantitative performance measurement and proper reporting will increase job satisfaction of the function
What we do
We analyze the current status of information security and develop the target state of all components of the Operational Model of the information security function - a set of all factors that affect the ability of the function to achieve the goals set by the organization:
- After agreeing on the target state and the ways to achieve it with the customer's representatives, we develop a roadmap for transformation projects. If necessary, we help our clients implement the transformation program or its projects.
- Also, we can focus on individual components of the Operating Model, according to the client's needs.
Why EY?
Our team has vast experience in the implementation of various information security projects, including the development of a strategy for the transformation of the InfoSec function. The Ukrainian team has completed more than 10 such projects over the past 5 years for leading local and international companies in their field. To form our approach, we use leading practices of information security, in particular, ISO 27001, NIST Cybersecurity Framework, SANS CIS Controls, and others.