Information Security & Data Privacy


Given recent high profile events in both the private and public sector, information security and privacy has never been higher on the board agenda. Reputation, trust and brand value can all be seriously affected by information loss and theft. Incidents have often erroneously been attributed to technology issues, and while technology is one of the key components to better information and cyber security, equal attention needs to be paid to people, organisation, culture and processes.


Global Digital Trust Insights Survey 2021

The survey reflects the views of over 3,200 business and IT leaders globally and focuses on a variety of topics including cybersecurity strategy and leadership, budget, resilience, the threat landscape, and team development.  

Read more


Companies can no longer manage security on an ad-hoc project basis. To reduce the risk of business disruptions, meet regulatory compliance objectives and adequately respond to complex security breaches, organizations must integrate security infrastructures as well as constantly monitor standards, policies and controls to stay in line with established parameters. By gaining complete visibility into the security infrastructure, organizations are also able to remediate security gaps quickly.

Where are you on the GDPR journey?

Your organization may be just getting started—or may already have a GDPR program in place. Here’s what happens on the way to compliance. 

Conduct a readiness assessment

Gather information to assess your organization’s current GDPR compliance maturity, and to help understand your critical legacy risks.

Find remediation gaps

Identify existing privacy capabilities and the work that needs to be done to bring your organization into GDPR compliance.

Establish oversight

Put your organization’s ongoing GDPR governance structure and model into place to coordinate and implement your remediation activities.

Implement your program

Get your GDPR program off the ground: remediating gaps and establishing a privacy program.

Conduct operation & monitoring

Once GDPR is in effect and your program is in place, conduct ongoing compliance to drive continued accountability.

The Global State of Information Security®

Business leaders see new risks tied to emerging technologies

Business leaders are clear-eyed about new risks tied to emerging technologies. GSISS respondents recognize that a successful cyberattack on automated or robotic systems could have major consequences, including the disruption of operations, the compromise of sensitive data and damage to product quality.

Find out more



Contact us

Mircea Bozga

Mircea Bozga

Risk Assurance Partner, Romania

Follow us