BDO forms strategic alliance to obtain advanced EDR capabilities

05 March 2018 4 min. read

As cyber-threats become a poignant reality across the world, global audit and advisory firm BDO has significantly strengthened its cyber-security capabilities in South Africa through a strategic partnership with prominent cyber-security firm Panda Security. The partnership allows BDO access to Adaptive Defence; an EDR-level security tool developed by Panda. 

Cyber attacks have taken on a run-of-the-mill character in recent years, ranging from sizeable and catastrophic attacks on major credit companies to daily attacks on small businesses and individuals. Not only have such attacks caused the loss of funds and valuable data, but they have also exposed major flaws in the data-protection measures across industries.

Consequently, major corporations have come under scrutiny in recent months for their cyber-security practices. Big Four professional services firm Deloitte, for example, was the victim of a sustained cyber attack last year, which went unnoticed for six months. Similarly, management consultancy Accenture, while not the victim of an actual attack, was found to have left four highly sensitive cloud databases unsecured and available for public download.

As of April this year, however, such oversight will draw more than the ire of clients and general public. The General Data Protection Regulation (GDPR) has been devised in Europe to ensure that firms exert the highest levels of caution when dealing with personal data of any kind. The violation of GDPR stipulations may draw up to €20 million or 4% of annual revenues in fines; whichever is higher.

The effects of the GDPR will be felt beyond Europe as well, particularly in South Africa. As a precaution against the GDPR stipulation that clients and collaborators with European firms will have to exert an equal amount of caution, South Africa has initiated the Protection of Personal Information Act, which will impose internal fines in addition to GDPR fines, thereby creating a substantial deterrent.

To ensure compliance, firms are turning to the consulting industry, and consulting firms are making preparations. International audit and advisory firm BDO has ramped up its cyber-security consulting operations through a partnership with Panda Security. The firm currently operates out of 5 offices in South Africa, with 911 professionals and 58 partners, under the leadership of Mark Stewart.

BDO forms strategic alliance to obtain advanced EDR capabilities

Having ramped up its operations significantly in recent times, the firm is set to bolster its service offerings in the cyber-security domain. The consulting firm has a cyber and forensic lab, which consists of a broad range of experts in the forensics, data-science, analytical and ethical hacking domains.

Strategic partnership

BDO’s new partner, Panda Security, is a global IT security company, originating in Spain, and currently operating in 180 countries with more than 600 employees and over 30 million users. The partnership is supported by BDO’s Global Cyber Leadership Group.

Perhaps the most significant of Panda’s offerings is the Adaptive Defence model of security. The model lies in the domain of Endpoint Detection and Response (EDR) technology, which goes beyond traditional signature-based investigation, extending to the domain of behavior-based anomaly detection.

Adaptive defense carries out end-to end security functions, gathering an upper limit of 10,000 data points per action, classifying them into goodware, malware, or unknown entities. Upon detection of malware or unknown entities (giving it an edge over other systems that protect only against known malware), Adaptive Defence blocks the software immediately.

Commenting on the partnership, Juan Santamaria, CEO of Panda Security said, “We are very proud that the industry considers Panda Security as a visionary in advanced protection technologies for the endpoint. This affirms the cybersecurity model introduced by Panda. We became the only manufacturer to offer advanced protection based on the complete visibility of endpoint activity, together with classification services for all running processes and threat hunting. This is a significant innovation and an added value for our technology, our customers and our partners such as BDO, with whom we share the common goal of offering our customers the best services.”

Director of IT Audit and Cyber Laboratory at BDO, Graham Croock expressed his confidence in the partnership to offer reliable solutions and strengthen BDOs practice not only in South Africa but across the world.