Our Technology Team comprises experienced professionals with expertise in various security domains, including information security strategy, third party risk management, compliance, security testing, as well as training and awareness. We partner with diverse range of clients, including organisations from the financial sector and beyond, spanning both large companies as well as small and medium enterprises.
Securing your organisation is not just a technical task, it's a management challenge. We are here to accompany you throughout your security journey. Whether you seek support in crafting robust security strategies, managing risks effectively, or ensuring compliance with emerging regulations such as DORA, NIS2, or Circulars. Our clients value our dedication to mitigate current and potential threats, as well as our ability to deliver actionable solutions. Whether you're a large enterprise or a small business, we're committed to providing comprehensive security services tailored to your needs.
As your business expands through digital transformation and transitions to the cloud, it encounters new risks. Our security testing service empowers organisations to proactively identify and mitigate vulnerabilities within their digital infrastructure. Our skilled team utilises best practices and methodology to thoroughly evaluate the security posture of your systems. With tailored recommendations and strategic guidance, we fortify your defenses and bolster your resilience against evolving threats. Partner with us to stay one step ahead in the ever-changing landscape of cyber security.
Understanding the human element is crucial for a comprehensive security strategy. At our Grant Thornton Training and Awareness Center, we've design tailored solutions to assist organisations in building strong security-based culture. Our comprehensive approach covers every aspect of security awareness, from initial design to seamless execution, empowered by both cutting-edge tools and expertise in the field. We cover all tiers of your organisation, from leadership and staff to vendors and stakeholders. We ensure of a holistic grasp of security at every level and within every role across your enterprise.
Is your organisation resilient to information security threats? Whether you're a large enterprise or a small business, Grant Thornton is committed to providing comprehensive security services tailored to your needs.
Is your organisation resilient to information security threats? Whether you're a large enterprise or a small business, Grant Thornton is committed to providing comprehensive security services tailored to your needs.
In Paperjam, Sabika Ishaq is talking about the responsibility for overseeing cyber-risk management in modern organisations increasingly falling on the shoulders of Boards of Directors.
Our CISO Sabika Ishaq shared the stage of the 10x6 Leading CIOs' Challenges 2024 that happened on 26 March 2024. Her presentation focused on the human element in technology explaining that behind every innovation, every breakthrough, and even every misuse of technology, there's always a human story.
Grant Thornton Luxembourg achieves ISO 27001 certification, showcasing unwavering commitment to data security and client confidentiality. A trusted advisor, the firm guides clients through regulatory landscapes, solidifying its position amid rising cyber threats and offering reliability in safeguarding client data.
Luxembourg SMEs can benefit from up to 70% public funding for eligible cybersecurity projects. Grant Thornton Luxembourg is now Cybersecurity SME Package Ready. We help businesses take advantage of government-backed digital transformation initiatives.
The CSSF has recently reiterated a key message for all supervised entities: if a major ICT-related incident occurs, it must be reported—promptly and without exception.
The Commission de Surveillance du Secteur Financier (CSSF) has issued two Circulars — CSSF 25/893 and CSSF 25/892 — that reinforce Luxembourg’s commitment to implementing the Digital Operational Resilience Act (DORA). These circulars provide a comprehensive regulatory framework for ICT-related incident classification and reporting, as well as for estimating the financial impact of such incidents. Branches in Luxembourg of financial entities whose head office is based in another EU Member State (EU branches) are expected to report major ICT-related incidents, significant cyber threats and their estimations to the competent authority of their home Member State under DORA. As such, they are excluded from the scope of these circulars.
