Cyber risk & resilience
We support organizations in assessing and managing cyber and data protection risks in accordance with regulatory requirements, and we strengthen the resilience of critical business processes.
What you gain
Cybersecurity that fits your business: We bring deep expertise in cybersecurity and use it to build strategies that match your specific environment — not generic playbooks. We focus on the threats that are actually relevant to your industry and work to protect what matters most before problems arise.
Stronger operational resilience: The threat landscape changes constantly, and organisations need to keep up. We help clients build resilience by putting the right frameworks in place, assessing risk thoroughly and deploying technology that holds up under pressure. The result is an organisation that can absorb and respond to new threats without disruption.
Cyber & Technology Risk
Audits, particularly FINMA regulatory audits and internal audit support Governance, Risk & Compliance (GRC) consultancy for cyber risks Conducting cyber and IT risk assessments Development and review of risk and control frameworks (NIST, COBIT, ISO, CIS, etc.)
Explore moreThird-Party & Supply Chain Management
Read moreTPRM Breakfast | FINMA insights & future trends
Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet. Lorem ipsum dolor sit amet, consetetur sadipscing elitr, sed diam nonumy eirmod tempor invidunt ut labore et dolore magna aliquyam erat, sed diam voluptua. At vero eos et accusam et justo duo dolores et ea rebum. Stet clita kasd gubergren, no sea takimata sanctus est Lorem ipsum dolor sit amet.
FAQ
- Which cyber services are offered?
We offer advisory and implementation services in the following areas: cybersecurity, data protection and IT risks, third‑party and supply‑chain risks, operational resilience as well as regulatory compliance. Our services are designed to help identify risks and comply with regulatory requirements.
- Are there references?
Our clients include banks, insurance companies, asset managers, automotive suppliers, IT service providers, industrial companies, and healthcare organizations.
- How do we approach projects?
In our client engagements and projects, we follow a structured and consistent approach consisting of:
• assessing the current state,
• developing action plans,
• supporting implementation,
• performing validation.
- In which cases do organizations typically make use of these services?
Organizations with increased regulatory requirements, complex IT landscapes, or extensive third‑party dependencies, as well as companies seeking to strengthen their audit and supervisory capabilities and enhance their operational resilience. We often assess regulatory readiness and assist in certification processes.
- Which recognized standards and frameworks are considered?
Our audits and advisory services are aligned with regulatory requirements and established standards such as NIST, COBIT, FINMA guidelines, CIS, and ISO standards. These are adapted appropriately considering the organization’s risk profile, regulatory obligations, and degree of maturity.
- How does our offering differ?
• Technical expertise derived from regulatory audits,
• Customer-focused, pragmatic, and risk‑based solutions.
Our cyber security team
The Cybersecurity Team is part of the Consulting division and is one of the fastest-growing teams at Forvis Mazars in Switzerland. Its service portfolio covers all aspects of cyber risk management and the establishment of operational resilience.
Want to know more?
Ioannis Asaridis Manager, Head of Cyber Security - Zurich
Publications
6 Mar 2026
Cyber resilience in insurance
The insurance industry occupies a unique position in the cyber security landscape, with access to sensitive policyholder data, responsibility for high-value claims and tight regulatory timelines, insurers face immense pressure to restore operations quickly following an attack.