-
Privacy and Data Protection
Our digital risk team is made up of a combination of subject matter experts and technical specialists who can help your business comply with the GDPR.
-
Governance, Risk and Compliance (GRC)
While business goals and strategies evolve, our services support you wherever you are in your business cycle. The digital economy is simultaneously increasing the magnitude of new business opportunities while increasing the difficulty of getting it right.
-
ISO 27001 and ISO 27701
Grant Thornton’s ISO 27001 and ISO 27701 specialists will arrange and oversee the formal audit process.
-
SOC 1,2,3
As a service organization there are many ways to provide assurance to your customers and in turn other stakeholders over your control environment. One of the most effective and cost-efficient ways is to issue a Service Organization Control (SOC) Report.
-
Incident Response
Grant Thornton’s Cyber Incident Response Team can support your business in the event of a cyberattack or data loss event. We work alongside your existing IT and Legal teams to provide a co-ordinated, timely and efficient investigation and remediation.
-
Hacking Services
At Grant Thornton, our cyber security experts can develop a bespoke penetration testing plan to meet your business needs and unique IT environment. We can undertake the full suite of testing or conduct individual assessments, as required.
-
Cyber Health Check
Approximately 54% of organizations report that they have experienced at least one cyber-attack during the past year. Grant Thornton’s cyber health check provides you with an objective, jargon-free assessment of your current cyber security, drawing on both qualitative and quantitative elements.
-
Dark Web Threat Intelligence
We use a variety of dark and deep web monitoring tools that continuously scans illegal sites to discover any mention of your data, ranging from breached security credentials such as usernames and passwords to leaked confidential documents of your company.
-
Digital forensics and electronic discovery
We offer a full suite of digital forensics and data acquisition services in investigations related to cybercrime, disputes, fraud and regulatory investigations.
-
Insolvency
If you're facing a time of personal or corporate financial crisis you need advice from someone who listens, who understands your specific issues and deals with them in a supportive and sensitive manner.
-
Crisis stabilisation and turnaround
In periods of financial distress, management teams often face considerable challenges, with many directors having little or no experience of similar conditions.
-
Operational and financial restructuring
Companies challenged by underperformance often need support in identifying options for financial or operational restructuring. Tapping this type of advice helps them create a stable platform for business turnaround.
-
Accelerated M & A
Even fundamentally sound businesses run into difficulties. Cash flow can come under pressure from the loss of a big client, or a dip in performance can threaten a breach of banking covenants if there is insufficient headroom.
-
Indirect Tax
Our experienced VAT specialists are available to assist companies and entrepreneurs of all industries and sizes in meeting their obligations.
-
Direct Tax
We can help you ensure a bespoke balance between tax compliance and effective tax planning for your special circumstances.
-
Life at Grant Thornton
At Grant Thornton Cyprus, we are taking a holistic approach and reimagining the way we work, continually assessing it and making necessary changes to better support our people.
-
In the community
Unlocking the potential for growth in our local communities.
-
Diversity and inclusion
Diversity helps us meet the demands of a changing world. We value the fact that our people come from all walks of life and that this diversity of experience and perspective makes our organisation stronger as a result.
-
Global talent mobility
One of the biggest attractions of a career with Grant Thornton Cyprus is the opportunity to work on cross-border projects all over the world.
-
Learning and development
At Grant Thornton we believe learning and development opportunities allow you to perform at your best every day.
-
Our values
We are a values-driven organisation and we have more than 56,000 people in over 140 countries who are passionately committed to these values.
IAPP released Global Legislative Predictions 2024
Entering 2024, the Republic of Cyprus is at a pivotal moment in its journey toward enhancing data protection and cybersecurity. The past year marked a series of significant regulatory and collaborative efforts, particularly in the wake of cybersecurity incidents that impacted key institutions, including universities and the republic’s land registry.
The Office of the Commissioner for Personal Data Protection intensified GDPR enforcement, not only conducting random audits across various organizations to ensure compliance but also organizing comprehensive training sessions. These initiatives aim to elevate awareness and understanding of data protection regulations, thereby fostering a culture of data security and compliance.
The commissioner also signed a memorandum of collaboration with the Office of Commissioner of Communications, particularly pertinent in the context of recent cybersecurity breaches and highlighting the need for coordinated data protection strategies. The agreement is significant in its focus on two crucial areas: the mandatory disclosure of personal data breaches by providers of publicly available electronic communication services and addressing breaches involving entities operating essential services, critical infrastructure, and digital service providers.
Adding to the regulatory landscape are several impending compliance deadlines that are shaping organizations’ cybersecurity strategies. The Digital Operations Resilience Act, which mandates compliance from financial services entities by 17 Jan. 2025, is a key framework aimed at enhancing the operational resilience of the financial sector against cyber threats. Additionally, the Cyprus Securities and Exchange Commission has directed entities under its authority to align with the European Banking Authority’s Information and Communication Technology guidelines by June 2024. Furthermore, the NIS2 Directive, expanding the scope and strengthening the security requirements of the Network and Information Systems Directive, plays a crucial role in the evolving cybersecurity environment.
On top of these regulatory measures, the commissioner is also actively engaged in reviewing the cookie policies and practices of various entities, including scrutinizing websites’ policies to ensure they comply with data protection standards and respect user privacy. This initiative is a vital component of broader efforts to safeguard personal data in the digital realm.
As Cyprus navigates through these developments, there is an anticipated increase in demand and investment in cybersecurity and data protection across multiple sectors. Organizations are expected to enhance their cybersecurity infrastructures, invest in state-of-the-art technologies, and embed cybersecurity awareness into their operational ethos.
2024 is set to be a transformative year for data protection and cybersecurity in Cyprus. The combination of rigorous regulatory measures, proactive enforcement actions, and the response to recent cyber incidents is steering the nation towards a more secure and resilient digital future. Cyprus’ approach, characterized by stringent compliance, collaboration and capacity building, not only addresses immediate challenges but also sets a commendable example in managing cyber risks and safeguarding personal data on a global scale.
